Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/098d13-6d6d-4294-9753-a8773de768f7/1/vcHvD9uxjccqYb8WYx6JMAev06E.roa
File: vcHvD9uxjccqYb8WYx6JMAev06E.roa (raw, json)
Hash identifier: qQMLfH61d6tthdjZqCXhk7xe/1AwnTe7VXcV8ZudmK8=
Subject key identifier: BD:C1:EF:0F:DB:B1:8D:C7:2A:61:BF:16:63:1E:89:30:07:AF:D3:A1
Certificate issuer: /CN=00aff6b4effe7c363ef200f6f3e5888b915ba681
Certificate serial: 01842DAFD9398714EA911DD54AD60BB2CF3C
Authority key identifier: 00:AF:F6:B4:EF:FE:7C:36:3E:F2:00:F6:F3:E5:88:8B:91:5B:A6:81
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AK_2tO_-fDY-8gD28-WIi5FbpoE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/098d13-6d6d-4294-9753-a8773de768f7/1/vcHvD9uxjccqYb8WYx6JMAev06E.roa
Signing time: Mon 31 Oct 2022 10:56:49 +0000
ROA not before: Mon 31 Oct 2022 10:56:49 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 60721
IP address blocks: 89.46.8.0/24 maxlen: 24
93.114.63.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:2d:af:d9:39:87:14:ea:91:1d:d5:4a:d6:0b:b2:cf:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=00aff6b4effe7c363ef200f6f3e5888b915ba681
Validity
Not Before: Oct 31 10:56:49 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=bdc1ef0fdbb18dc72a61bf16631e893007afd3a1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:2e:23:15:ca:57:20:05:75:a5:86:04:fc:88:
c5:e7:9b:e6:a9:af:b2:92:ca:a7:91:1e:01:06:28:
b7:e2:c5:23:b5:97:d4:8b:02:be:d5:a4:68:71:3c:
8c:c6:2c:68:cd:0a:a5:3a:86:d1:fc:ce:76:44:a4:
b4:b9:5d:12:6d:00:34:36:0e:a3:9a:90:9e:65:19:
0e:24:8f:11:87:43:a5:fc:2b:a1:c0:83:c2:55:55:
a9:67:eb:fd:f0:31:a5:de:7d:48:b4:13:63:16:c4:
54:60:2b:4d:d5:72:5a:2c:b0:d6:aa:01:f3:1a:46:
dc:c2:f5:a3:ba:dd:16:fd:d0:32:da:d1:80:15:37:
66:13:64:bd:4b:ce:ca:0e:2c:55:ea:ee:46:cf:47:
c6:c5:39:6c:d0:ed:8a:a4:e0:fb:d5:e3:61:45:0c:
08:9a:df:2d:c8:af:d8:bc:f8:d7:a0:b3:fb:9f:f2:
25:8e:86:be:81:0c:58:42:6c:bc:c2:f0:2c:51:13:
15:e3:c8:a5:24:74:e1:64:85:99:bb:37:48:60:04:
15:11:22:99:48:08:18:41:69:05:e7:1b:91:df:78:
c4:59:39:c1:07:fd:dd:d1:0c:6c:7f:3c:35:41:68:
d7:2f:9a:73:17:11:fb:73:56:b6:3a:c3:00:b1:ff:
f5:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:C1:EF:0F:DB:B1:8D:C7:2A:61:BF:16:63:1E:89:30:07:AF:D3:A1
X509v3 Authority Key Identifier:
keyid:00:AF:F6:B4:EF:FE:7C:36:3E:F2:00:F6:F3:E5:88:8B:91:5B:A6:81
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AK_2tO_-fDY-8gD28-WIi5FbpoE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/098d13-6d6d-4294-9753-a8773de768f7/1/vcHvD9uxjccqYb8WYx6JMAev06E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/098d13-6d6d-4294-9753-a8773de768f7/1/AK_2tO_-fDY-8gD28-WIi5FbpoE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.46.8.0/24
93.114.63.0/24
Signature Algorithm: sha256WithRSAEncryption
7f:c0:0a:90:a8:a5:08:a8:25:47:bb:f4:68:92:e3:07:c1:7c:
03:84:c1:5c:0b:28:89:90:ed:64:d3:76:fe:77:c2:fd:43:72:
59:a5:45:db:f7:01:c6:7e:f1:e1:a2:43:b1:1d:54:2b:eb:c1:
61:5e:7a:1b:9f:8c:c6:c9:48:18:9b:02:ad:7e:c4:3d:55:55:
ad:fb:bd:6b:b8:7a:a7:ec:98:f4:d6:ba:39:e0:99:d9:28:61:
88:84:0d:d2:b4:bd:48:46:60:42:c9:1d:09:cd:9a:71:d4:79:
ee:24:38:2f:30:c2:70:9e:24:de:68:b4:ff:25:50:1f:63:61:
88:05:ce:2b:15:cb:aa:7c:4a:f6:24:82:d6:20:35:03:0b:8c:
ef:77:27:c4:f2:25:11:68:97:74:b6:77:02:a6:8d:95:60:33:
93:ff:ee:82:28:f0:47:a7:e9:60:7a:5d:dd:12:2a:2c:1f:b4:
1a:57:78:af:a2:aa:3d:3b:3d:2b:12:b4:d9:66:e5:71:42:af:
35:7d:99:0f:c2:c6:b3:63:9c:df:c3:20:16:70:83:a5:a3:3a:
e5:46:83:10:1a:b8:45:cd:cc:97:c0:99:f6:24:53:6f:1c:d0:
73:b0:a4:d8:5c:3d:cb:c6:09:ac:e5:d9:a4:86:60:62:93:11:
9e:ea:67:cc
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYQtr9k5hxTqkR3VStYLss88MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAwYWZmNmI0ZWZmZTdjMzYzZWYyMDBmNmYzZTU4ODhiOTE1
YmE2ODEwHhcNMjIxMDMxMTA1NjQ5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZGMxZWYwZmRiYjE4ZGM3MmE2MWJmMTY2MzFlODkzMDA3YWZkM2ExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoC4jFcpXIAV1pYYE/IjF55vmqa+y
ksqnkR4BBii34sUjtZfUiwK+1aRocTyMxixozQqlOobR/M52RKS0uV0SbQA0Ng6j
mpCeZRkOJI8Rh0Ol/CuhwIPCVVWpZ+v98DGl3n1ItBNjFsRUYCtN1XJaLLDWqgHz
GkbcwvWjut0W/dAy2tGAFTdmE2S9S87KDixV6u5Gz0fGxTls0O2KpOD71eNhRQwI
mt8tyK/YvPjXoLP7n/Iljoa+gQxYQmy8wvAsURMV48ilJHThZIWZuzdIYAQVESKZ
SAgYQWkF5xuR33jEWTnBB/3d0Qxsfzw1QWjXL5pzFxH7c1a2OsMAsf/1zwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFL3B7w/bsY3HKmG/FmMeiTAHr9OhMB8GA1UdIwQY
MBaAFACv9rTv/nw2PvIA9vPliIuRW6aBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQUtfMnRPXy1mRFktOGdEMjgtV0lpNUZicG9FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC8wOThkMTMtNmQ2ZC00Mjk0LTk3NTMt
YTg3NzNkZTc2OGY3LzEvdmNIdkQ5dXhqY2NxWWI4V1l4NkpNQWV2MDZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC8wOThkMTMtNmQ2ZC00Mjk0LTk3NTMtYTg3NzNkZTc2OGY3
LzEvQUtfMnRPXy1mRFktOGdEMjgtV0lpNUZicG9FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAWS4IAwQA
XXI/MA0GCSqGSIb3DQEBCwUAA4IBAQB/wAqQqKUIqCVHu/RokuMHwXwDhMFcCyiJ
kO1k03b+d8L9Q3JZpUXb9wHGfvHhokOxHVQr68FhXnobn4zGyUgYmwKtfsQ9VVWt
+71ruHqn7Jj01ro54JnZKGGIhA3StL1IRmBCyR0JzZpx1HnuJDgvMMJwniTeaLT/
JVAfY2GIBc4rFcuqfEr2JILWIDUDC4zvdyfE8iURaJd0tncCpo2VYDOT/+6CKPBH
p+lgel3dEiosH7QaV3ivoqo9Oz0rErTZZuVxQq81fZkPwsazY5zfwyAWcIOlozrl
RoMQGrhFzcyXwJn2JFNvHNBzsKTYXD3Lxgms5dmkhmBikxGe6mfM
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:17:46 2025 by rpki-client