Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/96/cad244-3995-4d41-886b-ac463e221974/1/Vnc9S1UVU4mfQYckXWvOMrbixYs.roa
File: Vnc9S1UVU4mfQYckXWvOMrbixYs.roa (raw, json)
Hash identifier: N4uCBUrKIMlSzCzmD3vSGIqSRbYIt3vvgp9dKqe99TA=
Subject key identifier: 56:77:3D:4B:55:15:53:89:9F:41:87:24:5D:6B:CE:32:B6:E2:C5:8B
Certificate issuer: /CN=8d7dcb363d9ac34bdc9b6980f2686dd219d50257
Certificate serial: 018369409CF65A56AF4EBDE6786FB581F951
Authority key identifier: 8D:7D:CB:36:3D:9A:C3:4B:DC:9B:69:80:F2:68:6D:D2:19:D5:02:57
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jX3LNj2aw0vcm2mA8mht0hnVAlc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/96/cad244-3995-4d41-886b-ac463e221974/1/Vnc9S1UVU4mfQYckXWvOMrbixYs.roa
Signing time: Fri 23 Sep 2022 07:29:45 +0000
ROA not before: Fri 23 Sep 2022 07:29:45 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 35189
IP address blocks: 185.81.44.0/22 maxlen: 22
185.198.78.0/23 maxlen: 23
78.24.32.0/21 maxlen: 21
2a01:470::/29 maxlen: 29
2a0a:85c0::/29 maxlen: 29
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:69:40:9c:f6:5a:56:af:4e:bd:e6:78:6f:b5:81:f9:51
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8d7dcb363d9ac34bdc9b6980f2686dd219d50257
Validity
Not Before: Sep 23 07:29:45 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=56773d4b551553899f4187245d6bce32b6e2c58b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:0f:e9:13:8c:da:0e:90:6b:ce:dc:77:6a:84:
0a:80:ab:2d:0d:79:61:00:29:d0:6e:de:22:68:8a:
2d:fc:de:86:f7:4f:12:d9:b0:c4:91:3a:1c:3f:86:
78:20:df:16:6e:13:5b:05:8b:86:5c:0e:83:13:67:
5f:a3:66:99:eb:78:a6:7d:75:68:b7:d2:50:5f:b1:
3c:fa:9d:88:52:26:31:ec:fd:69:1c:f4:b7:d1:2e:
e1:0d:ff:79:9a:25:fc:f4:ee:8c:c3:ae:8a:7c:6b:
f4:b0:1d:be:5c:ba:68:f9:e1:95:5d:b3:da:39:4e:
f1:77:34:90:f2:31:1a:de:5c:af:d9:18:79:97:bb:
b8:0a:a2:e6:d8:e3:40:4b:4e:23:05:dd:3d:93:6c:
f0:41:d4:58:1a:44:ca:b8:08:b2:4b:22:ce:ba:10:
76:c4:22:d4:85:f3:a5:38:78:60:61:57:2a:da:b8:
ab:bf:27:69:cf:05:1a:7c:68:67:17:b3:bf:78:73:
d1:e8:b9:c5:02:3b:7b:0c:c8:84:8f:fe:9f:7e:a0:
4b:c1:99:be:e2:09:4c:59:4d:b0:d6:1b:c4:c6:7e:
25:51:0d:01:c8:6d:0f:96:05:54:0f:bd:5d:f9:40:
dc:06:91:86:a7:8a:fa:0b:2a:86:6a:df:bb:fb:7a:
54:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
56:77:3D:4B:55:15:53:89:9F:41:87:24:5D:6B:CE:32:B6:E2:C5:8B
X509v3 Authority Key Identifier:
keyid:8D:7D:CB:36:3D:9A:C3:4B:DC:9B:69:80:F2:68:6D:D2:19:D5:02:57
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jX3LNj2aw0vcm2mA8mht0hnVAlc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/96/cad244-3995-4d41-886b-ac463e221974/1/Vnc9S1UVU4mfQYckXWvOMrbixYs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/96/cad244-3995-4d41-886b-ac463e221974/1/jX3LNj2aw0vcm2mA8mht0hnVAlc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.24.32.0/21
185.81.44.0/22
185.198.78.0/23
IPv6:
2a01:470::/29
2a0a:85c0::/29
Signature Algorithm: sha256WithRSAEncryption
6a:5f:78:7a:f2:b2:83:8f:22:85:6d:12:c8:88:0f:e2:74:c5:
25:02:6e:d7:18:82:e5:f4:e4:18:3e:60:71:b8:2b:36:90:eb:
c2:f8:40:d0:1c:de:d9:dd:ba:30:38:c9:5b:f9:ca:79:73:a9:
48:cd:a6:d6:66:f0:9a:63:30:05:c1:e3:5e:fc:d4:e5:7d:63:
d9:24:8d:a7:ff:99:74:52:6d:1f:d7:18:fd:73:ab:ba:cc:64:
4b:af:b0:b3:89:79:d3:94:32:a4:bb:b9:b0:f7:5f:d7:d2:ce:
93:d1:c8:7f:14:4f:b7:8d:79:eb:c0:0a:3b:ad:21:e2:3e:f5:
e6:15:6f:a4:aa:3b:08:c8:69:70:6c:b6:47:92:9f:5a:30:3a:
ca:82:00:32:22:2b:af:01:12:d3:fc:b1:85:a7:e1:07:1a:60:
3c:12:d3:20:da:23:36:7f:d2:f4:2e:6d:af:1e:52:77:a9:d1:
76:28:32:26:4d:9f:cc:79:fa:33:3a:20:0c:b7:57:60:c7:af:
a3:aa:c3:ea:58:d2:7c:08:5b:e5:90:f9:3f:cf:b4:e5:b5:26:
55:c5:64:5c:d4:92:43:f8:0c:87:61:27:45:c8:1d:02:0b:ab:
29:17:95:ba:07:dc:87:85:81:02:50:38:c6:eb:a5:b1:7c:fb:
4d:5a:b2:5e
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAYNpQJz2WlavTr3meG+1gflRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhkN2RjYjM2M2Q5YWMzNGJkYzliNjk4MGYyNjg2ZGQyMTlk
NTAyNTcwHhcNMjIwOTIzMDcyOTQ1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1Njc3M2Q0YjU1MTU1Mzg5OWY0MTg3MjQ1ZDZiY2UzMmI2ZTJjNThiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApg/pE4zaDpBrztx3aoQKgKstDXlh
ACnQbt4iaIot/N6G908S2bDEkTocP4Z4IN8WbhNbBYuGXA6DE2dfo2aZ63imfXVo
t9JQX7E8+p2IUiYx7P1pHPS30S7hDf95miX89O6Mw66KfGv0sB2+XLpo+eGVXbPa
OU7xdzSQ8jEa3lyv2Rh5l7u4CqLm2ONAS04jBd09k2zwQdRYGkTKuAiySyLOuhB2
xCLUhfOlOHhgYVcq2rirvydpzwUafGhnF7O/eHPR6LnFAjt7DMiEj/6ffqBLwZm+
4glMWU2w1hvExn4lUQ0ByG0PlgVUD71d+UDcBpGGp4r6CyqGat+7+3pUAQIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFFZ3PUtVFVOJn0GHJF1rzjK24sWLMB8GA1UdIwQY
MBaAFI19yzY9msNL3JtpgPJobdIZ1QJXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvalgzTE5qMmF3MHZjbTJtQThtaHQwaG5WQWxjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ni9jYWQyNDQtMzk5NS00ZDQxLTg4NmIt
YWM0NjNlMjIxOTc0LzEvVm5jOVMxVVZVNG1mUVlja1hXdk9NcmJpeFlzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ni9jYWQyNDQtMzk5NS00ZDQxLTg4NmItYWM0NjNlMjIxOTc0
LzEvalgzTE5qMmF3MHZjbTJtQThtaHQwaG5WQWxjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAYBAIAATASAwQDThggAwQC
uVEsAwQBucZOMBQEAgACMA4DBQMqAQRwAwUDKgqFwDANBgkqhkiG9w0BAQsFAAOC
AQEAal94evKyg48ihW0SyIgP4nTFJQJu1xiC5fTkGD5gcbgrNpDrwvhA0Bze2d26
MDjJW/nKeXOpSM2m1mbwmmMwBcHjXvzU5X1j2SSNp/+ZdFJtH9cY/XOrusxkS6+w
s4l505QypLu5sPdf19LOk9HIfxRPt41568AKO60h4j715hVvpKo7CMhpcGy2R5Kf
WjA6yoIAMiIrrwES0/yxhafhBxpgPBLTINojNn/S9C5trx5Sd6nRdigyJk2fzHn6
MzogDLdXYMevo6rD6ljSfAhb5ZD5P8+05bUmVcVkXNSSQ/gMh2EnRcgdAgurKReV
ugfch4WBAlA4xuulsXz7TVqyXg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:24:46 2024 by rpki-client on console-ams.rpki-client.org