Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/a1a88f-1dff-4eff-826b-36de657232be/1/Vj6pP1360zPvslM77GvqhXyPqLE.roa
File: Vj6pP1360zPvslM77GvqhXyPqLE.roa (raw, json)
Hash identifier: 8fQ0XpuojzXEuBN8VJrSOcg3jNOajijW5kBue5AEchM=
Subject key identifier: 56:3E:A9:3F:5D:FA:D3:33:EF:B2:53:3B:EC:6B:EA:85:7C:8F:A8:B1
Certificate issuer: /CN=6d20ddd398dac8f62cc12526325f1821fb724f75
Certificate serial: 0187798F381E6E43DDB01D3A34EA704CEB76
Authority key identifier: 6D:20:DD:D3:98:DA:C8:F6:2C:C1:25:26:32:5F:18:21:FB:72:4F:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bSDd05jayPYswSUmMl8YIftyT3U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/01/a1a88f-1dff-4eff-826b-36de657232be/1/Vj6pP1360zPvslM77GvqhXyPqLE.roa
Signing time: Thu 13 Apr 2023 07:40:41 +0000
ROA not before: Thu 13 Apr 2023 07:40:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 20853
IP address blocks: 194.113.34.0/24 maxlen: 24
45.83.180.0/22 maxlen: 22
2.58.124.0/22 maxlen: 22
45.150.109.0/24 maxlen: 24
45.150.110.0/23 maxlen: 23
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:79:8f:38:1e:6e:43:dd:b0:1d:3a:34:ea:70:4c:eb:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6d20ddd398dac8f62cc12526325f1821fb724f75
Validity
Not Before: Apr 13 07:40:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=563ea93f5dfad333efb2533bec6bea857c8fa8b1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:f2:8d:b5:18:ee:49:07:2a:b1:2d:ff:4a:46:
0b:3e:85:6f:45:08:6e:6e:86:4c:51:bf:fe:c3:5f:
ee:4b:37:1d:88:f5:ce:00:87:2b:5d:d0:47:a1:57:
2d:da:de:39:94:67:61:7e:2c:ba:55:49:da:eb:c9:
d8:59:0c:ac:c6:a6:8d:ae:e2:35:a3:a4:59:b2:50:
22:f9:41:9a:c2:fc:e8:57:29:1b:89:1a:e4:16:cc:
f1:13:d1:b6:14:57:10:d9:61:91:7c:3e:bc:aa:34:
a7:ac:4b:58:f3:6c:ad:0c:d1:95:04:60:60:32:80:
7c:25:73:8a:93:17:d5:8a:67:8c:dc:3c:60:61:a5:
7d:69:71:95:51:08:e0:31:41:5c:25:d2:c8:1c:3c:
99:f3:cd:e9:f4:82:36:77:45:ee:72:e3:e0:d3:ca:
cf:bb:ff:6a:f3:1a:77:2f:ce:7b:31:b4:6b:8e:05:
4c:a4:16:2d:e0:7d:8e:c5:55:77:7c:f2:79:cb:14:
4c:ca:cf:17:79:75:5e:cf:1b:85:3f:d4:ff:44:09:
1a:e0:2d:ac:e3:43:9e:fb:b1:4c:2f:c8:85:fb:df:
90:fe:82:9d:8b:57:04:4a:e8:1a:21:e0:c2:fe:91:
f5:fa:99:99:0c:7a:b0:1a:10:e7:69:69:ca:34:5d:
63:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
56:3E:A9:3F:5D:FA:D3:33:EF:B2:53:3B:EC:6B:EA:85:7C:8F:A8:B1
X509v3 Authority Key Identifier:
keyid:6D:20:DD:D3:98:DA:C8:F6:2C:C1:25:26:32:5F:18:21:FB:72:4F:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bSDd05jayPYswSUmMl8YIftyT3U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/a1a88f-1dff-4eff-826b-36de657232be/1/Vj6pP1360zPvslM77GvqhXyPqLE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/01/a1a88f-1dff-4eff-826b-36de657232be/1/bSDd05jayPYswSUmMl8YIftyT3U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.58.124.0/22
45.83.180.0/22
45.150.109.0-45.150.111.255
194.113.34.0/24
Signature Algorithm: sha256WithRSAEncryption
79:54:61:0c:ab:25:3e:d9:64:82:6c:25:d9:1e:b7:a0:ac:4a:
59:21:e3:2f:24:17:50:0f:7a:86:84:3f:16:7b:3c:c7:7c:17:
c9:8f:bc:7c:43:60:d1:31:95:45:45:09:99:26:71:1f:f7:20:
87:96:c8:d2:2d:f8:90:68:a5:43:b7:c6:81:e3:a2:4e:a6:79:
17:33:ac:5f:ec:ce:ad:9f:4f:0e:94:9e:9f:f2:cd:16:45:3f:
4a:5d:bc:b4:77:3a:f3:ef:91:d2:e7:17:9f:3f:d1:29:8b:41:
01:f7:91:03:88:5f:cc:ab:f7:0c:c4:8d:86:46:dd:12:35:da:
b0:47:3c:12:7d:47:3d:5e:ab:c7:38:36:e9:37:a9:42:7c:48:
7c:b5:d3:a2:1e:2a:09:a0:b0:91:a8:52:58:b8:c4:a2:3a:36:
50:8e:cd:c4:51:24:fc:bb:d8:bd:73:32:31:f6:15:56:17:9d:
b1:d2:02:2d:2e:28:da:2f:86:8e:bf:74:30:fd:71:5c:78:77:
b5:45:24:58:86:12:8f:01:03:cf:57:0e:e7:89:67:11:fb:4b:
4e:66:d0:50:9e:1b:15:fd:89:d5:41:7c:70:f5:e4:c5:5a:23:
77:45:33:58:22:5a:94:ff:ac:95:03:ff:55:b6:ce:d2:d2:0b:
1f:80:0b:84
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYd5jzgebkPdsB06NOpwTOt2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkMjBkZGQzOThkYWM4ZjYyY2MxMjUyNjMyNWYxODIxZmI3
MjRmNzUwHhcNMjMwNDEzMDc0MDQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NjNlYTkzZjVkZmFkMzMzZWZiMjUzM2JlYzZiZWE4NTdjOGZhOGIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk/KNtRjuSQcqsS3/SkYLPoVvRQhu
boZMUb/+w1/uSzcdiPXOAIcrXdBHoVct2t45lGdhfiy6VUna68nYWQysxqaNruI1
o6RZslAi+UGawvzoVykbiRrkFszxE9G2FFcQ2WGRfD68qjSnrEtY82ytDNGVBGBg
MoB8JXOKkxfVimeM3DxgYaV9aXGVUQjgMUFcJdLIHDyZ883p9II2d0XucuPg08rP
u/9q8xp3L857MbRrjgVMpBYt4H2OxVV3fPJ5yxRMys8XeXVezxuFP9T/RAka4C2s
40Oe+7FML8iF+9+Q/oKdi1cESugaIeDC/pH1+pmZDHqwGhDnaWnKNF1jPwIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFFY+qT9d+tMz77JTO+xr6oV8j6ixMB8GA1UdIwQY
MBaAFG0g3dOY2sj2LMElJjJfGCH7ck91MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYlNEZDA1amF5UFlzd1NVbU1sOFlJZnR5VDNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMS9hMWE4OGYtMWRmZi00ZWZmLTgyNmIt
MzZkZTY1NzIzMmJlLzEvVmo2cFAxMzYwelB2c2xNNzdHdnFoWHlQcUxFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMS9hMWE4OGYtMWRmZi00ZWZmLTgyNmItMzZkZTY1NzIzMmJl
LzEvYlNEZDA1amF5UFlzd1NVbU1sOFlJZnR5VDNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQCAjp8AwQC
LVO0MAwDBAAtlm0DBAQtlmADBADCcSIwDQYJKoZIhvcNAQELBQADggEBAHlUYQyr
JT7ZZIJsJdket6CsSlkh4y8kF1APeoaEPxZ7PMd8F8mPvHxDYNExlUVFCZkmcR/3
IIeWyNIt+JBopUO3xoHjok6meRczrF/szq2fTw6Unp/yzRZFP0pdvLR3OvPvkdLn
F58/0SmLQQH3kQOIX8yr9wzEjYZG3RI12rBHPBJ9Rz1eq8c4Nuk3qUJ8SHy106Ie
KgmgsJGoUli4xKI6NlCOzcRRJPy72L1zMjH2FVYXnbHSAi0uKNovho6/dDD9cVx4
d7VFJFiGEo8BA89XDueJZxH7S05m0FCeGxX9idVBfHD15MVaI3dFM1giWpT/rJUD
/1W2ztLSCx+AC4Q=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:50:00 2024 by rpki-client on console-ams.rpki-client.org