Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/56/81bc95-1444-408a-92f1-392e05a84277/1/vnwh5fivuANqxD97b_uVHwCGF-0.roa
File: vnwh5fivuANqxD97b_uVHwCGF-0.roa (raw, json)
Hash identifier: vY6rVPtmiCj91FQYSehsssXE9/mj+4e+d7cB1YoKv6o=
Subject key identifier: BE:7C:21:E5:F8:AF:B8:03:6A:C4:3F:7B:6F:FB:95:1F:00:86:17:ED
Certificate issuer: /CN=1f739d213a438f678b322a8f8f84e2d8c7814aca
Certificate serial: 0184E82C2EAB1F097EBACC58445A59D02AFE
Authority key identifier: 1F:73:9D:21:3A:43:8F:67:8B:32:2A:8F:8F:84:E2:D8:C7:81:4A:CA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/H3OdITpDj2eLMiqPj4Ti2MeBSso.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/56/81bc95-1444-408a-92f1-392e05a84277/1/vnwh5fivuANqxD97b_uVHwCGF-0.roa
Signing time: Tue 06 Dec 2022 16:02:00 +0000
ROA not before: Tue 06 Dec 2022 16:02:00 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 12350
IP address blocks: 83.228.128.0/17 maxlen: 17
213.162.0.0/19 maxlen: 19
194.38.64.0/19 maxlen: 19
185.133.28.0/22 maxlen: 22
212.232.128.0/17 maxlen: 17
194.148.96.0/19 maxlen: 19
194.148.0.0/18 maxlen: 18
195.15.0.0/17 maxlen: 17
212.28.128.0/19 maxlen: 19
194.38.160.0/19 maxlen: 19
212.147.79.0/24 maxlen: 24
212.40.0.0/19 maxlen: 19
212.147.0.0/17 maxlen: 17
213.5.152.0/21 maxlen: 21
212.254.0.0/16 maxlen: 16
212.109.64.0/19 maxlen: 19
2a03:a360::/32 maxlen: 32
2001:4c78::/32 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:e8:2c:2e:ab:1f:09:7e:ba:cc:58:44:5a:59:d0:2a:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1f739d213a438f678b322a8f8f84e2d8c7814aca
Validity
Not Before: Dec 6 16:02:00 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=be7c21e5f8afb8036ac43f7b6ffb951f008617ed
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:09:3b:2c:01:49:ff:cf:1c:12:0b:2d:f8:0b:
8f:78:4d:39:ab:f1:42:bf:62:ff:9f:d1:47:d9:9d:
c6:10:3b:24:f0:8f:fd:83:92:37:f3:86:76:d6:15:
de:8c:04:73:18:07:25:b2:9d:fc:86:5a:bb:81:da:
77:ab:fb:36:d0:c7:d8:34:44:d7:9a:a8:89:d1:a0:
2b:0e:9b:a5:93:9f:10:fa:3b:fd:50:2f:b2:96:a7:
45:6f:9d:cc:3d:ea:90:9b:ce:1b:a5:d1:d5:5f:7a:
b9:c4:8a:ca:0a:b0:59:2c:d9:e4:40:40:91:36:4d:
80:2e:1b:0c:f8:0e:7d:01:2c:3d:73:3b:96:43:d9:
96:5a:76:5e:f1:a1:a4:bb:eb:a3:b9:72:80:19:63:
39:73:4c:dd:05:65:6b:cd:b7:49:02:d7:2f:f2:57:
3c:5c:68:c8:33:2c:cd:d3:0c:88:15:27:d2:a5:bc:
ae:2c:14:ff:6f:eb:46:12:43:fe:42:c5:b3:0d:12:
d0:2b:13:26:9b:4b:c5:68:4b:71:a7:ba:1a:c4:03:
4e:82:4d:9e:b2:48:ca:00:09:cb:29:ac:48:d8:5b:
75:eb:23:7c:65:96:f7:3c:79:cb:89:54:ea:0d:5d:
28:6a:f4:1c:6b:74:38:17:4a:cb:aa:fe:3c:2c:90:
e1:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:7C:21:E5:F8:AF:B8:03:6A:C4:3F:7B:6F:FB:95:1F:00:86:17:ED
X509v3 Authority Key Identifier:
keyid:1F:73:9D:21:3A:43:8F:67:8B:32:2A:8F:8F:84:E2:D8:C7:81:4A:CA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/H3OdITpDj2eLMiqPj4Ti2MeBSso.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/56/81bc95-1444-408a-92f1-392e05a84277/1/vnwh5fivuANqxD97b_uVHwCGF-0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/56/81bc95-1444-408a-92f1-392e05a84277/1/H3OdITpDj2eLMiqPj4Ti2MeBSso.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.228.128.0/17
185.133.28.0/22
194.38.64.0/19
194.38.160.0/19
194.148.0.0/18
194.148.96.0/19
195.15.0.0/17
212.28.128.0/19
212.40.0.0/19
212.109.64.0/19
212.147.0.0/17
212.232.128.0/17
212.254.0.0/16
213.5.152.0/21
213.162.0.0/19
IPv6:
2001:4c78::/32
2a03:a360::/32
Signature Algorithm: sha256WithRSAEncryption
98:a4:46:8e:79:e6:31:64:cd:f4:3e:f4:4f:71:3c:f7:13:3e:
eb:2d:11:6f:72:3a:1e:4e:c3:f8:33:5f:90:22:43:42:87:82:
8a:1d:d5:f3:00:7f:a2:b1:2e:43:96:1c:9a:b6:25:ad:e7:df:
9a:7f:ea:9e:a5:66:9e:cf:c9:2b:a4:7c:62:54:22:ff:15:7d:
e3:a2:ea:84:0b:37:f4:aa:b7:69:8a:e9:32:20:1d:9e:63:c4:
8b:fb:8e:fd:64:3b:63:73:39:0d:58:ca:f2:35:8d:26:fd:ee:
8c:70:ce:c1:8c:17:cc:5e:a9:17:54:8e:73:e5:d5:04:f0:ce:
26:fe:47:57:e0:75:83:6c:79:8f:25:6a:11:f7:bb:6e:e0:6c:
8b:d5:cd:10:18:17:9e:08:47:98:fb:40:6b:d1:bd:21:58:44:
1f:11:bd:6b:ca:a9:3e:b1:fc:63:81:f3:00:21:fa:9d:b2:bf:
e1:59:5d:41:4c:a4:84:28:ff:0b:b7:aa:b3:9d:37:99:38:31:
9f:e5:39:15:ec:85:73:fd:69:ed:6c:2d:07:ab:4e:c0:52:57:
b5:0e:2f:81:84:9f:25:10:18:54:e3:11:af:6c:a3:5b:4d:62:
e7:87:80:7d:c2:98:b2:5d:79:81:d6:d0:e0:e3:ab:64:63:9a:
22:fc:c4:03
-----BEGIN CERTIFICATE-----
MIIFZzCCBE+gAwIBAgISAYToLC6rHwl+usxYRFpZ0Cr+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmNzM5ZDIxM2E0MzhmNjc4YjMyMmE4ZjhmODRlMmQ4Yzc4
MTRhY2EwHhcNMjIxMjA2MTYwMjAwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZTdjMjFlNWY4YWZiODAzNmFjNDNmN2I2ZmZiOTUxZjAwODYxN2VkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhAk7LAFJ/88cEgst+AuPeE05q/FC
v2L/n9FH2Z3GEDsk8I/9g5I384Z21hXejARzGAclsp38hlq7gdp3q/s20MfYNETX
mqiJ0aArDpulk58Q+jv9UC+ylqdFb53MPeqQm84bpdHVX3q5xIrKCrBZLNnkQECR
Nk2ALhsM+A59ASw9czuWQ9mWWnZe8aGku+ujuXKAGWM5c0zdBWVrzbdJAtcv8lc8
XGjIMyzN0wyIFSfSpbyuLBT/b+tGEkP+QsWzDRLQKxMmm0vFaEtxp7oaxANOgk2e
skjKAAnLKaxI2Ft16yN8ZZb3PHnLiVTqDV0oavQca3Q4F0rLqv48LJDhMQIDAQAB
o4ICczCCAm8wHQYDVR0OBBYEFL58IeX4r7gDasQ/e2/7lR8AhhftMB8GA1UdIwQY
MBaAFB9znSE6Q49nizIqj4+E4tjHgUrKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSDNPZElUcERqMmVMTWlxUGo0VGkyTWVCU3NvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ni84MWJjOTUtMTQ0NC00MDhhLTkyZjEt
MzkyZTA1YTg0Mjc3LzEvdm53aDVmaXZ1QU5xeEQ5N2JfdVZId0NHRi0wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ni84MWJjOTUtMTQ0NC00MDhhLTkyZjEtMzkyZTA1YTg0Mjc3
LzEvSDNPZElUcERqMmVMTWlxUGo0VGkyTWVCU3NvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGIBggrBgEFBQcBBwEB/wR5MHcwXwQCAAEwWQMEB1PkgAME
ArmFHAMEBcImQAMEBcImoAMEBsKUAAMEBcKUYAMEB8MPAAMEBdQcgAMEBdQoAAME
BdRtQAMEB9STAAMEB9TogAMDANT+AwQD1QWYAwQF1aIAMBQEAgACMA4DBQAgAUx4
AwUAKgOjYDANBgkqhkiG9w0BAQsFAAOCAQEAmKRGjnnmMWTN9D70T3E89xM+6y0R
b3I6Hk7D+DNfkCJDQoeCih3V8wB/orEuQ5YcmrYlreffmn/qnqVmns/JK6R8YlQi
/xV946LqhAs39Kq3aYrpMiAdnmPEi/uO/WQ7Y3M5DVjK8jWNJv3ujHDOwYwXzF6p
F1SOc+XVBPDOJv5HV+B1g2x5jyVqEfe7buBsi9XNEBgXnghHmPtAa9G9IVhEHxG9
a8qpPrH8Y4HzACH6nbK/4VldQUykhCj/C7eqs503mTgxn+U5FeyFc/1p7WwtB6tO
wFJXtQ4vgYSfJRAYVOMRr2yjW01i54eAfcKYsl15gdbQ4OOrZGOaIvzEAw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:30:20 2024 by rpki-client on console-fra.rpki-client.org