Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d5/cc8bfa-2b13-4674-a984-a5fdb570fe9a/1/V-F-kdk8uvkNYRnI749DbAeBNd4.roa
File: V-F-kdk8uvkNYRnI749DbAeBNd4.roa (raw, json)
Hash identifier: 7QWSsU7moE1sNTm1qJ9ChdSfoeT8McoDaSReq56PNXM=
Subject key identifier: 57:E1:7E:91:D9:3C:BA:F9:0D:61:19:C8:EF:8F:43:6C:07:81:35:DE
Certificate issuer: /CN=0620eadb2e1562b4e2e4f480772c36887a777f24
Certificate serial: 2FFCC8B5
Authority key identifier: 06:20:EA:DB:2E:15:62:B4:E2:E4:F4:80:77:2C:36:88:7A:77:7F:24
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BiDq2y4VYrTi5PSAdyw2iHp3fyQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d5/cc8bfa-2b13-4674-a984-a5fdb570fe9a/1/V-F-kdk8uvkNYRnI749DbAeBNd4.roa
Signing time: Sat 01 Jan 2022 10:01:36 +0000
ROA not before: Sat 01 Jan 2022 10:01:36 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 201364
IP address blocks: 78.111.111.0/24 maxlen: 24
217.195.195.0/24 maxlen: 24
217.195.197.0/24 maxlen: 24
80.93.220.0/24 maxlen: 24
217.195.202.0/24 maxlen: 24
217.195.207.0/24 maxlen: 24
37.122.140.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 805095605 (0x2ffcc8b5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0620eadb2e1562b4e2e4f480772c36887a777f24
Validity
Not Before: Jan 1 10:01:36 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=57e17e91d93cbaf90d6119c8ef8f436c078135de
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:d0:24:fd:00:dd:27:df:c1:96:7f:e5:0d:ed:
93:90:db:34:be:87:e8:4a:86:73:d7:2a:0b:83:f4:
02:eb:cb:0b:f6:29:87:aa:77:8d:93:a1:67:4b:56:
ee:fd:54:04:dd:13:7d:67:0b:60:ce:4e:bb:fe:7f:
81:ae:0a:31:b8:b8:38:72:41:c4:9c:cd:67:29:d9:
e1:10:39:7b:65:2f:e0:3b:66:08:ed:af:3b:77:f0:
e4:ad:6a:59:73:fb:75:4f:bd:d5:b4:07:1a:4c:54:
44:6f:3b:a5:32:f4:72:70:87:1c:de:ad:bf:48:d3:
62:d5:4c:74:a0:84:3b:28:95:ce:10:b5:f1:2a:7f:
40:2c:20:1d:95:a7:5c:d5:3d:6d:a3:7a:0e:41:3e:
7c:5a:36:18:1f:53:2c:3a:6b:57:78:2d:a9:9e:26:
43:b1:38:41:2b:10:1b:d1:9c:bd:b9:6f:7f:a1:83:
2e:77:30:40:1f:fb:7d:f4:7f:14:cf:a0:6d:1d:3d:
6b:f3:9a:e2:7c:45:4b:c5:ca:1b:f2:20:41:cf:5a:
2a:fc:17:52:91:4a:fb:90:f3:ff:d2:cd:44:d8:e5:
b1:70:97:d4:f7:d1:c5:ae:8e:a4:4e:87:8a:b4:5f:
e0:76:78:3b:2b:57:c6:c2:72:b2:fd:27:0e:f8:28:
d1:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
57:E1:7E:91:D9:3C:BA:F9:0D:61:19:C8:EF:8F:43:6C:07:81:35:DE
X509v3 Authority Key Identifier:
keyid:06:20:EA:DB:2E:15:62:B4:E2:E4:F4:80:77:2C:36:88:7A:77:7F:24
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BiDq2y4VYrTi5PSAdyw2iHp3fyQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/cc8bfa-2b13-4674-a984-a5fdb570fe9a/1/V-F-kdk8uvkNYRnI749DbAeBNd4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/cc8bfa-2b13-4674-a984-a5fdb570fe9a/1/BiDq2y4VYrTi5PSAdyw2iHp3fyQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.122.140.0/24
78.111.111.0/24
80.93.220.0/24
217.195.195.0/24
217.195.197.0/24
217.195.202.0/24
217.195.207.0/24
Signature Algorithm: sha256WithRSAEncryption
1c:cb:f6:34:ff:a7:06:af:98:8d:8e:18:df:73:06:42:16:12:
cd:f7:37:8d:39:0c:d4:7c:89:00:9f:1a:fb:fa:0d:89:bd:e4:
fc:cc:a5:40:78:ac:3a:07:4c:91:d2:15:b9:33:b7:0b:09:c6:
59:49:64:36:87:07:cb:c9:7e:da:d7:e1:21:b3:24:a9:c8:18:
03:b6:33:f9:ae:26:72:85:10:1c:4d:78:82:b4:51:86:65:42:
54:99:8b:c5:55:27:d2:c3:11:2c:a7:f1:a1:29:b8:ba:04:66:
7f:79:13:1b:7a:59:33:58:20:30:2b:34:2e:9d:1a:23:b8:36:
d3:73:e1:2f:72:d4:3e:f3:5c:9c:23:b6:d3:fc:7f:3c:60:24:
7c:b1:93:50:e8:26:04:02:9b:dc:d7:da:06:4f:23:0b:84:4d:
e6:f0:22:39:4b:c0:66:92:84:67:93:20:e2:0a:68:52:06:53:
48:af:9b:c7:d4:02:4f:c4:e0:25:ab:26:bc:30:1f:ae:35:1c:
7e:5e:32:b5:da:36:7c:3c:1a:43:24:bb:b0:a0:06:50:0c:01:
45:f0:ea:9f:77:87:d9:c7:8b:d8:05:55:0e:8a:b0:a7:1d:41:
66:4d:d3:08:91:8e:7f:10:11:89:9e:bd:92:bd:ce:d5:df:7b:
48:2d:32:f8
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgIEL/zItTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
NjIwZWFkYjJlMTU2MmI0ZTJlNGY0ODA3NzJjMzY4ODdhNzc3ZjI0MB4XDTIyMDEw
MTEwMDEzNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNTdlMTdlOTFkOTNj
YmFmOTBkNjExOWM4ZWY4ZjQzNmMwNzgxMzVkZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALbQJP0A3SffwZZ/5Q3tk5DbNL6H6EqGc9cqC4P0AuvLC/Yp
h6p3jZOhZ0tW7v1UBN0TfWcLYM5Ou/5/ga4KMbi4OHJBxJzNZynZ4RA5e2Uv4Dtm
CO2vO3fw5K1qWXP7dU+91bQHGkxURG87pTL0cnCHHN6tv0jTYtVMdKCEOyiVzhC1
8Sp/QCwgHZWnXNU9baN6DkE+fFo2GB9TLDprV3gtqZ4mQ7E4QSsQG9Gcvblvf6GD
LncwQB/7ffR/FM+gbR09a/Oa4nxFS8XKG/IgQc9aKvwXUpFK+5Dz/9LNRNjlsXCX
1PfRxa6OpE6HirRf4HZ4OytXxsJysv0nDvgo0TsCAwEAAaOCAi0wggIpMB0GA1Ud
DgQWBBRX4X6R2Ty6+Q1hGcjvj0NsB4E13jAfBgNVHSMEGDAWgBQGIOrbLhVitOLk
9IB3LDaIend/JDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0JpRHEyeTRWWXJUaTVQU0FkeXcyaUhwM2Z5US5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDUvY2M4YmZhLTJiMTMtNDY3NC1hOTg0LWE1ZmRiNTcwZmU5YS8x
L1YtRi1rZGs4dXZrTllSbkk3NDlEYkFlQk5kNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDUv
Y2M4YmZhLTJiMTMtNDY3NC1hOTg0LWE1ZmRiNTcwZmU5YS8xL0JpRHEyeTRWWXJU
aTVQU0FkeXcyaUhwM2Z5US5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBD
BggrBgEFBQcBBwEB/wQ0MDIwMAQCAAEwKgMEACV6jAMEAE5vbwMEAFBd3AMEANnD
wwMEANnDxQMEANnDygMEANnDzzANBgkqhkiG9w0BAQsFAAOCAQEAHMv2NP+nBq+Y
jY4Y33MGQhYSzfc3jTkM1HyJAJ8a+/oNib3k/MylQHisOgdMkdIVuTO3CwnGWUlk
NocHy8l+2tfhIbMkqcgYA7Yz+a4mcoUQHE14grRRhmVCVJmLxVUn0sMRLKfxoSm4
ugRmf3kTG3pZM1ggMCs0Lp0aI7g203PhL3LUPvNcnCO20/x/PGAkfLGTUOgmBAKb
3NfaBk8jC4RN5vAiOUvAZpKEZ5Mg4gpoUgZTSK+bx9QCT8TgJasmvDAfrjUcfl4y
tdo2fDwaQyS7sKAGUAwBRfDqn3eH2ceL2AVVDoqwpx1BZk3TCJGOfxARiZ69kr3O
1d97SC0y+A==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:29 2024 by rpki-client on console-fra.rpki-client.org