Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/6ba39c-ef1d-4d48-982b-cf4b900997a0/1/p-eUERGEWkhOz-zrSQKnULv9w3A.roa
File: p-eUERGEWkhOz-zrSQKnULv9w3A.roa (raw, json)
Hash identifier: MorQedEpPAw4lsCTY76Fbs4k3mqZgWh/QS5nJa1aPew=
Subject key identifier: A7:E7:94:11:11:84:5A:48:4E:CF:EC:EB:49:02:A7:50:BB:FD:C3:70
Certificate issuer: /CN=ab71e9b13f5c339a58692eeabe72eaa406bbbd7d
Certificate serial: 0185110EFECA53DF2F719C207A5A588D1A93
Authority key identifier: AB:71:E9:B1:3F:5C:33:9A:58:69:2E:EA:BE:72:EA:A4:06:BB:BD:7D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/q3HpsT9cM5pYaS7qvnLqpAa7vX0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/6ba39c-ef1d-4d48-982b-cf4b900997a0/1/p-eUERGEWkhOz-zrSQKnULv9w3A.roa
Signing time: Wed 14 Dec 2022 14:34:33 +0000
ROA not before: Wed 14 Dec 2022 14:34:33 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 397563
IP address blocks: 213.142.136.0/24 maxlen: 24
213.142.133.0/24 maxlen: 24
213.142.137.0/24 maxlen: 24
213.142.144.0/24 maxlen: 32
213.142.145.0/24 maxlen: 32
213.142.142.0/24 maxlen: 32
213.142.152.0/24 maxlen: 24
213.142.153.0/24 maxlen: 24
213.142.128.0/24 maxlen: 24
213.142.129.0/24 maxlen: 24
213.142.131.0/24 maxlen: 24
213.142.132.0/24 maxlen: 24
213.142.130.0/24 maxlen: 24
91.151.92.0/24 maxlen: 24
80.253.252.0/24 maxlen: 24
80.253.253.0/24 maxlen: 24
91.151.80.0/21 maxlen: 24
91.151.80.0/24 maxlen: 24
91.151.82.0/24 maxlen: 24
91.151.91.0/24 maxlen: 24
91.151.86.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:11:0e:fe:ca:53:df:2f:71:9c:20:7a:5a:58:8d:1a:93
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab71e9b13f5c339a58692eeabe72eaa406bbbd7d
Validity
Not Before: Dec 14 14:34:33 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a7e7941111845a484ecfeceb4902a750bbfdc370
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:ad:c8:ca:23:9c:a2:dc:eb:72:79:32:a5:b5:
f3:ea:7a:08:f4:a7:fc:08:be:c4:27:ea:cf:31:cc:
4d:ab:4e:54:4f:1e:b1:28:07:30:fd:8c:29:a3:fc:
be:b2:74:5d:1c:f9:36:9a:66:85:61:0f:95:83:ce:
b5:81:9e:48:4c:f0:09:99:11:3c:a0:d8:0c:05:9c:
b4:d5:3b:2c:03:5b:b9:93:74:b6:9c:91:dc:e6:68:
a1:d4:67:5b:3e:14:09:bd:62:45:18:5c:dc:6d:f8:
80:2c:7a:c3:cd:05:41:f4:db:6e:b6:16:a1:8e:5c:
0d:60:c2:1f:e8:da:b7:a7:21:e2:1f:8d:94:fe:bd:
f4:a5:34:6b:8e:33:86:c8:88:13:24:05:b7:dc:83:
6a:d4:cc:4c:f2:35:c6:65:7a:f6:bf:07:f4:60:95:
1e:94:0d:66:d8:3e:d6:5f:62:ed:0b:70:16:e3:31:
94:74:ac:9a:37:5b:fa:79:35:cb:71:d7:ab:01:fd:
c5:f3:37:92:07:05:a7:d3:11:65:e1:5c:e8:f6:7e:
23:ef:7e:e2:6f:da:b5:ea:9f:02:dd:11:16:6f:2d:
65:9d:fe:30:9f:cc:2a:38:54:9e:42:fd:a7:a0:0b:
f4:86:2f:4b:f3:34:d4:e4:f7:24:fa:81:bd:67:b9:
9f:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:E7:94:11:11:84:5A:48:4E:CF:EC:EB:49:02:A7:50:BB:FD:C3:70
X509v3 Authority Key Identifier:
keyid:AB:71:E9:B1:3F:5C:33:9A:58:69:2E:EA:BE:72:EA:A4:06:BB:BD:7D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/q3HpsT9cM5pYaS7qvnLqpAa7vX0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/6ba39c-ef1d-4d48-982b-cf4b900997a0/1/p-eUERGEWkhOz-zrSQKnULv9w3A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/6ba39c-ef1d-4d48-982b-cf4b900997a0/1/q3HpsT9cM5pYaS7qvnLqpAa7vX0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.253.252.0/23
91.151.80.0/21
91.151.91.0-91.151.92.255
213.142.128.0-213.142.133.255
213.142.136.0/23
213.142.142.0/24
213.142.144.0/23
213.142.152.0/23
Signature Algorithm: sha256WithRSAEncryption
30:22:10:6d:22:3d:2a:65:8e:0d:a2:63:90:7e:d8:53:eb:4c:
ee:3a:1f:b1:8f:cf:70:e0:92:00:dd:da:29:e5:bb:58:c8:87:
f9:b3:55:b4:6b:3a:3c:23:5a:d3:b0:22:b4:95:fd:7a:da:85:
7e:03:e2:77:83:a2:9a:32:f8:b8:0e:ee:5b:63:8e:00:b5:d0:
d2:a8:bb:a5:4a:80:25:d4:ce:0f:82:20:77:1d:0f:2f:24:e8:
05:54:76:a5:53:bd:16:d4:00:19:13:64:ab:42:57:7c:0b:9c:
f2:f5:45:54:3d:c9:55:50:64:31:74:d0:6a:79:1d:5a:02:06:
a7:e2:1f:dc:0d:fc:33:55:4e:c0:c4:92:3f:42:11:ae:d4:21:
fc:15:74:49:db:b5:11:7a:23:9e:fc:cf:74:1b:05:4c:a6:9a:
62:f9:3a:13:62:d0:05:63:62:2f:02:d6:bd:ee:08:3c:98:17:
d2:b7:fb:d4:e7:2c:bc:d3:ec:e2:82:1c:f3:6b:d8:99:5c:a5:
ec:8c:6a:7a:a5:87:72:db:8e:ff:a9:38:55:e7:de:e5:55:f2:
97:17:11:21:77:4c:3a:99:60:1d:f9:3f:dc:cc:cf:cd:64:61:
7c:74:cb:3b:19:fd:9a:69:1c:bc:b8:de:c2:b5:99:10:b4:5c:
0e:5d:3c:62
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgISAYURDv7KU98vcZwgelpYjRqTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiNzFlOWIxM2Y1YzMzOWE1ODY5MmVlYWJlNzJlYWE0MDZi
YmJkN2QwHhcNMjIxMjE0MTQzNDMzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhN2U3OTQxMTExODQ1YTQ4NGVjZmVjZWI0OTAyYTc1MGJiZmRjMzcwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArq3IyiOcotzrcnkypbXz6noI9Kf8
CL7EJ+rPMcxNq05UTx6xKAcw/Ywpo/y+snRdHPk2mmaFYQ+Vg861gZ5ITPAJmRE8
oNgMBZy01TssA1u5k3S2nJHc5mih1GdbPhQJvWJFGFzcbfiALHrDzQVB9Ntuthah
jlwNYMIf6Nq3pyHiH42U/r30pTRrjjOGyIgTJAW33INq1MxM8jXGZXr2vwf0YJUe
lA1m2D7WX2LtC3AW4zGUdKyaN1v6eTXLcderAf3F8zeSBwWn0xFl4Vzo9n4j737i
b9q16p8C3REWby1lnf4wn8wqOFSeQv2noAv0hi9L8zTU5Pck+oG9Z7mfqwIDAQAB
o4ICQzCCAj8wHQYDVR0OBBYEFKfnlBERhFpITs/s60kCp1C7/cNwMB8GA1UdIwQY
MBaAFKtx6bE/XDOaWGku6r5y6qQGu719MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcTNIcHNUOWNNNXBZYVM3cXZuTHFwQWE3dlgwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS82YmEzOWMtZWYxZC00ZDQ4LTk4MmIt
Y2Y0YjkwMDk5N2EwLzEvcC1lVUVSR0VXa2hPei16clNRS25VTHY5dzNBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS82YmEzOWMtZWYxZC00ZDQ4LTk4MmItY2Y0YjkwMDk5N2Ew
LzEvcTNIcHNUOWNNNXBZYVM3cXZuTHFwQWE3dlgwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFkGCCsGAQUFBwEHAQH/BEowSDBGBAIAATBAAwQBUP38AwQD
W5dQMAwDBABbl1sDBABbl1wwDAMEB9WOgAMEAdWOhAMEAdWOiAMEANWOjgMEAdWO
kAMEAdWOmDANBgkqhkiG9w0BAQsFAAOCAQEAMCIQbSI9KmWODaJjkH7YU+tM7jof
sY/PcOCSAN3aKeW7WMiH+bNVtGs6PCNa07AitJX9etqFfgPid4OimjL4uA7uW2OO
ALXQ0qi7pUqAJdTOD4Igdx0PLyToBVR2pVO9FtQAGRNkq0JXfAuc8vVFVD3JVVBk
MXTQankdWgIGp+If3A38M1VOwMSSP0IRrtQh/BV0Sdu1EXojnvzPdBsFTKaaYvk6
E2LQBWNiLwLWve4IPJgX0rf71OcsvNPs4oIc82vYmVyl7IxqeqWHctuO/6k4Vefe
5VXylxcRIXdMOplgHfk/3MzPzWRhfHTLOxn9mmkcvLjewrWZELRcDl08Yg==
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:12:30 2025 by rpki-client