Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/VDSC9NH-GSThoDtglcjafYIEQfc.roa
File: VDSC9NH-GSThoDtglcjafYIEQfc.roa (raw, json)
Hash identifier: dQ2LMPu6/5iVBvirVJQDOy2TjkKORV0cGh3qpaimqYI=
Subject key identifier: 54:34:82:F4:D1:FE:19:24:E1:A0:3B:60:95:C8:DA:7D:82:04:41:F7
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 0184CC989228D4270EB802FCC1587B7DC2A9
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/VDSC9NH-GSThoDtglcjafYIEQfc.roa
Signing time: Thu 01 Dec 2022 07:31:01 +0000
ROA not before: Thu 01 Dec 2022 07:31:01 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 50225
IP address blocks: 194.55.224.0/24 maxlen: 24
84.54.50.0/24 maxlen: 24
178.215.226.0/24 maxlen: 24
194.55.225.0/24 maxlen: 24
194.55.227.0/24 maxlen: 24
193.42.34.0/24 maxlen: 24
193.47.63.0/24 maxlen: 24
193.47.60.0/24 maxlen: 24
84.21.173.0/24 maxlen: 24
45.88.64.0/24 maxlen: 24
194.180.51.0/24 maxlen: 24
83.219.96.0/24 maxlen: 24
94.154.162.0/24 maxlen: 24
87.121.220.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:cc:98:92:28:d4:27:0e:b8:02:fc:c1:58:7b:7d:c2:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Dec 1 07:31:01 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=543482f4d1fe1924e1a03b6095c8da7d820441f7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:70:e3:22:7f:de:5e:bd:b9:85:bb:99:d2:3a:
57:83:8f:4e:54:9f:c3:6b:78:49:1d:b4:1c:bb:79:
f3:c5:0a:5b:58:d2:cd:9d:af:ef:c6:25:55:1a:82:
79:39:bd:b4:08:94:77:7b:e1:08:fb:f4:95:ed:41:
c7:18:58:ab:e9:6d:66:bd:ab:cf:b1:c0:2a:e1:a5:
8e:62:bd:1f:22:a5:2e:43:76:4c:01:db:05:61:65:
54:14:c5:38:5e:9a:04:1e:55:3d:27:cb:a2:ec:89:
d0:6b:8c:43:f8:c0:5c:87:5c:4e:88:86:1f:9e:97:
4a:bd:4f:74:4d:42:ef:76:bd:0c:29:03:df:78:63:
bd:a4:5a:7e:96:d0:1d:6f:eb:98:a2:95:1d:cc:59:
ef:99:61:ba:09:01:be:ed:93:b9:fc:a4:fa:52:05:
d1:22:0d:7f:98:b2:ee:34:e8:10:e6:c6:b4:4d:3f:
3c:d2:d7:ae:d9:a2:7c:00:f3:6f:ee:89:ab:2f:22:
89:2d:6a:49:ce:62:8d:60:21:14:46:e6:0d:e4:c0:
f5:6d:d2:fc:db:e6:2c:a3:05:61:2d:17:38:48:ce:
ea:48:05:45:39:e5:3f:f6:76:f3:b3:21:5d:aa:75:
9c:c9:fc:0b:96:c8:89:22:60:02:79:49:4c:f8:2b:
d3:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:34:82:F4:D1:FE:19:24:E1:A0:3B:60:95:C8:DA:7D:82:04:41:F7
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/VDSC9NH-GSThoDtglcjafYIEQfc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.88.64.0/24
83.219.96.0/24
84.21.173.0/24
84.54.50.0/24
87.121.220.0/24
94.154.162.0/24
178.215.226.0/24
193.42.34.0/24
193.47.60.0/24
193.47.63.0/24
194.55.224.0/23
194.55.227.0/24
194.180.51.0/24
Signature Algorithm: sha256WithRSAEncryption
57:d0:d3:72:ab:8c:b2:c3:85:0e:93:87:6b:07:8f:d9:e0:33:
b6:3c:0c:6d:01:de:03:b0:ca:b8:93:3b:de:df:7c:84:dd:09:
67:aa:4b:14:47:74:ec:43:96:0f:70:d7:03:15:ba:67:02:98:
ce:83:43:91:aa:e5:89:e7:e1:08:7e:69:fc:e2:65:5e:b4:f4:
a5:77:bb:fc:49:d1:83:17:7d:12:ad:f8:a7:10:1b:b6:cf:1d:
f8:42:dd:0f:aa:92:61:bd:d2:bb:58:92:b0:81:cd:5e:96:7b:
0c:7e:87:65:30:ea:f9:7b:25:23:ee:1a:8f:4e:f6:e6:6d:86:
5a:81:a7:6f:8e:26:44:13:1d:97:b7:0f:fe:f4:2c:c2:f3:ef:
73:7b:3c:04:af:87:83:af:0d:e3:78:ab:cb:b6:b3:c1:26:85:
a0:47:bd:3a:03:55:15:78:be:ed:84:bf:88:fb:40:05:c7:7b:
79:c2:8d:87:17:25:ef:9d:e4:f1:fa:04:95:ac:53:fb:5a:e1:
13:6c:cd:a6:82:03:31:95:7c:9c:ae:43:27:e0:16:02:8f:c4:
a1:19:74:f3:66:10:7c:dc:3c:ba:1f:83:d2:ca:9d:02:c8:de:
a4:b9:87:50:b8:3c:42:30:fd:8c:cc:3a:8e:b7:01:23:a9:3d:
3a:4f:83:28
-----BEGIN CERTIFICATE-----
MIIFRTCCBC2gAwIBAgISAYTMmJIo1CcOuAL8wVh7fcKpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjIxMjAxMDczMTAxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NDM0ODJmNGQxZmUxOTI0ZTFhMDNiNjA5NWM4ZGE3ZDgyMDQ0MWY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjHDjIn/eXr25hbuZ0jpXg49OVJ/D
a3hJHbQcu3nzxQpbWNLNna/vxiVVGoJ5Ob20CJR3e+EI+/SV7UHHGFir6W1mvavP
scAq4aWOYr0fIqUuQ3ZMAdsFYWVUFMU4XpoEHlU9J8ui7InQa4xD+MBch1xOiIYf
npdKvU90TULvdr0MKQPfeGO9pFp+ltAdb+uYopUdzFnvmWG6CQG+7ZO5/KT6UgXR
Ig1/mLLuNOgQ5sa0TT880teu2aJ8APNv7omrLyKJLWpJzmKNYCEURuYN5MD1bdL8
2+YsowVhLRc4SM7qSAVFOeU/9nbzsyFdqnWcyfwLlsiJImACeUlM+CvTaQIDAQAB
o4ICUTCCAk0wHQYDVR0OBBYEFFQ0gvTR/hkk4aA7YJXI2n2CBEH3MB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvVkRTQzlOSC1HU1Rob0R0Z2xjamFmWUlFUWZjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGcGCCsGAQUFBwEHAQH/BFgwVjBUBAIAATBOAwQALVhAAwQA
U9tgAwQAVBWtAwQAVDYyAwQAV3ncAwQAXpqiAwQAstfiAwQAwSoiAwQAwS88AwQA
wS8/AwQBwjfgAwQAwjfjAwQAwrQzMA0GCSqGSIb3DQEBCwUAA4IBAQBX0NNyq4yy
w4UOk4drB4/Z4DO2PAxtAd4DsMq4kzve33yE3QlnqksUR3TsQ5YPcNcDFbpnApjO
g0ORquWJ5+EIfmn84mVetPSld7v8SdGDF30SrfinEBu2zx34Qt0PqpJhvdK7WJKw
gc1elnsMfodlMOr5eyUj7hqPTvbmbYZagadvjiZEEx2Xtw/+9CzC8+9zezwEr4eD
rw3jeKvLtrPBJoWgR706A1UVeL7thL+I+0AFx3t5wo2HFyXvneTx+gSVrFP7WuET
bM2mggMxlXycrkMn4BYCj8ShGXTzZhB83Dy6H4PSyp0CyN6kuYdQuDxCMP2MzDqO
twEjqT06T4Mo
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:17:08 2024 by rpki-client on console-fra.rpki-client.org