Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/7cecc7-f63d-43fc-b219-3955959eaf81/1/VEDADFPLgY-epHe5RNA0-qDsDA4.roa
File: VEDADFPLgY-epHe5RNA0-qDsDA4.roa (raw, json)
Hash identifier: 6CVubaddQTzpGJrL2GuYHqOsGIqcyvI/Wmwa+1i0URo=
Subject key identifier: 54:40:C0:0C:53:CB:81:8F:9E:A4:77:B9:44:D0:34:FA:A0:EC:0C:0E
Certificate issuer: /CN=458d12f095053c35876b88b47685d6435421fcf2
Certificate serial: 0D24D76E
Authority key identifier: 45:8D:12:F0:95:05:3C:35:87:6B:88:B4:76:85:D6:43:54:21:FC:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RY0S8JUFPDWHa4i0doXWQ1Qh_PI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3a/7cecc7-f63d-43fc-b219-3955959eaf81/1/VEDADFPLgY-epHe5RNA0-qDsDA4.roa
Signing time: Sat 02 Jul 2022 07:43:25 +0000
ROA not before: Sat 02 Jul 2022 07:43:25 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 49981
IP address blocks: 79.132.137.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 220518254 (0xd24d76e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=458d12f095053c35876b88b47685d6435421fcf2
Validity
Not Before: Jul 2 07:43:25 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5440c00c53cb818f9ea477b944d034faa0ec0c0e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:cf:36:49:c1:0b:f8:ce:d5:25:eb:00:86:08:
57:cc:8e:99:57:92:72:24:13:0a:42:c5:89:63:f5:
28:52:2e:55:a7:fc:23:8b:54:bc:b4:1f:67:43:f2:
13:af:67:2c:2d:ee:04:07:fc:ab:a3:81:d7:76:db:
7e:d2:c2:be:08:f3:39:11:79:2a:2e:17:d9:6b:58:
a8:74:46:5e:ce:4e:ac:44:33:72:d2:5e:ba:73:5e:
86:6c:ed:56:d8:89:fa:3f:b9:e8:c0:21:40:21:62:
fd:22:d2:59:fb:34:c0:b6:d6:90:9c:a3:38:5c:ae:
ca:e7:1a:0f:c7:9a:56:21:1c:b2:f8:34:b6:cf:dd:
5b:d5:fd:b2:7c:aa:94:ae:55:22:f7:60:e3:31:83:
47:36:e2:5f:2c:75:9b:29:70:c7:70:4b:50:b8:ea:
92:e9:25:19:f7:8d:69:c6:bc:f7:e6:de:10:10:88:
c3:00:9b:99:25:a7:ad:25:39:cb:4c:99:87:11:87:
a4:f1:ad:b6:22:61:8d:31:e1:52:78:f3:6a:1c:c3:
c7:7d:fa:27:09:e7:81:f0:88:e7:b0:3f:d0:d0:1a:
5c:5b:5b:64:b1:e8:b4:45:08:15:8a:85:28:81:83:
5b:21:2c:b8:fe:8b:78:60:74:a1:42:e4:15:94:3a:
54:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:40:C0:0C:53:CB:81:8F:9E:A4:77:B9:44:D0:34:FA:A0:EC:0C:0E
X509v3 Authority Key Identifier:
keyid:45:8D:12:F0:95:05:3C:35:87:6B:88:B4:76:85:D6:43:54:21:FC:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RY0S8JUFPDWHa4i0doXWQ1Qh_PI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/7cecc7-f63d-43fc-b219-3955959eaf81/1/VEDADFPLgY-epHe5RNA0-qDsDA4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/7cecc7-f63d-43fc-b219-3955959eaf81/1/RY0S8JUFPDWHa4i0doXWQ1Qh_PI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.132.137.0/24
Signature Algorithm: sha256WithRSAEncryption
24:b9:7f:78:45:c7:15:8d:fb:8f:fb:cd:89:7a:57:59:56:17:
79:61:79:25:14:30:41:bb:b2:03:cd:6c:1e:7d:04:72:be:31:
e8:dd:21:75:c6:4f:2a:5f:6d:64:4f:de:04:7f:e6:8a:0a:37:
3e:ab:fd:58:72:27:3b:10:8b:8d:91:90:b1:af:7e:ba:86:e8:
3c:f4:c8:bd:04:33:de:86:f2:83:3c:4a:35:87:e2:3c:b3:8c:
90:4d:01:e4:89:bc:e4:19:c1:12:52:b1:63:0d:4b:83:d7:cb:
cd:7e:b7:8b:fe:d4:ac:46:5f:13:b8:dd:8f:f8:18:e0:5a:09:
f5:10:53:2f:ca:a8:b5:f1:54:1c:88:be:94:62:97:75:93:ce:
dd:d9:de:af:88:a8:ab:06:bf:8c:be:5e:fc:3e:1d:c3:c5:2d:
03:fa:6e:3e:3d:a0:99:65:f8:7c:99:26:92:4a:dd:89:32:c9:
4e:88:4e:6e:00:4e:d7:b5:70:38:24:5c:23:48:2e:8a:f9:e9:
f8:ee:5c:49:91:65:0e:31:c6:13:b0:d5:5e:12:0a:e1:b7:14:
c0:ef:4a:8c:72:96:3a:f1:35:ae:72:0f:df:cb:bc:ec:18:ac:
17:c6:e4:38:1a:05:75:67:b2:ae:89:a5:d7:95:85:56:4b:5e:
6b:fc:c2:41
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEDSTXbjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
NThkMTJmMDk1MDUzYzM1ODc2Yjg4YjQ3Njg1ZDY0MzU0MjFmY2YyMB4XDTIyMDcw
MjA3NDMyNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNTQ0MGMwMGM1M2Ni
ODE4ZjllYTQ3N2I5NDRkMDM0ZmFhMGVjMGMwZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMXPNknBC/jO1SXrAIYIV8yOmVeSciQTCkLFiWP1KFIuVaf8
I4tUvLQfZ0PyE69nLC3uBAf8q6OB13bbftLCvgjzORF5Ki4X2WtYqHRGXs5OrEQz
ctJeunNehmztVtiJ+j+56MAhQCFi/SLSWfs0wLbWkJyjOFyuyucaD8eaViEcsvg0
ts/dW9X9snyqlK5VIvdg4zGDRzbiXyx1mylwx3BLULjqkuklGfeNaca89+beEBCI
wwCbmSWnrSU5y0yZhxGHpPGttiJhjTHhUnjzahzDx336JwnngfCI57A/0NAaXFtb
ZLHotEUIFYqFKIGDWyEsuP6LeGB0oULkFZQ6VO0CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRUQMAMU8uBj56kd7lE0DT6oOwMDjAfBgNVHSMEGDAWgBRFjRLwlQU8NYdr
iLR2hdZDVCH88jAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1JZMFM4SlVGUERXSGE0aTBkb1hXUTFRaF9QSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvM2EvN2NlY2M3LWY2M2QtNDNmYy1iMjE5LTM5NTU5NTllYWY4MS8x
L1ZFREFERlBMZ1ktZXBIZTVSTkEwLXFEc0RBNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvM2Ev
N2NlY2M3LWY2M2QtNDNmYy1iMjE5LTM5NTU5NTllYWY4MS8xL1JZMFM4SlVGUERX
SGE0aTBkb1hXUTFRaF9QSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAE+EiTANBgkqhkiG9w0BAQsFAAOC
AQEAJLl/eEXHFY37j/vNiXpXWVYXeWF5JRQwQbuyA81sHn0Ecr4x6N0hdcZPKl9t
ZE/eBH/migo3Pqv9WHInOxCLjZGQsa9+uoboPPTIvQQz3obygzxKNYfiPLOMkE0B
5Im85BnBElKxYw1Lg9fLzX63i/7UrEZfE7jdj/gY4FoJ9RBTL8qotfFUHIi+lGKX
dZPO3dner4ioqwa/jL5e/D4dw8UtA/puPj2gmWX4fJkmkkrdiTLJTohObgBO17Vw
OCRcI0guivnp+O5cSZFlDjHGE7DVXhIK4bcUwO9KjHKWOvE1rnIP38u87BisF8bk
OBoFdWeyroml15WFVktea/zCQQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:26:02 2024 by rpki-client on console-fra.rpki-client.org