Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/46/7181a6-7ff4-40ba-93df-7885b7b8371c/1/VVIML9_7VyDZg8QUXYRgWkvKwgQ.roa
File: VVIML9_7VyDZg8QUXYRgWkvKwgQ.roa (raw, json)
Hash identifier: WoozXvWOk30oTxQwYbFNRfl1HA9anMti2CjtCstpiXc=
Subject key identifier: 55:52:0C:2F:DF:FB:57:20:D9:83:C4:14:5D:84:60:5A:4B:CA:C2:04
Certificate issuer: /CN=9d4ef20bb6a867eccd87fa0acae22c5bf634d51b
Certificate serial: 01856D2F29B7159768C27791F3651AC40C12
Authority key identifier: 9D:4E:F2:0B:B6:A8:67:EC:CD:87:FA:0A:CA:E2:2C:5B:F6:34:D5:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nU7yC7aoZ-zNh_oKyuIsW_Y01Rs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/46/7181a6-7ff4-40ba-93df-7885b7b8371c/1/VVIML9_7VyDZg8QUXYRgWkvKwgQ.roa
Signing time: Sun 01 Jan 2023 11:54:45 +0000
ROA not before: Sun 01 Jan 2023 11:54:45 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 198349
IP address blocks: 91.233.254.0/23 maxlen: 24
185.19.140.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:2f:29:b7:15:97:68:c2:77:91:f3:65:1a:c4:0c:12
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d4ef20bb6a867eccd87fa0acae22c5bf634d51b
Validity
Not Before: Jan 1 11:54:45 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=55520c2fdffb5720d983c4145d84605a4bcac204
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:90:4f:f0:2d:9f:66:5a:e0:d9:3b:4c:ed:06:
ea:f3:5c:48:fb:62:8c:1f:40:4e:4b:08:bb:b3:bb:
79:c2:b3:ee:de:c9:a7:f2:c1:e2:fa:80:55:22:02:
0f:4b:11:f6:56:8c:d6:c4:69:b5:e0:c1:ff:4f:23:
c9:d0:60:99:93:83:02:34:9e:5f:a1:29:5d:b3:79:
9b:d2:b1:97:01:21:5c:68:42:af:dc:69:18:0c:7a:
45:a0:e0:22:82:b8:5c:b4:86:e1:1c:84:81:f8:20:
50:65:c6:60:87:6b:cf:c6:a8:a3:52:24:38:f9:34:
c7:cd:98:34:bd:10:43:0c:20:43:7f:7b:1e:68:19:
07:82:66:f2:6a:92:08:c2:c0:0a:e7:4f:a4:02:a3:
a6:59:ba:83:3e:51:a0:6c:4d:de:bc:bd:3e:db:d2:
e9:a2:f1:2a:71:b3:b8:14:49:58:dd:78:31:3a:21:
83:ce:43:2b:92:58:af:54:a6:c4:1e:8f:91:4c:f0:
49:20:ea:fc:94:9e:66:f3:12:26:a6:a6:05:91:b5:
1c:37:41:39:ae:c6:c7:55:14:1d:57:ea:cd:98:9e:
5a:9f:09:81:62:2f:ad:0e:29:91:0e:35:50:4b:3c:
77:dc:50:ab:17:81:de:f3:f7:58:42:da:25:04:69:
7e:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:52:0C:2F:DF:FB:57:20:D9:83:C4:14:5D:84:60:5A:4B:CA:C2:04
X509v3 Authority Key Identifier:
keyid:9D:4E:F2:0B:B6:A8:67:EC:CD:87:FA:0A:CA:E2:2C:5B:F6:34:D5:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nU7yC7aoZ-zNh_oKyuIsW_Y01Rs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/46/7181a6-7ff4-40ba-93df-7885b7b8371c/1/VVIML9_7VyDZg8QUXYRgWkvKwgQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/46/7181a6-7ff4-40ba-93df-7885b7b8371c/1/nU7yC7aoZ-zNh_oKyuIsW_Y01Rs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.233.254.0/23
185.19.140.0/22
Signature Algorithm: sha256WithRSAEncryption
2a:3e:a5:84:ef:f6:73:e5:9f:dd:25:80:4d:d0:b4:e8:3f:f9:
09:52:5d:53:78:14:d5:fc:d6:d5:14:e4:d6:32:5c:d5:ec:da:
66:a8:03:01:40:5d:43:19:b0:78:fd:2d:fc:62:1b:5e:be:0a:
ca:65:24:6a:d0:19:83:41:e4:6c:99:27:19:c0:02:79:23:8e:
8d:a2:e9:d5:e7:0c:e7:0d:6b:ff:c8:0b:1e:93:b2:76:1b:8d:
20:e5:6f:f8:2e:f9:35:f4:80:55:b1:79:8d:9e:08:65:3c:52:
99:5e:32:76:7a:f6:16:b7:5f:70:71:e4:4f:c5:41:6b:50:7d:
6b:89:4b:96:e7:f7:e3:90:6e:12:95:2e:bf:bd:d0:55:be:5e:
f8:d4:02:eb:ee:b0:c7:d2:62:bd:18:f0:a5:0b:f9:26:c4:04:
82:d8:f7:17:e9:59:69:15:fa:fa:e2:0c:a5:a7:7b:be:1c:73:
0c:ae:d7:f6:c2:b5:b4:7b:27:fd:80:f8:80:47:bb:5e:ac:ac:
6f:6a:dd:6a:2e:f3:21:a5:b7:f1:47:46:79:ed:d4:a7:5f:15:
0d:fa:76:61:b6:73:18:9e:28:b5:35:78:5f:73:a1:50:43:e0:
b5:42:5b:3d:0b:93:be:22:08:c1:ee:df:e3:64:6f:20:09:6b:
0c:b0:18:24
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVtLym3FZdowneR82UaxAwSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkNGVmMjBiYjZhODY3ZWNjZDg3ZmEwYWNhZTIyYzViZjYz
NGQ1MWIwHhcNMjMwMTAxMTE1NDQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NTUyMGMyZmRmZmI1NzIwZDk4M2M0MTQ1ZDg0NjA1YTRiY2FjMjA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0pBP8C2fZlrg2TtM7Qbq81xI+2KM
H0BOSwi7s7t5wrPu3smn8sHi+oBVIgIPSxH2VozWxGm14MH/TyPJ0GCZk4MCNJ5f
oSlds3mb0rGXASFcaEKv3GkYDHpFoOAigrhctIbhHISB+CBQZcZgh2vPxqijUiQ4
+TTHzZg0vRBDDCBDf3seaBkHgmbyapIIwsAK50+kAqOmWbqDPlGgbE3evL0+29Lp
ovEqcbO4FElY3XgxOiGDzkMrklivVKbEHo+RTPBJIOr8lJ5m8xImpqYFkbUcN0E5
rsbHVRQdV+rNmJ5anwmBYi+tDimRDjVQSzx33FCrF4He8/dYQtolBGl+NQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFFVSDC/f+1cg2YPEFF2EYFpLysIEMB8GA1UdIwQY
MBaAFJ1O8gu2qGfszYf6CsriLFv2NNUbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblU3eUM3YW9aLXpOaF9vS3l1SXNXX1kwMVJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ni83MTgxYTYtN2ZmNC00MGJhLTkzZGYt
Nzg4NWI3YjgzNzFjLzEvVlZJTUw5XzdWeURaZzhRVVhZUmdXa3ZLd2dRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ni83MTgxYTYtN2ZmNC00MGJhLTkzZGYtNzg4NWI3YjgzNzFj
LzEvblU3eUM3YW9aLXpOaF9vS3l1SXNXX1kwMVJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBW+n+AwQC
uROMMA0GCSqGSIb3DQEBCwUAA4IBAQAqPqWE7/Zz5Z/dJYBN0LToP/kJUl1TeBTV
/NbVFOTWMlzV7NpmqAMBQF1DGbB4/S38YhtevgrKZSRq0BmDQeRsmScZwAJ5I46N
ounV5wznDWv/yAsek7J2G40g5W/4Lvk19IBVsXmNnghlPFKZXjJ2evYWt19wceRP
xUFrUH1riUuW5/fjkG4SlS6/vdBVvl741ALr7rDH0mK9GPClC/kmxASC2PcX6Vlp
Ffr64gylp3u+HHMMrtf2wrW0eyf9gPiAR7terKxvat1qLvMhpbfxR0Z57dSnXxUN
+nZhtnMYnii1NXhfc6FQQ+C1Qls9C5O+IgjB7t/jZG8gCWsMsBgk
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:47:22 2023 by rpki-client on console-fra.rpki-client.org