Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cb/90aa1e-0098-4fda-9829-a15ccf5b413e/1/VM78ccNjzD-bEHKeV9UwvKJYm24.roa
File: VM78ccNjzD-bEHKeV9UwvKJYm24.roa (raw, json)
Hash identifier: NiFE6fbPwnCV+7J8YP7Sy445+ZHn4eEMJOrF5GwzD6g=
Subject key identifier: 54:CE:FC:71:C3:63:CC:3F:9B:10:72:9E:57:D5:30:BC:A2:58:9B:6E
Certificate issuer: /CN=7242a13715fc5578cdc05aaaa68c6a413cdbc9f5
Certificate serial: 0183B1BD9DFD665FCB930AEFD5C1AA7DA54C
Authority key identifier: 72:42:A1:37:15:FC:55:78:CD:C0:5A:AA:A6:8C:6A:41:3C:DB:C9:F5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ckKhNxX8VXjNwFqqpoxqQTzbyfU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cb/90aa1e-0098-4fda-9829-a15ccf5b413e/1/VM78ccNjzD-bEHKeV9UwvKJYm24.roa
Signing time: Fri 07 Oct 2022 09:18:57 +0000
ROA not before: Fri 07 Oct 2022 09:18:57 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 47568
IP address blocks: 94.100.34.0/23 maxlen: 23
94.100.32.0/20 maxlen: 23
94.100.36.0/23 maxlen: 23
94.100.32.0/23 maxlen: 23
94.100.38.0/23 maxlen: 23
94.100.40.0/21 maxlen: 21
185.122.24.0/23 maxlen: 23
185.122.27.0/24 maxlen: 24
185.122.26.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:b1:bd:9d:fd:66:5f:cb:93:0a:ef:d5:c1:aa:7d:a5:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7242a13715fc5578cdc05aaaa68c6a413cdbc9f5
Validity
Not Before: Oct 7 09:18:57 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=54cefc71c363cc3f9b10729e57d530bca2589b6e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:1c:93:65:f4:6f:ee:71:1b:67:5f:91:2f:70:
f1:e8:34:04:54:84:8e:22:97:c1:c5:ed:1d:6a:93:
0a:61:63:cb:5d:64:f5:ac:1f:f9:40:c8:f1:69:27:
e9:35:4f:3f:ce:16:97:17:00:0c:f4:2e:43:03:8a:
b8:27:8c:9b:b4:6b:ea:f8:af:02:fa:15:6e:76:92:
42:f5:fb:59:d7:4f:7d:50:a9:a5:50:44:1f:b5:d6:
3a:6f:67:ff:e8:12:9c:f7:d6:01:f2:f4:32:c7:eb:
5f:4b:30:0f:14:27:78:2d:7e:d1:61:4a:a1:87:be:
70:af:bd:bc:3e:01:54:e6:0c:35:ab:7a:1c:e3:d2:
4f:ef:e2:13:9f:58:fe:d4:fc:40:11:87:a0:c5:b5:
46:7c:ac:8c:5b:4f:6c:61:07:cf:ac:be:79:95:d3:
8b:75:17:ba:aa:00:bd:aa:a3:81:a3:33:5b:df:1e:
e8:d1:30:6c:38:f5:53:4e:e4:86:33:3e:80:8f:48:
6c:b0:83:9d:6f:13:0b:3e:f3:05:f2:47:08:95:c3:
56:18:6a:b3:0d:20:fd:0a:e4:fa:d4:ed:43:a3:5b:
c5:ae:f8:a9:93:88:0b:0b:42:ca:e7:03:27:3f:a7:
f5:e3:f8:09:e0:1c:b0:d5:c5:4c:54:84:15:0a:a7:
11:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:CE:FC:71:C3:63:CC:3F:9B:10:72:9E:57:D5:30:BC:A2:58:9B:6E
X509v3 Authority Key Identifier:
keyid:72:42:A1:37:15:FC:55:78:CD:C0:5A:AA:A6:8C:6A:41:3C:DB:C9:F5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ckKhNxX8VXjNwFqqpoxqQTzbyfU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/90aa1e-0098-4fda-9829-a15ccf5b413e/1/VM78ccNjzD-bEHKeV9UwvKJYm24.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/90aa1e-0098-4fda-9829-a15ccf5b413e/1/ckKhNxX8VXjNwFqqpoxqQTzbyfU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.100.32.0/20
185.122.24.0/22
Signature Algorithm: sha256WithRSAEncryption
83:aa:39:54:fa:70:79:5b:e4:48:01:5f:23:90:3c:0d:dc:ba:
c9:4f:7f:82:c9:55:55:0d:5e:d7:a6:5c:e5:8e:d6:fb:9a:ec:
70:ca:8e:b6:b6:ca:df:b1:5a:e1:d7:a7:b3:d0:bb:c2:a0:7f:
a2:59:8b:ab:bf:ec:42:b7:49:dd:9c:04:fa:19:b1:2c:65:9f:
ba:ee:f9:d5:be:18:39:a8:8f:75:9a:9b:05:bf:4b:76:16:c3:
9b:c0:87:7f:a5:a2:d8:ba:24:b9:a2:a2:4f:b4:f3:cc:59:8b:
0a:a9:9f:c5:b4:34:ed:a9:75:68:05:f9:fb:67:51:6f:54:53:
da:ac:d2:99:32:0a:3d:b4:05:d3:09:b1:aa:1a:87:6e:79:45:
04:eb:fe:7c:eb:6c:c5:b4:d5:e7:c4:e1:81:3d:c2:68:75:47:
89:fb:20:24:4a:35:c2:90:e2:47:e7:d2:d7:d6:a1:cf:ba:ff:
9b:c1:cd:30:4b:11:19:4b:07:10:18:f9:f7:d5:59:dc:51:fb:
7e:5d:1a:07:cb:bb:d7:62:e3:c7:4d:89:4d:e6:a5:a8:08:8f:
7e:5d:60:f4:4b:9d:a8:d2:8c:90:87:5a:2e:f2:07:e3:55:17:
4f:7d:c2:77:85:10:fd:21:05:06:b3:4c:ef:6c:25:23:f3:38:
e7:19:82:cb
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYOxvZ39Zl/Lkwrv1cGqfaVMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyNDJhMTM3MTVmYzU1NzhjZGMwNWFhYWE2OGM2YTQxM2Nk
YmM5ZjUwHhcNMjIxMDA3MDkxODU3WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NGNlZmM3MWMzNjNjYzNmOWIxMDcyOWU1N2Q1MzBiY2EyNTg5YjZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiByTZfRv7nEbZ1+RL3Dx6DQEVISO
IpfBxe0dapMKYWPLXWT1rB/5QMjxaSfpNU8/zhaXFwAM9C5DA4q4J4ybtGvq+K8C
+hVudpJC9ftZ1099UKmlUEQftdY6b2f/6BKc99YB8vQyx+tfSzAPFCd4LX7RYUqh
h75wr728PgFU5gw1q3oc49JP7+ITn1j+1PxAEYegxbVGfKyMW09sYQfPrL55ldOL
dRe6qgC9qqOBozNb3x7o0TBsOPVTTuSGMz6Aj0hssIOdbxMLPvMF8kcIlcNWGGqz
DSD9CuT61O1Do1vFrvipk4gLC0LK5wMnP6f14/gJ4Byw1cVMVIQVCqcRJwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFFTO/HHDY8w/mxBynlfVMLyiWJtuMB8GA1UdIwQY
MBaAFHJCoTcV/FV4zcBaqqaMakE828n1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2tLaE54WDhWWGpOd0ZxcXBveHFRVHpieWZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYi85MGFhMWUtMDA5OC00ZmRhLTk4Mjkt
YTE1Y2NmNWI0MTNlLzEvVk03OGNjTmp6RC1iRUhLZVY5VXd2S0pZbTI0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYi85MGFhMWUtMDA5OC00ZmRhLTk4MjktYTE1Y2NmNWI0MTNl
LzEvY2tLaE54WDhWWGpOd0ZxcXBveHFRVHpieWZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQEXmQgAwQC
uXoYMA0GCSqGSIb3DQEBCwUAA4IBAQCDqjlU+nB5W+RIAV8jkDwN3LrJT3+CyVVV
DV7Xplzljtb7muxwyo62tsrfsVrh16ez0LvCoH+iWYurv+xCt0ndnAT6GbEsZZ+6
7vnVvhg5qI91mpsFv0t2FsObwId/paLYuiS5oqJPtPPMWYsKqZ/FtDTtqXVoBfn7
Z1FvVFParNKZMgo9tAXTCbGqGodueUUE6/5862zFtNXnxOGBPcJodUeJ+yAkSjXC
kOJH59LX1qHPuv+bwc0wSxEZSwcQGPn31VncUft+XRoHy7vXYuPHTYlN5qWoCI9+
XWD0S52o0oyQh1ou8gfjVRdPfcJ3hRD9IQUGs0zvbCUj8zjnGYLL
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:04:01 2023 by rpki-client on console-fra.rpki-client.org