Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/vhc2eaDxUKPBEwWHehSfAPlzt9Y.roa
File: vhc2eaDxUKPBEwWHehSfAPlzt9Y.roa (raw, json)
Hash identifier: TtF0RGDCWmDoNWVe91BpDCZwUkw0RvBpyA2WBIXDczA=
Subject key identifier: BE:17:36:79:A0:F1:50:A3:C1:13:05:87:7A:14:9F:00:F9:73:B7:D6
Certificate issuer: /CN=ccd76159bfd9e337523ee930f3df111d6bae7306
Certificate serial: 018570D558F5E5D36294352E5D3E00FE0053
Authority key identifier: CC:D7:61:59:BF:D9:E3:37:52:3E:E9:30:F3:DF:11:1D:6B:AE:73:06
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zNdhWb_Z4zdSPukw898RHWuucwY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/vhc2eaDxUKPBEwWHehSfAPlzt9Y.roa
Signing time: Mon 02 Jan 2023 04:55:08 +0000
ROA not before: Mon 02 Jan 2023 04:55:08 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 41957
IP address blocks: 194.147.89.0/24 maxlen: 24
185.21.141.0/24 maxlen: 24
194.93.59.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:d5:58:f5:e5:d3:62:94:35:2e:5d:3e:00:fe:00:53
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ccd76159bfd9e337523ee930f3df111d6bae7306
Validity
Not Before: Jan 2 04:55:08 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=be173679a0f150a3c11305877a149f00f973b7d6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:8e:cd:e9:85:92:1f:2b:40:7c:f0:09:c7:db:
9f:f5:5b:1c:ec:82:98:9b:24:af:c6:3f:5e:2e:fd:
5b:45:99:c2:49:d2:3d:5e:7f:94:24:97:20:4b:c6:
49:a4:c1:d3:f2:71:84:cb:3b:28:69:29:12:69:98:
05:37:5a:02:eb:3e:37:dd:32:b8:fc:fd:53:b8:8d:
a8:d3:30:86:18:d4:23:9b:0b:b9:2d:2c:a2:8f:22:
ef:6c:bb:61:7d:d5:33:b1:4f:e6:4f:10:70:f6:aa:
42:12:df:3b:0f:5e:54:8c:5e:87:15:a0:c7:48:1d:
5b:31:08:e0:aa:14:c3:55:41:06:bb:f9:84:ed:10:
65:12:9f:f5:21:cd:ae:c2:a3:ad:d0:e0:cc:fa:74:
ad:f5:de:bb:87:c9:bb:50:a8:dd:99:06:16:a5:24:
a6:6d:29:d1:48:0a:60:73:a2:a4:23:19:0b:47:df:
18:13:5d:84:3b:20:34:d7:9e:39:a9:07:55:32:ee:
6b:87:cd:58:81:fc:81:d8:b0:17:68:e5:c0:ee:9e:
6c:42:b3:98:e0:47:b3:b8:65:e1:7b:ba:0f:65:f0:
80:72:c6:4b:c5:01:80:de:d0:40:4e:d5:65:d8:c0:
f9:9b:ad:62:13:ca:62:23:ec:da:b2:7f:09:39:cc:
e0:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:17:36:79:A0:F1:50:A3:C1:13:05:87:7A:14:9F:00:F9:73:B7:D6
X509v3 Authority Key Identifier:
keyid:CC:D7:61:59:BF:D9:E3:37:52:3E:E9:30:F3:DF:11:1D:6B:AE:73:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zNdhWb_Z4zdSPukw898RHWuucwY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/vhc2eaDxUKPBEwWHehSfAPlzt9Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/zNdhWb_Z4zdSPukw898RHWuucwY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.21.141.0/24
194.93.59.0/24
194.147.89.0/24
Signature Algorithm: sha256WithRSAEncryption
b5:fc:c7:8f:ef:ed:e5:c3:ad:32:0a:89:7f:5a:b3:8d:01:07:
d1:ba:75:20:00:75:21:a4:e6:a4:2d:9b:2b:9e:8b:05:55:a2:
75:80:ad:ae:7e:c2:40:4a:43:54:52:0d:53:ad:42:3e:62:c5:
59:dc:a2:9e:9c:ae:aa:76:c0:8c:a7:3f:88:3a:c1:30:82:1f:
7b:64:15:68:32:30:25:01:42:d9:40:80:1e:35:37:b7:9a:7d:
98:8c:3a:56:37:e9:2f:51:3c:b9:7b:a5:07:96:8b:84:0b:7a:
e3:4a:b8:6e:0f:f8:02:27:9b:3e:4b:8f:27:e3:72:57:dc:8c:
43:eb:f2:a9:f3:8b:62:32:72:4f:74:30:2f:d6:d0:14:c0:c9:
96:b1:57:13:b9:47:f6:c5:56:6b:3a:3e:88:44:a7:16:9f:42:
76:1d:59:08:a5:b7:c8:30:f2:bb:2b:4c:bf:02:5b:7b:59:26:
33:c0:db:dd:9f:fa:8f:86:54:56:fd:89:d3:a6:d5:b3:15:6c:
e4:54:08:e2:80:c5:79:a0:b6:e9:f8:a1:e3:69:6a:f2:bf:7b:
d3:2f:fa:e5:cd:0e:2f:ed:e2:7e:6c:c4:f2:fd:6e:5e:2a:1e:
f4:ac:a2:51:f1:24:f6:f2:03:fd:91:94:5d:b0:dd:f7:7c:5b:
3b:70:00:74
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVw1Vj15dNilDUuXT4A/gBTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNjZDc2MTU5YmZkOWUzMzc1MjNlZTkzMGYzZGYxMTFkNmJh
ZTczMDYwHhcNMjMwMTAyMDQ1NTA4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZTE3MzY3OWEwZjE1MGEzYzExMzA1ODc3YTE0OWYwMGY5NzNiN2Q2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhI7N6YWSHytAfPAJx9uf9Vsc7IKY
mySvxj9eLv1bRZnCSdI9Xn+UJJcgS8ZJpMHT8nGEyzsoaSkSaZgFN1oC6z433TK4
/P1TuI2o0zCGGNQjmwu5LSyijyLvbLthfdUzsU/mTxBw9qpCEt87D15UjF6HFaDH
SB1bMQjgqhTDVUEGu/mE7RBlEp/1Ic2uwqOt0ODM+nSt9d67h8m7UKjdmQYWpSSm
bSnRSApgc6KkIxkLR98YE12EOyA01545qQdVMu5rh81YgfyB2LAXaOXA7p5sQrOY
4EezuGXhe7oPZfCAcsZLxQGA3tBATtVl2MD5m61iE8piI+zasn8JOczg/wIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFL4XNnmg8VCjwRMFh3oUnwD5c7fWMB8GA1UdIwQY
MBaAFMzXYVm/2eM3Uj7pMPPfER1rrnMGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvek5kaFdiX1o0emRTUHVrdzg5OFJIV3V1Y3dZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MC9mNmFkYTEtN2U4YS00YjNlLWI3ZTgt
Zjg1ODlmNjgyNjkxLzEvdmhjMmVhRHhVS1BCRXdXSGVoU2ZBUGx6dDlZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MC9mNmFkYTEtN2U4YS00YjNlLWI3ZTgtZjg1ODlmNjgyNjkx
LzEvek5kaFdiX1o0emRTUHVrdzg5OFJIV3V1Y3dZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAuRWNAwQA
wl07AwQAwpNZMA0GCSqGSIb3DQEBCwUAA4IBAQC1/MeP7+3lw60yCol/WrONAQfR
unUgAHUhpOakLZsrnosFVaJ1gK2ufsJASkNUUg1TrUI+YsVZ3KKenK6qdsCMpz+I
OsEwgh97ZBVoMjAlAULZQIAeNTe3mn2YjDpWN+kvUTy5e6UHlouEC3rjSrhuD/gC
J5s+S48n43JX3IxD6/Kp84tiMnJPdDAv1tAUwMmWsVcTuUf2xVZrOj6IRKcWn0J2
HVkIpbfIMPK7K0y/Alt7WSYzwNvdn/qPhlRW/YnTptWzFWzkVAjigMV5oLbp+KHj
aWryv3vTL/rlzQ4v7eJ+bMTy/W5eKh70rKJR8ST28gP9kZRdsN33fFs7cAB0
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:17 2024 by rpki-client on console-fra.rpki-client.org