Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cc/3630cb-ebec-4d86-b12b-bffb757c3134/1/ViTeZXHAqX6bttFQZHMmsN6BeQ0.roa
File: ViTeZXHAqX6bttFQZHMmsN6BeQ0.roa (raw, json)
Hash identifier: JLsEmKb1BWf9kfJ9YWrmpHPk5nh3MqtgrePQgSaN6qc=
Subject key identifier: 56:24:DE:65:71:C0:A9:7E:9B:B6:D1:50:64:73:26:B0:DE:81:79:0D
Certificate issuer: /CN=96bfc5a172654dd6009db1d82d92ffaf71234120
Certificate serial: 093BAF56
Authority key identifier: 96:BF:C5:A1:72:65:4D:D6:00:9D:B1:D8:2D:92:FF:AF:71:23:41:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lr_FoXJlTdYAnbHYLZL_r3EjQSA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cc/3630cb-ebec-4d86-b12b-bffb757c3134/1/ViTeZXHAqX6bttFQZHMmsN6BeQ0.roa
Signing time: Tue 15 Mar 2022 21:28:54 +0000
ROA not before: Tue 15 Mar 2022 21:28:54 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 213081
IP address blocks: 147.78.192.0/22 maxlen: 24
185.203.112.0/22 maxlen: 24
2a0a:e5c0::/29 maxlen: 48
2a09:2940::/29 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 154906454 (0x93baf56)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=96bfc5a172654dd6009db1d82d92ffaf71234120
Validity
Not Before: Mar 15 21:28:54 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5624de6571c0a97e9bb6d150647326b0de81790d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f1:bc:1a:84:a7:5b:96:75:5b:fa:29:15:b5:e3:
19:ec:eb:ef:f1:ea:fe:b3:a1:83:7d:18:ec:66:77:
22:1b:c4:7d:87:e9:26:de:ca:22:d9:e5:89:74:00:
7c:16:db:4a:bb:d4:57:26:fc:31:f5:16:bc:6d:9a:
99:92:f3:75:0b:1a:ec:40:80:d4:c4:ae:c9:79:37:
bb:ff:8a:6f:c4:3f:6b:d5:53:f7:91:5b:59:fe:bb:
74:78:01:9a:4c:c5:33:6b:7e:f6:2a:38:05:1f:c4:
5a:0b:45:81:c4:db:b8:c6:10:14:51:89:fa:47:9c:
64:e0:b4:56:d0:c1:51:32:a3:51:84:0a:cc:95:d4:
69:ce:95:05:2a:e7:95:48:a3:1a:b3:c4:24:f8:69:
ae:bc:81:86:05:b3:3d:98:20:65:8f:0f:8e:3c:4f:
5b:97:2e:0b:d8:99:62:ae:bd:2d:d2:9a:85:a8:ba:
45:ea:74:a9:4d:0d:64:c5:9c:56:8a:02:a1:b9:7c:
9c:72:64:74:7c:bf:1c:ee:36:b8:8b:18:13:d7:dc:
94:72:22:b3:2c:bc:65:92:1f:3e:80:6e:05:b3:94:
3e:f4:8d:bf:c1:bf:33:d7:38:cb:1f:5f:f4:70:27:
c6:6a:4e:a3:8a:24:2b:f6:24:13:e8:9b:8b:0b:84:
76:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
56:24:DE:65:71:C0:A9:7E:9B:B6:D1:50:64:73:26:B0:DE:81:79:0D
X509v3 Authority Key Identifier:
keyid:96:BF:C5:A1:72:65:4D:D6:00:9D:B1:D8:2D:92:FF:AF:71:23:41:20
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lr_FoXJlTdYAnbHYLZL_r3EjQSA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/3630cb-ebec-4d86-b12b-bffb757c3134/1/ViTeZXHAqX6bttFQZHMmsN6BeQ0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/3630cb-ebec-4d86-b12b-bffb757c3134/1/lr_FoXJlTdYAnbHYLZL_r3EjQSA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.78.192.0/22
185.203.112.0/22
IPv6:
2a09:2940::/29
2a0a:e5c0::/29
Signature Algorithm: sha256WithRSAEncryption
33:9b:6f:86:82:61:b0:1e:5c:f4:27:a8:bf:85:1e:84:6e:65:
fe:ee:5a:bf:97:f9:eb:57:c6:ea:4a:17:ce:e8:4a:1c:d0:46:
a6:3e:88:70:f2:33:df:94:42:5b:9e:dd:f1:0b:bd:b0:50:a5:
9c:10:d5:26:b7:92:c0:ef:98:b0:be:7b:19:8c:81:57:82:21:
02:ef:35:ec:61:c1:c0:86:20:cf:80:60:73:4c:2a:9a:85:97:
86:6a:bd:16:0b:b3:f3:b1:30:20:40:d9:88:f5:2e:a5:05:c6:
cd:57:9d:f8:4a:52:9e:06:cc:d9:ed:7c:5a:a4:e1:2a:c3:c8:
10:8a:9d:bd:6b:3c:12:88:c6:fa:c0:68:9e:99:8a:26:c6:49:
42:76:5e:f6:89:63:ee:8d:c2:fe:d8:f7:43:5a:a2:43:61:87:
c6:bc:08:8e:58:27:12:dc:d1:24:fd:0e:3a:39:d6:5e:b6:98:
8b:3e:af:06:9e:dc:34:39:e5:96:b6:6f:d7:3a:2b:9d:de:3a:
ef:66:25:0d:93:fe:71:8d:64:97:ed:84:f1:c2:36:4f:31:d8:
cb:6a:cf:7a:be:fe:48:dd:cf:a8:52:67:63:c0:b2:29:42:b3:
d7:f0:ff:3f:c1:ca:2f:73:f1:3d:4f:25:48:6d:8a:92:cc:b1:
37:c0:66:50
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgIECTuvVjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
NmJmYzVhMTcyNjU0ZGQ2MDA5ZGIxZDgyZDkyZmZhZjcxMjM0MTIwMB4XDTIyMDMx
NTIxMjg1NFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNTYyNGRlNjU3MWMw
YTk3ZTliYjZkMTUwNjQ3MzI2YjBkZTgxNzkwZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAPG8GoSnW5Z1W/opFbXjGezr7/Hq/rOhg30Y7GZ3IhvEfYfp
Jt7KItnliXQAfBbbSrvUVyb8MfUWvG2amZLzdQsa7ECA1MSuyXk3u/+Kb8Q/a9VT
95FbWf67dHgBmkzFM2t+9io4BR/EWgtFgcTbuMYQFFGJ+kecZOC0VtDBUTKjUYQK
zJXUac6VBSrnlUijGrPEJPhprryBhgWzPZggZY8PjjxPW5cuC9iZYq69LdKahai6
Rep0qU0NZMWcVooCobl8nHJkdHy/HO42uIsYE9fclHIisyy8ZZIfPoBuBbOUPvSN
v8G/M9c4yx9f9HAnxmpOo4okK/YkE+ibiwuEdp0CAwEAAaOCAiUwggIhMB0GA1Ud
DgQWBBRWJN5lccCpfpu20VBkcyaw3oF5DTAfBgNVHSMEGDAWgBSWv8WhcmVN1gCd
sdgtkv+vcSNBIDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2xyX0ZvWEpsVGRZQW5iSFlMWkxfcjNFalFTQS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvY2MvMzYzMGNiLWViZWMtNGQ4Ni1iMTJiLWJmZmI3NTdjMzEzNC8x
L1ZpVGVaWEhBcVg2YnR0RlFaSE1tc042QmVRMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvY2Mv
MzYzMGNiLWViZWMtNGQ4Ni1iMTJiLWJmZmI3NTdjMzEzNC8xL2xyX0ZvWEpsVGRZ
QW5iSFlMWkxfcjNFalFTQS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA7
BggrBgEFBQcBBwEB/wQsMCowEgQCAAEwDAMEApNOwAMEArnLcDAUBAIAAjAOAwUD
KgkpQAMFAyoK5cAwDQYJKoZIhvcNAQELBQADggEBADObb4aCYbAeXPQnqL+FHoRu
Zf7uWr+X+etXxupKF87oShzQRqY+iHDyM9+UQlue3fELvbBQpZwQ1Sa3ksDvmLC+
exmMgVeCIQLvNexhwcCGIM+AYHNMKpqFl4ZqvRYLs/OxMCBA2Yj1LqUFxs1XnfhK
Up4GzNntfFqk4SrDyBCKnb1rPBKIxvrAaJ6ZiibGSUJ2XvaJY+6Nwv7Y90NaokNh
h8a8CI5YJxLc0ST9Djo51l62mIs+rwae3DQ55Za2b9c6K53eOu9mJQ2T/nGNZJft
hPHCNk8x2Mtqz3q+/kjdz6hSZ2PAsilCs9fw/z/Byi9z8T1PJUhtipLMsTfAZlA=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:07 2024 by rpki-client on console-fra.rpki-client.org