Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/VLXQhLHsTn7nNJs297m47DbQuH0.roa
File: VLXQhLHsTn7nNJs297m47DbQuH0.roa (raw, json)
Hash identifier: ys1CscW/mnyngaCL6phc0cDY5l+o8+IyQSGMMCNHZpg=
Subject key identifier: 54:B5:D0:84:B1:EC:4E:7E:E7:34:9B:36:F7:B9:B8:EC:36:D0:B8:7D
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 01896E2D41EF2904B9D3F0A373521D16E0B0
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/VLXQhLHsTn7nNJs297m47DbQuH0.roa
Signing time: Wed 19 Jul 2023 12:43:26 +0000
ROA not before: Wed 19 Jul 2023 12:43:26 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3214
IP address blocks: 92.119.124.0/22 maxlen: 24
45.88.88.0/23 maxlen: 24
87.120.218.0/24 maxlen: 24
193.148.56.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:6e:2d:41:ef:29:04:b9:d3:f0:a3:73:52:1d:16:e0:b0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Jul 19 12:43:26 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=54b5d084b1ec4e7ee7349b36f7b9b8ec36d0b87d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:08:92:4b:ca:f5:13:b6:b5:fe:77:d4:34:29:
aa:fa:d7:83:f1:85:ff:4f:d9:7f:8a:b0:39:ac:5b:
42:63:ca:91:83:cf:dd:3f:12:19:07:00:e6:59:41:
5f:2a:e2:fe:dc:fd:21:06:79:d0:f6:fe:4c:57:84:
59:2a:5a:02:a7:51:c5:89:fa:75:53:58:a8:bf:f3:
83:be:89:ad:16:e2:05:13:12:cd:98:87:d7:3f:23:
92:df:2f:98:a7:54:24:20:6e:f8:f0:de:cb:8b:a6:
79:e9:4b:95:8b:25:d7:ce:6a:3d:28:96:53:1a:60:
48:f6:54:7a:08:f2:2f:04:7b:d5:ab:b4:3c:fb:5d:
8d:89:c7:f6:33:5d:d2:a8:53:28:9f:4d:6d:55:15:
8b:5d:cd:2a:dc:a6:03:68:bd:b8:3f:78:88:3a:da:
0d:4d:88:95:94:fb:c3:87:f1:79:72:8a:d8:01:54:
2f:c1:6e:25:2c:11:79:14:3e:28:7f:f3:02:5f:86:
22:1b:2e:df:11:b6:34:79:6d:2f:ea:5f:1c:39:7a:
41:e8:2f:66:f3:6e:55:7d:ce:e2:8d:d0:87:5e:3c:
17:48:13:c9:74:13:e1:09:29:33:a0:98:a4:f3:3c:
87:db:52:3a:a1:34:13:31:44:ce:d7:da:84:f0:6a:
eb:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:B5:D0:84:B1:EC:4E:7E:E7:34:9B:36:F7:B9:B8:EC:36:D0:B8:7D
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/VLXQhLHsTn7nNJs297m47DbQuH0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.88.88.0/23
87.120.218.0/24
92.119.124.0/22
193.148.56.0/22
Signature Algorithm: sha256WithRSAEncryption
7d:ec:18:f6:25:99:68:d7:20:35:50:81:d8:df:62:10:85:e5:
9e:f3:d4:ef:c7:4d:5e:e7:68:41:97:32:94:4a:86:e5:75:d5:
ef:57:e6:67:ae:fb:3e:30:5d:11:79:68:be:bf:be:d0:85:5f:
79:d0:ba:67:02:a4:14:3b:f6:93:be:25:c0:7d:60:c5:f6:f0:
38:1b:f9:18:6b:60:3b:c2:a8:9a:4b:eb:64:c3:05:e1:3b:15:
37:ed:02:c0:bc:65:2e:ef:54:65:02:73:c5:6e:f7:36:c1:30:
2e:fc:df:5a:b1:e8:52:51:b5:1e:2e:17:33:5e:5f:e4:64:4c:
c9:c9:61:87:2f:0a:38:c4:f9:f9:f7:56:81:fb:0c:4f:39:92:
ca:bf:38:fa:97:29:58:9b:c8:72:4a:81:58:62:3c:90:cb:93:
83:92:90:b0:e8:03:84:c0:cb:79:ca:fd:7d:48:9c:32:f3:57:
42:fe:65:28:ad:7f:4c:3f:e6:c1:d4:e2:b5:71:e0:39:d0:cb:
58:14:3f:ad:c0:4b:25:03:9b:c7:23:d0:a4:07:25:bb:24:bf:
9f:fc:b8:aa:77:7d:1d:ea:76:28:d8:1f:fc:be:4b:f0:07:45:
cb:9a:99:db:7c:5b:57:e1:93:75:3a:23:93:82:6c:aa:24:b2:
70:00:81:51
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYluLUHvKQS50/Cjc1IdFuCwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMwNzE5MTI0MzI2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NGI1ZDA4NGIxZWM0ZTdlZTczNDliMzZmN2I5YjhlYzM2ZDBiODdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjwiSS8r1E7a1/nfUNCmq+teD8YX/
T9l/irA5rFtCY8qRg8/dPxIZBwDmWUFfKuL+3P0hBnnQ9v5MV4RZKloCp1HFifp1
U1iov/ODvomtFuIFExLNmIfXPyOS3y+Yp1QkIG748N7Li6Z56UuViyXXzmo9KJZT
GmBI9lR6CPIvBHvVq7Q8+12Nicf2M13SqFMon01tVRWLXc0q3KYDaL24P3iIOtoN
TYiVlPvDh/F5corYAVQvwW4lLBF5FD4of/MCX4YiGy7fEbY0eW0v6l8cOXpB6C9m
825Vfc7ijdCHXjwXSBPJdBPhCSkzoJik8zyH21I6oTQTMUTO19qE8GrrCQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFFS10ISx7E5+5zSbNve5uOw20Lh9MB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvVkxYUWhMSHNUbjduTkpzMjk3bTQ3RGJRdUgwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQBLVhYAwQA
V3jaAwQCXHd8AwQCwZQ4MA0GCSqGSIb3DQEBCwUAA4IBAQB97Bj2JZlo1yA1UIHY
32IQheWe89Tvx01e52hBlzKUSoblddXvV+Znrvs+MF0ReWi+v77QhV950LpnAqQU
O/aTviXAfWDF9vA4G/kYa2A7wqiaS+tkwwXhOxU37QLAvGUu71RlAnPFbvc2wTAu
/N9asehSUbUeLhczXl/kZEzJyWGHLwo4xPn591aB+wxPOZLKvzj6lylYm8hySoFY
YjyQy5ODkpCw6AOEwMt5yv19SJwy81dC/mUorX9MP+bB1OK1ceA50MtYFD+twEsl
A5vHI9CkByW7JL+f/Liqd30d6nYo2B/8vkvwB0XLmpnbfFtX4ZN1OiOTgmyqJLJw
AIFR
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:17:08 2024 by rpki-client on console-fra.rpki-client.org