Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f1/a8b14b-fb25-47f8-8b0d-271d25e20574/1/Vk3XJjpD-uxE-BvjbWpWm9I_Pf8.roa
File: Vk3XJjpD-uxE-BvjbWpWm9I_Pf8.roa (raw, json)
Hash identifier: DPxf9v1qmqDryq5R6cYrdP0GsIPt4dSzgx6Jhue3Umo=
Subject key identifier: 56:4D:D7:26:3A:43:FA:EC:44:F8:1B:E3:6D:6A:56:9B:D2:3F:3D:FF
Certificate issuer: /CN=111d6814375271d1a3cbd12155db11d2bd41a8d3
Certificate serial: 018CC94CEF8B3BC8F0E781ED3B9D813778F1
Authority key identifier: 11:1D:68:14:37:52:71:D1:A3:CB:D1:21:55:DB:11:D2:BD:41:A8:D3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ER1oFDdScdGjy9EhVdsR0r1BqNM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f1/a8b14b-fb25-47f8-8b0d-271d25e20574/1/Vk3XJjpD-uxE-BvjbWpWm9I_Pf8.roa
Signing time: Tue 02 Jan 2024 08:31:51 +0000
ROA not before: Tue 02 Jan 2024 08:31:51 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 201307
IP address blocks: 155.133.120.0/24 maxlen: 24
2a06:1e00:70::/48 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4c:ef:8b:3b:c8:f0:e7:81:ed:3b:9d:81:37:78:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=111d6814375271d1a3cbd12155db11d2bd41a8d3
Validity
Not Before: Jan 2 08:31:51 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=564dd7263a43faec44f81be36d6a569bd23f3dff
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:b1:7f:7b:16:04:b6:f5:cb:73:48:64:b6:db:
c2:c5:c5:1c:05:c7:ca:9e:f2:db:60:97:bd:ea:15:
86:0a:b6:e4:5d:77:32:5a:b7:50:63:40:d6:20:f7:
a4:6a:9b:e9:e8:13:c5:c1:7f:e5:80:8e:93:d1:90:
44:e6:35:90:7c:ac:7e:23:df:41:fc:db:70:a7:eb:
1e:e3:51:3d:a8:80:1d:71:ec:f1:61:47:a2:60:6a:
03:bd:f6:54:fc:93:c1:c4:d1:de:d4:d2:6d:0d:12:
f7:34:43:c7:52:ce:8f:24:d4:62:9b:aa:81:50:0f:
ca:50:3d:a9:64:ab:37:56:f0:3e:96:9b:60:54:e7:
0f:2a:71:1b:dd:3c:09:01:cd:5d:cb:09:f8:8e:7b:
54:b8:c0:a6:fe:26:e4:ba:43:5f:9c:5b:fc:b9:ca:
69:b8:09:6c:e2:3a:89:4c:a8:1f:01:26:0a:4c:73:
37:14:a7:cf:4d:0b:54:a3:a2:9a:31:23:c4:18:57:
af:38:d7:05:64:62:cf:5e:b2:8a:e8:70:94:ab:fd:
85:48:ab:f8:7e:c4:24:31:33:08:7a:56:59:21:62:
a6:ac:1b:a3:cf:f7:56:aa:af:3a:14:2f:e0:4a:da:
da:c1:ad:a1:48:63:6b:fb:52:cb:d4:e1:0f:04:60:
a7:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
56:4D:D7:26:3A:43:FA:EC:44:F8:1B:E3:6D:6A:56:9B:D2:3F:3D:FF
X509v3 Authority Key Identifier:
keyid:11:1D:68:14:37:52:71:D1:A3:CB:D1:21:55:DB:11:D2:BD:41:A8:D3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ER1oFDdScdGjy9EhVdsR0r1BqNM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/a8b14b-fb25-47f8-8b0d-271d25e20574/1/Vk3XJjpD-uxE-BvjbWpWm9I_Pf8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/a8b14b-fb25-47f8-8b0d-271d25e20574/1/ER1oFDdScdGjy9EhVdsR0r1BqNM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
155.133.120.0/24
IPv6:
2a06:1e00:70::/48
Signature Algorithm: sha256WithRSAEncryption
77:28:91:2a:5d:32:14:da:34:14:e8:c0:f8:a3:aa:08:87:99:
3d:6f:e9:d0:3e:33:ae:b6:04:1a:c1:cf:5e:5a:62:40:cf:af:
38:48:dc:de:8f:85:69:80:eb:54:66:af:b3:2e:5f:db:34:c1:
92:4c:fe:f1:61:31:bb:3c:a4:d1:56:11:de:8f:40:93:08:9c:
18:ff:7c:6e:50:2b:3e:b6:80:15:02:bb:2b:89:55:20:88:6b:
17:45:1c:27:33:80:86:d5:62:eb:db:88:e9:cb:87:7f:a2:9d:
7d:6b:16:ea:1f:8d:48:58:f5:05:72:82:db:1d:25:63:84:16:
56:4a:33:3e:30:5a:c8:ed:58:ed:9c:39:9f:ba:c2:1d:e6:8a:
3b:1a:7d:02:d3:5c:62:88:6d:11:e4:8f:94:69:54:49:57:28:
70:d0:88:ad:df:38:73:f5:b3:14:58:61:22:e3:78:9e:97:b7:
55:ca:67:85:4e:20:45:8d:b4:ce:6e:9b:a6:f6:c6:8b:d8:1e:
c2:6d:ab:d4:fc:16:d4:41:7e:eb:6a:c5:c3:36:7d:f5:4a:68:
a6:b7:e3:c1:38:28:97:ee:d4:6f:aa:a7:08:e2:1a:77:50:cc:
ba:7f:a6:f6:12:e8:34:c1:b4:92:a0:d9:a3:05:36:e4:46:10:
32:14:41:97
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYzJTO+LO8jw54HtO52BN3jxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDExMWQ2ODE0Mzc1MjcxZDFhM2NiZDEyMTU1ZGIxMWQyYmQ0
MWE4ZDMwHhcNMjQwMTAyMDgzMTUxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NjRkZDcyNjNhNDNmYWVjNDRmODFiZTM2ZDZhNTY5YmQyM2YzZGZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkLF/exYEtvXLc0hkttvCxcUcBcfK
nvLbYJe96hWGCrbkXXcyWrdQY0DWIPekapvp6BPFwX/lgI6T0ZBE5jWQfKx+I99B
/Ntwp+se41E9qIAdcezxYUeiYGoDvfZU/JPBxNHe1NJtDRL3NEPHUs6PJNRim6qB
UA/KUD2pZKs3VvA+lptgVOcPKnEb3TwJAc1dywn4jntUuMCm/ibkukNfnFv8ucpp
uAls4jqJTKgfASYKTHM3FKfPTQtUo6KaMSPEGFevONcFZGLPXrKK6HCUq/2FSKv4
fsQkMTMIelZZIWKmrBujz/dWqq86FC/gStrawa2hSGNr+1LL1OEPBGCnPQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFFZN1yY6Q/rsRPgb421qVpvSPz3/MB8GA1UdIwQY
MBaAFBEdaBQ3UnHRo8vRIVXbEdK9QajTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRVIxb0ZEZFNjZEdqeTlFaFZkc1IwcjFCcU5NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMS9hOGIxNGItZmIyNS00N2Y4LThiMGQt
MjcxZDI1ZTIwNTc0LzEvVmszWEpqcEQtdXhFLUJ2amJXcFdtOUlfUGY4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMS9hOGIxNGItZmIyNS00N2Y4LThiMGQtMjcxZDI1ZTIwNTc0
LzEvRVIxb0ZEZFNjZEdqeTlFaFZkc1IwcjFCcU5NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAm4V4MA8E
AgACMAkDBwAqBh4AAHAwDQYJKoZIhvcNAQELBQADggEBAHcokSpdMhTaNBTowPij
qgiHmT1v6dA+M662BBrBz15aYkDPrzhI3N6PhWmA61Rmr7MuX9s0wZJM/vFhMbs8
pNFWEd6PQJMInBj/fG5QKz62gBUCuyuJVSCIaxdFHCczgIbVYuvbiOnLh3+inX1r
FuofjUhY9QVygtsdJWOEFlZKMz4wWsjtWO2cOZ+6wh3mijsafQLTXGKIbRHkj5Rp
VElXKHDQiK3fOHP1sxRYYSLjeJ6Xt1XKZ4VOIEWNtM5um6b2xovYHsJtq9T8FtRB
futqxcM2ffVKaKa348E4KJfu1G+qpwjiGndQzLp/pvYS6DTBtJKg2aMFNuRGEDIU
QZc=
-----END CERTIFICATE-----
Generated at Mon Oct 7 20:37:58 2024 by rpki-client on console-fra.rpki-client.org