Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/6ba39c-ef1d-4d48-982b-cf4b900997a0/1/iP1H9RT38aRcZl3B2KG6Vg0By3I.roa
File: iP1H9RT38aRcZl3B2KG6Vg0By3I.roa (raw, json)
Hash identifier: up4Q4IbaiUhr9nKTnD0MfG34dvCxtdUQHtQp0qQuhNE=
Subject key identifier: 88:FD:47:F5:14:F7:F1:A4:5C:66:5D:C1:D8:A1:BA:56:0D:01:CB:72
Certificate issuer: /CN=ab71e9b13f5c339a58692eeabe72eaa406bbbd7d
Certificate serial: 0182B4FC176E9A480407370EC2C683E60FEF
Authority key identifier: AB:71:E9:B1:3F:5C:33:9A:58:69:2E:EA:BE:72:EA:A4:06:BB:BD:7D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/q3HpsT9cM5pYaS7qvnLqpAa7vX0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/6ba39c-ef1d-4d48-982b-cf4b900997a0/1/iP1H9RT38aRcZl3B2KG6Vg0By3I.roa
Signing time: Fri 19 Aug 2022 07:23:16 +0000
ROA not before: Fri 19 Aug 2022 07:23:16 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 397563
IP address blocks: 213.142.136.0/24 maxlen: 24
213.142.133.0/24 maxlen: 24
213.142.137.0/24 maxlen: 24
213.142.144.0/24 maxlen: 32
213.142.145.0/24 maxlen: 32
213.142.140.0/24 maxlen: 32
213.142.141.0/24 maxlen: 32
213.142.142.0/24 maxlen: 32
213.142.152.0/24 maxlen: 24
213.142.153.0/24 maxlen: 24
213.142.128.0/24 maxlen: 24
213.142.129.0/24 maxlen: 24
213.142.131.0/24 maxlen: 24
213.142.132.0/24 maxlen: 24
213.142.130.0/24 maxlen: 24
91.151.92.0/24 maxlen: 24
80.253.252.0/24 maxlen: 24
80.253.253.0/24 maxlen: 24
91.151.80.0/21 maxlen: 24
91.151.80.0/24 maxlen: 24
91.151.85.0/24 maxlen: 24
91.151.82.0/24 maxlen: 24
91.151.91.0/24 maxlen: 24
91.151.86.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:b4:fc:17:6e:9a:48:04:07:37:0e:c2:c6:83:e6:0f:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab71e9b13f5c339a58692eeabe72eaa406bbbd7d
Validity
Not Before: Aug 19 07:23:16 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=88fd47f514f7f1a45c665dc1d8a1ba560d01cb72
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:78:62:2a:f0:68:69:4b:b9:e5:d0:56:d6:e0:
14:55:31:ca:0f:4d:bb:d7:74:ac:20:2a:d7:46:d0:
82:d0:0f:51:54:cf:18:4b:84:5c:2e:35:24:6a:0c:
73:7d:dd:fd:52:57:30:00:e4:cc:7c:8a:38:eb:f7:
86:15:e2:60:2b:99:c6:61:fb:9f:85:40:c5:d0:40:
b4:b2:0a:d7:89:f0:c1:fc:2e:36:ed:66:14:ff:d9:
04:35:d3:2a:f1:5d:a3:9d:ae:4c:79:5d:99:3d:eb:
03:bc:f1:96:38:25:5d:e1:df:3c:17:10:2b:2f:87:
d4:94:fd:3f:bb:da:52:ce:bf:b2:52:50:e1:8f:13:
6d:e1:f9:fb:d5:d6:c2:c8:12:9b:f4:3e:76:e3:a3:
59:78:62:39:f6:b4:50:69:86:0a:88:7b:d3:e8:ce:
b5:ee:f9:f1:2c:d5:6b:f4:c5:42:75:ea:55:3a:3b:
f6:8d:69:e6:a2:d7:6a:ff:64:82:f6:62:c0:e4:84:
3b:23:0f:ba:69:63:7c:36:c2:fc:76:2c:d9:b6:d7:
c6:44:75:d1:71:38:47:cc:22:4a:2f:3d:54:f2:df:
56:2f:56:2c:a7:54:6f:47:bb:c1:54:1a:ce:30:9b:
98:f7:32:ce:a5:11:54:7a:76:76:3a:57:ae:ae:45:
9d:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:FD:47:F5:14:F7:F1:A4:5C:66:5D:C1:D8:A1:BA:56:0D:01:CB:72
X509v3 Authority Key Identifier:
keyid:AB:71:E9:B1:3F:5C:33:9A:58:69:2E:EA:BE:72:EA:A4:06:BB:BD:7D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/q3HpsT9cM5pYaS7qvnLqpAa7vX0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/6ba39c-ef1d-4d48-982b-cf4b900997a0/1/iP1H9RT38aRcZl3B2KG6Vg0By3I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/6ba39c-ef1d-4d48-982b-cf4b900997a0/1/q3HpsT9cM5pYaS7qvnLqpAa7vX0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.253.252.0/23
91.151.80.0/21
91.151.91.0-91.151.92.255
213.142.128.0-213.142.133.255
213.142.136.0/23
213.142.140.0-213.142.142.255
213.142.144.0/23
213.142.152.0/23
Signature Algorithm: sha256WithRSAEncryption
80:d7:6d:c3:48:3b:6e:8a:aa:41:37:ab:bb:17:33:fa:d1:9b:
e1:cd:0d:11:0c:28:70:54:0a:6e:24:8b:6a:51:3c:b6:47:44:
8e:75:ce:21:de:71:2d:61:6d:d4:c1:0f:e3:05:63:fa:e5:09:
65:cd:5c:67:8f:62:11:11:9a:c1:07:95:d5:a5:f4:5d:93:62:
e7:39:12:1b:f0:6c:90:e8:3d:5a:9c:96:51:c9:be:aa:78:c8:
9d:76:31:91:1d:04:0e:b3:12:93:54:0c:0f:58:db:c6:e0:21:
a9:d4:1b:ad:64:35:4f:45:fc:02:26:91:7f:c5:f0:83:a7:69:
c5:7a:22:b9:ee:f7:cd:a4:b6:b4:7d:63:57:91:cf:72:2d:e3:
ed:66:d1:cc:05:79:22:ac:d3:1c:d5:2c:30:23:d6:3f:78:57:
17:76:f4:dc:6b:26:3b:30:2d:df:cc:3b:4f:3c:71:5c:29:a5:
a6:07:1e:f5:32:af:b1:a0:34:6c:9a:61:cb:eb:1d:c8:32:ae:
51:1d:0b:83:79:ba:5f:40:81:de:41:ee:3a:be:a0:3e:d7:ec:
d1:cc:bc:9c:ab:52:6f:33:89:e3:aa:be:19:2c:36:53:c6:78:
11:ca:36:b5:bf:f7:b0:c0:ce:e0:9b:d6:c4:bc:e4:a4:1c:67:
09:d3:25:c3
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgISAYK0/BdumkgEBzcOwsaD5g/vMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiNzFlOWIxM2Y1YzMzOWE1ODY5MmVlYWJlNzJlYWE0MDZi
YmJkN2QwHhcNMjIwODE5MDcyMzE2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OGZkNDdmNTE0ZjdmMWE0NWM2NjVkYzFkOGExYmE1NjBkMDFjYjcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqnhiKvBoaUu55dBW1uAUVTHKD027
13SsICrXRtCC0A9RVM8YS4RcLjUkagxzfd39UlcwAOTMfIo46/eGFeJgK5nGYfuf
hUDF0EC0sgrXifDB/C427WYU/9kENdMq8V2jna5MeV2ZPesDvPGWOCVd4d88FxAr
L4fUlP0/u9pSzr+yUlDhjxNt4fn71dbCyBKb9D5246NZeGI59rRQaYYKiHvT6M61
7vnxLNVr9MVCdepVOjv2jWnmotdq/2SC9mLA5IQ7Iw+6aWN8NsL8dizZttfGRHXR
cThHzCJKLz1U8t9WL1Ysp1RvR7vBVBrOMJuY9zLOpRFUenZ2OleurkWdrwIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFIj9R/UU9/GkXGZdwdihulYNActyMB8GA1UdIwQY
MBaAFKtx6bE/XDOaWGku6r5y6qQGu719MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcTNIcHNUOWNNNXBZYVM3cXZuTHFwQWE3dlgwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS82YmEzOWMtZWYxZC00ZDQ4LTk4MmIt
Y2Y0YjkwMDk5N2EwLzEvaVAxSDlSVDM4YVJjWmwzQjJLRzZWZzBCeTNJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS82YmEzOWMtZWYxZC00ZDQ4LTk4MmItY2Y0YjkwMDk5N2Ew
LzEvcTNIcHNUOWNNNXBZYVM3cXZuTHFwQWE3dlgwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGEGCCsGAQUFBwEHAQH/BFIwUDBOBAIAATBIAwQBUP38AwQD
W5dQMAwDBABbl1sDBABbl1wwDAMEB9WOgAMEAdWOhAMEAdWOiDAMAwQC1Y6MAwQA
1Y6OAwQB1Y6QAwQB1Y6YMA0GCSqGSIb3DQEBCwUAA4IBAQCA123DSDtuiqpBN6u7
FzP60ZvhzQ0RDChwVApuJItqUTy2R0SOdc4h3nEtYW3UwQ/jBWP65QllzVxnj2IR
EZrBB5XVpfRdk2LnORIb8GyQ6D1anJZRyb6qeMiddjGRHQQOsxKTVAwPWNvG4CGp
1ButZDVPRfwCJpF/xfCDp2nFeiK57vfNpLa0fWNXkc9yLePtZtHMBXkirNMc1Sww
I9Y/eFcXdvTcayY7MC3fzDtPPHFcKaWmBx71Mq+xoDRsmmHL6x3IMq5RHQuDebpf
QIHeQe46vqA+1+zRzLycq1JvM4njqr4ZLDZTxngRyja1v/ewwM7gm9bEvOSkHGcJ
0yXD
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:03:11 2023 by rpki-client on console-fra.rpki-client.org