Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/f8c018-b90f-4f89-a3f4-2ec871465599/1/VN_0tUcFu3MRPwC5LlsTMiXMdgg.roa
File: VN_0tUcFu3MRPwC5LlsTMiXMdgg.roa (raw, json)
Hash identifier: jHaHXmMzpm67cvpupaxzzxnXxOQKxhaEQY3l1yNeXUM=
Subject key identifier: 54:DF:F4:B5:47:05:BB:73:11:3F:00:B9:2E:5B:13:32:25:CC:76:08
Certificate issuer: /CN=048dc3b923c7738f9a58ee80b49bcd0c5e7dcffa
Certificate serial: 018570FBC2C1841145BC88C856F66A29E3BC
Authority key identifier: 04:8D:C3:B9:23:C7:73:8F:9A:58:EE:80:B4:9B:CD:0C:5E:7D:CF:FA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BI3DuSPHc4-aWO6AtJvNDF59z_o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b4/f8c018-b90f-4f89-a3f4-2ec871465599/1/VN_0tUcFu3MRPwC5LlsTMiXMdgg.roa
Signing time: Mon 02 Jan 2023 05:37:05 +0000
ROA not before: Mon 02 Jan 2023 05:37:05 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212586
IP address blocks: 79.174.0.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:fb:c2:c1:84:11:45:bc:88:c8:56:f6:6a:29:e3:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=048dc3b923c7738f9a58ee80b49bcd0c5e7dcffa
Validity
Not Before: Jan 2 05:37:05 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=54dff4b54705bb73113f00b92e5b133225cc7608
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:86:c4:b1:54:36:2f:6d:3f:fd:69:46:4f:3f:
07:38:96:52:51:61:7f:c1:bd:1a:c1:15:c8:3a:60:
d1:e2:a0:18:02:40:a1:5c:44:b6:50:dd:4c:40:84:
84:15:e6:df:b9:c1:0f:03:97:82:0f:3c:63:e5:7d:
fa:87:17:75:d4:90:df:32:66:f1:9c:03:08:d6:85:
71:f6:80:0f:73:f9:75:eb:23:2f:c8:bf:70:76:26:
25:18:f3:1d:19:e5:4b:80:b4:96:1a:c7:0c:a4:a4:
c1:49:18:2f:4e:fa:6e:93:a1:0c:85:e6:8a:01:b4:
2a:3d:95:ba:e9:98:2e:46:e0:d3:a9:92:13:e7:90:
b7:cf:8d:a7:3e:b3:02:1d:50:b2:ce:4f:13:44:05:
ae:75:85:10:e5:c2:b0:a3:b9:2e:d6:0c:4a:3b:19:
7a:84:92:90:31:e6:da:db:9d:7b:38:16:b7:04:39:
b9:01:eb:87:e1:f6:03:e5:a2:bd:98:3a:d8:65:aa:
e3:04:21:3d:1d:a4:4b:ec:73:02:85:a5:ac:3c:10:
77:d5:29:a8:ba:16:4f:cf:ae:62:4f:8d:07:c8:77:
8a:fb:ce:08:75:6d:89:3f:bd:f1:5a:f0:15:86:14:
3b:16:5d:75:78:f7:dc:da:bf:a4:b4:97:7c:df:da:
1c:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:DF:F4:B5:47:05:BB:73:11:3F:00:B9:2E:5B:13:32:25:CC:76:08
X509v3 Authority Key Identifier:
keyid:04:8D:C3:B9:23:C7:73:8F:9A:58:EE:80:B4:9B:CD:0C:5E:7D:CF:FA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BI3DuSPHc4-aWO6AtJvNDF59z_o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/f8c018-b90f-4f89-a3f4-2ec871465599/1/VN_0tUcFu3MRPwC5LlsTMiXMdgg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/f8c018-b90f-4f89-a3f4-2ec871465599/1/BI3DuSPHc4-aWO6AtJvNDF59z_o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.174.0.0/22
Signature Algorithm: sha256WithRSAEncryption
8f:d2:59:ed:7c:18:3b:16:f9:8a:9e:5e:10:44:6a:de:38:ee:
36:7b:1b:3b:d9:48:8c:06:c9:18:e3:1a:9e:d7:a4:0b:4e:06:
a7:d9:7c:0b:37:6b:99:ed:39:2d:b6:d5:6f:e7:f1:38:07:1a:
75:7d:99:87:fc:b1:a9:bd:6a:5b:c3:41:5f:66:99:38:78:ba:
58:46:d9:d2:62:9f:f7:6e:17:c9:9c:c9:91:3a:d1:97:e5:a5:
bf:69:e3:8c:25:c9:95:af:03:7f:66:23:2b:c1:2e:a8:8e:b5:
df:ea:06:02:73:c2:d8:a4:1f:f2:1f:7b:04:dc:37:f9:25:61:
8b:3c:b6:67:f4:f0:11:0d:a5:fd:c3:56:1c:e5:b8:fe:e7:ad:
f2:0a:e4:a3:59:c3:42:45:db:9f:55:cc:7f:ad:4e:c2:83:2c:
9d:75:f1:d1:e0:35:9e:29:bf:67:b9:27:09:0a:66:9d:2a:14:
7c:11:fc:a2:80:a2:6b:06:97:5e:39:8a:32:35:23:98:65:df:
7c:3c:42:54:88:56:44:15:ff:ca:59:63:0c:b4:5f:5d:7c:d7:
d7:b6:fd:82:c2:fa:bc:3e:5c:b4:a7:00:85:28:fa:5b:29:e3:
9f:8b:6b:3d:40:d8:40:97:f0:bb:82:b5:89:62:29:86:01:a4:
21:0e:ae:9e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVw+8LBhBFFvIjIVvZqKeO8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA0OGRjM2I5MjNjNzczOGY5YTU4ZWU4MGI0OWJjZDBjNWU3
ZGNmZmEwHhcNMjMwMTAyMDUzNzA1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NGRmZjRiNTQ3MDViYjczMTEzZjAwYjkyZTViMTMzMjI1Y2M3NjA4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkIbEsVQ2L20//WlGTz8HOJZSUWF/
wb0awRXIOmDR4qAYAkChXES2UN1MQISEFebfucEPA5eCDzxj5X36hxd11JDfMmbx
nAMI1oVx9oAPc/l16yMvyL9wdiYlGPMdGeVLgLSWGscMpKTBSRgvTvpuk6EMheaK
AbQqPZW66ZguRuDTqZIT55C3z42nPrMCHVCyzk8TRAWudYUQ5cKwo7ku1gxKOxl6
hJKQMeba2517OBa3BDm5AeuH4fYD5aK9mDrYZarjBCE9HaRL7HMChaWsPBB31Smo
uhZPz65iT40HyHeK+84IdW2JP73xWvAVhhQ7Fl11ePfc2r+ktJd839ocBwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFTf9LVHBbtzET8AuS5bEzIlzHYIMB8GA1UdIwQY
MBaAFASNw7kjx3OPmljugLSbzQxefc/6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQkkzRHVTUEhjNC1hV082QXRKdk5ERjU5el9vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC9mOGMwMTgtYjkwZi00Zjg5LWEzZjQt
MmVjODcxNDY1NTk5LzEvVk5fMHRVY0Z1M01SUHdDNUxsc1RNaVhNZGdnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNC9mOGMwMTgtYjkwZi00Zjg5LWEzZjQtMmVjODcxNDY1NTk5
LzEvQkkzRHVTUEhjNC1hV082QXRKdk5ERjU5el9vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCT64AMA0G
CSqGSIb3DQEBCwUAA4IBAQCP0lntfBg7FvmKnl4QRGreOO42exs72UiMBskY4xqe
16QLTgan2XwLN2uZ7TktttVv5/E4Bxp1fZmH/LGpvWpbw0FfZpk4eLpYRtnSYp/3
bhfJnMmROtGX5aW/aeOMJcmVrwN/ZiMrwS6ojrXf6gYCc8LYpB/yH3sE3Df5JWGL
PLZn9PARDaX9w1Yc5bj+563yCuSjWcNCRdufVcx/rU7CgyyddfHR4DWeKb9nuScJ
CmadKhR8EfyigKJrBpdeOYoyNSOYZd98PEJUiFZEFf/KWWMMtF9dfNfXtv2Cwvq8
Ply0pwCFKPpbKeOfi2s9QNhAl/C7grWJYimGAaQhDq6e
-----END CERTIFICATE-----
Generated at Sun Apr 20 04:10:21 2025 by rpki-client