Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/VTaiHJLDssVLXgs4N_bBU3X174Y.roa
File: VTaiHJLDssVLXgs4N_bBU3X174Y.roa (raw, json)
Hash identifier: 77F5hzZLBSS7ptmZ5BL/6XFxdhr0kcFQEm0fKLNsW2A=
Subject key identifier: 55:36:A2:1C:92:C3:B2:C5:4B:5E:0B:38:37:F6:C1:53:75:F5:EF:86
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 0185A01C2E0156792DC351534F8C65188E80
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/VTaiHJLDssVLXgs4N_bBU3X174Y.roa
Signing time: Wed 11 Jan 2023 09:14:39 +0000
ROA not before: Wed 11 Jan 2023 09:14:39 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 0
IP address blocks: 185.218.84.0/22 maxlen: 24
87.121.124.0/23 maxlen: 24
185.216.84.0/22 maxlen: 24
171.22.72.0/22 maxlen: 24
185.218.137.0/24 maxlen: 24
185.252.176.0/24 maxlen: 24
94.154.161.0/24 maxlen: 24
94.154.162.0/23 maxlen: 24
185.219.126.0/24 maxlen: 24
45.151.89.0/24 maxlen: 24
92.119.196.0/23 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:a0:1c:2e:01:56:79:2d:c3:51:53:4f:8c:65:18:8e:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Jan 11 09:14:39 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5536a21c92c3b2c54b5e0b3837f6c15375f5ef86
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:5e:6a:a5:a8:bb:1f:2b:83:40:8a:12:ba:25:
0a:2f:e5:43:3d:03:38:8e:f9:fb:d1:d9:87:07:fa:
0d:eb:49:52:88:38:49:d3:9a:12:19:6c:96:2f:ea:
88:f9:36:25:9b:56:66:fc:11:70:81:8b:d6:90:8a:
cf:54:0b:7a:99:60:0e:35:33:1c:6c:70:4c:aa:38:
e4:fc:08:25:66:81:95:f0:66:bf:d9:ae:80:8f:12:
09:4c:6f:79:20:3e:a8:2b:64:3d:30:1e:05:5a:19:
bf:80:82:69:30:0a:a3:3c:38:3e:28:5b:2a:a0:84:
f6:f2:7a:72:ca:c1:f9:f5:43:78:b2:94:f7:23:ed:
ea:2a:67:21:94:8e:81:12:d8:39:06:9f:f6:e2:3c:
b5:ee:4f:8a:29:ed:ac:bf:5d:73:47:7a:8f:2c:b3:
e6:f2:29:9f:23:3e:3f:79:1f:9a:98:47:45:a0:df:
0d:a5:b5:2a:34:38:ba:52:09:b2:12:52:cb:2d:37:
b6:1b:bc:52:1c:db:f4:80:4a:41:58:fa:1b:78:cf:
64:9e:28:cc:15:94:76:5c:71:7a:8b:19:c3:1a:2a:
4e:58:ca:6f:c1:6c:31:3d:a2:f4:5e:b1:75:64:44:
30:20:c0:7a:32:27:50:f5:03:c8:e0:3c:a3:92:6b:
28:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:36:A2:1C:92:C3:B2:C5:4B:5E:0B:38:37:F6:C1:53:75:F5:EF:86
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/VTaiHJLDssVLXgs4N_bBU3X174Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.151.89.0/24
87.121.124.0/23
92.119.196.0/23
94.154.161.0-94.154.163.255
171.22.72.0/22
185.216.84.0/22
185.218.84.0/22
185.218.137.0/24
185.219.126.0/24
185.252.176.0/24
Signature Algorithm: sha256WithRSAEncryption
7a:7d:d8:b6:d2:f7:86:4f:64:6b:ec:e6:dd:7c:a9:6f:a6:96:
94:03:90:32:0c:43:d6:57:0a:9e:75:69:c1:eb:cd:e9:ac:14:
c0:53:1f:ea:d3:79:59:1d:40:af:61:37:41:31:46:7b:78:2a:
e9:b5:c9:69:cd:10:70:ac:e4:5c:7d:03:a0:f5:4a:3f:61:eb:
5c:ab:5f:a0:37:d4:0f:93:be:3c:06:4b:ab:40:81:52:ec:0e:
de:cc:b3:64:0e:01:ba:36:3b:fd:72:5f:07:26:ee:2f:c2:aa:
eb:c6:ca:35:ed:88:e1:64:5e:4b:bf:dc:34:13:8d:a0:3c:d4:
ca:91:91:a8:b5:46:2e:38:ab:f0:24:0a:f8:96:22:cd:78:e8:
b4:72:ac:e6:fd:28:6a:fb:30:d4:28:ab:84:b6:de:e5:8e:d5:
4a:4b:a2:9f:ce:be:78:2f:5d:d4:6e:a3:22:92:a8:ed:40:85:
bf:ec:7a:48:f4:ef:30:1b:e5:d6:c9:8f:9f:84:44:22:12:d1:
02:f8:34:7b:db:80:66:c5:65:2b:d3:14:68:4f:91:f4:b5:72:
69:c1:6c:38:f8:15:d9:ec:58:90:cd:51:a6:1d:83:0a:1c:83:
fc:6e:c9:42:4b:b9:2e:71:84:cb:27:e6:63:e6:8e:20:25:43:
4c:45:82:b1
-----BEGIN CERTIFICATE-----
MIIFOzCCBCOgAwIBAgISAYWgHC4BVnktw1FTT4xlGI6AMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMwMTExMDkxNDM5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NTM2YTIxYzkyYzNiMmM1NGI1ZTBiMzgzN2Y2YzE1Mzc1ZjVlZjg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAql5qpai7HyuDQIoSuiUKL+VDPQM4
jvn70dmHB/oN60lSiDhJ05oSGWyWL+qI+TYlm1Zm/BFwgYvWkIrPVAt6mWAONTMc
bHBMqjjk/AglZoGV8Ga/2a6AjxIJTG95ID6oK2Q9MB4FWhm/gIJpMAqjPDg+KFsq
oIT28npyysH59UN4spT3I+3qKmchlI6BEtg5Bp/24jy17k+KKe2sv11zR3qPLLPm
8imfIz4/eR+amEdFoN8NpbUqNDi6UgmyElLLLTe2G7xSHNv0gEpBWPobeM9knijM
FZR2XHF6ixnDGipOWMpvwWwxPaL0XrF1ZEQwIMB6MidQ9QPI4DyjkmsofwIDAQAB
o4ICRzCCAkMwHQYDVR0OBBYEFFU2ohySw7LFS14LODf2wVN19e+GMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvVlRhaUhKTERzc1ZMWGdzNE5fYkJVM1gxNzRZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF0GCCsGAQUFBwEHAQH/BE4wTDBKBAIAATBEAwQALZdZAwQB
V3l8AwQBXHfEMAwDBABemqEDBAJemqADBAKrFkgDBAK52FQDBAK52lQDBAC52okD
BAC5234DBAC5/LAwDQYJKoZIhvcNAQELBQADggEBAHp92LbS94ZPZGvs5t18qW+m
lpQDkDIMQ9ZXCp51acHrzemsFMBTH+rTeVkdQK9hN0ExRnt4Kum1yWnNEHCs5Fx9
A6D1Sj9h61yrX6A31A+TvjwGS6tAgVLsDt7Ms2QOAbo2O/1yXwcm7i/CquvGyjXt
iOFkXku/3DQTjaA81MqRkai1Ri44q/AkCviWIs146LRyrOb9KGr7MNQoq4S23uWO
1UpLop/OvngvXdRuoyKSqO1Ahb/sekj07zAb5dbJj5+ERCIS0QL4NHvbgGbFZSvT
FGhPkfS1cmnBbDj4FdnsWJDNUaYdgwocg/xuyUJLuS5xhMsn5mPmjiAlQ0xFgrE=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:50:34 2024 by rpki-client on console-ams.rpki-client.org