Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/e05e77-12ae-4f59-9491-cadd1129c98d/1/VNMKQImaPF_cIAEnY_NiEhmAGYM.roa
File: VNMKQImaPF_cIAEnY_NiEhmAGYM.roa (raw, json)
Hash identifier: bTJYtkg73ou4Rbe8zXojh7KZwVbjoo8oNvDd/ACBRzg=
Subject key identifier: 54:D3:0A:40:89:9A:3C:5F:DC:20:01:27:63:F3:62:12:19:80:19:83
Certificate issuer: /CN=e5bcfc1077cf876888fb6c75b2e394923205f3b5
Certificate serial: 04F91E85
Authority key identifier: E5:BC:FC:10:77:CF:87:68:88:FB:6C:75:B2:E3:94:92:32:05:F3:B5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5bz8EHfPh2iI-2x1suOUkjIF87U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0f/e05e77-12ae-4f59-9491-cadd1129c98d/1/VNMKQImaPF_cIAEnY_NiEhmAGYM.roa
Signing time: Sat 01 Jan 2022 13:07:23 +0000
ROA not before: Sat 01 Jan 2022 13:07:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 211836
IP address blocks: 147.189.214.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 83435141 (0x4f91e85)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e5bcfc1077cf876888fb6c75b2e394923205f3b5
Validity
Not Before: Jan 1 13:07:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=54d30a40899a3c5fdc20012763f3621219801983
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:1c:81:2b:df:0b:d7:e9:80:f9:78:bf:13:91:
a9:1d:43:e4:4f:b7:f8:a6:e2:66:46:7a:0c:75:0d:
cc:4a:12:03:b0:bb:de:37:79:68:21:b5:1b:dd:c2:
06:3b:d2:a6:63:b3:ec:98:97:4c:77:0f:bd:64:f3:
34:02:11:d3:3a:06:2f:3f:25:5c:2c:d1:d9:e9:de:
3c:bb:57:b2:54:5d:4f:fe:46:86:1f:ab:50:47:fb:
c3:e8:d6:b7:6e:2f:d7:02:43:3d:08:d9:96:b0:99:
cb:08:00:f3:9d:46:61:9c:e9:7d:42:ed:0d:2a:fe:
fc:99:7f:76:6b:17:07:64:de:dd:04:84:ef:69:9b:
cc:6b:a6:00:5b:93:b8:07:01:61:e1:5e:a4:95:25:
18:6b:8e:e1:89:3d:c6:35:e0:8a:62:3e:6a:d5:20:
98:bc:c2:61:b7:b8:c2:b2:6c:10:b7:ed:a9:b6:23:
33:d5:9f:0d:cb:21:11:63:49:03:1a:d8:c1:f7:90:
29:05:5b:b0:66:0c:c6:3c:5e:76:8c:7f:e4:65:a1:
e9:b1:59:9e:ea:e6:24:97:74:6c:53:88:71:fb:3e:
aa:80:45:19:09:a1:1a:dc:81:55:86:8d:b1:39:6b:
2d:2d:97:88:48:e5:4f:bb:0a:de:58:76:4f:11:08:
43:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:D3:0A:40:89:9A:3C:5F:DC:20:01:27:63:F3:62:12:19:80:19:83
X509v3 Authority Key Identifier:
keyid:E5:BC:FC:10:77:CF:87:68:88:FB:6C:75:B2:E3:94:92:32:05:F3:B5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5bz8EHfPh2iI-2x1suOUkjIF87U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/e05e77-12ae-4f59-9491-cadd1129c98d/1/VNMKQImaPF_cIAEnY_NiEhmAGYM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/e05e77-12ae-4f59-9491-cadd1129c98d/1/5bz8EHfPh2iI-2x1suOUkjIF87U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.189.214.0/24
Signature Algorithm: sha256WithRSAEncryption
52:77:6b:65:c9:4e:e9:36:d9:4a:45:16:50:01:8b:89:14:89:
21:0b:23:f6:bf:10:00:61:0b:36:02:d1:2a:9b:ff:c3:f7:bc:
97:45:fa:21:4b:87:2f:c3:25:02:d8:d7:70:5f:6e:6e:c8:fb:
c5:db:1d:a5:09:33:95:55:70:db:ba:12:19:b4:ee:04:29:3b:
d9:d3:46:f7:78:df:ec:89:bc:f5:c0:4d:64:d4:eb:e8:fa:31:
3d:c0:e4:f9:dd:51:94:f2:05:e9:e6:71:b9:2a:01:9c:c6:6e:
22:9c:26:54:fb:26:c3:ae:89:29:86:04:e8:74:a5:ca:ae:f4:
c8:7a:00:0f:b4:75:2b:f8:53:ae:4a:ce:43:2d:1f:0c:44:54:
c5:16:25:9a:4a:d2:57:ef:59:05:18:ea:50:b2:4b:32:5f:17:
6c:3a:a2:0a:e3:b5:d7:d3:84:21:4d:0e:26:e0:db:2f:b9:25:
58:77:ac:ed:8b:84:4c:39:66:7a:61:5f:b9:fe:9c:0a:79:cb:
d8:18:d5:0b:b3:d7:72:1b:c0:d1:7c:d1:99:cc:3f:bb:13:75:
4f:bb:11:f9:9f:af:89:00:92:71:f5:a9:95:77:c5:17:ed:fc:
fc:64:52:5f:e2:0c:0f:2d:18:5f:d5:af:e0:43:4c:78:2e:28:
1a:ff:6d:0e
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBPkehTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
NWJjZmMxMDc3Y2Y4NzY4ODhmYjZjNzViMmUzOTQ5MjMyMDVmM2I1MB4XDTIyMDEw
MTEzMDcyM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNTRkMzBhNDA4OTlh
M2M1ZmRjMjAwMTI3NjNmMzYyMTIxOTgwMTk4MzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMYcgSvfC9fpgPl4vxORqR1D5E+3+KbiZkZ6DHUNzEoSA7C7
3jd5aCG1G93CBjvSpmOz7JiXTHcPvWTzNAIR0zoGLz8lXCzR2enePLtXslRdT/5G
hh+rUEf7w+jWt24v1wJDPQjZlrCZywgA851GYZzpfULtDSr+/Jl/dmsXB2Te3QSE
72mbzGumAFuTuAcBYeFepJUlGGuO4Yk9xjXgimI+atUgmLzCYbe4wrJsELftqbYj
M9WfDcshEWNJAxrYwfeQKQVbsGYMxjxedox/5GWh6bFZnurmJJd0bFOIcfs+qoBF
GQmhGtyBVYaNsTlrLS2XiEjlT7sK3lh2TxEIQ9MCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRU0wpAiZo8X9wgASdj82ISGYAZgzAfBgNVHSMEGDAWgBTlvPwQd8+HaIj7
bHWy45SSMgXztTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzViejhFSGZQaDJpSS0yeDFzdU9Va2pJRjg3VS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMGYvZTA1ZTc3LTEyYWUtNGY1OS05NDkxLWNhZGQxMTI5Yzk4ZC8x
L1ZOTUtRSW1hUEZfY0lBRW5ZX05pRWhtQUdZTS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMGYv
ZTA1ZTc3LTEyYWUtNGY1OS05NDkxLWNhZGQxMTI5Yzk4ZC8xLzViejhFSGZQaDJp
SS0yeDFzdU9Va2pJRjg3VS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAJO91jANBgkqhkiG9w0BAQsFAAOC
AQEAUndrZclO6TbZSkUWUAGLiRSJIQsj9r8QAGELNgLRKpv/w/e8l0X6IUuHL8Ml
AtjXcF9ubsj7xdsdpQkzlVVw27oSGbTuBCk72dNG93jf7Im89cBNZNTr6PoxPcDk
+d1RlPIF6eZxuSoBnMZuIpwmVPsmw66JKYYE6HSlyq70yHoAD7R1K/hTrkrOQy0f
DERUxRYlmkrSV+9ZBRjqULJLMl8XbDqiCuO119OEIU0OJuDbL7klWHes7YuETDlm
emFfuf6cCnnL2BjVC7PXchvA0XzRmcw/uxN1T7sR+Z+viQCScfWplXfFF+38/GRS
X+IMDy0YX9Wv4ENMeC4oGv9tDg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:19:06 2024 by rpki-client on console-fra.rpki-client.org