Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/32441e-5e9b-4a32-8cc4-1eb75bb68233/1/VKTJFlr5tRch1juOEopw9cJgbKE.roa
File: VKTJFlr5tRch1juOEopw9cJgbKE.roa (raw, json)
Hash identifier: QDBsCjmXszNx5kz3dT16fI/91kqNpI8++RFvuxU+Xwk=
Subject key identifier: 54:A4:C9:16:5A:F9:B5:17:21:D6:3B:8E:12:8A:70:F5:C2:60:6C:A1
Certificate issuer: /CN=f97f69ed26c2e4687dbab2e6c6cca88d17c4c332
Certificate serial: 10E33036
Authority key identifier: F9:7F:69:ED:26:C2:E4:68:7D:BA:B2:E6:C6:CC:A8:8D:17:C4:C3:32
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-X9p7SbC5Gh9urLmxsyojRfEwzI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/32441e-5e9b-4a32-8cc4-1eb75bb68233/1/VKTJFlr5tRch1juOEopw9cJgbKE.roa
Signing time: Sat 01 Jan 2022 01:53:52 +0000
ROA not before: Sat 01 Jan 2022 01:53:52 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 47347
IP address blocks: 79.142.32.0/20 maxlen: 20
2a01:7b40::/32 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 283324470 (0x10e33036)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f97f69ed26c2e4687dbab2e6c6cca88d17c4c332
Validity
Not Before: Jan 1 01:53:52 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=54a4c9165af9b51721d63b8e128a70f5c2606ca1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:51:11:8d:ac:31:05:54:23:d0:3d:d9:3a:90:
bc:46:43:0f:16:89:67:ac:34:ca:f2:13:d5:64:f4:
fc:dd:54:b1:ac:52:dc:de:e9:15:90:33:c9:8d:79:
a5:1d:d8:92:b7:93:38:ca:28:f5:39:10:6c:92:f0:
5b:28:21:f7:2d:ce:8f:49:ce:ee:3b:b7:41:68:c5:
92:fa:62:9f:13:24:a6:7e:a4:d2:f2:64:8a:eb:29:
27:99:e4:30:f1:74:47:e0:0b:50:28:06:09:1c:ee:
dd:cd:9c:59:f8:1c:9d:31:ce:48:12:b1:17:67:cf:
19:f6:e2:84:e2:2e:c7:7a:42:91:65:db:b3:0e:d9:
e7:72:a6:0c:56:52:85:3a:2c:e7:ce:85:0e:a3:e6:
f9:97:76:89:c9:f6:16:4c:cd:03:55:cf:18:0d:f9:
51:8a:42:48:22:17:bc:ef:09:ed:17:8d:ca:e6:22:
6e:3c:aa:05:fe:30:2d:7f:7c:4d:da:35:95:31:b8:
eb:5e:45:59:4d:39:f1:85:4b:f3:95:59:0c:32:5d:
8e:d2:8c:0e:17:8c:ff:53:ab:8f:8f:e4:c4:db:42:
d3:8f:87:ec:40:7d:f6:b0:3d:1b:89:2e:ea:4a:90:
50:85:e4:ba:09:1f:1f:fd:f0:1d:2b:b3:02:b0:f2:
c2:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:A4:C9:16:5A:F9:B5:17:21:D6:3B:8E:12:8A:70:F5:C2:60:6C:A1
X509v3 Authority Key Identifier:
keyid:F9:7F:69:ED:26:C2:E4:68:7D:BA:B2:E6:C6:CC:A8:8D:17:C4:C3:32
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-X9p7SbC5Gh9urLmxsyojRfEwzI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/32441e-5e9b-4a32-8cc4-1eb75bb68233/1/VKTJFlr5tRch1juOEopw9cJgbKE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/32441e-5e9b-4a32-8cc4-1eb75bb68233/1/1-X9p7SbC5Gh9urLmxsyojRfEwzI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.142.32.0/20
IPv6:
2a01:7b40::/32
Signature Algorithm: sha256WithRSAEncryption
5b:dc:4a:da:73:4b:8a:45:6e:d0:72:ee:c8:7c:ef:16:33:c2:
87:79:c3:e5:21:3b:f1:17:50:b3:cc:e9:3e:d9:7e:14:fd:9d:
6d:84:a3:e6:c6:96:f4:4c:e8:2a:c9:24:ef:b9:40:f3:f2:9e:
db:70:ff:f8:b9:f5:88:63:fc:86:9a:f3:f1:3a:2b:e2:57:1a:
9e:63:56:02:9b:5d:5e:6c:d2:e6:0a:78:dc:96:fb:d6:a1:e4:
a5:d2:bd:b3:88:e9:b5:bc:48:f0:12:5a:83:0f:db:ea:c4:05:
76:38:a3:42:a5:e3:a1:be:a4:56:7e:e1:d9:31:c5:1c:69:3d:
75:5d:4b:55:5c:31:6e:93:0b:4e:17:8b:6a:ee:26:ac:85:be:
e1:4e:21:97:b4:22:81:7a:e9:84:de:ea:e1:77:4c:2d:c3:d8:
ed:0e:59:dd:af:ea:80:f9:8f:70:cf:3c:4c:c8:b1:2f:f8:69:
f6:08:b1:07:b3:c1:58:a6:d5:9f:82:c5:b3:75:31:f9:59:06:
e1:d2:00:a0:b7:15:85:54:69:fa:1a:ab:99:16:17:80:4e:e2:
b8:13:2e:8e:29:1a:9d:2f:6f:fc:79:36:58:e8:4b:14:04:18:
97:e7:23:6e:4b:bd:0f:f4:a3:c5:9b:bd:22:b0:92:95:9b:e3:
ec:7d:9e:03
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIEEOMwNjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
OTdmNjllZDI2YzJlNDY4N2RiYWIyZTZjNmNjYTg4ZDE3YzRjMzMyMB4XDTIyMDEw
MTAxNTM1MloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNTRhNGM5MTY1YWY5
YjUxNzIxZDYzYjhlMTI4YTcwZjVjMjYwNmNhMTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKpREY2sMQVUI9A92TqQvEZDDxaJZ6w0yvIT1WT0/N1UsaxS
3N7pFZAzyY15pR3YkreTOMoo9TkQbJLwWygh9y3Oj0nO7ju3QWjFkvpinxMkpn6k
0vJkiuspJ5nkMPF0R+ALUCgGCRzu3c2cWfgcnTHOSBKxF2fPGfbihOIux3pCkWXb
sw7Z53KmDFZShTos586FDqPm+Zd2icn2FkzNA1XPGA35UYpCSCIXvO8J7ReNyuYi
bjyqBf4wLX98Tdo1lTG4615FWU058YVL85VZDDJdjtKMDheM/1Orj4/kxNtC04+H
7EB99rA9G4ku6kqQUIXkugkfH/3wHSuzArDywlkCAwEAAaOCAhowggIWMB0GA1Ud
DgQWBBRUpMkWWvm1FyHWO44SinD1wmBsoTAfBgNVHSMEGDAWgBT5f2ntJsLkaH26
subGzKiNF8TDMjAOBgNVHQ8BAf8EBAMCB4AwZQYIKwYBBQUHAQEEWTBXMFUGCCsG
AQUFBzAChklyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzEtWDlwN1NiQzVHaDl1ckxteHN5b2pSZkV3ekkuY2VyMIGNBggrBgEFBQcBCwSB
gDB+MHwGCCsGAQUFBzALhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS9ERUZBVUxULzY2LzMyNDQxZS01ZTliLTRhMzItOGNjNC0xZWI3NWJiNjgyMzMv
MS9WS1RKRmxyNXRSY2gxanVPRW9wdzljSmdiS0Uucm9hMIGCBgNVHR8EezB5MHeg
daBzhnFyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzY2
LzMyNDQxZS01ZTliLTRhMzItOGNjNC0xZWI3NWJiNjgyMzMvMS8xLVg5cDdTYkM1
R2g5dXJMbXhzeW9qUmZFd3pJLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4C
MC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQET44gMA0EAgACMAcDBQAqAXtA
MA0GCSqGSIb3DQEBCwUAA4IBAQBb3Erac0uKRW7Qcu7IfO8WM8KHecPlITvxF1Cz
zOk+2X4U/Z1thKPmxpb0TOgqySTvuUDz8p7bcP/4ufWIY/yGmvPxOiviVxqeY1YC
m11ebNLmCnjclvvWoeSl0r2ziOm1vEjwElqDD9vqxAV2OKNCpeOhvqRWfuHZMcUc
aT11XUtVXDFukwtOF4tq7iashb7hTiGXtCKBeumE3urhd0wtw9jtDlndr+qA+Y9w
zzxMyLEv+Gn2CLEHs8FYptWfgsWzdTH5WQbh0gCgtxWFVGn6GquZFheATuK4Ey6O
KRqdL2/8eTZY6EsUBBiX5yNuS70P9KPFm70isJKVm+PsfZ4D
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:00:54 2023 by rpki-client on console-ams.rpki-client.org