Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/fcd3c3-f495-4d21-a8b0-49061fffd02a/1/VmUDh-jVu9DUkehub9rCX95SI0s.roa
File: VmUDh-jVu9DUkehub9rCX95SI0s.roa (raw, json)
Hash identifier: Y6McWVf1+sdsJWbg0mjrnW7tPZRej7Ga4lYbxXqko/M=
Subject key identifier: 56:65:03:87:E8:D5:BB:D0:D4:91:E8:6E:6F:DA:C2:5F:DE:52:23:4B
Certificate issuer: /CN=2d52398255290e328680d6e8c80cd918f8641784
Certificate serial: 040267C4
Authority key identifier: 2D:52:39:82:55:29:0E:32:86:80:D6:E8:C8:0C:D9:18:F8:64:17:84
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LVI5glUpDjKGgNboyAzZGPhkF4Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b6/fcd3c3-f495-4d21-a8b0-49061fffd02a/1/VmUDh-jVu9DUkehub9rCX95SI0s.roa
Signing time: Thu 27 Jan 2022 21:50:00 +0000
ROA not before: Thu 27 Jan 2022 21:50:00 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 56347
IP address blocks: 89.21.74.0/23 maxlen: 23
89.21.72.0/23 maxlen: 23
89.21.72.0/22 maxlen: 22
46.175.64.0/20 maxlen: 20
46.175.64.0/21 maxlen: 21
185.95.64.0/24 maxlen: 24
46.175.72.0/21 maxlen: 21
46.175.80.0/22 maxlen: 22
46.175.84.0/22 maxlen: 22
46.175.80.0/21 maxlen: 21
2a10:b200::/32 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 67266500 (0x40267c4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2d52398255290e328680d6e8c80cd918f8641784
Validity
Not Before: Jan 27 21:50:00 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=56650387e8d5bbd0d491e86e6fdac25fde52234b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:80:7a:94:07:89:a5:ec:7f:5f:e0:ba:e5:a7:
6a:37:79:05:1c:b7:ce:51:53:0d:08:92:c3:48:86:
9f:58:13:ef:9c:7f:c2:20:5b:fc:95:24:7d:54:9d:
cc:72:1b:b0:57:4d:38:d7:9e:8d:92:3b:5c:f7:76:
f9:ab:08:5f:58:7d:b1:77:d3:da:d3:36:16:c7:cc:
ab:1f:b9:a1:d3:02:39:94:29:fa:08:d6:8f:ce:2d:
a1:1a:c2:44:8d:bc:d3:2f:11:ae:c1:b9:fe:2c:98:
7d:93:4e:2e:de:16:bf:3d:3a:08:4a:e3:b4:38:01:
74:02:18:10:02:82:a1:0c:82:da:c5:af:ef:71:3d:
d7:7f:27:60:f7:b4:bc:05:4c:4e:7a:9c:f6:3f:6a:
7b:d5:d5:d9:63:94:48:88:21:7b:c5:99:8f:d7:78:
f3:f8:ef:70:a4:e8:38:15:b1:2c:0c:c6:be:d7:7a:
4f:60:f3:18:de:18:37:84:de:e7:0f:30:f9:4f:b1:
a1:78:f4:85:ac:2c:ef:04:5f:8c:18:ef:93:52:d7:
64:7c:ee:e5:7b:ef:9d:76:c1:96:fb:48:8e:61:e5:
4c:cd:60:aa:94:38:5c:90:cf:d8:e7:a2:65:d2:ed:
17:3d:3d:b2:b2:b4:0a:69:49:d7:14:46:ff:9e:e0:
28:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
56:65:03:87:E8:D5:BB:D0:D4:91:E8:6E:6F:DA:C2:5F:DE:52:23:4B
X509v3 Authority Key Identifier:
keyid:2D:52:39:82:55:29:0E:32:86:80:D6:E8:C8:0C:D9:18:F8:64:17:84
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LVI5glUpDjKGgNboyAzZGPhkF4Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/fcd3c3-f495-4d21-a8b0-49061fffd02a/1/VmUDh-jVu9DUkehub9rCX95SI0s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/fcd3c3-f495-4d21-a8b0-49061fffd02a/1/LVI5glUpDjKGgNboyAzZGPhkF4Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.175.64.0-46.175.87.255
89.21.72.0/22
185.95.64.0/24
IPv6:
2a10:b200::/32
Signature Algorithm: sha256WithRSAEncryption
30:71:ab:e7:92:04:d2:45:4e:8e:5c:12:df:b8:9b:06:44:d9:
3a:53:86:31:16:e5:fb:63:9d:9f:5e:ec:76:90:f3:29:69:ff:
7f:50:8e:89:9b:29:9c:1f:28:39:b1:0e:cb:d9:04:4c:95:79:
16:1b:a2:97:1e:af:3f:14:2c:30:37:74:95:65:6c:39:c2:4b:
5b:f9:53:0c:1f:74:12:f7:e5:5b:6b:39:7d:1e:f1:26:a6:11:
a7:05:f2:fb:6e:df:cd:31:8c:d3:39:4b:25:d3:70:78:3e:ce:
3b:04:0b:63:13:89:47:f3:26:4e:2c:b2:4e:f7:f5:ba:db:ca:
17:b9:71:c7:30:6e:47:38:4c:f1:24:b7:39:30:e6:b9:a6:17:
c6:b7:65:8d:d8:87:55:ee:f1:a3:32:74:50:a5:fc:82:5d:d1:
de:05:82:d6:b3:fa:c2:b1:80:c4:6b:94:13:20:48:b6:95:d2:
7f:cb:c8:a9:8d:d9:12:bc:86:71:93:58:ac:4f:d9:4e:b1:64:
17:b8:7b:6e:a2:5d:55:da:71:4d:29:ab:57:30:bd:b6:37:a7:
7a:b4:2c:ab:44:58:27:74:0a:45:56:d7:91:65:e3:94:00:8c:
d1:bf:74:2e:11:0f:1e:49:41:e9:a9:2c:69:7f:9e:74:16:78:
6d:60:d8:bb
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgIEBAJnxDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
ZDUyMzk4MjU1MjkwZTMyODY4MGQ2ZThjODBjZDkxOGY4NjQxNzg0MB4XDTIyMDEy
NzIxNTAwMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNTY2NTAzODdlOGQ1
YmJkMGQ0OTFlODZlNmZkYWMyNWZkZTUyMjM0YjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJWAepQHiaXsf1/guuWnajd5BRy3zlFTDQiSw0iGn1gT75x/
wiBb/JUkfVSdzHIbsFdNONeejZI7XPd2+asIX1h9sXfT2tM2FsfMqx+5odMCOZQp
+gjWj84toRrCRI280y8RrsG5/iyYfZNOLt4Wvz06CErjtDgBdAIYEAKCoQyC2sWv
73E9138nYPe0vAVMTnqc9j9qe9XV2WOUSIghe8WZj9d48/jvcKToOBWxLAzGvtd6
T2DzGN4YN4Te5w8w+U+xoXj0haws7wRfjBjvk1LXZHzu5XvvnXbBlvtIjmHlTM1g
qpQ4XJDP2OeiZdLtFz09srK0CmlJ1xRG/57gKAsCAwEAAaOCAiwwggIoMB0GA1Ud
DgQWBBRWZQOH6NW70NSR6G5v2sJf3lIjSzAfBgNVHSMEGDAWgBQtUjmCVSkOMoaA
1ujIDNkY+GQXhDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0xWSTVnbFVwRGpLR2dOYm95QXpaR1Boa0Y0US5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjYvZmNkM2MzLWY0OTUtNGQyMS1hOGIwLTQ5MDYxZmZmZDAyYS8x
L1ZtVURoLWpWdTlEVWtlaHViOXJDWDk1U0kwcy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjYv
ZmNkM2MzLWY0OTUtNGQyMS1hOGIwLTQ5MDYxZmZmZDAyYS8xL0xWSTVnbFVwRGpL
R2dOYm95QXpaR1Boa0Y0US5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBC
BggrBgEFBQcBBwEB/wQzMDEwIAQCAAEwGjAMAwQGLq9AAwQDLq9QAwQCWRVIAwQA
uV9AMA0EAgACMAcDBQAqELIAMA0GCSqGSIb3DQEBCwUAA4IBAQAwcavnkgTSRU6O
XBLfuJsGRNk6U4YxFuX7Y52fXux2kPMpaf9/UI6JmymcHyg5sQ7L2QRMlXkWG6KX
Hq8/FCwwN3SVZWw5wktb+VMMH3QS9+Vbazl9HvEmphGnBfL7bt/NMYzTOUsl03B4
Ps47BAtjE4lH8yZOLLJO9/W628oXuXHHMG5HOEzxJLc5MOa5phfGt2WN2IdV7vGj
MnRQpfyCXdHeBYLWs/rCsYDEa5QTIEi2ldJ/y8ipjdkSvIZxk1isT9lOsWQXuHtu
ol1V2nFNKatXML22N6d6tCyrRFgndApFVteRZeOUAIzRv3QuEQ8eSUHpqSxpf550
FnhtYNi7
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:14:51 2025 by rpki-client