Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a1/e1d6b7-555c-4d9b-afe1-e63ce55370eb/1/vzQgJ-g0LSHGuB6fCL_kmnYA5Yc.roa
File: vzQgJ-g0LSHGuB6fCL_kmnYA5Yc.roa (raw, json)
Hash identifier: 3/Z8KZLEYi8ZNNwZnxRlt2L2jIlEuXV9bIi3d4aB2Ss=
Subject key identifier: BF:34:20:27:E8:34:2D:21:C6:B8:1E:9F:08:BF:E4:9A:76:00:E5:87
Certificate issuer: /CN=9076f77da841b7b94215b6fac2d41a71c2151601
Certificate serial: 01872DFB2FE88BF7D52D40AD784525878CFC
Authority key identifier: 90:76:F7:7D:A8:41:B7:B9:42:15:B6:FA:C2:D4:1A:71:C2:15:16:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kHb3fahBt7lCFbb6wtQaccIVFgE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a1/e1d6b7-555c-4d9b-afe1-e63ce55370eb/1/vzQgJ-g0LSHGuB6fCL_kmnYA5Yc.roa
Signing time: Wed 29 Mar 2023 15:27:29 +0000
ROA not before: Wed 29 Mar 2023 15:27:29 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8455
IP address blocks: 130.193.4.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:2d:fb:2f:e8:8b:f7:d5:2d:40:ad:78:45:25:87:8c:fc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9076f77da841b7b94215b6fac2d41a71c2151601
Validity
Not Before: Mar 29 15:27:29 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bf342027e8342d21c6b81e9f08bfe49a7600e587
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:b4:d7:6b:6b:9d:9d:25:80:c5:38:92:06:d3:
83:2d:01:cb:dc:eb:64:17:87:51:ff:39:54:89:16:
6f:04:c1:ad:d6:47:a3:3f:22:e2:d0:ab:76:ea:68:
ff:19:3b:8b:63:21:34:61:d3:ce:df:d2:97:17:7c:
e5:a3:c9:af:a5:df:d2:1c:a4:33:db:ce:48:b0:6d:
a4:39:9e:8f:4b:d0:43:13:2e:00:09:c1:2c:b6:d4:
06:79:20:a5:3d:ac:ed:1e:c9:a0:c7:ee:44:4e:86:
b4:09:ca:33:95:be:64:39:77:d3:c8:42:84:ad:49:
f7:77:24:f6:5d:04:e6:37:28:04:42:1d:3f:bb:74:
c6:e7:2b:c4:31:71:d6:c5:28:bb:2e:66:22:0c:6a:
d3:4c:ed:04:e5:fa:30:12:d4:4f:2d:42:e7:82:3c:
ea:7d:01:d8:71:02:47:0e:67:ae:45:95:ea:94:e2:
03:f5:28:fa:a5:ee:a0:35:d0:f1:11:46:37:ad:ae:
d9:e7:9d:70:98:9f:db:9d:21:f3:49:6b:0f:d3:d1:
72:51:0f:ce:08:70:72:10:9c:80:7d:c2:54:f4:99:
f2:08:b7:69:09:f0:44:cd:3f:37:62:cf:54:0f:39:
3e:fd:0c:d2:2c:e4:c7:c9:cf:43:7a:c2:7c:31:47:
9c:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:34:20:27:E8:34:2D:21:C6:B8:1E:9F:08:BF:E4:9A:76:00:E5:87
X509v3 Authority Key Identifier:
keyid:90:76:F7:7D:A8:41:B7:B9:42:15:B6:FA:C2:D4:1A:71:C2:15:16:01
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kHb3fahBt7lCFbb6wtQaccIVFgE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/e1d6b7-555c-4d9b-afe1-e63ce55370eb/1/vzQgJ-g0LSHGuB6fCL_kmnYA5Yc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/e1d6b7-555c-4d9b-afe1-e63ce55370eb/1/kHb3fahBt7lCFbb6wtQaccIVFgE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
130.193.4.0/24
Signature Algorithm: sha256WithRSAEncryption
63:b6:cf:95:c1:10:54:1f:b0:a4:12:8d:b3:2a:ba:bb:bd:9d:
c8:c3:61:ed:a9:a9:6d:f9:9c:b0:0e:3d:0e:e6:1e:e4:3b:c7:
e8:4e:4e:71:c3:48:0c:62:f0:11:c5:a2:61:c0:f5:b8:0b:b5:
8f:1c:24:ac:de:4a:6b:36:04:28:76:f0:a5:56:89:6e:a2:73:
6e:e4:2e:43:3f:3c:16:80:ac:5c:6d:98:fc:81:25:da:2f:a9:
67:e3:d2:85:97:17:8b:e9:56:31:56:d2:ce:ae:cf:52:04:08:
e9:a3:d2:2d:4a:1b:55:91:a5:cb:48:b2:c0:8d:e7:69:21:d0:
00:0a:e4:de:06:1f:57:2a:7b:84:ca:bb:aa:3e:f8:09:d7:03:
40:50:d3:5b:46:72:b4:73:fa:ae:c7:1e:bb:3a:66:d7:d6:cb:
0f:80:71:b2:8f:32:f0:5f:c1:a7:cc:75:34:4c:f1:a8:a1:5c:
83:b4:ab:89:0a:b9:c3:64:cb:4f:99:fb:1e:25:79:d5:86:78:
5b:4d:c4:58:dd:37:59:fa:b8:8b:47:1b:30:46:1b:42:56:8c:
f1:0f:3a:79:21:3b:aa:c4:78:f5:68:10:67:0f:2d:00:0c:0e:
74:ae:19:23:03:f4:9d:2b:35:71:f1:b1:c5:0b:19:89:ef:6b:
9a:12:28:46
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYct+y/oi/fVLUCteEUlh4z8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkwNzZmNzdkYTg0MWI3Yjk0MjE1YjZmYWMyZDQxYTcxYzIx
NTE2MDEwHhcNMjMwMzI5MTUyNzI5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZjM0MjAyN2U4MzQyZDIxYzZiODFlOWYwOGJmZTQ5YTc2MDBlNTg3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4LTXa2udnSWAxTiSBtODLQHL3Otk
F4dR/zlUiRZvBMGt1kejPyLi0Kt26mj/GTuLYyE0YdPO39KXF3zlo8mvpd/SHKQz
285IsG2kOZ6PS9BDEy4ACcEsttQGeSClPaztHsmgx+5EToa0Ccozlb5kOXfTyEKE
rUn3dyT2XQTmNygEQh0/u3TG5yvEMXHWxSi7LmYiDGrTTO0E5fowEtRPLULngjzq
fQHYcQJHDmeuRZXqlOID9Sj6pe6gNdDxEUY3ra7Z551wmJ/bnSHzSWsP09FyUQ/O
CHByEJyAfcJU9JnyCLdpCfBEzT83Ys9UDzk+/QzSLOTHyc9DesJ8MUec6QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFL80ICfoNC0hxrgenwi/5Jp2AOWHMB8GA1UdIwQY
MBaAFJB2932oQbe5QhW2+sLUGnHCFRYBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva0hiM2ZhaEJ0N2xDRmJiNnd0UWFjY0lWRmdFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMS9lMWQ2YjctNTU1Yy00ZDliLWFmZTEt
ZTYzY2U1NTM3MGViLzEvdnpRZ0otZzBMU0hHdUI2ZkNMX2ttbllBNVljLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMS9lMWQ2YjctNTU1Yy00ZDliLWFmZTEtZTYzY2U1NTM3MGVi
LzEva0hiM2ZhaEJ0N2xDRmJiNnd0UWFjY0lWRmdFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAgsEEMA0G
CSqGSIb3DQEBCwUAA4IBAQBjts+VwRBUH7CkEo2zKrq7vZ3Iw2Htqalt+ZywDj0O
5h7kO8foTk5xw0gMYvARxaJhwPW4C7WPHCSs3kprNgQodvClVoluonNu5C5DPzwW
gKxcbZj8gSXaL6ln49KFlxeL6VYxVtLOrs9SBAjpo9ItShtVkaXLSLLAjedpIdAA
CuTeBh9XKnuEyruqPvgJ1wNAUNNbRnK0c/quxx67OmbX1ssPgHGyjzLwX8GnzHU0
TPGooVyDtKuJCrnDZMtPmfseJXnVhnhbTcRY3TdZ+riLRxswRhtCVozxDzp5ITuq
xHj1aBBnDy0ADA50rhkjA/SdKzVx8bHFCxmJ72uaEihG
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:36:01 2024 by rpki-client on console-ams.rpki-client.org