Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d1/96436c-f6fa-40ba-a27c-fb1030651067/1/VpYbID-Wa-Zv2hCCI0x2tRKx7UY.roa
File: VpYbID-Wa-Zv2hCCI0x2tRKx7UY.roa (raw, json)
Hash identifier: qvnJo+nfA/saBo5I+sWLaS4yXLcF7AMY0mONRBn1uLI=
Subject key identifier: 56:96:1B:20:3F:96:6B:E6:6F:DA:10:82:23:4C:76:B5:12:B1:ED:46
Certificate issuer: /CN=dbe6ab8e0c46e841b44d2b9c6b03bb65f5621db1
Certificate serial: 018CC9E32F2ECD1FDFB8C208EC7D27BDDB8D
Authority key identifier: DB:E6:AB:8E:0C:46:E8:41:B4:4D:2B:9C:6B:03:BB:65:F5:62:1D:B1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2-arjgxG6EG0TSucawO7ZfViHbE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d1/96436c-f6fa-40ba-a27c-fb1030651067/1/VpYbID-Wa-Zv2hCCI0x2tRKx7UY.roa
Signing time: Tue 02 Jan 2024 11:15:58 +0000
ROA not before: Tue 02 Jan 2024 11:15:58 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 201409
IP address blocks: 193.142.59.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:e3:2f:2e:cd:1f:df:b8:c2:08:ec:7d:27:bd:db:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dbe6ab8e0c46e841b44d2b9c6b03bb65f5621db1
Validity
Not Before: Jan 2 11:15:58 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=56961b203f966be66fda1082234c76b512b1ed46
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:68:de:50:80:18:05:2d:4a:6f:df:20:cf:74:
d8:cc:de:08:25:86:6b:9e:17:fa:ba:0e:ec:f7:d1:
31:cf:b7:ff:bc:48:c1:cf:52:b1:ba:16:31:8a:f3:
d2:56:b2:0a:c1:cc:0b:23:86:d6:85:b0:95:13:77:
42:51:e1:1b:d7:6f:f6:a9:6e:0e:d5:74:00:98:8d:
be:3f:ce:68:e7:25:fb:94:44:ee:69:a4:53:94:c5:
3e:55:c0:00:69:30:0c:61:4c:2c:58:66:82:c5:a3:
98:0b:60:e5:9f:44:18:4b:44:39:86:89:a7:c6:dd:
5c:f3:1d:10:69:b8:4a:7e:07:3c:a6:68:a6:36:71:
8f:61:b9:2b:64:c4:1d:10:00:9f:fc:af:1d:63:a9:
a0:b0:a9:d4:7a:fb:c2:09:e5:e2:26:34:7d:e4:d6:
7a:f1:d8:f6:a7:0b:d8:fc:d2:29:4e:4f:79:db:90:
38:7e:0d:99:46:f9:b8:0a:ba:61:1c:97:a1:01:c4:
e7:d0:fc:69:93:91:78:ab:13:3d:cf:84:d6:77:2b:
58:38:16:86:29:9e:94:0f:60:51:f3:a2:27:54:41:
dc:ff:ba:20:7a:e4:f8:85:80:0a:8d:87:b0:81:68:
01:8e:f9:a1:61:e1:e2:33:55:7e:65:b4:a7:a9:4c:
c7:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
56:96:1B:20:3F:96:6B:E6:6F:DA:10:82:23:4C:76:B5:12:B1:ED:46
X509v3 Authority Key Identifier:
keyid:DB:E6:AB:8E:0C:46:E8:41:B4:4D:2B:9C:6B:03:BB:65:F5:62:1D:B1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2-arjgxG6EG0TSucawO7ZfViHbE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/96436c-f6fa-40ba-a27c-fb1030651067/1/VpYbID-Wa-Zv2hCCI0x2tRKx7UY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/96436c-f6fa-40ba-a27c-fb1030651067/1/2-arjgxG6EG0TSucawO7ZfViHbE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.142.59.0/24
Signature Algorithm: sha256WithRSAEncryption
52:dc:5e:c6:44:1c:8f:48:ee:87:da:93:25:12:b2:84:d1:e1:
43:24:f3:ed:52:77:03:ff:56:ca:d5:21:b7:df:82:4b:2b:12:
2a:8b:2b:53:94:37:cd:c8:bf:e2:f2:0b:72:43:9e:83:47:fd:
2c:1c:87:10:6e:7b:18:2b:09:f7:32:46:e5:ca:b0:3a:5e:88:
3e:a5:99:30:09:49:47:46:cc:b2:41:f7:45:2a:81:70:e2:79:
e5:dc:f9:e0:ff:b4:9b:dd:ba:e1:71:76:50:90:37:10:7f:7d:
ac:d0:5b:f9:b3:82:e5:32:1b:d2:4e:c7:c3:49:89:c2:17:a2:
79:44:6a:c4:bc:99:66:1a:2c:15:6b:cc:71:3a:6b:c2:9d:21:
9e:7e:14:e2:79:b6:aa:46:99:4b:5d:40:58:90:d8:8a:14:35:
a1:3a:36:bd:6e:dd:13:9f:1a:56:1b:58:90:46:38:6a:e5:c7:
e1:26:e8:cc:27:aa:53:bc:3f:86:d8:2f:88:4c:5a:95:ad:74:
3c:4b:a7:be:14:d2:e8:11:57:b4:f2:00:4d:32:5c:48:67:75:
13:07:3e:e7:d6:15:43:48:d0:15:9b:61:10:ee:f3:5b:72:b1:
77:c5:78:bf:3a:21:83:71:aa:98:4b:88:4d:f1:33:ec:28:39:
ec:45:05:b7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzJ4y8uzR/fuMII7H0nvduNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRiZTZhYjhlMGM0NmU4NDFiNDRkMmI5YzZiMDNiYjY1ZjU2
MjFkYjEwHhcNMjQwMTAyMTExNTU4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1Njk2MWIyMDNmOTY2YmU2NmZkYTEwODIyMzRjNzZiNTEyYjFlZDQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkGjeUIAYBS1Kb98gz3TYzN4IJYZr
nhf6ug7s99Exz7f/vEjBz1KxuhYxivPSVrIKwcwLI4bWhbCVE3dCUeEb12/2qW4O
1XQAmI2+P85o5yX7lETuaaRTlMU+VcAAaTAMYUwsWGaCxaOYC2Dln0QYS0Q5homn
xt1c8x0QabhKfgc8pmimNnGPYbkrZMQdEACf/K8dY6mgsKnUevvCCeXiJjR95NZ6
8dj2pwvY/NIpTk9525A4fg2ZRvm4CrphHJehAcTn0Pxpk5F4qxM9z4TWdytYOBaG
KZ6UD2BR86InVEHc/7ogeuT4hYAKjYewgWgBjvmhYeHiM1V+ZbSnqUzHVwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFaWGyA/lmvmb9oQgiNMdrUSse1GMB8GA1UdIwQY
MBaAFNvmq44MRuhBtE0rnGsDu2X1Yh2xMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMi1hcmpneEc2RUcwVFN1Y2F3TzdaZlZpSGJFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMS85NjQzNmMtZjZmYS00MGJhLWEyN2Mt
ZmIxMDMwNjUxMDY3LzEvVnBZYklELVdhLVp2MmhDQ0kweDJ0Ukt4N1VZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMS85NjQzNmMtZjZmYS00MGJhLWEyN2MtZmIxMDMwNjUxMDY3
LzEvMi1hcmpneEc2RUcwVFN1Y2F3TzdaZlZpSGJFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwY47MA0G
CSqGSIb3DQEBCwUAA4IBAQBS3F7GRByPSO6H2pMlErKE0eFDJPPtUncD/1bK1SG3
34JLKxIqiytTlDfNyL/i8gtyQ56DR/0sHIcQbnsYKwn3MkblyrA6Xog+pZkwCUlH
RsyyQfdFKoFw4nnl3Png/7Sb3brhcXZQkDcQf32s0Fv5s4LlMhvSTsfDSYnCF6J5
RGrEvJlmGiwVa8xxOmvCnSGefhTiebaqRplLXUBYkNiKFDWhOja9bt0TnxpWG1iQ
Rjhq5cfhJujMJ6pTvD+G2C+ITFqVrXQ8S6e+FNLoEVe08gBNMlxIZ3UTBz7n1hVD
SNAVm2EQ7vNbcrF3xXi/OiGDcaqYS4hN8TPsKDnsRQW3
-----END CERTIFICATE-----
Generated at Wed Sep 11 09:55:36 2024 by rpki-client on console-fra.rpki-client.org