Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/f7b7c2-5d8d-4e88-8454-0a532156b2a6/1/VVxJJn2r2RoIkEDxYXBgnA2uAaI.roa
File: VVxJJn2r2RoIkEDxYXBgnA2uAaI.roa (raw, json)
Hash identifier: PnnFhNCnjHrXh6EY4+gghhU/Yi4/lmB3HhGQjYHnAxM=
Subject key identifier: 55:5C:49:26:7D:AB:D9:1A:08:90:40:F1:61:70:60:9C:0D:AE:01:A2
Certificate issuer: /CN=f05c6af3d022620f72c53b770e82e5c73ae5506d
Certificate serial: 01638333
Authority key identifier: F0:5C:6A:F3:D0:22:62:0F:72:C5:3B:77:0E:82:E5:C7:3A:E5:50:6D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8Fxq89AiYg9yxTt3DoLlxzrlUG0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/f7b7c2-5d8d-4e88-8454-0a532156b2a6/1/VVxJJn2r2RoIkEDxYXBgnA2uAaI.roa
Signing time: Sat 01 Jan 2022 15:01:22 +0000
ROA not before: Sat 01 Jan 2022 15:01:22 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 207355
IP address blocks: 193.187.160.0/22 maxlen: 22
83.143.120.0/21 maxlen: 21
85.202.16.0/20 maxlen: 20
91.196.172.0/22 maxlen: 22
193.239.48.0/22 maxlen: 22
66.97.192.0/19 maxlen: 19
193.239.168.0/23 maxlen: 23
2a06:f240::/29 maxlen: 29
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 23298867 (0x1638333)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f05c6af3d022620f72c53b770e82e5c73ae5506d
Validity
Not Before: Jan 1 15:01:22 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=555c49267dabd91a089040f16170609c0dae01a2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:d9:6d:c5:80:26:01:28:69:e4:c6:5c:af:05:
2e:0b:86:84:e3:8c:25:e4:07:a2:28:07:a7:ad:52:
db:28:4b:b2:c3:01:03:4d:1f:e0:aa:bb:94:46:5a:
41:45:e5:ac:09:5b:f8:ac:cb:34:f3:e1:c8:06:d3:
35:22:e8:2f:34:d5:51:2f:8a:9d:61:bb:0f:36:b9:
87:9b:09:2f:15:a4:b0:9d:52:49:25:5d:75:db:30:
e3:79:5c:0c:1a:36:12:52:a7:92:c3:36:b9:f3:c9:
f6:79:b4:ff:01:b6:01:5c:a0:61:83:b0:20:8e:8d:
24:25:cb:a8:fa:bf:8c:cf:73:d7:f0:fb:71:80:66:
05:a6:fd:80:56:21:46:51:cc:e7:79:b2:0b:45:1e:
8c:c2:53:f9:11:3c:5d:52:ca:cd:10:ee:be:e0:b9:
22:a9:7a:7f:e4:83:e3:63:7a:ba:13:10:1b:52:76:
33:71:64:e0:76:46:5b:7b:60:02:34:ab:67:58:ff:
e7:36:1f:1e:40:7e:58:71:ce:b1:b6:59:5b:00:6f:
00:c4:b5:9a:e3:10:fc:50:a9:6e:ab:92:73:8e:2a:
92:84:11:b0:ac:77:73:85:ad:5a:36:65:55:d2:c9:
4b:48:a6:ac:ee:e9:82:9f:b3:70:fc:4a:45:7d:be:
ed:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:5C:49:26:7D:AB:D9:1A:08:90:40:F1:61:70:60:9C:0D:AE:01:A2
X509v3 Authority Key Identifier:
keyid:F0:5C:6A:F3:D0:22:62:0F:72:C5:3B:77:0E:82:E5:C7:3A:E5:50:6D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8Fxq89AiYg9yxTt3DoLlxzrlUG0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/f7b7c2-5d8d-4e88-8454-0a532156b2a6/1/VVxJJn2r2RoIkEDxYXBgnA2uAaI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/f7b7c2-5d8d-4e88-8454-0a532156b2a6/1/8Fxq89AiYg9yxTt3DoLlxzrlUG0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
66.97.192.0/19
83.143.120.0/21
85.202.16.0/20
91.196.172.0/22
193.187.160.0/22
193.239.48.0/22
193.239.168.0/23
IPv6:
2a06:f240::/29
Signature Algorithm: sha256WithRSAEncryption
2c:5f:dd:b8:d4:db:fc:a0:f5:6b:70:85:f8:7e:18:5d:f6:da:
d8:99:d7:a2:f8:fe:6c:88:68:cd:8a:a6:44:85:c7:e5:68:27:
99:15:57:88:49:1d:92:14:99:e6:e9:92:de:2b:8e:cc:e9:d1:
df:94:61:aa:04:23:ce:c2:1f:40:0b:1e:19:86:fe:7a:f3:6a:
50:79:83:a2:da:c8:b3:f0:f6:f6:b7:e8:ab:08:5e:0d:b5:e8:
19:b1:10:be:d1:bb:21:5c:5c:bd:87:09:93:ed:bf:2c:22:62:
0c:a0:00:7f:35:ed:56:dc:6a:e5:8a:31:eb:11:5f:ac:19:fd:
7c:15:6c:8a:b0:b6:e5:fd:75:d4:3b:60:8a:2b:08:a8:b7:f3:
ec:de:cd:87:6c:03:f2:00:80:69:4b:4d:68:20:13:4d:a0:8b:
f0:d6:0b:6d:e2:ac:43:df:69:c3:c6:95:16:2b:69:d2:ad:cb:
54:98:51:84:68:00:00:a2:db:0d:21:f1:48:bb:fb:f1:bc:b9:
f2:60:f3:40:ce:c2:f6:73:12:a3:5c:ff:c4:4d:9b:00:d3:f6:
42:25:f9:7e:0f:cf:93:32:0b:c0:bf:f2:e8:33:e7:f1:8e:36:
3c:67:89:a9:3a:9d:3c:ee:08:f4:ee:d5:07:21:81:b7:3e:c3:
13:ee:f4:10
-----BEGIN CERTIFICATE-----
MIIFIjCCBAqgAwIBAgIEAWODMzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
MDVjNmFmM2QwMjI2MjBmNzJjNTNiNzcwZTgyZTVjNzNhZTU1MDZkMB4XDTIyMDEw
MTE1MDEyMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNTU1YzQ5MjY3ZGFi
ZDkxYTA4OTA0MGYxNjE3MDYwOWMwZGFlMDFhMjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMTZbcWAJgEoaeTGXK8FLguGhOOMJeQHoigHp61S2yhLssMB
A00f4Kq7lEZaQUXlrAlb+KzLNPPhyAbTNSLoLzTVUS+KnWG7Dza5h5sJLxWksJ1S
SSVdddsw43lcDBo2ElKnksM2ufPJ9nm0/wG2AVygYYOwII6NJCXLqPq/jM9z1/D7
cYBmBab9gFYhRlHM53myC0UejMJT+RE8XVLKzRDuvuC5Iql6f+SD42N6uhMQG1J2
M3Fk4HZGW3tgAjSrZ1j/5zYfHkB+WHHOsbZZWwBvAMS1muMQ/FCpbquSc44qkoQR
sKx3c4WtWjZlVdLJS0imrO7pgp+zcPxKRX2+7UMCAwEAAaOCAjwwggI4MB0GA1Ud
DgQWBBRVXEkmfavZGgiQQPFhcGCcDa4BojAfBgNVHSMEGDAWgBTwXGrz0CJiD3LF
O3cOguXHOuVQbTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzhGeHE4OUFpWWc5eXhUdDNEb0xseHpybFVHMC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMTAvZjdiN2MyLTVkOGQtNGU4OC04NDU0LTBhNTMyMTU2YjJhNi8x
L1ZWeEpKbjJyMlJvSWtFRHhZWEJnbkEydUFhSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTAv
ZjdiN2MyLTVkOGQtNGU4OC04NDU0LTBhNTMyMTU2YjJhNi8xLzhGeHE4OUFpWWc5
eXhUdDNEb0xseHpybFVHMC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBS
BggrBgEFBQcBBwEB/wRDMEEwMAQCAAEwKgMEBUJhwAMEA1OPeAMEBFXKEAMEAlvE
rAMEAsG7oAMEAsHvMAMEAcHvqDANBAIAAjAHAwUDKgbyQDANBgkqhkiG9w0BAQsF
AAOCAQEALF/duNTb/KD1a3CF+H4YXfba2JnXovj+bIhozYqmRIXH5WgnmRVXiEkd
khSZ5umS3iuOzOnR35RhqgQjzsIfQAseGYb+evNqUHmDotrIs/D29rfoqwheDbXo
GbEQvtG7IVxcvYcJk+2/LCJiDKAAfzXtVtxq5Yox6xFfrBn9fBVsirC25f111Dtg
iisIqLfz7N7Nh2wD8gCAaUtNaCATTaCL8NYLbeKsQ99pw8aVFitp0q3LVJhRhGgA
AKLbDSHxSLv78by58mDzQM7C9nMSo1z/xE2bANP2QiX5fg/PkzILwL/y6DPn8Y42
PGeJqTqdPO4I9O7VByGBtz7DE+70EA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:53:57 2024 by rpki-client on console-ams.rpki-client.org