Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/6ba39c-ef1d-4d48-982b-cf4b900997a0/1/uyeAdf6jjlPcEWfbWckobKjoxzc.roa
File: uyeAdf6jjlPcEWfbWckobKjoxzc.roa (raw, json)
Hash identifier: Up2PJ+DQmxsMuHXf3thrzz9TaRhzZ1XG288mz64eoKY=
Subject key identifier: BB:27:80:75:FE:A3:8E:53:DC:11:67:DB:59:C9:28:6C:A8:E8:C7:37
Certificate issuer: /CN=ab71e9b13f5c339a58692eeabe72eaa406bbbd7d
Certificate serial: 018CAD234377A0E5DC754C28513D56E72F24
Authority key identifier: AB:71:E9:B1:3F:5C:33:9A:58:69:2E:EA:BE:72:EA:A4:06:BB:BD:7D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/q3HpsT9cM5pYaS7qvnLqpAa7vX0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/6ba39c-ef1d-4d48-982b-cf4b900997a0/1/uyeAdf6jjlPcEWfbWckobKjoxzc.roa
Signing time: Wed 27 Dec 2023 21:16:58 +0000
ROA not before: Wed 27 Dec 2023 21:16:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 397563
IP address blocks: 213.142.136.0/24 maxlen: 24
213.142.137.0/24 maxlen: 24
213.142.144.0/24 maxlen: 32
213.142.145.0/24 maxlen: 32
213.142.142.0/24 maxlen: 32
213.142.152.0/23 maxlen: 24
213.142.159.0/24 maxlen: 24
213.142.128.0/24 maxlen: 24
213.142.129.0/24 maxlen: 24
213.142.131.0/24 maxlen: 24
213.142.130.0/24 maxlen: 24
91.151.92.0/24 maxlen: 24
80.253.246.0/24 maxlen: 32
80.253.252.0/22 maxlen: 24
91.151.80.0/24 maxlen: 24
91.151.82.0/24 maxlen: 24
91.151.91.0/24 maxlen: 24
91.151.89.0/24 maxlen: 32
91.151.88.0/24 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ad:23:43:77:a0:e5:dc:75:4c:28:51:3d:56:e7:2f:24
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab71e9b13f5c339a58692eeabe72eaa406bbbd7d
Validity
Not Before: Dec 27 21:16:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bb278075fea38e53dc1167db59c9286ca8e8c737
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:41:70:79:25:67:d8:80:62:da:98:56:95:d9:
12:ce:46:f6:65:9d:06:84:6c:9d:93:1d:09:9d:b7:
a1:1c:69:0e:cd:e1:75:b1:6b:50:29:3b:99:d3:c9:
a4:3c:4e:dd:de:cb:43:c7:c7:63:8d:75:94:e8:ca:
23:5f:3d:ac:45:ae:6b:f7:bc:d6:8d:d5:71:4c:78:
85:7a:4a:16:98:1c:97:f2:c6:9b:a4:71:e8:4a:e5:
ac:59:04:de:cf:45:74:15:31:ab:ad:a0:ee:34:c5:
ca:41:65:70:09:a7:35:eb:d9:39:d1:f7:31:12:85:
74:cf:da:56:62:ec:de:13:d8:d7:72:bb:45:9e:3a:
8e:84:03:27:87:f6:72:40:0c:65:31:2f:33:1d:2e:
57:2c:3f:76:f7:1a:f3:08:9c:e3:01:00:40:02:f7:
39:e1:f1:ac:e8:27:34:3f:2f:75:ab:73:fe:21:36:
56:93:31:af:bb:73:69:ab:65:9b:b0:28:0c:36:81:
db:0c:b6:4f:21:7b:9f:41:00:50:68:34:c6:0b:af:
1e:19:94:6b:ad:b2:57:fc:93:e6:7d:90:db:05:6a:
a0:48:a0:54:f4:bf:a8:3c:a2:4b:21:48:a6:ee:74:
ce:70:74:e2:8f:f9:19:8f:d5:3f:8b:a1:85:83:c6:
c3:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:27:80:75:FE:A3:8E:53:DC:11:67:DB:59:C9:28:6C:A8:E8:C7:37
X509v3 Authority Key Identifier:
keyid:AB:71:E9:B1:3F:5C:33:9A:58:69:2E:EA:BE:72:EA:A4:06:BB:BD:7D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/q3HpsT9cM5pYaS7qvnLqpAa7vX0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/6ba39c-ef1d-4d48-982b-cf4b900997a0/1/uyeAdf6jjlPcEWfbWckobKjoxzc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/6ba39c-ef1d-4d48-982b-cf4b900997a0/1/q3HpsT9cM5pYaS7qvnLqpAa7vX0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.253.246.0/24
80.253.252.0/22
91.151.80.0/24
91.151.82.0/24
91.151.88.0/23
91.151.91.0-91.151.92.255
213.142.128.0/22
213.142.136.0/23
213.142.142.0/24
213.142.144.0/23
213.142.152.0/23
213.142.159.0/24
Signature Algorithm: sha256WithRSAEncryption
50:0c:7d:9a:d7:bf:27:af:f7:33:4d:0c:f3:d4:fb:ba:df:a4:
6f:9c:b4:ef:54:fe:39:78:d6:06:bb:37:79:52:f1:9c:37:2c:
02:a8:bd:3e:49:d0:d2:71:8d:73:65:0d:ba:e0:45:db:37:d0:
ea:6c:a6:23:b5:6c:65:ee:1b:6f:97:fa:21:8e:f3:c6:1c:02:
ed:39:cc:00:b7:a8:cd:10:d4:e0:8d:d6:89:1a:c5:8e:5d:1e:
55:2c:71:98:89:47:c5:3f:3d:05:d1:de:40:e7:d7:75:13:77:
37:44:f0:7b:f1:a4:e8:6d:88:cf:12:e8:96:e2:1e:ed:db:93:
24:68:cf:41:2c:b0:b1:10:f1:32:b3:6b:c3:10:2a:f8:e2:24:
ec:7b:f0:59:18:33:e1:c9:8b:a7:b6:40:1f:99:6d:97:1a:05:
d2:71:da:bd:17:9b:9f:05:97:06:16:8e:df:20:ea:c1:b9:90:
74:fe:37:39:fc:c1:8e:13:a4:1d:e0:e9:31:14:0a:2f:3d:bb:
bb:c9:f2:cb:7b:80:2c:70:66:8d:bd:65:99:cd:b1:0c:87:65:
11:2e:9b:f9:e8:4d:63:16:47:35:c4:cb:ec:8f:6c:3d:f5:60:
22:72:d1:ba:18:a3:64:d6:94:9b:e6:a4:c9:46:06:e3:44:dc:
71:68:23:9e
-----BEGIN CERTIFICATE-----
MIIFRzCCBC+gAwIBAgISAYytI0N3oOXcdUwoUT1W5y8kMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiNzFlOWIxM2Y1YzMzOWE1ODY5MmVlYWJlNzJlYWE0MDZi
YmJkN2QwHhcNMjMxMjI3MjExNjU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYjI3ODA3NWZlYTM4ZTUzZGMxMTY3ZGI1OWM5Mjg2Y2E4ZThjNzM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmkFweSVn2IBi2phWldkSzkb2ZZ0G
hGydkx0JnbehHGkOzeF1sWtQKTuZ08mkPE7d3stDx8djjXWU6MojXz2sRa5r97zW
jdVxTHiFekoWmByX8sabpHHoSuWsWQTez0V0FTGrraDuNMXKQWVwCac169k50fcx
EoV0z9pWYuzeE9jXcrtFnjqOhAMnh/ZyQAxlMS8zHS5XLD929xrzCJzjAQBAAvc5
4fGs6Cc0Py91q3P+ITZWkzGvu3Npq2WbsCgMNoHbDLZPIXufQQBQaDTGC68eGZRr
rbJX/JPmfZDbBWqgSKBU9L+oPKJLIUim7nTOcHTij/kZj9U/i6GFg8bDHQIDAQAB
o4ICUzCCAk8wHQYDVR0OBBYEFLsngHX+o45T3BFn21nJKGyo6Mc3MB8GA1UdIwQY
MBaAFKtx6bE/XDOaWGku6r5y6qQGu719MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcTNIcHNUOWNNNXBZYVM3cXZuTHFwQWE3dlgwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS82YmEzOWMtZWYxZC00ZDQ4LTk4MmIt
Y2Y0YjkwMDk5N2EwLzEvdXllQWRmNmpqbFBjRVdmYldja29iS2pveHpjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS82YmEzOWMtZWYxZC00ZDQ4LTk4MmItY2Y0YjkwMDk5N2Ew
LzEvcTNIcHNUOWNNNXBZYVM3cXZuTHFwQWE3dlgwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGkGCCsGAQUFBwEHAQH/BFowWDBWBAIAATBQAwQAUP32AwQC
UP38AwQAW5dQAwQAW5dSAwQBW5dYMAwDBABbl1sDBABbl1wDBALVjoADBAHVjogD
BADVjo4DBAHVjpADBAHVjpgDBADVjp8wDQYJKoZIhvcNAQELBQADggEBAFAMfZrX
vyev9zNNDPPU+7rfpG+ctO9U/jl41ga7N3lS8Zw3LAKovT5J0NJxjXNlDbrgRds3
0OpspiO1bGXuG2+X+iGO88YcAu05zAC3qM0Q1OCN1okaxY5dHlUscZiJR8U/PQXR
3kDn13UTdzdE8HvxpOhtiM8S6JbiHu3bkyRoz0EssLEQ8TKza8MQKvjiJOx78FkY
M+HJi6e2QB+ZbZcaBdJx2r0Xm58FlwYWjt8g6sG5kHT+Nzn8wY4TpB3g6TEUCi89
u7vJ8st7gCxwZo29ZZnNsQyHZREum/noTWMWRzXEy+yPbD31YCJy0boYo2TWlJvm
pMlGBuNE3HFoI54=
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:08:37 2025 by rpki-client