Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/04b446-4ae1-4fe5-b646-59ae09edbeb9/1/VSN3-RVRoepQswadSIedeBvFSsA.roa
File: VSN3-RVRoepQswadSIedeBvFSsA.roa (raw, json)
Hash identifier: yU8hYntnPgyTtD3mR0nTuvBpwIAika1rxIHysk06U6Y=
Subject key identifier: 55:23:77:F9:15:51:A1:EA:50:B3:06:9D:48:87:9D:78:1B:C5:4A:C0
Certificate issuer: /CN=c2d21e804ab7713ad7877dde603aa7824b31983c
Certificate serial: 0182E802269B420B32BE3DF65BCF802B8DDB
Authority key identifier: C2:D2:1E:80:4A:B7:71:3A:D7:87:7D:DE:60:3A:A7:82:4B:31:98:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wtIegEq3cTrXh33eYDqngksxmDw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/04b446-4ae1-4fe5-b646-59ae09edbeb9/1/VSN3-RVRoepQswadSIedeBvFSsA.roa
Signing time: Mon 29 Aug 2022 05:10:31 +0000
ROA not before: Mon 29 Aug 2022 05:10:31 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 22773
IP address blocks: 2a10:5c80::/29 maxlen: 29
2a10:5a80::/29 maxlen: 29
2a10:5880::/29 maxlen: 29
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:e8:02:26:9b:42:0b:32:be:3d:f6:5b:cf:80:2b:8d:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c2d21e804ab7713ad7877dde603aa7824b31983c
Validity
Not Before: Aug 29 05:10:31 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=552377f91551a1ea50b3069d48879d781bc54ac0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:1a:09:49:9f:ec:47:12:c1:1d:6a:bf:75:c5:
3e:4a:dd:90:d8:14:a5:3c:71:52:78:f5:ae:af:f8:
23:72:ea:a6:ec:ca:2b:df:b4:bb:d1:53:af:ee:75:
81:dd:9e:3d:f2:3c:71:5e:e9:89:c9:33:52:c6:da:
61:43:dc:f8:84:f6:03:ac:32:80:77:6a:2c:82:35:
78:06:de:41:e0:26:05:e0:4c:78:ff:af:84:73:fa:
ee:6d:15:a8:ab:ac:c0:4b:09:78:c5:59:86:3a:14:
3a:2d:6b:1d:8d:34:3f:58:36:21:27:b7:39:46:b5:
84:92:71:77:80:96:83:9c:fa:22:8f:59:b5:a2:f1:
ca:08:bc:4a:65:3d:6f:51:9c:9d:f7:9a:c1:38:1a:
16:22:c8:0a:9f:0e:e5:bb:ca:c5:ec:74:9d:e8:5e:
06:74:44:bb:b9:4f:4b:ce:88:0e:3f:61:60:a3:48:
3e:0b:f5:67:47:30:60:56:b1:50:25:4e:c9:96:77:
ed:c8:58:b2:8b:37:ab:e6:69:2a:d6:48:9c:f5:b5:
4f:f0:f2:fd:1f:52:71:da:c9:75:4d:49:d8:f6:94:
d6:50:15:b1:a2:c7:5c:15:0d:be:43:8f:e7:71:25:
a7:74:9e:d6:3d:19:af:6f:86:e4:90:59:3c:04:46:
2c:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:23:77:F9:15:51:A1:EA:50:B3:06:9D:48:87:9D:78:1B:C5:4A:C0
X509v3 Authority Key Identifier:
keyid:C2:D2:1E:80:4A:B7:71:3A:D7:87:7D:DE:60:3A:A7:82:4B:31:98:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wtIegEq3cTrXh33eYDqngksxmDw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/04b446-4ae1-4fe5-b646-59ae09edbeb9/1/VSN3-RVRoepQswadSIedeBvFSsA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/04b446-4ae1-4fe5-b646-59ae09edbeb9/1/wtIegEq3cTrXh33eYDqngksxmDw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a10:5880::/29
2a10:5a80::/29
2a10:5c80::/29
Signature Algorithm: sha256WithRSAEncryption
2d:d5:f3:80:a0:29:2b:2a:a7:6c:26:4b:1e:ef:29:60:84:2e:
c0:42:1d:3c:ec:55:e8:98:db:49:6f:57:f9:c6:d7:2d:1e:40:
0c:86:67:7f:dd:1a:ff:12:41:2f:a6:69:39:b1:14:14:d4:ef:
f6:02:58:39:b0:b3:9b:e8:6f:20:61:fb:36:b8:a2:46:65:0a:
22:c5:aa:52:6b:fb:89:41:77:bf:4a:b7:5d:5f:24:e4:65:ac:
6e:8c:69:a1:b8:32:3d:35:8b:a2:dc:f8:93:c8:f1:6e:0b:d3:
76:d3:b6:1b:85:be:8f:a9:ed:52:71:3d:e3:1c:c1:2f:b0:5a:
b2:e0:6e:53:31:8e:e9:c3:6f:77:bc:41:d2:b4:3f:42:be:07:
85:03:0e:62:87:30:3a:a4:d1:da:06:e2:91:70:fa:12:bd:69:
e3:51:07:a5:cb:03:0d:dc:43:3e:f7:bb:a0:6f:86:32:d6:62:
c9:5c:d6:30:8e:b6:52:b8:b7:e3:75:f8:0f:b4:91:08:2d:c6:
3b:b3:8f:4c:a1:64:e3:ce:d3:8e:c8:f6:0d:95:9e:da:57:6e:
62:db:f6:47:9e:43:26:fb:42:ca:71:06:c4:f9:47:54:f0:0f:
f2:df:37:03:1d:3e:37:7b:1f:6e:04:7a:9f:ab:50:ab:e1:70:
88:52:a1:cd
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYLoAiabQgsyvj32W8+AK43bMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyZDIxZTgwNGFiNzcxM2FkNzg3N2RkZTYwM2FhNzgyNGIz
MTk4M2MwHhcNMjIwODI5MDUxMDMxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NTIzNzdmOTE1NTFhMWVhNTBiMzA2OWQ0ODg3OWQ3ODFiYzU0YWMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkxoJSZ/sRxLBHWq/dcU+St2Q2BSl
PHFSePWur/gjcuqm7Mor37S70VOv7nWB3Z498jxxXumJyTNSxtphQ9z4hPYDrDKA
d2osgjV4Bt5B4CYF4Ex4/6+Ec/rubRWoq6zASwl4xVmGOhQ6LWsdjTQ/WDYhJ7c5
RrWEknF3gJaDnPoij1m1ovHKCLxKZT1vUZyd95rBOBoWIsgKnw7lu8rF7HSd6F4G
dES7uU9LzogOP2Fgo0g+C/VnRzBgVrFQJU7JlnftyFiyizer5mkq1kic9bVP8PL9
H1Jx2sl1TUnY9pTWUBWxosdcFQ2+Q4/ncSWndJ7WPRmvb4bkkFk8BEYsDwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFFUjd/kVUaHqULMGnUiHnXgbxUrAMB8GA1UdIwQY
MBaAFMLSHoBKt3E614d93mA6p4JLMZg8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd3RJZWdFcTNjVHJYaDMzZVlEcW5na3N4bUR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wNGI0NDYtNGFlMS00ZmU1LWI2NDYt
NTlhZTA5ZWRiZWI5LzEvVlNOMy1SVlJvZXBRc3dhZFNJZWRlQnZGU3NBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wNGI0NDYtNGFlMS00ZmU1LWI2NDYtNTlhZTA5ZWRiZWI5
LzEvd3RJZWdFcTNjVHJYaDMzZVlEcW5na3N4bUR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAbBAIAAjAVAwUDKhBYgAMF
AyoQWoADBQMqEFyAMA0GCSqGSIb3DQEBCwUAA4IBAQAt1fOAoCkrKqdsJkse7ylg
hC7AQh087FXomNtJb1f5xtctHkAMhmd/3Rr/EkEvpmk5sRQU1O/2Alg5sLOb6G8g
Yfs2uKJGZQoixapSa/uJQXe/SrddXyTkZaxujGmhuDI9NYui3PiTyPFuC9N207Yb
hb6Pqe1ScT3jHMEvsFqy4G5TMY7pw293vEHStD9CvgeFAw5ihzA6pNHaBuKRcPoS
vWnjUQelywMN3EM+97ugb4Yy1mLJXNYwjrZSuLfjdfgPtJEILcY7s49MoWTjztOO
yPYNlZ7aV25i2/ZHnkMm+0LKcQbE+UdU8A/y3zcDHT43ex9uBHqfq1Cr4XCIUqHN
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:03:01 2023 by rpki-client on console-ams.rpki-client.org