Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/VpY0ouIqkoKoPqx4NDIiH2VwA9w.roa
File: VpY0ouIqkoKoPqx4NDIiH2VwA9w.roa (raw, json)
Hash identifier: c3esqfeVeGTDAVGyc9IJfoFQq4SxM+bnzO3EERnSJjM=
Subject key identifier: 56:96:34:A2:E2:2A:92:82:A8:3E:AC:78:34:32:22:1F:65:70:03:DC
Certificate issuer: /CN=cdaaa0e082360360acda347664eb8314eb11da10
Certificate serial: 01850BD567F52E8EBF4128F73154E6FC7652
Authority key identifier: CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/VpY0ouIqkoKoPqx4NDIiH2VwA9w.roa
Signing time: Tue 13 Dec 2022 14:13:33 +0000
ROA not before: Tue 13 Dec 2022 14:13:33 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 202485
IP address blocks: 92.52.217.0/24 maxlen: 24
88.209.254.0/24 maxlen: 24
178.210.233.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:0b:d5:67:f5:2e:8e:bf:41:28:f7:31:54:e6:fc:76:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cdaaa0e082360360acda347664eb8314eb11da10
Validity
Not Before: Dec 13 14:13:33 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=569634a2e22a9282a83eac783432221f657003dc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:85:4d:5c:dd:21:a1:e3:39:d0:7d:e6:1d:22:
a5:3b:4d:9a:06:27:7d:5e:f8:94:49:9e:3a:cb:fb:
8c:e8:b6:43:95:46:2b:c6:e3:c7:16:b7:08:a6:20:
a9:bc:2a:a9:ea:89:43:9c:06:14:f2:2d:e9:0c:0a:
a7:b4:b3:76:7d:c8:c4:53:7b:d7:95:72:dc:15:ca:
01:ef:cc:96:31:41:fa:0b:36:69:e1:54:02:70:be:
3a:7c:06:59:6d:9d:0a:9d:1d:1d:2a:a3:44:dc:02:
9d:43:43:44:4c:9c:3b:64:5f:f1:04:6c:78:ce:93:
e7:2c:f5:06:2b:ea:1e:59:44:8a:05:98:11:7a:cf:
17:78:fa:76:d3:45:9a:e0:c4:d5:03:8f:c3:8a:58:
44:c7:29:d2:6e:de:ff:64:3f:6d:fa:18:37:af:d0:
96:21:78:04:a6:35:64:6a:d1:a9:ba:3c:1c:4f:3a:
2c:f1:69:ab:2d:03:ee:be:35:1c:86:61:35:cf:da:
82:32:5e:ae:ac:8d:5c:2e:12:17:8e:11:57:10:37:
9e:b6:f9:b8:60:49:c0:26:a9:de:52:37:53:5d:1e:
c6:cf:26:18:c5:71:d1:d4:1e:99:46:2d:9b:ab:49:
24:a5:5d:8e:75:94:d9:e9:14:23:60:04:fa:8e:77:
89:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
56:96:34:A2:E2:2A:92:82:A8:3E:AC:78:34:32:22:1F:65:70:03:DC
X509v3 Authority Key Identifier:
keyid:CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/VpY0ouIqkoKoPqx4NDIiH2VwA9w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.209.254.0/24
92.52.217.0/24
178.210.233.0/24
Signature Algorithm: sha256WithRSAEncryption
05:40:69:f1:c1:f5:a0:fa:5b:bc:62:cb:4d:66:c6:5a:69:c1:
5e:49:c9:7b:05:e4:18:9c:ef:b6:ef:44:fc:44:7b:38:a5:59:
91:0e:fd:6c:8a:af:7e:68:e3:27:f1:48:14:22:7a:d7:4f:00:
7c:56:98:41:1b:15:09:c8:da:dc:ba:98:b8:b8:c5:84:43:3d:
5b:52:a9:21:53:52:f1:95:dd:6e:e3:cd:d6:97:9b:13:75:84:
d5:a1:55:9e:5c:dc:f8:a1:2c:25:0e:9c:b5:5a:db:5d:89:af:
a4:1c:8c:41:d9:40:d2:28:17:85:bf:4c:d2:9b:52:14:39:02:
28:bc:6d:f0:fc:4e:9a:5a:57:34:48:11:d7:c7:97:1e:91:90:
fe:9d:5e:df:ec:27:4a:cd:e9:8d:5c:c9:72:43:0f:5b:ca:fc:
4b:94:6e:e9:38:01:34:af:ad:f2:22:99:93:85:38:6b:19:2f:
be:c5:12:d2:27:77:c6:28:f5:3e:bc:5e:7d:ee:1d:22:82:04:
b5:25:f5:68:6a:af:8b:ea:18:a4:ca:01:1b:fd:05:dc:a8:85:
ed:23:55:22:45:28:0a:6d:1a:0e:68:aa:d2:b8:d4:e0:cb:07:
ef:a3:6c:ad:b1:b8:f2:43:af:5f:82:2d:bd:a4:2a:82:7d:07:
45:86:db:6d
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYUL1Wf1Lo6/QSj3MVTm/HZSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkYWFhMGUwODIzNjAzNjBhY2RhMzQ3NjY0ZWI4MzE0ZWIx
MWRhMTAwHhcNMjIxMjEzMTQxMzMzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1Njk2MzRhMmUyMmE5MjgyYTgzZWFjNzgzNDMyMjIxZjY1NzAwM2RjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgIVNXN0hoeM50H3mHSKlO02aBid9
XviUSZ46y/uM6LZDlUYrxuPHFrcIpiCpvCqp6olDnAYU8i3pDAqntLN2fcjEU3vX
lXLcFcoB78yWMUH6CzZp4VQCcL46fAZZbZ0KnR0dKqNE3AKdQ0NETJw7ZF/xBGx4
zpPnLPUGK+oeWUSKBZgRes8XePp200Wa4MTVA4/DilhExynSbt7/ZD9t+hg3r9CW
IXgEpjVkatGpujwcTzos8WmrLQPuvjUchmE1z9qCMl6urI1cLhIXjhFXEDeetvm4
YEnAJqneUjdTXR7GzyYYxXHR1B6ZRi2bq0kkpV2OdZTZ6RQjYAT6jneJrwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFFaWNKLiKpKCqD6seDQyIh9lcAPcMB8GA1UdIwQY
MBaAFM2qoOCCNgNgrNo0dmTrgxTrEdoQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2Mt
N2U0ZDZmNmY2ZTY2LzEvVnBZMG91SXFrb0tvUHF4NE5ESWlIMlZ3QTl3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2MtN2U0ZDZmNmY2ZTY2
LzEvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAWNH+AwQA
XDTZAwQAstLpMA0GCSqGSIb3DQEBCwUAA4IBAQAFQGnxwfWg+lu8YstNZsZaacFe
Scl7BeQYnO+270T8RHs4pVmRDv1siq9+aOMn8UgUInrXTwB8VphBGxUJyNrcupi4
uMWEQz1bUqkhU1Lxld1u483Wl5sTdYTVoVWeXNz4oSwlDpy1Wttdia+kHIxB2UDS
KBeFv0zSm1IUOQIovG3w/E6aWlc0SBHXx5cekZD+nV7f7CdKzemNXMlyQw9byvxL
lG7pOAE0r63yIpmThThrGS++xRLSJ3fGKPU+vF597h0iggS1JfVoaq+L6hikygEb
/QXcqIXtI1UiRSgKbRoOaKrSuNTgywfvo2ytsbjyQ69fgi29pCqCfQdFhttt
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:47:56 2024 by rpki-client on console-ams.rpki-client.org