Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/6d9359-afef-4535-9c93-f33d3bb36484/1/VmmKcT941K85_Ja2wqTUr6FO2w0.roa
File: VmmKcT941K85_Ja2wqTUr6FO2w0.roa (raw, json)
Hash identifier: gcM6OiB6EIv5/YWfi5l71UeMgETCFd12FRdYEm1DSsY=
Subject key identifier: 56:69:8A:71:3F:78:D4:AF:39:FC:96:B6:C2:A4:D4:AF:A1:4E:DB:0D
Certificate issuer: /CN=529c273098b52768ca0e44a3a2c16efed4a65ca0
Certificate serial: 018614BB11B4D3B434DB5E928AB5D2C4D95B
Authority key identifier: 52:9C:27:30:98:B5:27:68:CA:0E:44:A3:A2:C1:6E:FE:D4:A6:5C:A0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UpwnMJi1J2jKDkSjosFu_tSmXKA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/6d9359-afef-4535-9c93-f33d3bb36484/1/VmmKcT941K85_Ja2wqTUr6FO2w0.roa
Signing time: Fri 03 Feb 2023 00:44:09 +0000
ROA not before: Fri 03 Feb 2023 00:44:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209372
IP address blocks: 78.136.196.0/22 maxlen: 24
78.136.202.0/23 maxlen: 24
88.204.40.0/23 maxlen: 24
78.136.200.0/23 maxlen: 24
88.204.44.0/23 maxlen: 24
88.204.42.0/23 maxlen: 24
78.136.204.0/24 maxlen: 24
88.204.46.0/23 maxlen: 24
78.136.252.0/23 maxlen: 24
78.136.248.0/23 maxlen: 24
78.136.250.0/23 maxlen: 24
78.136.254.0/24 maxlen: 24
78.136.255.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:14:bb:11:b4:d3:b4:34:db:5e:92:8a:b5:d2:c4:d9:5b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=529c273098b52768ca0e44a3a2c16efed4a65ca0
Validity
Not Before: Feb 3 00:44:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=56698a713f78d4af39fc96b6c2a4d4afa14edb0d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:6e:63:18:bf:8a:6d:39:87:9d:eb:98:c3:31:
1a:0f:e2:83:ec:34:a0:9e:f4:06:31:f0:f3:26:57:
0e:aa:ea:3f:0f:5a:e3:c1:9e:ce:1d:3d:f7:a2:73:
7d:f2:bc:0b:d8:b2:a2:ad:45:67:1f:3a:0c:20:39:
9c:9c:ed:53:54:de:9c:35:70:4b:a1:98:b2:59:18:
b4:9b:fa:33:de:ff:f3:0b:9e:95:65:bb:b1:b4:c2:
53:28:0d:dc:26:cc:b7:9c:58:c6:f0:7b:69:29:98:
e6:ef:7a:4e:9f:2b:75:2e:a2:87:a7:fd:e8:0f:84:
94:83:b0:4c:56:f2:77:93:bf:d0:bb:ec:a1:c4:21:
8a:05:bb:a9:f0:d7:a7:da:94:d4:96:e0:cc:95:81:
2f:2f:78:c5:d2:38:2d:cc:ad:64:e8:dc:0f:44:c8:
8e:93:af:76:d6:ba:52:a0:f5:f6:8f:41:1a:81:91:
0a:61:a8:43:5f:d3:58:4c:d5:74:f4:a2:9f:b0:93:
09:a7:15:fe:9f:68:7c:6b:c5:9f:71:c5:31:bb:71:
e3:6b:6f:ca:3c:38:3b:17:5f:0a:d2:a5:c5:2c:68:
e0:bc:4d:cb:6d:4b:17:a1:26:c5:66:7f:bd:d7:84:
2e:4e:40:d2:2a:9b:29:a3:ee:6e:0c:2f:16:e4:6a:
79:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
56:69:8A:71:3F:78:D4:AF:39:FC:96:B6:C2:A4:D4:AF:A1:4E:DB:0D
X509v3 Authority Key Identifier:
keyid:52:9C:27:30:98:B5:27:68:CA:0E:44:A3:A2:C1:6E:FE:D4:A6:5C:A0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UpwnMJi1J2jKDkSjosFu_tSmXKA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/6d9359-afef-4535-9c93-f33d3bb36484/1/VmmKcT941K85_Ja2wqTUr6FO2w0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/6d9359-afef-4535-9c93-f33d3bb36484/1/UpwnMJi1J2jKDkSjosFu_tSmXKA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.136.196.0-78.136.204.255
78.136.248.0/21
88.204.40.0/21
Signature Algorithm: sha256WithRSAEncryption
5a:ab:a5:4c:69:9d:82:c0:8d:c0:18:ca:a2:b1:ca:a9:64:8c:
b0:b5:58:36:cd:73:d4:ca:8f:3b:05:e6:5e:88:6e:01:72:f2:
90:bc:2e:0a:d7:a7:4e:e1:8c:a6:ab:ea:42:20:f7:d7:c0:3e:
ea:3c:9c:65:35:c3:9b:08:57:99:2f:1e:39:61:9b:3f:a7:87:
60:28:4f:c8:aa:71:ee:67:e3:3c:1a:7a:2d:e5:f9:6a:13:55:
41:52:c0:86:af:1c:41:f1:0e:b2:6c:30:9b:fa:13:75:d0:6c:
3e:7d:39:9c:a1:05:1d:3e:10:f7:03:10:f4:03:55:3e:28:eb:
2d:31:f5:9e:30:e8:08:10:03:67:19:1e:59:a5:a3:22:79:33:
31:06:5d:35:ba:a6:a2:3d:c3:8f:ab:f1:b6:aa:68:b3:d0:f9:
20:1d:08:b5:e6:b9:b1:61:5c:6d:dc:59:c6:c2:65:42:88:76:
ff:cc:44:d9:d3:16:9b:3a:5d:03:7f:60:09:a2:ed:47:b3:a0:
d2:33:c4:60:f5:e5:43:70:2a:ad:9d:b4:b6:60:84:88:8d:8a:
4b:4f:6e:d3:b1:49:d9:6a:05:d5:b9:b9:29:ec:ec:3f:56:a4:
9c:53:df:fb:88:71:16:66:9f:e1:79:eb:91:77:4e:80:3f:af:
38:73:9b:63
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYYUuxG007Q0216SirXSxNlbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyOWMyNzMwOThiNTI3NjhjYTBlNDRhM2EyYzE2ZWZlZDRh
NjVjYTAwHhcNMjMwMjAzMDA0NDA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NjY5OGE3MTNmNzhkNGFmMzlmYzk2YjZjMmE0ZDRhZmExNGVkYjBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoG5jGL+KbTmHneuYwzEaD+KD7DSg
nvQGMfDzJlcOquo/D1rjwZ7OHT33onN98rwL2LKirUVnHzoMIDmcnO1TVN6cNXBL
oZiyWRi0m/oz3v/zC56VZbuxtMJTKA3cJsy3nFjG8HtpKZjm73pOnyt1LqKHp/3o
D4SUg7BMVvJ3k7/Qu+yhxCGKBbup8Nen2pTUluDMlYEvL3jF0jgtzK1k6NwPRMiO
k6921rpSoPX2j0EagZEKYahDX9NYTNV09KKfsJMJpxX+n2h8a8WfccUxu3Hja2/K
PDg7F18K0qXFLGjgvE3LbUsXoSbFZn+914QuTkDSKpspo+5uDC8W5Gp5JQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFFZpinE/eNSvOfyWtsKk1K+hTtsNMB8GA1UdIwQY
MBaAFFKcJzCYtSdoyg5Eo6LBbv7UplygMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVXB3bk1KaTFKMmpLRGtTam9zRnVfdFNtWEtBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS82ZDkzNTktYWZlZi00NTM1LTljOTMt
ZjMzZDNiYjM2NDg0LzEvVm1tS2NUOTQxSzg1X0phMndxVFVyNkZPMncwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS82ZDkzNTktYWZlZi00NTM1LTljOTMtZjMzZDNiYjM2NDg0
LzEvVXB3bk1KaTFKMmpLRGtTam9zRnVfdFNtWEtBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaMAwDBAJOiMQD
BABOiMwDBANOiPgDBANYzCgwDQYJKoZIhvcNAQELBQADggEBAFqrpUxpnYLAjcAY
yqKxyqlkjLC1WDbNc9TKjzsF5l6IbgFy8pC8LgrXp07hjKar6kIg99fAPuo8nGU1
w5sIV5kvHjlhmz+nh2AoT8iqce5n4zwaei3l+WoTVUFSwIavHEHxDrJsMJv6E3XQ
bD59OZyhBR0+EPcDEPQDVT4o6y0x9Z4w6AgQA2cZHlmloyJ5MzEGXTW6pqI9w4+r
8baqaLPQ+SAdCLXmubFhXG3cWcbCZUKIdv/MRNnTFps6XQN/YAmi7UezoNIzxGD1
5UNwKq2dtLZghIiNiktPbtOxSdlqBdW5uSns7D9WpJxT3/uIcRZmn+F565F3ToA/
rzhzm2M=
-----END CERTIFICATE-----
Generated at Thu Aug 31 14:55:56 2023 by rpki-client on console-fra.rpki-client.org