Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d5/cc8bfa-2b13-4674-a984-a5fdb570fe9a/1/vvxhhcTRqccyTjmR2SSweNxb2yw.roa
File: vvxhhcTRqccyTjmR2SSweNxb2yw.roa (raw, json)
Hash identifier: aCz8fSOzukuPCamQYbLQA50wmSPLqvDKUIQ5whCGP9E=
Subject key identifier: BE:FC:61:85:C4:D1:A9:C7:32:4E:39:91:D9:24:B0:78:DC:5B:DB:2C
Certificate issuer: /CN=0620eadb2e1562b4e2e4f480772c36887a777f24
Certificate serial: 31766EE2
Authority key identifier: 06:20:EA:DB:2E:15:62:B4:E2:E4:F4:80:77:2C:36:88:7A:77:7F:24
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BiDq2y4VYrTi5PSAdyw2iHp3fyQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d5/cc8bfa-2b13-4674-a984-a5fdb570fe9a/1/vvxhhcTRqccyTjmR2SSweNxb2yw.roa
Signing time: Thu 16 Jun 2022 13:48:45 +0000
ROA not before: Thu 16 Jun 2022 13:48:45 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 201364
IP address blocks: 78.111.96.0/24 maxlen: 24
78.111.111.0/24 maxlen: 24
217.195.195.0/24 maxlen: 24
217.195.197.0/24 maxlen: 24
80.93.220.0/24 maxlen: 24
217.195.202.0/24 maxlen: 24
217.195.207.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 829845218 (0x31766ee2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0620eadb2e1562b4e2e4f480772c36887a777f24
Validity
Not Before: Jun 16 13:48:45 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=befc6185c4d1a9c7324e3991d924b078dc5bdb2c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:70:cb:d8:36:d7:41:64:1d:7b:02:28:0a:e8:
65:a1:dd:b7:2a:6d:db:8e:46:f3:91:84:43:c9:8f:
b0:86:33:04:49:e1:2d:ca:14:b9:16:be:08:f0:f0:
8e:15:3d:b8:0f:69:21:c3:52:03:55:d4:6e:51:f4:
a2:43:33:f6:bf:0d:bc:72:15:f5:26:ab:84:61:6f:
50:04:68:cc:1d:b6:c4:42:df:60:cf:23:f8:0a:3b:
3e:78:0d:26:40:81:48:d3:b8:33:18:1d:6a:a8:a2:
af:01:60:d4:26:58:99:fe:de:bc:9e:79:9f:c2:5a:
53:2c:ba:fc:0e:de:dd:9a:4e:32:18:85:dc:16:24:
88:08:1c:5f:81:6d:fa:bd:c3:be:fb:1d:09:e1:f7:
79:13:79:2f:fa:fe:60:55:6c:83:ae:57:e6:b5:26:
8d:3c:22:48:86:06:96:2c:1a:09:35:b2:2e:b5:29:
db:d6:57:19:e7:d8:86:80:c4:3e:51:01:b5:be:61:
38:a5:bb:af:73:74:11:6c:46:58:a3:e3:5b:20:a8:
82:23:1d:dc:1e:01:75:69:89:77:49:16:57:cd:b1:
c1:79:2c:6b:90:49:2e:be:31:fd:80:e5:a4:ff:d2:
bb:44:86:75:41:4c:ee:63:36:00:3d:ac:0c:be:70:
62:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:FC:61:85:C4:D1:A9:C7:32:4E:39:91:D9:24:B0:78:DC:5B:DB:2C
X509v3 Authority Key Identifier:
keyid:06:20:EA:DB:2E:15:62:B4:E2:E4:F4:80:77:2C:36:88:7A:77:7F:24
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BiDq2y4VYrTi5PSAdyw2iHp3fyQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/cc8bfa-2b13-4674-a984-a5fdb570fe9a/1/vvxhhcTRqccyTjmR2SSweNxb2yw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/cc8bfa-2b13-4674-a984-a5fdb570fe9a/1/BiDq2y4VYrTi5PSAdyw2iHp3fyQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.111.96.0/24
78.111.111.0/24
80.93.220.0/24
217.195.195.0/24
217.195.197.0/24
217.195.202.0/24
217.195.207.0/24
Signature Algorithm: sha256WithRSAEncryption
72:71:fd:ce:ec:b1:ea:4c:5f:08:22:f1:c9:a7:b4:fc:76:69:
76:8e:e9:25:c6:0d:f4:34:3e:87:18:2a:07:e7:2b:04:75:6a:
21:b7:06:8d:da:fe:bd:80:88:e8:f8:b7:15:ac:18:10:33:21:
3f:2a:ff:f7:84:c9:87:ae:c3:fb:32:66:18:d7:e9:54:c6:f1:
09:cf:d0:62:82:a7:97:60:0c:47:46:5d:67:8c:03:cf:96:da:
c9:26:72:94:f5:b5:77:11:76:ca:83:8e:cf:e0:7f:ad:91:bc:
89:a5:8b:2c:c0:1f:78:d8:c7:16:7c:85:90:1f:91:ba:d8:3b:
a0:5a:c2:e7:05:45:3b:d1:a1:ee:15:b0:97:b6:84:36:67:4d:
d4:90:60:87:33:89:ad:af:63:2a:62:45:9c:38:22:dd:25:8e:
92:03:ef:93:4f:3d:eb:89:ee:77:66:7e:98:b8:a4:a0:0d:1a:
a5:d3:61:3a:54:eb:23:aa:b7:d5:a1:85:04:62:60:5e:5d:04:
f2:1d:4c:8a:c8:ac:36:ac:1b:44:37:05:cf:99:71:cb:45:68:
24:98:ba:f7:5d:08:aa:d4:60:8f:e7:cc:45:4a:a7:fd:01:60:
57:f9:10:27:2f:b5:36:30:f5:2e:f9:a4:ae:0a:05:2d:31:97:
df:f5:07:f3
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgIEMXZu4jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
NjIwZWFkYjJlMTU2MmI0ZTJlNGY0ODA3NzJjMzY4ODdhNzc3ZjI0MB4XDTIyMDYx
NjEzNDg0NVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYmVmYzYxODVjNGQx
YTljNzMyNGUzOTkxZDkyNGIwNzhkYzViZGIyYzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK1wy9g210FkHXsCKAroZaHdtypt245G85GEQ8mPsIYzBEnh
LcoUuRa+CPDwjhU9uA9pIcNSA1XUblH0okMz9r8NvHIV9SarhGFvUARozB22xELf
YM8j+Ao7PngNJkCBSNO4MxgdaqiirwFg1CZYmf7evJ55n8JaUyy6/A7e3ZpOMhiF
3BYkiAgcX4Ft+r3DvvsdCeH3eRN5L/r+YFVsg65X5rUmjTwiSIYGliwaCTWyLrUp
29ZXGefYhoDEPlEBtb5hOKW7r3N0EWxGWKPjWyCogiMd3B4BdWmJd0kWV82xwXks
a5BJLr4x/YDlpP/Su0SGdUFM7mM2AD2sDL5wYqMCAwEAAaOCAi0wggIpMB0GA1Ud
DgQWBBS+/GGFxNGpxzJOOZHZJLB43FvbLDAfBgNVHSMEGDAWgBQGIOrbLhVitOLk
9IB3LDaIend/JDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0JpRHEyeTRWWXJUaTVQU0FkeXcyaUhwM2Z5US5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDUvY2M4YmZhLTJiMTMtNDY3NC1hOTg0LWE1ZmRiNTcwZmU5YS8x
L3Z2eGhoY1RScWNjeVRqbVIyU1N3ZU54YjJ5dy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDUv
Y2M4YmZhLTJiMTMtNDY3NC1hOTg0LWE1ZmRiNTcwZmU5YS8xL0JpRHEyeTRWWXJU
aTVQU0FkeXcyaUhwM2Z5US5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBD
BggrBgEFBQcBBwEB/wQ0MDIwMAQCAAEwKgMEAE5vYAMEAE5vbwMEAFBd3AMEANnD
wwMEANnDxQMEANnDygMEANnDzzANBgkqhkiG9w0BAQsFAAOCAQEAcnH9zuyx6kxf
CCLxyae0/HZpdo7pJcYN9DQ+hxgqB+crBHVqIbcGjdr+vYCI6Pi3FawYEDMhPyr/
94TJh67D+zJmGNfpVMbxCc/QYoKnl2AMR0ZdZ4wDz5baySZylPW1dxF2yoOOz+B/
rZG8iaWLLMAfeNjHFnyFkB+Rutg7oFrC5wVFO9Gh7hWwl7aENmdN1JBghzOJra9j
KmJFnDgi3SWOkgPvk08964nud2Z+mLikoA0apdNhOlTrI6q31aGFBGJgXl0E8h1M
isisNqwbRDcFz5lxy0VoJJi6910IqtRgj+fMRUqn/QFgV/kQJy+1NjD1LvmkrgoF
LTGX3/UH8w==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:46:33 2024 by rpki-client on console-ams.rpki-client.org