Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/VakdY0GOUH6uWTZUY4M_a0pw5rc.roa
File: VakdY0GOUH6uWTZUY4M_a0pw5rc.roa (raw, json)
Hash identifier: r1EOIMPISfMnWm2WbvQvIph/gTegE7RO5ORG5OA3wvE=
Subject key identifier: 55:A9:1D:63:41:8E:50:7E:AE:59:36:54:63:83:3F:6B:4A:70:E6:B7
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 018755A033887C5337564E4B99DFBB2693E7
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/VakdY0GOUH6uWTZUY4M_a0pw5rc.roa
Signing time: Thu 06 Apr 2023 08:12:54 +0000
ROA not before: Thu 06 Apr 2023 08:12:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 188.214.27.0/24 maxlen: 24
78.142.243.0/24 maxlen: 24
185.9.55.0/24 maxlen: 24
194.4.157.0/24 maxlen: 24
45.159.152.0/24 maxlen: 24
203.0.8.0/24 maxlen: 24
103.205.27.0/24 maxlen: 24
185.103.75.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:55:a0:33:88:7c:53:37:56:4e:4b:99:df:bb:26:93:e7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Apr 6 08:12:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=55a91d63418e507eae59365463833f6b4a70e6b7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:52:d6:57:b8:c2:8f:90:28:31:0b:4c:25:18:
a8:3a:54:80:27:8a:d8:bf:d0:45:77:08:86:d7:36:
b4:27:1b:38:cb:23:c3:dd:40:6e:e0:d7:f6:02:ee:
e3:75:11:73:1b:d3:aa:ee:37:58:4f:64:ce:58:cc:
7e:2a:b7:e8:6e:b9:9f:c0:f2:c5:1a:8a:83:1f:c7:
e5:22:68:ca:95:d7:16:1e:50:95:95:e1:48:35:e3:
12:27:75:df:82:34:e4:65:2f:58:b0:7f:a9:48:45:
fe:c0:0c:7e:f8:c9:6a:a5:da:50:e3:a2:97:ae:2d:
55:98:f7:f2:1c:0e:33:b8:eb:c9:d4:11:6d:bc:00:
f0:bb:f4:37:a2:bc:33:47:78:9d:14:be:2e:4b:5c:
8c:c3:e0:a9:29:7d:e4:07:4c:9d:70:91:25:59:43:
32:58:ad:e4:47:9c:3a:24:22:87:f2:83:c5:f7:4e:
45:fb:3e:ed:52:d8:7e:0e:0c:e8:4f:04:ea:e0:0d:
92:83:3b:33:8a:1e:77:91:5a:41:2a:9d:b6:99:8b:
43:1a:64:3e:4a:3a:0b:7d:15:e9:92:80:07:94:9a:
fc:31:8e:fa:c7:67:11:e2:c5:00:c3:1c:4d:b0:12:
f9:75:f4:9f:32:87:f4:19:06:92:33:39:22:5e:79:
e7:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:A9:1D:63:41:8E:50:7E:AE:59:36:54:63:83:3F:6B:4A:70:E6:B7
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/VakdY0GOUH6uWTZUY4M_a0pw5rc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.159.152.0/24
78.142.243.0/24
103.205.27.0/24
185.9.55.0/24
185.103.75.0/24
188.214.27.0/24
194.4.157.0/24
203.0.8.0/24
Signature Algorithm: sha256WithRSAEncryption
34:27:a7:b0:41:51:32:1d:6a:c3:a1:dc:72:6f:6f:49:1e:b3:
55:63:94:17:e0:f8:12:81:7b:74:97:d3:00:71:be:09:af:97:
09:5d:89:c4:60:d1:57:38:be:c8:38:96:27:b3:bb:c3:7e:df:
2f:30:77:ed:ed:0e:be:ce:66:63:df:62:ac:1a:af:40:43:ec:
e1:41:a9:81:8f:19:92:8d:78:f0:b2:2d:91:ca:59:e1:1e:c8:
fa:75:eb:78:4e:9d:60:54:49:09:7e:50:b3:e8:ad:42:f8:3b:
2e:d1:5c:7a:79:36:dd:71:92:0a:db:7e:23:3a:2c:b7:4e:e6:
19:a5:ae:d5:d9:78:3c:49:64:5b:45:40:86:8e:58:f9:ff:3c:
88:dd:a1:97:bf:b8:f2:a3:19:3b:c7:6c:9a:77:72:fa:08:ef:
e3:68:12:6b:91:46:23:17:09:96:e4:0b:f8:4d:10:43:a5:c6:
86:8f:57:69:44:0e:63:dc:36:54:4e:20:0b:77:2a:fe:da:26:
52:af:28:2a:a9:48:73:a6:ba:39:29:1c:69:6d:57:e7:3e:b8:
60:29:38:0b:9e:64:83:5e:92:72:4f:b2:9e:39:75:c6:fd:5f:
3c:01:23:46:13:7b:b6:c7:05:e9:82:ad:97:6d:16:82:8b:79:
ac:6e:fb:00
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAYdVoDOIfFM3Vk5Lmd+7JpPnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMwNDA2MDgxMjU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NWE5MWQ2MzQxOGU1MDdlYWU1OTM2NTQ2MzgzM2Y2YjRhNzBlNmI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi1LWV7jCj5AoMQtMJRioOlSAJ4rY
v9BFdwiG1za0Jxs4yyPD3UBu4Nf2Au7jdRFzG9Oq7jdYT2TOWMx+KrfobrmfwPLF
GoqDH8flImjKldcWHlCVleFINeMSJ3XfgjTkZS9YsH+pSEX+wAx++MlqpdpQ46KX
ri1VmPfyHA4zuOvJ1BFtvADwu/Q3orwzR3idFL4uS1yMw+CpKX3kB0ydcJElWUMy
WK3kR5w6JCKH8oPF905F+z7tUth+DgzoTwTq4A2Sgzszih53kVpBKp22mYtDGmQ+
SjoLfRXpkoAHlJr8MY76x2cR4sUAwxxNsBL5dfSfMof0GQaSMzkiXnnn2wIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFFWpHWNBjlB+rlk2VGODP2tKcOa3MB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvVmFrZFkwR09VSDZ1V1RaVVk0TV9hMHB3NXJjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQALZ+YAwQA
To7zAwQAZ80bAwQAuQk3AwQAuWdLAwQAvNYbAwQAwgSdAwQAywAIMA0GCSqGSIb3
DQEBCwUAA4IBAQA0J6ewQVEyHWrDodxyb29JHrNVY5QX4PgSgXt0l9MAcb4Jr5cJ
XYnEYNFXOL7IOJYns7vDft8vMHft7Q6+zmZj32KsGq9AQ+zhQamBjxmSjXjwsi2R
ylnhHsj6det4Tp1gVEkJflCz6K1C+Dsu0Vx6eTbdcZIK234jOiy3TuYZpa7V2Xg8
SWRbRUCGjlj5/zyI3aGXv7jyoxk7x2yad3L6CO/jaBJrkUYjFwmW5Av4TRBDpcaG
j1dpRA5j3DZUTiALdyr+2iZSrygqqUhzpro5KRxpbVfnPrhgKTgLnmSDXpJyT7Ke
OXXG/V88ASNGE3u2xwXpgq2XbRaCi3msbvsA
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:46 2024 by rpki-client on console-fra.rpki-client.org