Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/5e5c30-8aa4-47e8-bd8f-fbe1a0d0aa98/1/VZfZQvTdONDUuIu8L1KKzit0f3w.roa
File: VZfZQvTdONDUuIu8L1KKzit0f3w.roa (raw, json)
Hash identifier: gNKBCJvVXXDw3ttZO91KA1r8yudqRifHasOk48gCA24=
Subject key identifier: 55:97:D9:42:F4:DD:38:D0:D4:B8:8B:BC:2F:52:8A:CE:2B:74:7F:7C
Certificate issuer: /CN=557b0ac10b8642a27dd3d74ed6cb5ee045e67b97
Certificate serial: 0186083C918DEE6641E73431CBB7CA73D41A
Authority key identifier: 55:7B:0A:C1:0B:86:42:A2:7D:D3:D7:4E:D6:CB:5E:E0:45:E6:7B:97
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VXsKwQuGQqJ909dO1ste4EXme5c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/5e5c30-8aa4-47e8-bd8f-fbe1a0d0aa98/1/VZfZQvTdONDUuIu8L1KKzit0f3w.roa
Signing time: Tue 31 Jan 2023 14:30:32 +0000
ROA not before: Tue 31 Jan 2023 14:30:32 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42459
IP address blocks: 95.169.203.0/24 maxlen: 24
95.169.201.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:08:3c:91:8d:ee:66:41:e7:34:31:cb:b7:ca:73:d4:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=557b0ac10b8642a27dd3d74ed6cb5ee045e67b97
Validity
Not Before: Jan 31 14:30:32 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5597d942f4dd38d0d4b88bbc2f528ace2b747f7c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:7c:2f:e9:80:a7:5f:7e:48:c8:92:23:43:65:
ab:d2:0b:0c:7b:54:b7:ed:cd:c7:34:44:0d:5f:81:
97:1c:22:86:7d:47:5e:4c:f5:be:03:23:3b:27:cc:
b0:10:6d:fa:87:c3:4b:5a:29:f1:01:9d:ad:e7:48:
9d:c5:6f:9d:d9:3f:1e:eb:cc:c6:e4:a0:93:b1:f8:
0c:71:a8:77:b7:52:d1:8c:37:25:2c:39:03:ae:11:
fe:68:97:d7:be:16:4b:0b:59:8d:3a:39:99:40:e2:
53:83:94:a4:e6:6c:53:d9:50:89:08:c8:01:ac:be:
d2:05:ba:fc:30:11:ad:4b:43:cb:5f:aa:f7:64:95:
b1:0b:7a:00:a8:a4:be:d3:ee:22:02:c0:a3:df:5a:
5e:c4:d1:87:93:81:0c:2b:9e:99:2b:24:d3:81:4a:
b3:8c:f5:77:29:85:91:27:91:e6:b5:8b:e8:5a:83:
21:2f:c8:64:6f:4a:7b:02:a9:42:71:5d:af:ee:bb:
ae:8b:5e:f8:83:06:47:84:f6:d1:b6:aa:bd:cb:70:
f8:b3:a8:91:1d:71:3a:1f:31:47:67:22:51:e5:8a:
b0:d8:ab:b8:34:8d:d6:67:5d:fe:04:0e:b3:bd:fc:
6b:77:15:33:77:5b:08:08:18:c6:01:b6:06:64:a1:
6c:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:97:D9:42:F4:DD:38:D0:D4:B8:8B:BC:2F:52:8A:CE:2B:74:7F:7C
X509v3 Authority Key Identifier:
keyid:55:7B:0A:C1:0B:86:42:A2:7D:D3:D7:4E:D6:CB:5E:E0:45:E6:7B:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VXsKwQuGQqJ909dO1ste4EXme5c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/5e5c30-8aa4-47e8-bd8f-fbe1a0d0aa98/1/VZfZQvTdONDUuIu8L1KKzit0f3w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/5e5c30-8aa4-47e8-bd8f-fbe1a0d0aa98/1/VXsKwQuGQqJ909dO1ste4EXme5c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.169.201.0/24
95.169.203.0/24
Signature Algorithm: sha256WithRSAEncryption
21:3a:a3:bb:40:75:40:47:fc:e8:96:18:9a:80:55:d7:ed:7c:
87:86:71:b3:40:28:d1:64:6c:f5:4b:e9:95:8e:c5:f3:0d:be:
ed:ba:5b:75:1a:16:41:0b:ba:82:ef:d2:01:7e:e4:c6:e7:9d:
c9:9f:7e:e0:d3:18:e5:e3:da:28:4f:9a:d8:25:1a:f7:cf:8a:
fc:e9:87:41:4b:ab:73:e5:95:c6:f0:a1:9b:bd:c1:db:44:35:
0c:97:15:60:35:79:60:00:f8:73:b2:37:6a:ee:55:0f:af:7e:
c8:3b:9e:95:fc:5c:5d:3e:b8:84:7d:22:a9:b0:1d:e0:f6:0d:
75:fe:e9:09:c4:35:cb:d9:e1:e6:82:f1:75:4c:d4:20:0f:90:
2e:c5:79:70:ad:62:3a:09:91:e6:68:cd:04:a7:26:3a:49:46:
4c:a0:46:86:04:2a:e7:93:81:cf:d5:3e:63:fa:d6:67:8d:ae:
4c:04:a3:f0:ca:13:21:d0:5b:19:38:0f:56:5b:96:37:44:c1:
54:4e:1c:7c:89:0b:a3:ae:b1:d4:b1:5f:6b:35:39:db:20:f6:
5e:00:ad:18:03:9e:e1:22:74:02:ea:c9:4f:c9:48:bc:b0:46:
45:6d:d2:f5:17:a7:82:f4:8c:cc:ff:0c:84:60:56:3f:7c:79:
8c:0d:9a:6a
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYYIPJGN7mZB5zQxy7fKc9QaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU1N2IwYWMxMGI4NjQyYTI3ZGQzZDc0ZWQ2Y2I1ZWUwNDVl
NjdiOTcwHhcNMjMwMTMxMTQzMDMyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NTk3ZDk0MmY0ZGQzOGQwZDRiODhiYmMyZjUyOGFjZTJiNzQ3ZjdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi3wv6YCnX35IyJIjQ2Wr0gsMe1S3
7c3HNEQNX4GXHCKGfUdeTPW+AyM7J8ywEG36h8NLWinxAZ2t50idxW+d2T8e68zG
5KCTsfgMcah3t1LRjDclLDkDrhH+aJfXvhZLC1mNOjmZQOJTg5Sk5mxT2VCJCMgB
rL7SBbr8MBGtS0PLX6r3ZJWxC3oAqKS+0+4iAsCj31pexNGHk4EMK56ZKyTTgUqz
jPV3KYWRJ5HmtYvoWoMhL8hkb0p7AqlCcV2v7ruui174gwZHhPbRtqq9y3D4s6iR
HXE6HzFHZyJR5Yqw2Ku4NI3WZ13+BA6zvfxrdxUzd1sICBjGAbYGZKFs9wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFFWX2UL03TjQ1LiLvC9Sis4rdH98MB8GA1UdIwQY
MBaAFFV7CsELhkKifdPXTtbLXuBF5nuXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVlhzS3dRdUdRcUo5MDlkTzFzdGU0RVhtZTVjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi81ZTVjMzAtOGFhNC00N2U4LWJkOGYt
ZmJlMWEwZDBhYTk4LzEvVlpmWlF2VGRPTkRVdUl1OEwxS0t6aXQwZjN3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi81ZTVjMzAtOGFhNC00N2U4LWJkOGYtZmJlMWEwZDBhYTk4
LzEvVlhzS3dRdUdRcUo5MDlkTzFzdGU0RVhtZTVjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAX6nJAwQA
X6nLMA0GCSqGSIb3DQEBCwUAA4IBAQAhOqO7QHVAR/zolhiagFXX7XyHhnGzQCjR
ZGz1S+mVjsXzDb7tult1GhZBC7qC79IBfuTG553Jn37g0xjl49ooT5rYJRr3z4r8
6YdBS6tz5ZXG8KGbvcHbRDUMlxVgNXlgAPhzsjdq7lUPr37IO56V/FxdPriEfSKp
sB3g9g11/ukJxDXL2eHmgvF1TNQgD5AuxXlwrWI6CZHmaM0EpyY6SUZMoEaGBCrn
k4HP1T5j+tZnja5MBKPwyhMh0FsZOA9WW5Y3RMFUThx8iQujrrHUsV9rNTnbIPZe
AK0YA57hInQC6slPyUi8sEZFbdL1F6eC9IzM/wyEYFY/fHmMDZpq
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:11:50 2024 by rpki-client on console-ams.rpki-client.org