Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/7a87a0-8014-4605-9fb5-9e71dc24a683/1/VALrGQynlqdoV8u552XQv6Ad8hM.roa
File: VALrGQynlqdoV8u552XQv6Ad8hM.roa (raw, json)
Hash identifier: /NzXqQbSw81Q4lCNOPIpDAasNd/lax/GixLMgrTzB6w=
Subject key identifier: 54:02:EB:19:0C:A7:96:A7:68:57:CB:B9:E7:65:D0:BF:A0:1D:F2:13
Certificate issuer: /CN=2f93d3ba197f5ce3098bfa7700b43854eaa80e9e
Certificate serial: 0486495D
Authority key identifier: 2F:93:D3:BA:19:7F:5C:E3:09:8B:FA:77:00:B4:38:54:EA:A8:0E:9E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/L5PTuhl_XOMJi_p3ALQ4VOqoDp4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/24/7a87a0-8014-4605-9fb5-9e71dc24a683/1/VALrGQynlqdoV8u552XQv6Ad8hM.roa
Signing time: Fri 08 Apr 2022 09:24:33 +0000
ROA not before: Fri 08 Apr 2022 09:24:33 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 200918
IP address blocks: 185.32.182.0/23 maxlen: 23
185.30.160.0/23 maxlen: 23
185.144.98.0/24 maxlen: 24
185.91.116.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 75909469 (0x486495d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2f93d3ba197f5ce3098bfa7700b43854eaa80e9e
Validity
Not Before: Apr 8 09:24:33 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5402eb190ca796a76857cbb9e765d0bfa01df213
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:6d:f3:1c:05:85:d4:39:22:73:6e:b6:d7:02:
4a:e6:49:43:b8:95:1b:f8:6d:be:4b:d3:44:b3:ec:
a9:b7:49:ad:da:fa:e4:d6:57:11:29:a5:d5:0e:b8:
90:79:10:12:21:83:bf:af:e0:22:af:47:53:6e:36:
f2:8d:81:7a:df:ad:9f:ab:81:50:ac:8c:98:23:ac:
7d:89:4a:a8:3c:5d:4f:ee:77:fe:1a:4c:0d:c8:47:
93:58:19:70:ad:dc:b7:cc:3c:e3:ae:31:23:76:10:
59:92:75:51:bc:98:50:7d:d3:c2:f8:f7:48:3e:4d:
e2:a4:c9:b9:e0:e1:a5:0b:e3:0b:58:60:22:23:59:
28:02:23:7a:ab:2d:f1:65:58:76:1f:25:a6:bf:37:
eb:fa:f1:e0:45:d4:5e:40:47:6c:29:72:6c:5e:7f:
33:5d:f2:8e:1c:36:02:70:10:7d:f4:f1:79:00:81:
e8:a6:3a:64:95:42:a0:8c:95:8e:7d:3d:5f:73:01:
8a:f4:1d:e8:e4:a1:aa:dd:55:9d:bd:4f:43:db:6c:
d8:d7:96:03:a5:71:e7:9e:a3:2f:05:b9:ad:9f:c4:
ef:a6:08:30:ba:51:e3:74:8f:35:ed:f7:6c:b4:15:
8a:dd:da:5a:14:d4:06:aa:d6:2e:b4:b1:90:3f:e8:
de:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:02:EB:19:0C:A7:96:A7:68:57:CB:B9:E7:65:D0:BF:A0:1D:F2:13
X509v3 Authority Key Identifier:
keyid:2F:93:D3:BA:19:7F:5C:E3:09:8B:FA:77:00:B4:38:54:EA:A8:0E:9E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/L5PTuhl_XOMJi_p3ALQ4VOqoDp4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/7a87a0-8014-4605-9fb5-9e71dc24a683/1/VALrGQynlqdoV8u552XQv6Ad8hM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/24/7a87a0-8014-4605-9fb5-9e71dc24a683/1/L5PTuhl_XOMJi_p3ALQ4VOqoDp4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.30.160.0/23
185.32.182.0/23
185.91.116.0/22
185.144.98.0/24
Signature Algorithm: sha256WithRSAEncryption
6f:11:30:cf:77:18:de:7d:33:ca:7c:4f:b2:d8:8c:8f:fc:0a:
c2:5e:8c:93:d4:b7:09:26:d2:9e:36:21:fc:cf:45:91:69:3e:
1f:40:1c:ed:35:8c:b8:cc:fb:fb:d8:b8:aa:12:97:17:77:89:
19:56:04:88:5b:80:06:6e:0c:ec:46:d1:5b:b4:b4:22:9e:55:
f5:73:10:04:6d:97:5e:79:1b:8a:38:46:3f:a5:f6:3c:8e:aa:
56:13:fb:ee:53:90:f6:a5:44:49:66:9f:68:b9:90:76:ef:cc:
21:87:2e:d9:86:e8:09:82:44:70:c3:26:dd:41:dc:02:60:70:
af:93:4f:c1:78:67:3d:98:d1:38:b2:ae:6e:cb:7b:dd:04:66:
fc:55:fb:3d:69:e9:79:95:ff:14:f3:1e:41:9a:09:5e:ae:6d:
05:e0:ef:a9:1e:e3:83:85:84:9a:6a:ca:a7:09:df:11:e5:27:
5a:75:a0:b5:c5:6a:bf:df:60:96:0b:be:c4:12:d2:84:17:ad:
6c:19:2c:26:f6:88:1e:18:a8:cf:de:a2:92:f2:d8:5d:e8:a6:
18:70:2c:08:5e:e6:cc:0f:6b:c7:12:c7:8f:ce:35:9d:87:1d:
60:94:93:6b:ca:90:33:e4:ff:c6:6d:f4:10:58:65:69:67:c3:
5f:91:1c:81
-----BEGIN CERTIFICATE-----
MIIFATCCA+mgAwIBAgIEBIZJXTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
ZjkzZDNiYTE5N2Y1Y2UzMDk4YmZhNzcwMGI0Mzg1NGVhYTgwZTllMB4XDTIyMDQw
ODA5MjQzM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNTQwMmViMTkwY2E3
OTZhNzY4NTdjYmI5ZTc2NWQwYmZhMDFkZjIxMzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKht8xwFhdQ5InNuttcCSuZJQ7iVG/htvkvTRLPsqbdJrdr6
5NZXESml1Q64kHkQEiGDv6/gIq9HU2428o2Bet+tn6uBUKyMmCOsfYlKqDxdT+53
/hpMDchHk1gZcK3ct8w8464xI3YQWZJ1UbyYUH3Twvj3SD5N4qTJueDhpQvjC1hg
IiNZKAIjeqst8WVYdh8lpr836/rx4EXUXkBHbClybF5/M13yjhw2AnAQffTxeQCB
6KY6ZJVCoIyVjn09X3MBivQd6OShqt1Vnb1PQ9ts2NeWA6Vx556jLwW5rZ/E76YI
MLpR43SPNe33bLQVit3aWhTUBqrWLrSxkD/o3vcCAwEAAaOCAhswggIXMB0GA1Ud
DgQWBBRUAusZDKeWp2hXy7nnZdC/oB3yEzAfBgNVHSMEGDAWgBQvk9O6GX9c4wmL
+ncAtDhU6qgOnjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0w1UFR1aGxfWE9NSmlfcDNBTFE0Vk9xb0RwNC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjQvN2E4N2EwLTgwMTQtNDYwNS05ZmI1LTllNzFkYzI0YTY4My8x
L1ZBTHJHUXlubHFkb1Y4dTU1MlhRdjZBZDhoTS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjQv
N2E4N2EwLTgwMTQtNDYwNS05ZmI1LTllNzFkYzI0YTY4My8xL0w1UFR1aGxfWE9N
SmlfcDNBTFE0Vk9xb0RwNC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAx
BggrBgEFBQcBBwEB/wQiMCAwHgQCAAEwGAMEAbkeoAMEAbkgtgMEArlbdAMEALmQ
YjANBgkqhkiG9w0BAQsFAAOCAQEAbxEwz3cY3n0zynxPstiMj/wKwl6Mk9S3CSbS
njYh/M9FkWk+H0Ac7TWMuMz7+9i4qhKXF3eJGVYEiFuABm4M7EbRW7S0Ip5V9XMQ
BG2XXnkbijhGP6X2PI6qVhP77lOQ9qVESWafaLmQdu/MIYcu2YboCYJEcMMm3UHc
AmBwr5NPwXhnPZjROLKubst73QRm/FX7PWnpeZX/FPMeQZoJXq5tBeDvqR7jg4WE
mmrKpwnfEeUnWnWgtcVqv99glgu+xBLShBetbBksJvaIHhioz96ikvLYXeimGHAs
CF7mzA9rxxLHj841nYcdYJSTa8qQM+T/xm30EFhlaWfDX5EcgQ==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:45:21 2023 by rpki-client on console-fra.rpki-client.org