Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/VVvPG6VygguClzJFcYzgHfELNqE.roa
File: VVvPG6VygguClzJFcYzgHfELNqE.roa (raw, json)
Hash identifier: W+kCtSAVXYzb0MpGEvpq/CpLj5r3YYMBDZLTMbbGeBQ=
Subject key identifier: 55:5B:CF:1B:A5:72:82:0B:82:97:32:45:71:8C:E0:1D:F1:0B:36:A1
Certificate issuer: /CN=5da3941c27cfe5c234c4bf221ecb2a579b2deaab
Certificate serial: 01870ECCF95FCAB2C761C07D7107352EDCB8
Authority key identifier: 5D:A3:94:1C:27:CF:E5:C2:34:C4:BF:22:1E:CB:2A:57:9B:2D:EA:AB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XaOUHCfP5cI0xL8iHssqV5st6qs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/VVvPG6VygguClzJFcYzgHfELNqE.roa
Signing time: Thu 23 Mar 2023 14:08:46 +0000
ROA not before: Thu 23 Mar 2023 14:08:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 44477
IP address blocks: 45.153.230.0/24 maxlen: 24
193.38.54.0/24 maxlen: 24
193.38.55.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:0e:cc:f9:5f:ca:b2:c7:61:c0:7d:71:07:35:2e:dc:b8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5da3941c27cfe5c234c4bf221ecb2a579b2deaab
Validity
Not Before: Mar 23 14:08:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=555bcf1ba572820b82973245718ce01df10b36a1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:15:f7:40:fc:7f:48:08:09:4c:35:74:e7:35:
29:f6:f8:ac:57:61:98:57:51:e8:b2:f4:c7:bf:b9:
51:f8:fc:2d:c2:f5:9f:52:ba:1a:c0:4a:7c:56:8a:
d0:37:9a:46:64:41:2c:0e:e9:76:ce:85:d3:30:df:
12:00:68:7d:5b:78:a1:e9:4a:7b:41:db:6a:77:c9:
e2:b0:a3:df:15:ab:cd:4c:d8:d5:a1:0c:58:e9:88:
5d:a2:bf:f5:e0:b4:22:6c:e8:86:3c:f7:db:46:01:
62:98:9f:6f:77:a3:e0:e1:c4:0b:1e:45:5a:2f:6d:
7a:f6:22:32:a1:ed:a8:61:bc:be:cf:4f:c3:c5:99:
28:fe:f4:51:a9:18:af:f3:2b:12:7f:fc:26:b9:93:
ca:5b:2e:18:01:d2:d9:9e:d9:7a:f4:c8:f8:cd:27:
ec:ae:2a:6f:75:45:5c:ba:32:f1:b4:f0:c3:14:1b:
f4:5b:5e:a4:ce:fd:61:fa:53:61:ce:50:3c:d9:77:
54:d4:78:fa:2d:cd:ef:da:a4:8a:5f:a3:10:a6:35:
c5:4f:60:cb:fa:d5:5e:02:30:56:fb:96:ab:91:40:
58:8b:9b:d2:7a:08:93:05:68:20:7a:5e:0d:fc:19:
f2:9e:41:3d:b2:2d:c2:47:f6:67:ec:a4:90:6c:6e:
21:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:5B:CF:1B:A5:72:82:0B:82:97:32:45:71:8C:E0:1D:F1:0B:36:A1
X509v3 Authority Key Identifier:
keyid:5D:A3:94:1C:27:CF:E5:C2:34:C4:BF:22:1E:CB:2A:57:9B:2D:EA:AB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XaOUHCfP5cI0xL8iHssqV5st6qs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/VVvPG6VygguClzJFcYzgHfELNqE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/XaOUHCfP5cI0xL8iHssqV5st6qs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.153.230.0/24
193.38.54.0/23
Signature Algorithm: sha256WithRSAEncryption
02:f6:54:06:ed:52:13:61:70:1e:b7:6a:18:cc:11:fd:2a:e2:
07:5b:36:e7:85:5c:11:a7:60:55:9b:46:fd:37:97:f9:80:08:
ba:eb:a0:7b:fd:98:ce:fa:25:c9:6b:5d:0a:a0:9f:15:ef:fd:
09:aa:44:88:ee:0f:31:27:23:1b:f7:88:ab:74:db:08:56:fb:
01:12:41:c1:ab:ed:a3:e9:fd:bd:2b:3f:07:74:57:8c:af:d5:
b0:6d:ee:fd:4f:89:06:51:8e:27:7d:d0:ce:ae:75:84:b7:a5:
a3:0f:8a:e8:84:24:d1:16:47:d7:d6:58:c6:34:2c:97:68:bc:
ce:7a:5a:a2:ab:76:43:43:fd:7b:15:b2:78:6a:e4:cb:6e:0d:
69:98:2d:b2:9e:db:06:5a:9e:b6:cc:ef:6e:9c:85:14:98:b1:
fb:a4:31:96:cc:1d:c7:0d:51:5f:c5:25:b8:5d:c4:ec:a9:ab:
8d:43:38:ad:10:76:8f:f8:6c:21:f2:1f:3c:5f:bc:9d:20:1f:
45:c1:24:0c:c9:5b:a9:6e:7e:6a:6a:d7:68:d8:ea:0f:d4:a0:
bf:9d:b1:a2:62:17:1c:e8:e4:84:51:4f:26:eb:64:cb:6f:05:
28:d4:75:8c:3e:53:8f:1e:e1:d5:b4:f0:5f:c7:57:d0:52:0a:
67:fa:5e:4b
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYcOzPlfyrLHYcB9cQc1Lty4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkYTM5NDFjMjdjZmU1YzIzNGM0YmYyMjFlY2IyYTU3OWIy
ZGVhYWIwHhcNMjMwMzIzMTQwODQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NTViY2YxYmE1NzI4MjBiODI5NzMyNDU3MThjZTAxZGYxMGIzNmExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuBX3QPx/SAgJTDV05zUp9visV2GY
V1HosvTHv7lR+PwtwvWfUroawEp8VorQN5pGZEEsDul2zoXTMN8SAGh9W3ih6Up7
Qdtqd8nisKPfFavNTNjVoQxY6Yhdor/14LQibOiGPPfbRgFimJ9vd6Pg4cQLHkVa
L2169iIyoe2oYby+z0/DxZko/vRRqRiv8ysSf/wmuZPKWy4YAdLZntl69Mj4zSfs
ripvdUVcujLxtPDDFBv0W16kzv1h+lNhzlA82XdU1Hj6Lc3v2qSKX6MQpjXFT2DL
+tVeAjBW+5arkUBYi5vSegiTBWggel4N/BnynkE9si3CR/Zn7KSQbG4hawIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFFVbzxulcoILgpcyRXGM4B3xCzahMB8GA1UdIwQY
MBaAFF2jlBwnz+XCNMS/Ih7LKlebLeqrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGFPVUhDZlA1Y0kweEw4aUhzc3FWNXN0NnFzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC8zMGVkM2UtYzRjNC00ZGU4LWI0ZjEt
ZjExYTM5ZjI2YzNiLzEvVlZ2UEc2VnlnZ3VDbHpKRmNZemdIZkVMTnFFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC8zMGVkM2UtYzRjNC00ZGU4LWI0ZjEtZjExYTM5ZjI2YzNi
LzEvWGFPVUhDZlA1Y0kweEw4aUhzc3FWNXN0NnFzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALZnmAwQB
wSY2MA0GCSqGSIb3DQEBCwUAA4IBAQAC9lQG7VITYXAet2oYzBH9KuIHWzbnhVwR
p2BVm0b9N5f5gAi666B7/ZjO+iXJa10KoJ8V7/0JqkSI7g8xJyMb94irdNsIVvsB
EkHBq+2j6f29Kz8HdFeMr9Wwbe79T4kGUY4nfdDOrnWEt6WjD4rohCTRFkfX1ljG
NCyXaLzOelqiq3ZDQ/17FbJ4auTLbg1pmC2yntsGWp62zO9unIUUmLH7pDGWzB3H
DVFfxSW4XcTsqauNQzitEHaP+Gwh8h88X7ydIB9FwSQMyVupbn5qatdo2OoP1KC/
nbGiYhcc6OSEUU8m62TLbwUo1HWMPlOPHuHVtPBfx1fQUgpn+l5L
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:20:25 2024 by rpki-client on console-ams.rpki-client.org