Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/6ba39c-ef1d-4d48-982b-cf4b900997a0/1/hPCK6akDsvCcfl4yii0yAZ4Ty3U.roa
File: hPCK6akDsvCcfl4yii0yAZ4Ty3U.roa (raw, json)
Hash identifier: ILJF+2ST8rQsVFi6sFWYLdVEIOqQj/DlnLQiiUVxpbY=
Subject key identifier: 84:F0:8A:E9:A9:03:B2:F0:9C:7E:5E:32:8A:2D:32:01:9E:13:CB:75
Certificate issuer: /CN=ab71e9b13f5c339a58692eeabe72eaa406bbbd7d
Certificate serial: 0A7DA173
Authority key identifier: AB:71:E9:B1:3F:5C:33:9A:58:69:2E:EA:BE:72:EA:A4:06:BB:BD:7D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/q3HpsT9cM5pYaS7qvnLqpAa7vX0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/6ba39c-ef1d-4d48-982b-cf4b900997a0/1/hPCK6akDsvCcfl4yii0yAZ4Ty3U.roa
Signing time: Sat 01 Jan 2022 08:57:10 +0000
ROA not before: Sat 01 Jan 2022 08:57:10 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 212219
IP address blocks: 213.142.148.0/24 maxlen: 32
213.142.159.0/24 maxlen: 24
80.253.246.0/24 maxlen: 32
91.151.88.0/24 maxlen: 32
91.151.89.0/24 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 176005491 (0xa7da173)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab71e9b13f5c339a58692eeabe72eaa406bbbd7d
Validity
Not Before: Jan 1 08:57:10 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=84f08ae9a903b2f09c7e5e328a2d32019e13cb75
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:33:2b:fa:da:87:a8:ea:9a:8b:cf:ca:a0:4b:
b8:5a:25:60:1a:f6:bd:f1:79:09:6c:a8:bf:59:a4:
d3:c6:e5:52:91:3b:49:ec:98:2f:9e:52:16:e0:7e:
00:63:71:ac:52:dc:e6:33:b9:dc:44:5e:26:a5:7e:
26:5c:5a:d5:48:66:9e:1e:b8:80:8b:0b:14:89:9d:
f3:40:87:42:1a:73:4a:66:36:09:53:ca:47:03:d2:
9c:7b:33:8a:8d:c8:65:00:18:dd:fc:46:0e:e7:0e:
a1:7a:6e:7a:e3:f3:be:b2:a6:bd:12:a6:07:b1:db:
f9:b9:2c:cd:4e:dc:63:ea:4e:57:34:4b:88:4c:d4:
18:6d:ca:71:80:cc:d4:4f:fc:30:6b:cd:9d:43:e5:
45:f5:0a:3b:ab:4d:74:ac:0c:de:74:cc:fd:68:e6:
9d:59:7f:5e:5b:f1:21:8d:8a:70:20:3b:08:35:44:
31:8a:74:81:3d:4a:75:b4:25:de:4f:bf:d6:81:ac:
ac:14:aa:b0:4a:15:0a:69:41:14:0a:bb:3f:13:7e:
0e:a2:cf:a9:bb:8a:4e:67:5e:26:a4:f2:87:fe:84:
59:8f:5f:12:68:cc:22:54:cc:58:b0:d0:f3:33:f9:
85:4a:7b:15:9a:ff:20:bc:28:05:44:28:6f:71:05:
1a:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:F0:8A:E9:A9:03:B2:F0:9C:7E:5E:32:8A:2D:32:01:9E:13:CB:75
X509v3 Authority Key Identifier:
keyid:AB:71:E9:B1:3F:5C:33:9A:58:69:2E:EA:BE:72:EA:A4:06:BB:BD:7D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/q3HpsT9cM5pYaS7qvnLqpAa7vX0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/6ba39c-ef1d-4d48-982b-cf4b900997a0/1/hPCK6akDsvCcfl4yii0yAZ4Ty3U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/6ba39c-ef1d-4d48-982b-cf4b900997a0/1/q3HpsT9cM5pYaS7qvnLqpAa7vX0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.253.246.0/24
91.151.88.0/23
213.142.148.0/24
213.142.159.0/24
Signature Algorithm: sha256WithRSAEncryption
4c:59:72:2a:9e:7e:53:1a:37:ca:c7:b8:45:dc:e6:f5:d5:94:
11:f4:eb:10:62:2f:38:a1:d8:ce:89:a1:9e:f2:cd:08:d1:89:
c0:e1:f2:12:ac:fb:df:58:7f:9b:ab:be:42:1a:38:06:73:dc:
e7:db:f5:60:3e:21:fe:b0:d1:6f:09:7b:53:24:25:bf:21:22:
aa:86:4e:ed:09:e2:7c:22:d2:a7:8a:28:47:88:81:4e:09:bf:
ff:5e:53:9e:17:99:17:25:ba:d8:4e:e4:f9:8a:40:f8:9b:1d:
20:3f:d0:36:c0:f1:f1:03:d6:f8:91:b5:a9:6a:ae:41:35:0e:
d4:fc:c7:78:1d:1e:c0:67:22:27:21:9b:c3:0e:f6:0e:c7:ab:
01:a1:20:c0:e7:51:9a:79:ed:6d:40:aa:93:b1:8c:27:c0:83:
0e:0c:da:6e:42:dd:2a:fe:19:b3:6d:1b:74:71:dc:08:1f:42:
b3:d1:9d:9a:f3:a9:4a:44:0a:27:0b:88:f2:3b:e9:f2:63:76:
3f:80:6b:17:de:1b:8f:d5:07:da:18:75:2d:ef:ab:8b:ac:51:
5f:af:d3:25:7c:11:3b:1a:1b:00:70:4a:42:00:7e:bf:7f:3f:
66:7a:65:1b:ad:5c:a3:58:35:2c:73:a1:c7:df:fa:f4:22:d7:
88:9b:79:ac
-----BEGIN CERTIFICATE-----
MIIFATCCA+mgAwIBAgIECn2hczANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
YjcxZTliMTNmNWMzMzlhNTg2OTJlZWFiZTcyZWFhNDA2YmJiZDdkMB4XDTIyMDEw
MTA4NTcxMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoODRmMDhhZTlhOTAz
YjJmMDljN2U1ZTMyOGEyZDMyMDE5ZTEzY2I3NTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAI0zK/rah6jqmovPyqBLuFolYBr2vfF5CWyov1mk08blUpE7
SeyYL55SFuB+AGNxrFLc5jO53EReJqV+Jlxa1Uhmnh64gIsLFImd80CHQhpzSmY2
CVPKRwPSnHszio3IZQAY3fxGDucOoXpueuPzvrKmvRKmB7Hb+bkszU7cY+pOVzRL
iEzUGG3KcYDM1E/8MGvNnUPlRfUKO6tNdKwM3nTM/WjmnVl/XlvxIY2KcCA7CDVE
MYp0gT1KdbQl3k+/1oGsrBSqsEoVCmlBFAq7PxN+DqLPqbuKTmdeJqTyh/6EWY9f
EmjMIlTMWLDQ8zP5hUp7FZr/ILwoBUQob3EFGkUCAwEAAaOCAhswggIXMB0GA1Ud
DgQWBBSE8IrpqQOy8Jx+XjKKLTIBnhPLdTAfBgNVHSMEGDAWgBSrcemxP1wzmlhp
Luq+cuqkBru9fTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3EzSHBzVDljTTVwWWFTN3F2bkxxcEFhN3ZYMC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYmUvNmJhMzljLWVmMWQtNGQ0OC05ODJiLWNmNGI5MDA5OTdhMC8x
L2hQQ0s2YWtEc3ZDY2ZsNHlpaTB5QVo0VHkzVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYmUv
NmJhMzljLWVmMWQtNGQ0OC05ODJiLWNmNGI5MDA5OTdhMC8xL3EzSHBzVDljTTVw
WWFTN3F2bkxxcEFhN3ZYMC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAx
BggrBgEFBQcBBwEB/wQiMCAwHgQCAAEwGAMEAFD99gMEAVuXWAMEANWOlAMEANWO
nzANBgkqhkiG9w0BAQsFAAOCAQEATFlyKp5+Uxo3yse4Rdzm9dWUEfTrEGIvOKHY
zomhnvLNCNGJwOHyEqz731h/m6u+Qho4BnPc59v1YD4h/rDRbwl7UyQlvyEiqoZO
7QnifCLSp4ooR4iBTgm//15TnheZFyW62E7k+YpA+JsdID/QNsDx8QPW+JG1qWqu
QTUO1PzHeB0ewGciJyGbww72DserAaEgwOdRmnntbUCqk7GMJ8CDDgzabkLdKv4Z
s20bdHHcCB9Cs9GdmvOpSkQKJwuI8jvp8mN2P4BrF94bj9UH2hh1Le+ri6xRX6/T
JXwROxobAHBKQgB+v38/ZnplG61co1g1LHOhx9/69CLXiJt5rA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:41:38 2024 by rpki-client on console-ams.rpki-client.org