Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/6ba39c-ef1d-4d48-982b-cf4b900997a0/1/j_pKq9S8jGM_tHmhHDf1lI-lKe4.roa
File: j_pKq9S8jGM_tHmhHDf1lI-lKe4.roa (raw, json)
Hash identifier: MiuDgoT2t3sOC5iW2urV/iQkkAR7pcu9LeHIlfeHrrU=
Subject key identifier: 8F:FA:4A:AB:D4:BC:8C:63:3F:B4:79:A1:1C:37:F5:94:8F:A5:29:EE
Certificate issuer: /CN=ab71e9b13f5c339a58692eeabe72eaa406bbbd7d
Certificate serial: 018CB01691C0A8FE74334B6B4469ACEA19B3
Authority key identifier: AB:71:E9:B1:3F:5C:33:9A:58:69:2E:EA:BE:72:EA:A4:06:BB:BD:7D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/q3HpsT9cM5pYaS7qvnLqpAa7vX0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/6ba39c-ef1d-4d48-982b-cf4b900997a0/1/j_pKq9S8jGM_tHmhHDf1lI-lKe4.roa
Signing time: Thu 28 Dec 2023 11:01:58 +0000
ROA not before: Thu 28 Dec 2023 11:01:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 397563
IP address blocks: 213.142.136.0/24 maxlen: 24
213.142.137.0/24 maxlen: 24
213.142.144.0/24 maxlen: 32
213.142.145.0/24 maxlen: 32
213.142.142.0/24 maxlen: 32
213.142.152.0/23 maxlen: 24
213.142.128.0/24 maxlen: 24
213.142.129.0/24 maxlen: 24
213.142.131.0/24 maxlen: 24
213.142.130.0/24 maxlen: 24
91.151.92.0/24 maxlen: 24
80.253.252.0/22 maxlen: 24
91.151.80.0/24 maxlen: 24
91.151.82.0/24 maxlen: 24
91.151.91.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:b0:16:91:c0:a8:fe:74:33:4b:6b:44:69:ac:ea:19:b3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab71e9b13f5c339a58692eeabe72eaa406bbbd7d
Validity
Not Before: Dec 28 11:01:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8ffa4aabd4bc8c633fb479a11c37f5948fa529ee
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:7a:c8:28:fd:b3:cf:d2:ea:01:48:af:62:c5:
ef:1a:c5:80:0e:ad:5b:38:8d:38:98:1f:50:8d:21:
b8:d6:b0:56:19:c0:20:68:f9:e3:49:68:02:48:b3:
4b:48:68:60:3e:3f:fa:5c:4d:7d:8e:d0:63:c6:8e:
be:b0:89:c0:b5:37:08:ba:04:40:94:b9:90:3e:94:
fe:ab:e5:88:05:75:7e:bc:6c:29:9a:fd:6d:a6:28:
7d:ee:de:64:0c:32:87:14:b8:97:fe:bc:91:7c:24:
2e:8b:45:8c:cd:4b:5b:c0:09:60:9e:aa:6f:3e:41:
1c:3f:95:f7:79:4b:0d:27:a3:5c:52:0f:64:df:c4:
5f:1a:15:ce:b7:09:df:78:40:5a:8b:51:7a:38:7b:
3f:69:e9:b8:ab:c6:40:77:db:61:47:31:8d:f8:8f:
a6:5c:5c:3f:3d:3c:84:d6:a2:e2:25:1a:1a:5b:d7:
fb:f6:4f:b2:7a:07:73:61:42:89:ea:6d:77:22:6a:
d4:fb:6e:0f:b5:f2:7b:1b:13:c3:0b:36:92:81:4a:
c6:81:48:b9:6c:0d:af:14:64:b0:a7:99:d1:5d:44:
f4:f1:6d:2a:22:a4:6c:c3:25:91:3f:d7:2f:f5:af:
bd:f6:a9:22:2b:fa:72:2d:08:f5:8b:06:92:ea:c0:
7d:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:FA:4A:AB:D4:BC:8C:63:3F:B4:79:A1:1C:37:F5:94:8F:A5:29:EE
X509v3 Authority Key Identifier:
keyid:AB:71:E9:B1:3F:5C:33:9A:58:69:2E:EA:BE:72:EA:A4:06:BB:BD:7D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/q3HpsT9cM5pYaS7qvnLqpAa7vX0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/6ba39c-ef1d-4d48-982b-cf4b900997a0/1/j_pKq9S8jGM_tHmhHDf1lI-lKe4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/6ba39c-ef1d-4d48-982b-cf4b900997a0/1/q3HpsT9cM5pYaS7qvnLqpAa7vX0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.253.252.0/22
91.151.80.0/24
91.151.82.0/24
91.151.91.0-91.151.92.255
213.142.128.0/22
213.142.136.0/23
213.142.142.0/24
213.142.144.0/23
213.142.152.0/23
Signature Algorithm: sha256WithRSAEncryption
42:49:8d:ca:7c:e2:af:c6:02:ad:35:93:6c:d0:d9:25:d7:08:
8e:b8:e1:5b:aa:af:fc:85:41:02:85:32:52:be:59:8e:6e:ff:
eb:aa:45:7d:86:75:8d:e2:22:a9:46:03:1c:b4:7c:e0:a5:69:
1f:f6:f0:f1:84:73:1f:7e:2d:cc:31:db:74:ec:9e:6e:05:e8:
ee:55:0f:0a:5f:8f:3e:07:4a:60:a8:f8:ec:d9:7a:b1:be:dc:
ad:82:bf:43:bb:62:3b:f9:23:15:af:c5:43:34:dd:3f:d4:9f:
d9:c6:25:05:67:15:0c:c8:00:5b:7c:e3:1d:ae:9a:8f:e1:ee:
90:60:66:97:86:28:60:a9:4f:71:4d:e6:aa:05:b2:78:ba:ae:
06:d3:7a:00:9d:1a:4d:b0:4a:29:cd:4f:3a:d3:c7:47:05:9d:
0c:b4:49:45:92:67:96:1b:a9:14:1f:74:15:4b:4d:19:4c:2b:
a6:cb:13:01:5f:97:bf:92:81:69:1c:dc:22:19:8f:97:b6:d0:
1f:b8:30:cd:c1:b9:f5:e6:8b:68:d8:3b:ef:c7:68:ba:a5:39:
61:61:81:17:bd:db:29:71:79:f3:e2:70:ca:fa:21:1e:49:a7:
c8:55:68:be:50:43:71:08:c4:89:9c:fc:ab:dd:48:10:36:af:
63:27:4b:1c
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgISAYywFpHAqP50M0trRGms6hmzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiNzFlOWIxM2Y1YzMzOWE1ODY5MmVlYWJlNzJlYWE0MDZi
YmJkN2QwHhcNMjMxMjI4MTEwMTU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZmZhNGFhYmQ0YmM4YzYzM2ZiNDc5YTExYzM3ZjU5NDhmYTUyOWVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApHrIKP2zz9LqAUivYsXvGsWADq1b
OI04mB9QjSG41rBWGcAgaPnjSWgCSLNLSGhgPj/6XE19jtBjxo6+sInAtTcIugRA
lLmQPpT+q+WIBXV+vGwpmv1tpih97t5kDDKHFLiX/ryRfCQui0WMzUtbwAlgnqpv
PkEcP5X3eUsNJ6NcUg9k38RfGhXOtwnfeEBai1F6OHs/aem4q8ZAd9thRzGN+I+m
XFw/PTyE1qLiJRoaW9f79k+yegdzYUKJ6m13ImrU+24PtfJ7GxPDCzaSgUrGgUi5
bA2vFGSwp5nRXUT08W0qIqRswyWRP9cv9a+99qkiK/pyLQj1iwaS6sB92wIDAQAB
o4ICQTCCAj0wHQYDVR0OBBYEFI/6SqvUvIxjP7R5oRw39ZSPpSnuMB8GA1UdIwQY
MBaAFKtx6bE/XDOaWGku6r5y6qQGu719MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcTNIcHNUOWNNNXBZYVM3cXZuTHFwQWE3dlgwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS82YmEzOWMtZWYxZC00ZDQ4LTk4MmIt
Y2Y0YjkwMDk5N2EwLzEval9wS3E5UzhqR01fdEhtaEhEZjFsSS1sS2U0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS82YmEzOWMtZWYxZC00ZDQ4LTk4MmItY2Y0YjkwMDk5N2Ew
LzEvcTNIcHNUOWNNNXBZYVM3cXZuTHFwQWE3dlgwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFcGCCsGAQUFBwEHAQH/BEgwRjBEBAIAATA+AwQCUP38AwQA
W5dQAwQAW5dSMAwDBABbl1sDBABbl1wDBALVjoADBAHVjogDBADVjo4DBAHVjpAD
BAHVjpgwDQYJKoZIhvcNAQELBQADggEBAEJJjcp84q/GAq01k2zQ2SXXCI644Vuq
r/yFQQKFMlK+WY5u/+uqRX2GdY3iIqlGAxy0fOClaR/28PGEcx9+Lcwx23Tsnm4F
6O5VDwpfjz4HSmCo+OzZerG+3K2Cv0O7Yjv5IxWvxUM03T/Un9nGJQVnFQzIAFt8
4x2umo/h7pBgZpeGKGCpT3FN5qoFsni6rgbTegCdGk2wSinNTzrTx0cFnQy0SUWS
Z5YbqRQfdBVLTRlMK6bLEwFfl7+SgWkc3CIZj5e20B+4MM3BufXmi2jYO+/HaLql
OWFhgRe92ylxefPicMr6IR5Jp8hVaL5QQ3EIxImc/KvdSBA2r2MnSxw=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:52:04 2024 by rpki-client on console-fra.rpki-client.org