Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/54/98b2f5-75e1-4245-976d-0150c94f940d/1/vEsT534G4DzDwoaM9jy-prT2QuY.roa
File: vEsT534G4DzDwoaM9jy-prT2QuY.roa (raw, json)
Hash identifier: 7Peykl1enBR68QewaG+Rvytw1rZAxMCTvkb4ptbRXe4=
Subject key identifier: BC:4B:13:E7:7E:06:E0:3C:C3:C2:86:8C:F6:3C:BE:A6:B4:F6:42:E6
Certificate issuer: /CN=3aebf22e86444255fdf78a30c4cb0b2d91e5b757
Certificate serial: 0B82F4E8
Authority key identifier: 3A:EB:F2:2E:86:44:42:55:FD:F7:8A:30:C4:CB:0B:2D:91:E5:B7:57
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OuvyLoZEQlX994owxMsLLZHlt1c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/54/98b2f5-75e1-4245-976d-0150c94f940d/1/vEsT534G4DzDwoaM9jy-prT2QuY.roa
Signing time: Wed 04 May 2022 11:39:49 +0000
ROA not before: Wed 04 May 2022 11:39:49 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 3170
IP address blocks: 194.0.58.0/24 maxlen: 24
91.240.224.0/24 maxlen: 24
195.144.8.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 193131752 (0xb82f4e8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3aebf22e86444255fdf78a30c4cb0b2d91e5b757
Validity
Not Before: May 4 11:39:49 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=bc4b13e77e06e03cc3c2868cf63cbea6b4f642e6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:59:8f:7e:2b:25:56:80:bd:19:4e:eb:c1:56:
7a:53:c9:03:ee:a8:24:93:f4:e9:1b:99:40:1a:99:
58:b3:8e:80:3e:3d:0b:d6:0f:50:93:b2:1e:88:b3:
ca:83:b8:f3:ed:76:d6:f8:a6:f0:8e:9f:7d:64:93:
bb:79:0f:cf:32:92:97:6f:5a:58:60:a0:3e:c4:9d:
ad:44:48:c0:fc:f1:bf:d1:e6:d7:db:bc:bd:90:7c:
70:8c:f0:6e:c2:d8:e9:7f:a8:ef:74:66:c6:c7:87:
b5:cc:a2:f3:e5:b3:8e:51:fa:9c:26:e6:d9:45:74:
76:61:09:e2:da:b9:8e:68:a4:c0:61:c6:76:65:40:
53:62:f5:c8:4d:7a:4d:42:6f:20:40:1e:2e:98:e2:
af:69:be:c2:4b:8c:a8:5d:b5:a0:9f:d0:84:36:24:
46:3f:b0:8c:fb:63:cd:44:a5:2f:f4:f5:cb:be:20:
34:ed:3c:de:48:9e:95:3d:68:89:03:d9:a5:a9:6b:
35:17:ed:d4:0a:1d:ad:c6:bc:43:94:25:9d:d0:5b:
e7:dd:56:2a:c7:0f:d8:40:01:94:e9:3f:3f:a6:1e:
5d:1b:8a:cb:d5:2a:14:eb:9f:d0:4e:5c:cc:02:01:
fa:dc:19:4c:82:7c:e3:ff:24:fa:4c:00:57:28:c1:
80:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:4B:13:E7:7E:06:E0:3C:C3:C2:86:8C:F6:3C:BE:A6:B4:F6:42:E6
X509v3 Authority Key Identifier:
keyid:3A:EB:F2:2E:86:44:42:55:FD:F7:8A:30:C4:CB:0B:2D:91:E5:B7:57
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OuvyLoZEQlX994owxMsLLZHlt1c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/54/98b2f5-75e1-4245-976d-0150c94f940d/1/vEsT534G4DzDwoaM9jy-prT2QuY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/54/98b2f5-75e1-4245-976d-0150c94f940d/1/OuvyLoZEQlX994owxMsLLZHlt1c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.240.224.0/24
194.0.58.0/24
195.144.8.0/24
Signature Algorithm: sha256WithRSAEncryption
19:e4:b7:df:91:c9:a9:17:7c:b4:b7:c8:9e:60:6e:66:0d:44:
63:ff:0c:7b:e8:8e:ca:5e:d2:1c:98:0b:65:d3:b1:e8:c0:3c:
36:20:61:ad:c2:2c:54:34:de:85:60:a0:ff:09:4c:8b:be:45:
2e:c1:49:58:a5:5e:97:b8:b3:60:76:4b:1a:8f:4f:ca:f5:da:
8a:15:c3:15:f7:ed:e0:43:e5:e2:8a:ac:dd:35:a3:54:d2:d0:
cd:8f:4d:90:65:ff:7c:8c:05:da:02:42:7d:54:b5:7d:0c:27:
f1:7b:3a:bf:d6:9f:d8:42:dd:e1:65:4e:90:23:6f:39:e2:8a:
cd:35:7c:56:28:0b:4f:77:e1:9a:36:27:01:1e:25:7b:34:ca:
99:b2:81:53:b1:ec:d4:f2:04:19:fd:78:4a:51:c6:9c:09:83:
14:d8:98:8e:12:5a:39:ae:36:4b:7b:c7:a3:e5:95:22:b0:dd:
85:43:70:07:2a:ea:49:32:9d:79:c1:e8:ac:10:f6:7d:01:85:
0b:e5:21:21:5f:f3:fb:61:e9:95:11:42:f1:5e:12:7e:78:1d:
33:8d:3e:d8:f7:fe:8a:ae:81:5c:68:1e:6d:13:16:01:bf:45:
a2:07:b8:33:d3:b7:9a:ed:53:35:5f:a9:9a:60:6a:30:20:01:
ff:25:ea:3d
-----BEGIN CERTIFICATE-----
MIIE+zCCA+OgAwIBAgIEC4L06DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
YWViZjIyZTg2NDQ0MjU1ZmRmNzhhMzBjNGNiMGIyZDkxZTViNzU3MB4XDTIyMDUw
NDExMzk0OVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYmM0YjEzZTc3ZTA2
ZTAzY2MzYzI4NjhjZjYzY2JlYTZiNGY2NDJlNjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANhZj34rJVaAvRlO68FWelPJA+6oJJP06RuZQBqZWLOOgD49
C9YPUJOyHoizyoO48+121vim8I6ffWSTu3kPzzKSl29aWGCgPsSdrURIwPzxv9Hm
19u8vZB8cIzwbsLY6X+o73RmxseHtcyi8+WzjlH6nCbm2UV0dmEJ4tq5jmikwGHG
dmVAU2L1yE16TUJvIEAeLpjir2m+wkuMqF21oJ/QhDYkRj+wjPtjzUSlL/T1y74g
NO083kielT1oiQPZpalrNRft1Aodrca8Q5QlndBb591WKscP2EABlOk/P6YeXRuK
y9UqFOuf0E5czAIB+twZTIJ84/8k+kwAVyjBgAkCAwEAAaOCAhUwggIRMB0GA1Ud
DgQWBBS8SxPnfgbgPMPChoz2PL6mtPZC5jAfBgNVHSMEGDAWgBQ66/IuhkRCVf33
ijDEywstkeW3VzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L091dnlMb1pFUWxYOTk0b3d4TXNMTFpIbHQxYy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTQvOThiMmY1LTc1ZTEtNDI0NS05NzZkLTAxNTBjOTRmOTQwZC8x
L3ZFc1Q1MzRHNER6RHdvYU05anktcHJUMlF1WS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTQv
OThiMmY1LTc1ZTEtNDI0NS05NzZkLTAxNTBjOTRmOTQwZC8xL091dnlMb1pFUWxY
OTk0b3d4TXNMTFpIbHQxYy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAr
BggrBgEFBQcBBwEB/wQcMBowGAQCAAEwEgMEAFvw4AMEAMIAOgMEAMOQCDANBgkq
hkiG9w0BAQsFAAOCAQEAGeS335HJqRd8tLfInmBuZg1EY/8Me+iOyl7SHJgLZdOx
6MA8NiBhrcIsVDTehWCg/wlMi75FLsFJWKVel7izYHZLGo9PyvXaihXDFfft4EPl
4oqs3TWjVNLQzY9NkGX/fIwF2gJCfVS1fQwn8Xs6v9af2ELd4WVOkCNvOeKKzTV8
VigLT3fhmjYnAR4lezTKmbKBU7Hs1PIEGf14SlHGnAmDFNiYjhJaOa42S3vHo+WV
IrDdhUNwByrqSTKdecHorBD2fQGFC+UhIV/z+2HplRFC8V4SfngdM40+2Pf+iq6B
XGgebRMWAb9Foge4M9O3mu1TNV+pmmBqMCAB/yXqPQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:10:07 2024 by rpki-client on console-ams.rpki-client.org