Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/vDk-FaNh0EqwV0gWhUWEmQgbL_s.roa
File: vDk-FaNh0EqwV0gWhUWEmQgbL_s.roa (raw, json)
Hash identifier: MnhDL70torYiJz22PHoUmxWv8u8lqcOZ/qvMsdQ92X8=
Subject key identifier: BC:39:3E:15:A3:61:D0:4A:B0:57:48:16:85:45:84:99:08:1B:2F:FB
Certificate issuer: /CN=c2778de2a9be9802120382e750d159e95872c2ae
Certificate serial: 019427B585D47B3B6CB9C187DC7FE6CE8FB5
Authority key identifier: C2:77:8D:E2:A9:BE:98:02:12:03:82:E7:50:D1:59:E9:58:72:C2:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wneN4qm-mAISA4LnUNFZ6Vhywq4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/vDk-FaNh0EqwV0gWhUWEmQgbL_s.roa
Signing time: Thu 02 Jan 2025 15:49:55 +0000
ROA not before: Thu 02 Jan 2025 15:49:55 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 56876
IP address blocks: 83.147.212.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b5:85:d4:7b:3b:6c:b9:c1:87:dc:7f:e6:ce:8f:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c2778de2a9be9802120382e750d159e95872c2ae
Validity
Not Before: Jan 2 15:49:55 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=bc393e15a361d04ab057481685458499081b2ffb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:88:ad:11:cc:c5:0f:7c:95:9c:1a:7f:8b:55:
bd:37:41:d6:5f:8d:31:8c:89:23:bd:53:30:04:f8:
59:23:7e:9b:96:d0:9a:f3:04:c8:86:d9:93:cb:39:
82:c3:fd:6c:b2:f3:ee:22:60:ec:61:9a:fb:af:8b:
2d:e7:bc:a3:23:e0:47:ca:73:a8:c9:0d:84:b0:28:
0e:fd:db:ef:da:c9:28:2d:92:bc:a5:0e:39:34:7f:
f8:b1:a1:6f:60:a3:92:1c:68:73:57:1b:2f:7c:0a:
c5:db:79:0e:1f:80:11:aa:60:a8:66:07:8a:7b:44:
d1:a8:73:6e:5c:29:1e:b3:c3:0b:c3:fd:c4:c0:88:
8d:66:30:cb:22:ca:fb:bf:e6:06:6f:80:2a:b7:89:
8f:fd:ac:19:59:cf:2b:08:e1:7a:8e:71:8f:10:fa:
99:8d:95:fc:4d:4c:62:60:24:88:cc:d5:2d:43:0a:
ab:0a:97:88:2d:5e:48:a5:2b:7c:96:bc:ea:9c:ac:
c5:10:34:b1:7b:62:7d:c8:96:60:8d:31:1e:85:45:
8d:90:b5:f4:05:eb:28:58:4b:9d:e1:cc:18:c6:a3:
97:6d:b7:7b:84:e4:89:db:62:a8:93:c9:36:c2:fe:
5a:76:a3:7a:77:0c:3a:91:81:e5:2c:eb:7b:0d:a1:
ea:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:39:3E:15:A3:61:D0:4A:B0:57:48:16:85:45:84:99:08:1B:2F:FB
X509v3 Authority Key Identifier:
keyid:C2:77:8D:E2:A9:BE:98:02:12:03:82:E7:50:D1:59:E9:58:72:C2:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wneN4qm-mAISA4LnUNFZ6Vhywq4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/vDk-FaNh0EqwV0gWhUWEmQgbL_s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/wneN4qm-mAISA4LnUNFZ6Vhywq4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.147.212.0/22
Signature Algorithm: sha256WithRSAEncryption
19:ed:96:1a:7c:fe:f6:2c:ad:22:30:ea:09:1d:5a:00:27:1c:
42:b6:b0:3b:5b:cb:e6:ae:08:ff:af:a8:92:a3:e1:8c:81:bf:
3b:87:45:6d:e4:69:a5:83:ad:69:a6:2f:71:65:9b:e9:39:bb:
2d:3a:fe:69:f9:06:27:25:6d:fd:a9:2e:d8:9c:ef:ab:17:34:
f2:52:f1:ea:eb:17:f2:ea:97:eb:dd:73:77:5a:1c:6c:d3:12:
44:0c:7b:c4:93:4e:5d:22:b8:74:22:4e:af:83:71:dc:24:75:
9a:f2:f7:0a:63:51:f1:44:90:ac:b1:98:cf:ab:40:3a:0a:a8:
34:16:f5:12:1d:f7:62:a0:ec:25:e9:81:ad:c0:0f:f0:da:1a:
3d:ab:45:44:28:36:cb:27:48:ee:61:5c:e6:82:7d:7e:ad:56:
80:bb:76:b9:35:56:0d:ca:e3:9c:23:ea:44:4b:ff:26:ad:13:
60:f5:2b:59:d1:71:f3:7f:68:69:84:f8:4c:fd:29:1f:ec:39:
b5:b5:87:fb:e3:18:4c:e6:d0:7b:82:64:ad:dd:de:53:ef:56:
db:a8:26:59:1a:80:eb:d8:57:f1:60:c3:73:3f:6f:97:18:75:
3b:f5:42:f1:3c:85:f5:6c:83:1b:5d:bc:91:75:7c:a9:0b:bf:
1f:9b:c6:3c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQntYXUeztsucGH3H/mzo+1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyNzc4ZGUyYTliZTk4MDIxMjAzODJlNzUwZDE1OWU5NTg3
MmMyYWUwHhcNMjUwMTAyMTU0OTU1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYzM5M2UxNWEzNjFkMDRhYjA1NzQ4MTY4NTQ1ODQ5OTA4MWIyZmZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlYitEczFD3yVnBp/i1W9N0HWX40x
jIkjvVMwBPhZI36bltCa8wTIhtmTyzmCw/1ssvPuImDsYZr7r4st57yjI+BHynOo
yQ2EsCgO/dvv2skoLZK8pQ45NH/4saFvYKOSHGhzVxsvfArF23kOH4ARqmCoZgeK
e0TRqHNuXCkes8MLw/3EwIiNZjDLIsr7v+YGb4Aqt4mP/awZWc8rCOF6jnGPEPqZ
jZX8TUxiYCSIzNUtQwqrCpeILV5IpSt8lrzqnKzFEDSxe2J9yJZgjTEehUWNkLX0
BesoWEud4cwYxqOXbbd7hOSJ22Kok8k2wv5adqN6dww6kYHlLOt7DaHqCQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLw5PhWjYdBKsFdIFoVFhJkIGy/7MB8GA1UdIwQY
MBaAFMJ3jeKpvpgCEgOC51DRWelYcsKuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd25lTjRxbS1tQUlTQTRMblVORlo2Vmh5d3E0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC80MTA5MzAtOWQ2NS00YmU4LTllYmEt
Zjk4ZGE1NGFmNDM0LzEvdkRrLUZhTmgwRXF3VjBnV2hVV0VtUWdiTF9zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC80MTA5MzAtOWQ2NS00YmU4LTllYmEtZjk4ZGE1NGFmNDM0
LzEvd25lTjRxbS1tQUlTQTRMblVORlo2Vmh5d3E0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCU5PUMA0G
CSqGSIb3DQEBCwUAA4IBAQAZ7ZYafP72LK0iMOoJHVoAJxxCtrA7W8vmrgj/r6iS
o+GMgb87h0Vt5Gmlg61ppi9xZZvpObstOv5p+QYnJW39qS7YnO+rFzTyUvHq6xfy
6pfr3XN3Whxs0xJEDHvEk05dIrh0Ik6vg3HcJHWa8vcKY1HxRJCssZjPq0A6Cqg0
FvUSHfdioOwl6YGtwA/w2ho9q0VEKDbLJ0juYVzmgn1+rVaAu3a5NVYNyuOcI+pE
S/8mrRNg9StZ0XHzf2hphPhM/Skf7Dm1tYf74xhM5tB7gmSt3d5T71bbqCZZGoDr
2FfxYMNzP2+XGHU79ULxPIX1bIMbXbyRdXypC78fm8Y8
-----END CERTIFICATE-----
Generated at Wed Feb 5 10:54:05 2025 by rpki-client