Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/ViUlZpMphIjUCB8qVFVBTipFwqM.roa
File: ViUlZpMphIjUCB8qVFVBTipFwqM.roa (raw, json)
Hash identifier: H+hWxld3lnSrquJ2FrSj0hqqExhh9eLzXZ/v25oP2z8=
Subject key identifier: 56:25:25:66:93:29:84:88:D4:08:1F:2A:54:55:41:4E:2A:45:C2:A3
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018C8B520C9724550F6109E2515143EFD13B
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/ViUlZpMphIjUCB8qVFVBTipFwqM.roa
Signing time: Thu 21 Dec 2023 07:40:59 +0000
ROA not before: Thu 21 Dec 2023 07:40:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200105
IP address blocks: 87.121.124.0/23 maxlen: 24
91.200.192.0/22 maxlen: 24
45.129.84.0/24 maxlen: 24
147.78.100.0/23 maxlen: 24
94.154.172.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:8b:52:0c:97:24:55:0f:61:09:e2:51:51:43:ef:d1:3b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Dec 21 07:40:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5625256693298488d4081f2a5455414e2a45c2a3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:81:6c:e4:2d:6a:14:32:66:14:b7:fc:ab:7b:
af:f8:4f:66:05:7b:fd:1f:d0:f7:e5:29:0f:97:21:
e7:89:c2:44:64:62:5c:0f:34:8f:09:ab:cd:76:53:
74:ff:6c:7f:8b:b8:e2:4e:45:7c:41:de:f0:a2:6b:
48:37:23:ac:8e:e3:d4:59:cb:d9:59:a8:09:19:e8:
d7:b6:80:18:c5:7e:0b:06:b7:48:17:27:74:8a:98:
c1:33:d4:3e:95:2b:41:5d:dc:af:85:c5:d6:11:19:
6c:90:f1:ac:92:0a:62:b8:f0:83:d7:d5:84:bd:f1:
6d:74:eb:88:85:05:50:e9:65:aa:d8:71:be:1c:1c:
d9:ec:f3:eb:e9:88:60:16:ae:49:0a:aa:8c:46:fc:
16:9a:7d:7f:ff:28:30:cf:06:9b:a8:40:f0:40:f8:
e3:18:f5:85:c6:63:2e:60:88:78:28:fd:2e:95:27:
23:77:e3:2c:2d:27:7c:1a:e3:04:68:79:65:75:b2:
32:d6:57:7d:a4:47:9c:1d:69:77:fa:e3:0f:52:a8:
7a:e0:de:27:b9:04:fe:54:39:8b:02:08:e7:bc:da:
5e:dc:e9:57:67:60:69:7a:5d:8a:27:ea:d7:a5:b0:
ff:e7:50:5b:5d:40:c0:2a:5c:ab:79:a1:d7:70:b2:
d0:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
56:25:25:66:93:29:84:88:D4:08:1F:2A:54:55:41:4E:2A:45:C2:A3
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/ViUlZpMphIjUCB8qVFVBTipFwqM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.129.84.0/24
87.121.124.0/23
91.200.192.0/22
94.154.172.0/24
147.78.100.0/23
Signature Algorithm: sha256WithRSAEncryption
0a:cc:cd:14:3a:db:3e:63:a7:0f:ce:d6:ad:de:b9:93:16:02:
7b:c2:e0:aa:01:2f:b3:97:9f:34:f4:29:76:a4:91:ee:85:1a:
b3:d1:06:9d:00:ba:6d:b4:aa:eb:2a:b8:bf:ca:32:f9:91:c0:
d5:c4:73:0a:26:9c:af:9f:eb:e3:ba:1a:b3:cb:e7:bd:1b:76:
04:15:47:1e:ea:6f:39:f6:02:01:54:21:13:1a:14:67:63:a6:
41:ba:0e:69:2e:0f:6c:d9:77:2a:b5:34:d5:a4:d9:35:4e:ff:
f7:c4:51:0b:36:8a:4f:73:bd:90:8a:95:aa:1b:32:fe:6c:75:
97:24:d5:0d:5f:d2:8f:e2:23:bf:22:f0:97:9f:44:08:61:7c:
7e:44:65:ef:37:de:fc:9c:7b:15:df:59:9a:fa:c8:28:ae:f8:
62:fc:4f:2c:87:2b:f3:b0:38:6c:69:b4:d3:46:34:a2:40:62:
82:f9:e8:02:b4:0b:93:2f:22:ee:da:98:9d:46:c6:67:fc:74:
da:59:51:9b:22:f7:3d:1b:45:91:5b:27:5f:06:31:fb:c3:bb:
d6:61:76:10:a9:48:ac:8f:4c:65:ba:89:27:07:68:a4:25:74:
79:16:fd:7d:55:56:df:db:30:2f:ac:63:bd:58:da:9e:d6:52:
1a:37:28:6e
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYyLUgyXJFUPYQniUVFD79E7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMxMjIxMDc0MDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NjI1MjU2NjkzMjk4NDg4ZDQwODFmMmE1NDU1NDE0ZTJhNDVjMmEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmIFs5C1qFDJmFLf8q3uv+E9mBXv9
H9D35SkPlyHnicJEZGJcDzSPCavNdlN0/2x/i7jiTkV8Qd7womtINyOsjuPUWcvZ
WagJGejXtoAYxX4LBrdIFyd0ipjBM9Q+lStBXdyvhcXWERlskPGskgpiuPCD19WE
vfFtdOuIhQVQ6WWq2HG+HBzZ7PPr6YhgFq5JCqqMRvwWmn1//ygwzwabqEDwQPjj
GPWFxmMuYIh4KP0ulScjd+MsLSd8GuMEaHlldbIy1ld9pEecHWl3+uMPUqh64N4n
uQT+VDmLAgjnvNpe3OlXZ2Bpel2KJ+rXpbD/51BbXUDAKlyreaHXcLLQEwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFFYlJWaTKYSI1AgfKlRVQU4qRcKjMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvVmlVbFpwTXBoSWpVQ0I4cVZGVkJUaXBGd3FNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQALYFUAwQB
V3l8AwQCW8jAAwQAXpqsAwQBk05kMA0GCSqGSIb3DQEBCwUAA4IBAQAKzM0UOts+
Y6cPztat3rmTFgJ7wuCqAS+zl5809Cl2pJHuhRqz0QadALpttKrrKri/yjL5kcDV
xHMKJpyvn+vjuhqzy+e9G3YEFUce6m859gIBVCETGhRnY6ZBug5pLg9s2XcqtTTV
pNk1Tv/3xFELNopPc72QipWqGzL+bHWXJNUNX9KP4iO/IvCXn0QIYXx+RGXvN978
nHsV31ma+sgorvhi/E8shyvzsDhsabTTRjSiQGKC+egCtAuTLyLu2pidRsZn/HTa
WVGbIvc9G0WRWydfBjH7w7vWYXYQqUisj0xluoknB2ikJXR5Fv19VVbf2zAvrGO9
WNqe1lIaNyhu
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:50:34 2024 by rpki-client on console-ams.rpki-client.org