Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/75/517694-c8a1-458b-9cf2-6c7e5685890c/1/Vkrh9WBtzTyACYz_3aSXZDtsZ9o.roa
File: Vkrh9WBtzTyACYz_3aSXZDtsZ9o.roa (raw, json)
Hash identifier: JiNNBUSKRXcI4jev/88neIk7sj27MWGuqEzIjA1fORg=
Subject key identifier: 56:4A:E1:F5:60:6D:CD:3C:80:09:8C:FF:DD:A4:97:64:3B:6C:67:DA
Certificate issuer: /CN=1f4738389cb3b998ec4fa6d4272f8dd799fbc4a9
Certificate serial: 018BF6101458BB55DF2D36E8DDDD9E1E96B1
Authority key identifier: 1F:47:38:38:9C:B3:B9:98:EC:4F:A6:D4:27:2F:8D:D7:99:FB:C4:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/H0c4OJyzuZjsT6bUJy-N15n7xKk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/75/517694-c8a1-458b-9cf2-6c7e5685890c/1/Vkrh9WBtzTyACYz_3aSXZDtsZ9o.roa
Signing time: Wed 22 Nov 2023 08:05:30 +0000
ROA not before: Wed 22 Nov 2023 08:05:30 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 91.213.174.0/24 maxlen: 24
91.213.186.0/24 maxlen: 24
194.156.151.0/24 maxlen: 24
45.150.197.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:f6:10:14:58:bb:55:df:2d:36:e8:dd:dd:9e:1e:96:b1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1f4738389cb3b998ec4fa6d4272f8dd799fbc4a9
Validity
Not Before: Nov 22 08:05:30 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=564ae1f5606dcd3c80098cffdda497643b6c67da
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f1:77:94:03:7d:ab:13:18:5f:8a:d7:65:33:fb:
82:09:40:70:64:ab:76:a2:bf:25:44:47:c9:6c:e7:
7a:4e:e9:38:ab:b1:49:b7:8f:1e:73:0e:81:ef:b2:
42:da:5c:ff:30:37:b7:92:8e:69:a9:c6:c3:fa:55:
3d:70:f9:41:2e:95:ef:06:8d:6d:6c:38:ce:cf:60:
b4:d4:cb:5a:5b:00:b2:16:ad:68:be:eb:01:77:62:
ce:60:90:70:2a:a0:78:9d:52:33:e0:67:01:6f:3d:
d7:74:7d:71:c9:76:d9:4f:c7:03:95:8f:31:02:0a:
98:e5:cc:63:22:61:d4:48:72:13:61:99:11:44:89:
7a:00:b9:21:a3:d4:49:9c:23:31:f1:78:0e:05:69:
75:e7:5d:e5:5e:18:14:32:47:e4:97:86:9d:f3:f6:
f2:22:06:1e:f2:c0:dd:bd:fe:ca:9b:4c:80:f7:46:
f7:b3:01:bb:3c:f9:2b:bf:52:83:e6:f3:6b:a6:fb:
77:95:e0:49:ad:45:9c:a8:c4:fb:17:6a:5b:fa:42:
3c:6d:81:b5:18:8d:6c:28:6f:9e:87:3b:78:f4:85:
b3:eb:94:3c:f6:57:96:b2:3c:16:cd:24:27:56:d0:
e4:ad:f7:5d:f9:ca:ae:d2:20:81:43:78:35:c1:3e:
31:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
56:4A:E1:F5:60:6D:CD:3C:80:09:8C:FF:DD:A4:97:64:3B:6C:67:DA
X509v3 Authority Key Identifier:
keyid:1F:47:38:38:9C:B3:B9:98:EC:4F:A6:D4:27:2F:8D:D7:99:FB:C4:A9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/H0c4OJyzuZjsT6bUJy-N15n7xKk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/75/517694-c8a1-458b-9cf2-6c7e5685890c/1/Vkrh9WBtzTyACYz_3aSXZDtsZ9o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/75/517694-c8a1-458b-9cf2-6c7e5685890c/1/H0c4OJyzuZjsT6bUJy-N15n7xKk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.150.197.0/24
91.213.174.0/24
91.213.186.0/24
194.156.151.0/24
Signature Algorithm: sha256WithRSAEncryption
88:90:23:a6:34:bb:26:7e:ae:a8:76:d8:54:53:42:09:da:58:
6b:4c:32:c7:19:73:49:42:4e:fa:f1:18:f5:00:87:12:52:ec:
20:f4:66:b8:9b:ab:3a:1d:74:7a:03:59:e6:0f:34:6a:71:f0:
c4:f2:94:b4:4f:d2:a0:21:e4:b0:da:57:ce:cb:23:90:22:78:
de:8a:db:fc:40:57:76:a7:57:60:43:b9:ef:65:69:95:1b:1d:
cf:31:3d:72:74:a4:6d:3b:44:93:4a:03:f1:af:00:76:2b:e9:
8e:af:64:18:1a:96:62:01:72:23:c3:58:40:71:92:7d:8b:a2:
a4:c8:44:ad:55:80:81:71:2f:bb:8e:b2:cd:17:d4:d3:a8:6d:
aa:4c:7e:a8:c9:87:f9:92:d8:3a:0f:fe:69:b0:16:87:a6:96:
86:16:a7:c2:31:49:19:be:b3:df:bb:dd:2f:43:f2:c7:fd:75:
52:25:cc:38:1b:d8:ef:2c:8c:00:ca:87:a3:58:cd:4f:e2:f4:
82:da:ca:94:ef:55:cf:b5:28:9c:86:d2:21:93:31:9f:37:6e:
bd:d9:7b:60:2b:0e:34:ce:84:f1:cd:49:91:36:7a:8f:46:47:
4f:88:ae:62:cd:08:0d:c1:5f:e3:0d:43:12:6b:be:71:22:5b:
d0:e1:ef:56
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYv2EBRYu1XfLTbo3d2eHpaxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmNDczODM4OWNiM2I5OThlYzRmYTZkNDI3MmY4ZGQ3OTlm
YmM0YTkwHhcNMjMxMTIyMDgwNTMwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NjRhZTFmNTYwNmRjZDNjODAwOThjZmZkZGE0OTc2NDNiNmM2N2RhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8XeUA32rExhfitdlM/uCCUBwZKt2
or8lREfJbOd6Tuk4q7FJt48ecw6B77JC2lz/MDe3ko5pqcbD+lU9cPlBLpXvBo1t
bDjOz2C01MtaWwCyFq1ovusBd2LOYJBwKqB4nVIz4GcBbz3XdH1xyXbZT8cDlY8x
AgqY5cxjImHUSHITYZkRRIl6ALkho9RJnCMx8XgOBWl1513lXhgUMkfkl4ad8/by
IgYe8sDdvf7Km0yA90b3swG7PPkrv1KD5vNrpvt3leBJrUWcqMT7F2pb+kI8bYG1
GI1sKG+ehzt49IWz65Q89leWsjwWzSQnVtDkrfdd+cqu0iCBQ3g1wT4xKwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFFZK4fVgbc08gAmM/92kl2Q7bGfaMB8GA1UdIwQY
MBaAFB9HODics7mY7E+m1CcvjdeZ+8SpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSDBjNE9KeXp1WmpzVDZiVUp5LU4xNW43eEtrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NS81MTc2OTQtYzhhMS00NThiLTljZjIt
NmM3ZTU2ODU4OTBjLzEvVmtyaDlXQnR6VHlBQ1l6XzNhU1haRHRzWjlvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NS81MTc2OTQtYzhhMS00NThiLTljZjItNmM3ZTU2ODU4OTBj
LzEvSDBjNE9KeXp1WmpzVDZiVUp5LU4xNW43eEtrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQALZbFAwQA
W9WuAwQAW9W6AwQAwpyXMA0GCSqGSIb3DQEBCwUAA4IBAQCIkCOmNLsmfq6odthU
U0IJ2lhrTDLHGXNJQk768Rj1AIcSUuwg9Ga4m6s6HXR6A1nmDzRqcfDE8pS0T9Kg
IeSw2lfOyyOQInjeitv8QFd2p1dgQ7nvZWmVGx3PMT1ydKRtO0STSgPxrwB2K+mO
r2QYGpZiAXIjw1hAcZJ9i6KkyEStVYCBcS+7jrLNF9TTqG2qTH6oyYf5ktg6D/5p
sBaHppaGFqfCMUkZvrPfu90vQ/LH/XVSJcw4G9jvLIwAyoejWM1P4vSC2sqU71XP
tSichtIhkzGfN2692XtgKw40zoTxzUmRNnqPRkdPiK5izQgNwV/jDUMSa75xIlvQ
4e9W
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:18:14 2024 by rpki-client on console-ams.rpki-client.org