Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/6ba39c-ef1d-4d48-982b-cf4b900997a0/1/yjX7M48qzuLfYKf8NPNfxc_uRR0.roa
File: yjX7M48qzuLfYKf8NPNfxc_uRR0.roa (raw, json)
Hash identifier: Xf5jFLAZ4qpJ5JaJv8/al/x0EQCUI0SlmpEaWG5EF90=
Subject key identifier: CA:35:FB:33:8F:2A:CE:E2:DF:60:A7:FC:34:F3:5F:C5:CF:EE:45:1D
Certificate issuer: /CN=ab71e9b13f5c339a58692eeabe72eaa406bbbd7d
Certificate serial: 0182EF491D837AAA007515E61CBFD9495B99
Authority key identifier: AB:71:E9:B1:3F:5C:33:9A:58:69:2E:EA:BE:72:EA:A4:06:BB:BD:7D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/q3HpsT9cM5pYaS7qvnLqpAa7vX0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/6ba39c-ef1d-4d48-982b-cf4b900997a0/1/yjX7M48qzuLfYKf8NPNfxc_uRR0.roa
Signing time: Tue 30 Aug 2022 15:05:22 +0000
ROA not before: Tue 30 Aug 2022 15:05:22 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 397563
IP address blocks: 213.142.136.0/24 maxlen: 24
213.142.133.0/24 maxlen: 24
213.142.137.0/24 maxlen: 24
213.142.144.0/24 maxlen: 32
213.142.145.0/24 maxlen: 32
213.142.142.0/24 maxlen: 32
213.142.152.0/24 maxlen: 24
213.142.153.0/24 maxlen: 24
213.142.128.0/24 maxlen: 24
213.142.129.0/24 maxlen: 24
213.142.131.0/24 maxlen: 24
213.142.132.0/24 maxlen: 24
213.142.130.0/24 maxlen: 24
91.151.92.0/24 maxlen: 24
80.253.252.0/24 maxlen: 24
80.253.253.0/24 maxlen: 24
91.151.80.0/21 maxlen: 24
91.151.80.0/24 maxlen: 24
91.151.85.0/24 maxlen: 24
91.151.82.0/24 maxlen: 24
91.151.91.0/24 maxlen: 24
91.151.86.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:ef:49:1d:83:7a:aa:00:75:15:e6:1c:bf:d9:49:5b:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab71e9b13f5c339a58692eeabe72eaa406bbbd7d
Validity
Not Before: Aug 30 15:05:22 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ca35fb338f2acee2df60a7fc34f35fc5cfee451d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:94:4a:82:5e:4f:c0:27:87:7d:8d:89:73:fe:
99:5e:6d:d2:52:d0:bc:88:5a:7f:d3:e8:5a:30:3d:
c9:b3:e5:0c:9d:f7:e7:e2:95:d3:ad:e5:34:78:9d:
37:e2:af:03:03:d2:2e:7e:fc:ed:48:0d:42:fa:ae:
f2:7f:c2:96:36:bc:0c:e0:ff:80:ea:3b:bb:9e:c9:
af:36:4f:48:d4:d7:ee:61:4b:0f:fe:43:bd:00:1d:
9e:17:be:fa:5f:b2:52:c5:98:c2:53:ac:b6:a2:f0:
1c:b4:94:1e:5f:6a:9d:76:42:88:0d:e1:63:e6:41:
5b:b7:6c:30:e3:87:69:a6:d7:d8:63:f1:7f:02:ac:
7d:1b:10:81:5c:5b:22:e3:06:4e:86:35:5e:e9:0e:
b0:ab:f1:11:22:8b:ca:f0:f6:a2:5b:78:01:f0:9e:
27:00:72:89:26:d4:a8:61:44:b0:34:4c:86:dc:f5:
8c:a3:7e:96:a6:dd:9a:94:a1:5e:fa:16:7f:94:2b:
8a:cd:b4:67:42:99:ad:b6:24:c8:d8:96:9c:eb:23:
3e:e2:79:4f:02:1a:48:f6:4c:c6:9c:10:76:d7:76:
62:40:67:47:0b:27:b6:b0:43:b4:2e:ff:4c:f9:fe:
bb:43:a0:a5:8c:01:50:fc:8c:a4:dd:ac:d0:c1:11:
ef:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:35:FB:33:8F:2A:CE:E2:DF:60:A7:FC:34:F3:5F:C5:CF:EE:45:1D
X509v3 Authority Key Identifier:
keyid:AB:71:E9:B1:3F:5C:33:9A:58:69:2E:EA:BE:72:EA:A4:06:BB:BD:7D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/q3HpsT9cM5pYaS7qvnLqpAa7vX0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/6ba39c-ef1d-4d48-982b-cf4b900997a0/1/yjX7M48qzuLfYKf8NPNfxc_uRR0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/6ba39c-ef1d-4d48-982b-cf4b900997a0/1/q3HpsT9cM5pYaS7qvnLqpAa7vX0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.253.252.0/23
91.151.80.0/21
91.151.91.0-91.151.92.255
213.142.128.0-213.142.133.255
213.142.136.0/23
213.142.142.0/24
213.142.144.0/23
213.142.152.0/23
Signature Algorithm: sha256WithRSAEncryption
38:55:a1:dc:26:8c:17:ab:15:65:ed:d6:71:ef:93:91:cf:f6:
76:6a:60:4d:54:74:57:54:13:b6:39:3e:74:59:dd:3c:36:fc:
00:50:45:b4:98:19:25:ec:8b:78:8f:7b:0a:83:97:de:ff:b7:
ed:cc:e1:89:8f:9a:b5:17:07:90:ff:b3:3d:23:d7:53:14:3f:
70:fa:96:c4:11:a6:04:80:72:5a:74:75:de:99:e7:c2:92:72:
2f:43:11:8c:2c:90:9d:db:b2:55:53:52:40:4d:f7:a8:46:e2:
bf:d3:6b:97:8d:08:3a:ae:e1:db:e8:c5:91:28:5f:50:fb:e6:
61:7d:d9:8c:0b:94:2b:3e:1f:2e:2a:e0:31:55:9d:f6:42:0f:
f1:93:33:78:df:7d:ef:3a:61:ac:74:b2:a5:05:a8:5c:02:59:
3e:04:fa:c7:34:d2:c9:d5:f6:a0:e7:3d:ff:ce:69:ed:99:2c:
ed:36:ac:4f:7e:78:67:06:ef:34:33:f7:b9:31:f1:b7:11:44:
86:ec:86:e0:37:9e:bf:0b:d2:e7:d7:69:49:32:be:54:f6:e5:
05:a7:bb:43:ba:6a:41:8c:70:28:d8:da:66:51:bc:9c:b8:2e:
55:7c:9b:3b:04:c9:9f:91:ee:f4:d5:d4:e2:ad:12:24:79:6f:
da:35:a8:1e
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgISAYLvSR2DeqoAdRXmHL/ZSVuZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiNzFlOWIxM2Y1YzMzOWE1ODY5MmVlYWJlNzJlYWE0MDZi
YmJkN2QwHhcNMjIwODMwMTUwNTIyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYTM1ZmIzMzhmMmFjZWUyZGY2MGE3ZmMzNGYzNWZjNWNmZWU0NTFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr5RKgl5PwCeHfY2Jc/6ZXm3SUtC8
iFp/0+haMD3Js+UMnffn4pXTreU0eJ034q8DA9IufvztSA1C+q7yf8KWNrwM4P+A
6ju7nsmvNk9I1NfuYUsP/kO9AB2eF776X7JSxZjCU6y2ovActJQeX2qddkKIDeFj
5kFbt2ww44dpptfYY/F/Aqx9GxCBXFsi4wZOhjVe6Q6wq/ERIovK8PaiW3gB8J4n
AHKJJtSoYUSwNEyG3PWMo36Wpt2alKFe+hZ/lCuKzbRnQpmttiTI2Jac6yM+4nlP
AhpI9kzGnBB213ZiQGdHCye2sEO0Lv9M+f67Q6CljAFQ/Iyk3azQwRHvlwIDAQAB
o4ICQzCCAj8wHQYDVR0OBBYEFMo1+zOPKs7i32Cn/DTzX8XP7kUdMB8GA1UdIwQY
MBaAFKtx6bE/XDOaWGku6r5y6qQGu719MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcTNIcHNUOWNNNXBZYVM3cXZuTHFwQWE3dlgwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS82YmEzOWMtZWYxZC00ZDQ4LTk4MmIt
Y2Y0YjkwMDk5N2EwLzEveWpYN000OHF6dUxmWUtmOE5QTmZ4Y191UlIwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS82YmEzOWMtZWYxZC00ZDQ4LTk4MmItY2Y0YjkwMDk5N2Ew
LzEvcTNIcHNUOWNNNXBZYVM3cXZuTHFwQWE3dlgwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFkGCCsGAQUFBwEHAQH/BEowSDBGBAIAATBAAwQBUP38AwQD
W5dQMAwDBABbl1sDBABbl1wwDAMEB9WOgAMEAdWOhAMEAdWOiAMEANWOjgMEAdWO
kAMEAdWOmDANBgkqhkiG9w0BAQsFAAOCAQEAOFWh3CaMF6sVZe3Wce+Tkc/2dmpg
TVR0V1QTtjk+dFndPDb8AFBFtJgZJeyLeI97CoOX3v+37czhiY+atRcHkP+zPSPX
UxQ/cPqWxBGmBIByWnR13pnnwpJyL0MRjCyQnduyVVNSQE33qEbiv9Nrl40IOq7h
2+jFkShfUPvmYX3ZjAuUKz4fLirgMVWd9kIP8ZMzeN997zphrHSypQWoXAJZPgT6
xzTSydX2oOc9/85p7Zks7TasT354ZwbvNDP3uTHxtxFEhuyG4DeevwvS59dpSTK+
VPblBae7Q7pqQYxwKNjaZlG8nLguVXybOwTJn5Hu9NXU4q0SJHlv2jWoHg==
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:09:43 2025 by rpki-client