Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/1bb45a-551c-4967-95ca-77344bcc9191/1/VDmYwWucW3AC1GpZDUBZ7y28Bxk.roa
File: VDmYwWucW3AC1GpZDUBZ7y28Bxk.roa (raw, json)
Hash identifier: EeO7tRXey3loTkXQPnB+pYunBj7LgBxe+2uGLmipKpo=
Subject key identifier: 54:39:98:C1:6B:9C:5B:70:02:D4:6A:59:0D:40:59:EF:2D:BC:07:19
Certificate issuer: /CN=3c4ed942e5c742e77bfb9beb954f872534f52848
Certificate serial: 02E1F60F
Authority key identifier: 3C:4E:D9:42:E5:C7:42:E7:7B:FB:9B:EB:95:4F:87:25:34:F5:28:48
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PE7ZQuXHQud7-5vrlU-HJTT1KEg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/1bb45a-551c-4967-95ca-77344bcc9191/1/VDmYwWucW3AC1GpZDUBZ7y28Bxk.roa
Signing time: Sat 07 May 2022 17:16:22 +0000
ROA not before: Sat 07 May 2022 17:16:22 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 16509
IP address blocks: 83.97.100.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 48363023 (0x2e1f60f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3c4ed942e5c742e77bfb9beb954f872534f52848
Validity
Not Before: May 7 17:16:22 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=543998c16b9c5b7002d46a590d4059ef2dbc0719
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:c5:38:04:74:f2:f0:9a:15:1f:11:ed:9e:d1:
35:0e:bd:f0:c5:f5:44:00:a0:ae:e9:e9:fe:88:4a:
6b:a6:b7:7a:f2:ed:24:4f:d1:56:86:72:57:f5:b8:
a1:db:81:0c:8c:3f:39:90:22:64:c4:e3:cb:73:22:
60:d7:11:4b:b3:ae:a0:15:a5:d6:f5:c7:ef:1a:61:
07:09:ed:bf:6c:30:c2:cc:00:1e:66:94:76:c0:9c:
fc:b0:c4:81:11:31:49:65:99:1c:be:3b:9f:18:90:
e3:b0:4d:06:c2:ec:88:80:2d:ed:13:05:91:34:1d:
5c:10:4c:25:03:f9:e5:72:77:3a:9c:52:36:57:49:
a4:0f:5d:80:61:b0:66:b4:83:f7:ed:d6:d4:0f:27:
2f:91:55:39:a3:7c:c9:9c:59:23:aa:17:53:4a:3c:
4f:81:bf:31:3c:c2:e8:66:a8:fa:1e:38:c8:ec:b7:
86:a3:ce:86:ad:8c:90:d4:cb:f1:78:4f:b5:92:53:
64:a6:ff:cb:1d:e0:bc:c9:f2:d4:e6:96:8c:37:e4:
3d:98:b5:52:47:d4:0a:11:f6:c4:86:96:54:9c:35:
24:59:45:f2:92:6c:f3:aa:5a:f9:15:58:1c:60:29:
3d:90:c2:be:c2:67:63:bd:ce:9f:90:d8:8c:ee:96:
b5:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:39:98:C1:6B:9C:5B:70:02:D4:6A:59:0D:40:59:EF:2D:BC:07:19
X509v3 Authority Key Identifier:
keyid:3C:4E:D9:42:E5:C7:42:E7:7B:FB:9B:EB:95:4F:87:25:34:F5:28:48
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PE7ZQuXHQud7-5vrlU-HJTT1KEg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/1bb45a-551c-4967-95ca-77344bcc9191/1/VDmYwWucW3AC1GpZDUBZ7y28Bxk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/1bb45a-551c-4967-95ca-77344bcc9191/1/PE7ZQuXHQud7-5vrlU-HJTT1KEg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.97.100.0/22
Signature Algorithm: sha256WithRSAEncryption
3b:c7:18:a3:8c:94:cb:8a:21:10:9a:66:1f:75:a8:7b:2b:ad:
52:ff:2c:f4:09:20:29:f7:80:7d:bd:60:68:7d:0b:2d:e3:de:
66:21:ec:f9:92:63:36:1c:69:1c:74:5a:52:21:e3:e5:37:f2:
cb:05:d2:18:3e:38:d2:e5:91:23:49:47:8e:8c:ab:15:4b:07:
9b:0d:10:d8:7a:90:5e:49:fa:c6:64:7f:49:48:bc:10:7c:27:
5f:09:5f:0a:92:2f:ec:51:9d:8e:a3:b2:6a:73:39:f8:1f:1e:
e3:8a:5c:06:7a:9d:ef:ef:7d:e1:1f:d5:12:64:e1:2f:63:5f:
a4:3a:52:6d:95:e1:39:c1:14:3f:55:87:39:95:a8:ad:80:45:
2b:6d:fa:8d:5d:2c:62:04:9b:de:c4:c6:a2:b8:95:d5:13:55:
49:42:b0:7f:23:76:46:6d:55:d6:b1:5c:68:5f:c4:b9:63:df:
98:c2:8e:bf:6a:8d:f2:10:3e:3f:15:95:e0:ea:37:bf:b8:e7:
d3:17:a8:ef:14:9a:10:ea:d2:ca:89:e0:32:81:df:60:33:e4:
52:04:e2:50:44:31:a4:70:82:1b:49:01:43:f3:e1:58:d6:0b:
be:b2:09:f9:c7:c5:f9:20:69:a1:10:63:6d:79:50:dd:6b:5b:
ab:47:76:46
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAuH2DzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
YzRlZDk0MmU1Yzc0MmU3N2JmYjliZWI5NTRmODcyNTM0ZjUyODQ4MB4XDTIyMDUw
NzE3MTYyMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNTQzOTk4YzE2Yjlj
NWI3MDAyZDQ2YTU5MGQ0MDU5ZWYyZGJjMDcxOTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKTFOAR08vCaFR8R7Z7RNQ698MX1RACgrunp/ohKa6a3evLt
JE/RVoZyV/W4oduBDIw/OZAiZMTjy3MiYNcRS7OuoBWl1vXH7xphBwntv2wwwswA
HmaUdsCc/LDEgRExSWWZHL47nxiQ47BNBsLsiIAt7RMFkTQdXBBMJQP55XJ3OpxS
NldJpA9dgGGwZrSD9+3W1A8nL5FVOaN8yZxZI6oXU0o8T4G/MTzC6Gao+h44yOy3
hqPOhq2MkNTL8XhPtZJTZKb/yx3gvMny1OaWjDfkPZi1UkfUChH2xIaWVJw1JFlF
8pJs86pa+RVYHGApPZDCvsJnY73On5DYjO6WtQUCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRUOZjBa5xbcALUalkNQFnvLbwHGTAfBgNVHSMEGDAWgBQ8TtlC5cdC53v7
m+uVT4clNPUoSDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1BFN1pRdVhIUXVkNy01dnJsVS1ISlRUMUtFZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNjYvMWJiNDVhLTU1MWMtNDk2Ny05NWNhLTc3MzQ0YmNjOTE5MS8x
L1ZEbVl3V3VjVzNBQzFHcFpEVUJaN3kyOEJ4ay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjYv
MWJiNDVhLTU1MWMtNDk2Ny05NWNhLTc3MzQ0YmNjOTE5MS8xL1BFN1pRdVhIUXVk
Ny01dnJsVS1ISlRUMUtFZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAlNhZDANBgkqhkiG9w0BAQsFAAOC
AQEAO8cYo4yUy4ohEJpmH3WoeyutUv8s9AkgKfeAfb1gaH0LLePeZiHs+ZJjNhxp
HHRaUiHj5TfyywXSGD440uWRI0lHjoyrFUsHmw0Q2HqQXkn6xmR/SUi8EHwnXwlf
CpIv7FGdjqOyanM5+B8e44pcBnqd7+994R/VEmThL2NfpDpSbZXhOcEUP1WHOZWo
rYBFK236jV0sYgSb3sTGoriV1RNVSUKwfyN2Rm1V1rFcaF/EuWPfmMKOv2qN8hA+
PxWV4Oo3v7jn0xeo7xSaEOrSyongMoHfYDPkUgTiUEQxpHCCG0kBQ/PhWNYLvrIJ
+cfF+SBpoRBjbXlQ3Wtbq0d2Rg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:33:04 2024 by rpki-client on console-fra.rpki-client.org