Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/VKSU5CvaAtgvD3dbpGaaCBfmBuM.roa
File: VKSU5CvaAtgvD3dbpGaaCBfmBuM.roa (raw, json)
Hash identifier: IJ73W6NXDct5pjAO57mzAhmUUls7cBOgeJCHsmGYzWs=
Subject key identifier: 54:A4:94:E4:2B:DA:02:D8:2F:0F:77:5B:A4:66:9A:08:17:E6:06:E3
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 01862D7B724D28BF9B88BEFDCDF228E329E0
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/VKSU5CvaAtgvD3dbpGaaCBfmBuM.roa
Signing time: Tue 07 Feb 2023 20:05:10 +0000
ROA not before: Tue 07 Feb 2023 20:05:10 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207279
IP address blocks: 77.75.60.0/24 maxlen: 24
194.4.157.0/24 maxlen: 24
203.0.8.0/24 maxlen: 24
89.38.101.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:2d:7b:72:4d:28:bf:9b:88:be:fd:cd:f2:28:e3:29:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Feb 7 20:05:10 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=54a494e42bda02d82f0f775ba4669a0817e606e3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:43:ae:0e:17:0d:09:6a:77:13:a3:da:a2:bf:
19:6b:6e:dc:59:42:52:47:a7:fc:2a:af:f8:d7:1e:
d7:f2:66:ae:16:f0:3c:77:16:d3:cf:1f:a3:88:cd:
2a:1c:92:1d:71:c1:5d:c5:fc:a3:4e:90:0b:c1:81:
63:ce:54:e4:e6:ea:2c:9b:a7:ce:78:bf:b4:f7:c8:
18:8b:d3:75:42:b3:f5:e9:1f:15:d7:6e:b4:1a:09:
45:47:dc:bf:a5:77:7c:ab:9f:26:06:da:96:98:06:
b3:1d:99:63:21:33:ba:86:1c:30:a8:3e:3b:76:68:
c0:5f:21:74:23:a6:51:68:cc:fc:19:a4:29:3a:af:
c6:48:e4:cb:ad:e7:b5:6f:da:66:3a:93:bb:ea:2f:
76:84:15:44:4f:0b:0e:59:08:37:74:9c:8b:e6:f4:
c9:34:97:89:d3:d8:e0:2c:00:56:1e:7c:76:49:99:
aa:39:7a:7f:f4:42:16:e5:eb:10:ad:a9:9e:ca:03:
3a:aa:ad:0c:10:87:67:b9:b9:24:20:53:5e:2c:03:
65:5c:6f:cf:ce:9b:42:a9:95:c2:f8:b8:b9:bd:7c:
db:52:21:d6:97:0d:18:99:b0:ca:ea:b0:07:d2:d8:
2c:ca:93:71:cb:0d:a0:3a:dc:e2:c0:51:fc:68:a7:
5c:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:A4:94:E4:2B:DA:02:D8:2F:0F:77:5B:A4:66:9A:08:17:E6:06:E3
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/VKSU5CvaAtgvD3dbpGaaCBfmBuM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.75.60.0/24
89.38.101.0/24
194.4.157.0/24
203.0.8.0/24
Signature Algorithm: sha256WithRSAEncryption
87:7d:52:84:04:21:9c:6d:6d:c7:20:a4:b8:b4:8d:bb:5a:89:
3f:80:74:c1:32:22:fe:08:68:69:4d:82:cb:1f:db:cb:33:49:
77:c7:de:d0:e1:26:8e:9b:6f:a9:b5:b9:c3:0a:fb:b9:f0:b9:
e5:ec:78:41:99:d8:dc:80:0e:4a:8b:02:5e:9d:18:a6:6c:11:
90:1c:25:db:b7:c6:93:59:82:df:27:d1:39:80:ce:53:21:ce:
25:1f:e3:61:32:f7:33:f4:9d:7f:2f:b6:b2:9d:a4:ec:a9:55:
05:77:b8:21:12:c3:de:ed:96:08:d5:b7:76:f4:d3:89:6d:02:
8f:61:64:6e:79:73:a9:fe:11:e6:fc:d8:64:09:f5:7f:4e:14:
af:ff:20:ef:13:f8:e5:cd:e5:e3:88:40:9e:14:ed:60:a1:98:
46:5f:21:b5:63:f5:5a:a2:d6:c4:f2:d4:6c:4b:f9:66:c4:d7:
39:d9:3f:e2:89:8e:e4:cb:61:2d:db:e6:6a:08:a0:2d:4c:92:
d9:15:9e:6e:3b:22:fb:87:e4:ac:a3:4d:78:30:09:62:5a:4b:
a0:88:47:e4:ad:df:83:72:79:80:d7:e7:e0:c3:d8:af:49:f6:
b6:c6:cd:0c:f2:f6:94:e1:6b:91:d7:06:e4:35:7f:8c:c3:a3:
66:d3:c8:65
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYYte3JNKL+biL79zfIo4yngMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMwMjA3MjAwNTEwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NGE0OTRlNDJiZGEwMmQ4MmYwZjc3NWJhNDY2OWEwODE3ZTYwNmUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnUOuDhcNCWp3E6Paor8Za27cWUJS
R6f8Kq/41x7X8mauFvA8dxbTzx+jiM0qHJIdccFdxfyjTpALwYFjzlTk5uosm6fO
eL+098gYi9N1QrP16R8V1260GglFR9y/pXd8q58mBtqWmAazHZljITO6hhwwqD47
dmjAXyF0I6ZRaMz8GaQpOq/GSOTLree1b9pmOpO76i92hBVETwsOWQg3dJyL5vTJ
NJeJ09jgLABWHnx2SZmqOXp/9EIW5esQrameygM6qq0MEIdnubkkIFNeLANlXG/P
zptCqZXC+Li5vXzbUiHWlw0YmbDK6rAH0tgsypNxyw2gOtziwFH8aKdc5QIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFFSklOQr2gLYLw93W6RmmggX5gbjMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvVktTVTVDdmFBdGd2RDNkYnBHYWFDQmZtQnVNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQATUs8AwQA
WSZlAwQAwgSdAwQAywAIMA0GCSqGSIb3DQEBCwUAA4IBAQCHfVKEBCGcbW3HIKS4
tI27Wok/gHTBMiL+CGhpTYLLH9vLM0l3x97Q4SaOm2+ptbnDCvu58Lnl7HhBmdjc
gA5KiwJenRimbBGQHCXbt8aTWYLfJ9E5gM5TIc4lH+NhMvcz9J1/L7aynaTsqVUF
d7ghEsPe7ZYI1bd29NOJbQKPYWRueXOp/hHm/NhkCfV/ThSv/yDvE/jlzeXjiECe
FO1goZhGXyG1Y/VaotbE8tRsS/lmxNc52T/iiY7ky2Et2+ZqCKAtTJLZFZ5uOyL7
h+Sso014MAliWkugiEfkrd+DcnmA1+fgw9ivSfa2xs0M8vaU4WuR1wbkNX+Mw6Nm
08hl
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:46 2024 by rpki-client on console-fra.rpki-client.org