Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/ckveg0MONqy2zdeB8mSbCZmwyic.roa
File: ckveg0MONqy2zdeB8mSbCZmwyic.roa (raw, json)
Hash identifier: pHSwiFaKCcbnCHxQMZIzuy9v8VlkwJXemjwK2LPd5eI=
Subject key identifier: 72:4B:DE:83:43:0E:36:AC:B6:CD:D7:81:F2:64:9B:09:99:B0:CA:27
Certificate issuer: /CN=5da3941c27cfe5c234c4bf221ecb2a579b2deaab
Certificate serial: 01856F1DC62AEE512BE816AAEEA2BB5AB8D9
Authority key identifier: 5D:A3:94:1C:27:CF:E5:C2:34:C4:BF:22:1E:CB:2A:57:9B:2D:EA:AB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XaOUHCfP5cI0xL8iHssqV5st6qs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/ckveg0MONqy2zdeB8mSbCZmwyic.roa
Signing time: Sun 01 Jan 2023 20:55:00 +0000
ROA not before: Sun 01 Jan 2023 20:55:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 55286
IP address blocks: 92.119.129.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:1d:c6:2a:ee:51:2b:e8:16:aa:ee:a2:bb:5a:b8:d9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5da3941c27cfe5c234c4bf221ecb2a579b2deaab
Validity
Not Before: Jan 1 20:55:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=724bde83430e36acb6cdd781f2649b0999b0ca27
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:06:e8:42:70:37:be:c4:ed:67:c6:30:da:50:
f1:f9:22:20:13:1e:7c:8b:44:b3:5a:1c:1a:3b:8b:
15:0d:2d:0a:a5:87:56:5b:0c:12:1b:1e:e1:40:19:
ea:33:29:6d:51:ee:50:59:04:86:08:40:21:25:70:
a6:82:80:00:a4:48:c0:1f:c9:44:d9:8b:37:24:30:
aa:17:fc:10:19:dc:cc:94:27:8f:c2:70:b5:ab:ed:
08:bb:8c:f9:e8:7d:48:a6:da:9f:50:6a:29:e9:62:
1b:6c:e9:12:91:70:ce:1b:dd:e8:73:cb:4b:6d:d2:
53:d6:2c:81:17:26:39:47:fa:61:f7:f4:4c:3e:cf:
99:05:14:e4:0e:55:c2:84:8b:c4:32:0a:0b:65:b9:
8c:74:3e:9d:78:db:77:77:37:18:f1:84:1e:0b:b1:
10:cb:dc:11:49:48:71:f0:7d:be:ce:40:d3:ba:17:
19:3e:57:ee:33:ce:eb:72:ae:f3:81:cb:a2:76:46:
fd:0f:c1:8f:06:fc:f1:8c:68:17:87:49:df:05:40:
46:42:f5:b0:59:ad:12:11:93:61:34:87:52:f7:3e:
8b:c5:8f:96:7c:91:fd:4b:2b:0f:06:9a:5c:12:83:
f8:68:d6:4f:1f:7b:e1:d4:b8:bc:fa:2b:8a:b2:54:
77:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:4B:DE:83:43:0E:36:AC:B6:CD:D7:81:F2:64:9B:09:99:B0:CA:27
X509v3 Authority Key Identifier:
keyid:5D:A3:94:1C:27:CF:E5:C2:34:C4:BF:22:1E:CB:2A:57:9B:2D:EA:AB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XaOUHCfP5cI0xL8iHssqV5st6qs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/ckveg0MONqy2zdeB8mSbCZmwyic.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/XaOUHCfP5cI0xL8iHssqV5st6qs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
92.119.129.0/24
Signature Algorithm: sha256WithRSAEncryption
72:1e:61:7e:8f:6a:b7:ab:06:7a:aa:7e:16:a4:17:42:a0:47:
a4:54:85:a2:f4:51:98:8f:57:83:70:e3:ce:ff:ee:4e:d2:b9:
16:d3:d3:85:b3:13:79:17:4d:65:22:25:e7:a9:e6:29:f6:e3:
eb:53:dd:b2:31:88:a0:ab:d8:ec:61:4e:e7:cc:6f:8e:7d:5c:
c0:f2:2e:56:87:17:ad:52:a4:fa:d2:36:39:f0:16:ca:3b:09:
ae:94:b2:52:4b:16:4a:9d:5d:b1:6c:ea:d8:93:e8:5a:c2:c3:
77:77:84:b3:1c:82:8c:85:ef:6a:cc:e7:44:f3:ad:4c:1c:a2:
4b:9b:23:2e:51:17:fc:33:8a:9f:fa:9e:9b:6c:6d:a4:7c:3c:
3f:eb:c3:c9:aa:7d:52:cf:16:59:03:d7:30:23:78:89:a4:e5:
68:2d:5f:5c:2c:68:41:5f:38:23:cf:a8:64:de:bc:d3:6e:4c:
e1:a7:99:4f:36:89:b7:5a:d4:4f:44:7d:0e:3b:9d:5a:70:24:
2b:d1:9b:af:9e:0f:b3:07:f7:c9:e8:a7:3b:08:5c:48:5d:b7:
0e:e8:46:60:73:06:4f:eb:7e:f0:26:50:f8:12:5e:fc:dc:90:
70:69:a6:ac:6d:c1:7d:e4:62:63:1c:44:16:2b:2c:d7:a4:2b:
2a:34:88:e2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvHcYq7lEr6Baq7qK7WrjZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkYTM5NDFjMjdjZmU1YzIzNGM0YmYyMjFlY2IyYTU3OWIy
ZGVhYWIwHhcNMjMwMTAxMjA1NTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MjRiZGU4MzQzMGUzNmFjYjZjZGQ3ODFmMjY0OWIwOTk5YjBjYTI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjQboQnA3vsTtZ8Yw2lDx+SIgEx58
i0SzWhwaO4sVDS0KpYdWWwwSGx7hQBnqMyltUe5QWQSGCEAhJXCmgoAApEjAH8lE
2Ys3JDCqF/wQGdzMlCePwnC1q+0Iu4z56H1IptqfUGop6WIbbOkSkXDOG93oc8tL
bdJT1iyBFyY5R/ph9/RMPs+ZBRTkDlXChIvEMgoLZbmMdD6deNt3dzcY8YQeC7EQ
y9wRSUhx8H2+zkDTuhcZPlfuM87rcq7zgcuidkb9D8GPBvzxjGgXh0nfBUBGQvWw
Wa0SEZNhNIdS9z6LxY+WfJH9SysPBppcEoP4aNZPH3vh1Li8+iuKslR3fwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHJL3oNDDjasts3XgfJkmwmZsMonMB8GA1UdIwQY
MBaAFF2jlBwnz+XCNMS/Ih7LKlebLeqrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGFPVUhDZlA1Y0kweEw4aUhzc3FWNXN0NnFzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC8zMGVkM2UtYzRjNC00ZGU4LWI0ZjEt
ZjExYTM5ZjI2YzNiLzEvY2t2ZWcwTU9OcXkyemRlQjhtU2JDWm13eWljLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC8zMGVkM2UtYzRjNC00ZGU4LWI0ZjEtZjExYTM5ZjI2YzNi
LzEvWGFPVUhDZlA1Y0kweEw4aUhzc3FWNXN0NnFzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAXHeBMA0G
CSqGSIb3DQEBCwUAA4IBAQByHmF+j2q3qwZ6qn4WpBdCoEekVIWi9FGYj1eDcOPO
/+5O0rkW09OFsxN5F01lIiXnqeYp9uPrU92yMYigq9jsYU7nzG+OfVzA8i5Whxet
UqT60jY58BbKOwmulLJSSxZKnV2xbOrYk+hawsN3d4SzHIKMhe9qzOdE861MHKJL
myMuURf8M4qf+p6bbG2kfDw/68PJqn1SzxZZA9cwI3iJpOVoLV9cLGhBXzgjz6hk
3rzTbkzhp5lPNom3WtRPRH0OO51acCQr0Zuvng+zB/fJ6Kc7CFxIXbcO6EZgcwZP
637wJlD4El783JBwaaasbcF95GJjHEQWKyzXpCsqNIji
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:20:25 2024 by rpki-client on console-ams.rpki-client.org