Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/7a1988-2736-49dc-a907-11b3cf3fd4e1/1/vi0CPPpPjKtZBurUYCFipg1BgJ0.roa
File: vi0CPPpPjKtZBurUYCFipg1BgJ0.roa (raw, json)
Hash identifier: UDNM8CGq8XgFTjlw9Bu8oSfJxZdZbNFauL8941D5UaA=
Subject key identifier: BE:2D:02:3C:FA:4F:8C:AB:59:06:EA:D4:60:21:62:A6:0D:41:80:9D
Certificate issuer: /CN=58ad60da52671e9083cf39864eca2aa23241be9e
Certificate serial: 018B8B446062064A1055F3265A0504B84826
Authority key identifier: 58:AD:60:DA:52:67:1E:90:83:CF:39:86:4E:CA:2A:A2:32:41:BE:9E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WK1g2lJnHpCDzzmGTsoqojJBvp4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/7a1988-2736-49dc-a907-11b3cf3fd4e1/1/vi0CPPpPjKtZBurUYCFipg1BgJ0.roa
Signing time: Wed 01 Nov 2023 14:23:16 +0000
ROA not before: Wed 01 Nov 2023 14:23:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43151
IP address blocks: 79.110.227.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:8b:44:60:62:06:4a:10:55:f3:26:5a:05:04:b8:48:26
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58ad60da52671e9083cf39864eca2aa23241be9e
Validity
Not Before: Nov 1 14:23:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=be2d023cfa4f8cab5906ead4602162a60d41809d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:8b:eb:17:c7:29:a1:b0:f0:c9:78:ac:de:28:
bf:84:96:c4:08:62:29:be:da:98:29:4d:7f:ad:c7:
97:eb:f4:c9:f6:b7:9e:7a:82:eb:2e:9c:01:99:b8:
1c:a0:34:e6:d7:86:46:d4:43:64:f6:25:db:72:d6:
6d:d0:17:76:60:a2:85:75:50:fa:5d:dd:b7:64:af:
04:30:3b:f4:0e:7e:b1:3e:98:a7:c5:0b:57:1f:b1:
58:21:b1:c0:8f:06:59:3d:7c:87:ce:67:55:f0:25:
41:e7:30:2a:b7:ec:06:6c:36:e3:55:c9:c7:64:e4:
9f:74:7d:ce:99:12:84:3c:cd:ee:e6:ae:15:a6:79:
ba:aa:9b:7a:d4:ae:66:21:68:13:d9:af:6a:c1:a3:
20:27:71:80:4a:5c:c6:92:97:3d:3c:4e:a2:30:61:
62:14:80:8b:2d:2d:62:f1:a4:bc:b9:d7:bb:8f:17:
fc:9f:df:57:9e:49:8f:ab:28:3e:66:e6:6d:70:fc:
9d:8b:a1:f6:51:73:c6:b4:c4:66:df:4f:55:a8:26:
3e:15:b4:d1:cf:ca:08:13:8f:ab:b1:96:5f:2c:99:
b7:42:6a:c9:8b:fc:c1:67:86:87:10:23:5e:57:67:
32:de:2e:86:80:06:f6:14:3f:8b:85:b5:8f:df:8a:
6a:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:2D:02:3C:FA:4F:8C:AB:59:06:EA:D4:60:21:62:A6:0D:41:80:9D
X509v3 Authority Key Identifier:
keyid:58:AD:60:DA:52:67:1E:90:83:CF:39:86:4E:CA:2A:A2:32:41:BE:9E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WK1g2lJnHpCDzzmGTsoqojJBvp4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/7a1988-2736-49dc-a907-11b3cf3fd4e1/1/vi0CPPpPjKtZBurUYCFipg1BgJ0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/7a1988-2736-49dc-a907-11b3cf3fd4e1/1/WK1g2lJnHpCDzzmGTsoqojJBvp4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.110.227.0/24
Signature Algorithm: sha256WithRSAEncryption
8d:2a:9b:dd:8c:76:d4:c3:5f:50:c9:fb:6c:6e:bd:a9:74:a3:
6f:9f:53:b4:61:38:3c:de:98:f5:bd:1a:9e:94:dc:31:06:8e:
ef:9a:19:0c:18:1a:f0:15:55:cc:99:95:1c:00:7b:6f:63:48:
0f:29:8b:e3:87:67:03:07:b5:db:96:49:2d:c9:eb:eb:72:cc:
d5:5f:e3:e9:cf:e2:b0:28:47:59:4e:d4:f7:82:e2:bd:90:87:
bd:9a:a2:29:9f:51:a1:55:fe:a8:3d:a8:fc:cc:8f:ff:01:cb:
14:fd:a6:90:f4:8f:3c:d2:be:ff:cf:20:fe:40:f5:84:eb:c6:
b3:72:63:c8:66:f5:24:d6:02:89:2d:63:fc:77:be:66:be:1f:
1e:3e:2a:55:53:39:27:43:b4:44:df:73:0a:56:93:4f:37:ea:
20:18:a6:de:cb:79:57:fc:21:f2:bd:9b:30:36:3d:2a:78:94:
5e:04:3e:cc:54:6b:7e:ee:77:59:e0:fe:05:7f:56:bc:0c:4b:
07:92:8a:dd:02:a3:10:e2:61:89:68:42:5f:e9:d4:f1:4c:4a:
f2:0f:91:ef:a2:aa:04:a5:ab:45:be:25:ed:ac:d0:0a:9d:a7:
80:dc:17:86:50:64:64:6a:c6:be:2d:f6:5f:e0:b0:35:e5:94:
51:a7:13:61
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYuLRGBiBkoQVfMmWgUEuEgmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4YWQ2MGRhNTI2NzFlOTA4M2NmMzk4NjRlY2EyYWEyMzI0
MWJlOWUwHhcNMjMxMTAxMTQyMzE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZTJkMDIzY2ZhNGY4Y2FiNTkwNmVhZDQ2MDIxNjJhNjBkNDE4MDlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjovrF8cpobDwyXis3ii/hJbECGIp
vtqYKU1/rceX6/TJ9reeeoLrLpwBmbgcoDTm14ZG1ENk9iXbctZt0Bd2YKKFdVD6
Xd23ZK8EMDv0Dn6xPpinxQtXH7FYIbHAjwZZPXyHzmdV8CVB5zAqt+wGbDbjVcnH
ZOSfdH3OmRKEPM3u5q4Vpnm6qpt61K5mIWgT2a9qwaMgJ3GASlzGkpc9PE6iMGFi
FICLLS1i8aS8ude7jxf8n99XnkmPqyg+ZuZtcPydi6H2UXPGtMRm309VqCY+FbTR
z8oIE4+rsZZfLJm3QmrJi/zBZ4aHECNeV2cy3i6GgAb2FD+LhbWP34pq+wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFL4tAjz6T4yrWQbq1GAhYqYNQYCdMB8GA1UdIwQY
MBaAFFitYNpSZx6Qg885hk7KKqIyQb6eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV0sxZzJsSm5IcENEenptR1Rzb3FvakpCdnA0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy83YTE5ODgtMjczNi00OWRjLWE5MDct
MTFiM2NmM2ZkNGUxLzEvdmkwQ1BQcFBqS3RaQnVyVVlDRmlwZzFCZ0owLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy83YTE5ODgtMjczNi00OWRjLWE5MDctMTFiM2NmM2ZkNGUx
LzEvV0sxZzJsSm5IcENEenptR1Rzb3FvakpCdnA0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAT27jMA0G
CSqGSIb3DQEBCwUAA4IBAQCNKpvdjHbUw19Qyftsbr2pdKNvn1O0YTg83pj1vRqe
lNwxBo7vmhkMGBrwFVXMmZUcAHtvY0gPKYvjh2cDB7XblkktyevrcszVX+Ppz+Kw
KEdZTtT3guK9kIe9mqIpn1GhVf6oPaj8zI//AcsU/aaQ9I880r7/zyD+QPWE68az
cmPIZvUk1gKJLWP8d75mvh8ePipVUzknQ7RE33MKVpNPN+ogGKbey3lX/CHyvZsw
Nj0qeJReBD7MVGt+7ndZ4P4Ff1a8DEsHkordAqMQ4mGJaEJf6dTxTEryD5HvoqoE
patFviXtrNAKnaeA3BeGUGRkasa+LfZf4LA15ZRRpxNh
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:41:07 2024 by rpki-client on console-ams.rpki-client.org