Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f2/266caf-3b43-49e0-b6e1-9c174e53e4fe/1/VgetDqZND8YI9-PM8FtbTobgmlg.roa
File: VgetDqZND8YI9-PM8FtbTobgmlg.roa (raw, json)
Hash identifier: T9zEJfaHFLilkPiMzQw8DIdo3IAAK0r2xpaDfnamXR4=
Subject key identifier: 56:07:AD:0E:A6:4D:0F:C6:08:F7:E3:CC:F0:5B:5B:4E:86:E0:9A:58
Certificate issuer: /CN=1045dacc837798c3e6cf31f4d27946a33b0de661
Certificate serial: 29FA0826
Authority key identifier: 10:45:DA:CC:83:77:98:C3:E6:CF:31:F4:D2:79:46:A3:3B:0D:E6:61
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EEXazIN3mMPmzzH00nlGozsN5mE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f2/266caf-3b43-49e0-b6e1-9c174e53e4fe/1/VgetDqZND8YI9-PM8FtbTobgmlg.roa
Signing time: Sat 01 Jan 2022 13:54:30 +0000
ROA not before: Sat 01 Jan 2022 13:54:30 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 211639
IP address blocks: 185.13.33.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 704251942 (0x29fa0826)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1045dacc837798c3e6cf31f4d27946a33b0de661
Validity
Not Before: Jan 1 13:54:30 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5607ad0ea64d0fc608f7e3ccf05b5b4e86e09a58
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:4e:d6:5c:b0:e2:c9:f3:df:fa:60:8e:9f:d9:
e7:72:a5:dd:8f:62:8f:57:51:97:ed:0c:64:7d:45:
c0:44:f8:98:f5:83:26:6f:a1:c8:63:66:fd:d3:6e:
1c:a4:23:03:4b:d1:ee:c7:8c:81:51:34:db:ad:33:
39:fc:dc:78:53:32:76:bd:03:e3:d7:d9:d8:36:9b:
70:5c:91:11:b9:f5:34:37:4e:e3:ec:2e:50:d8:05:
fc:d6:c6:92:ae:07:2c:0e:fd:ca:83:bf:91:ec:70:
8f:0e:20:af:a4:70:c6:be:21:d8:22:0f:c0:3f:da:
3e:0e:5a:a7:b9:39:5b:92:0e:6e:a7:ed:f8:fd:54:
1a:0a:95:d7:e3:67:0b:05:d2:27:0f:12:ad:1e:ab:
29:7f:3d:28:8c:2c:9c:b1:7f:6c:77:5a:0f:f1:ce:
10:2f:78:74:4c:83:ae:fc:41:b7:0a:a4:d6:84:29:
89:74:b8:e9:43:31:c7:90:71:86:38:fd:6d:22:7a:
50:96:9b:6d:17:b8:a8:77:72:f7:61:da:9e:82:0f:
6d:4c:76:07:2c:52:c0:95:8b:4f:f3:bc:44:4f:bf:
bc:bc:21:f8:4f:c8:9e:01:32:f1:b0:08:fd:1e:2b:
7b:d9:d1:bb:0e:e6:97:55:26:b7:28:15:c8:c2:75:
b6:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
56:07:AD:0E:A6:4D:0F:C6:08:F7:E3:CC:F0:5B:5B:4E:86:E0:9A:58
X509v3 Authority Key Identifier:
keyid:10:45:DA:CC:83:77:98:C3:E6:CF:31:F4:D2:79:46:A3:3B:0D:E6:61
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EEXazIN3mMPmzzH00nlGozsN5mE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/266caf-3b43-49e0-b6e1-9c174e53e4fe/1/VgetDqZND8YI9-PM8FtbTobgmlg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/266caf-3b43-49e0-b6e1-9c174e53e4fe/1/EEXazIN3mMPmzzH00nlGozsN5mE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.13.33.0/24
Signature Algorithm: sha256WithRSAEncryption
34:a6:c8:2b:70:9d:15:b1:0e:ae:db:72:11:d4:41:47:88:7e:
76:2b:04:96:a8:34:f4:20:0b:26:cc:7c:cf:8d:32:e8:0d:f3:
4c:ba:8c:0a:8c:35:36:4e:e0:86:a2:dd:83:27:48:b0:d8:f1:
9f:05:69:15:94:5a:e7:ef:49:f5:16:84:9e:b9:45:b0:e4:4e:
a1:d6:96:48:0e:eb:d3:8c:99:0b:d1:67:68:fb:1b:f8:8c:8c:
9c:fc:11:5c:e1:c1:20:64:05:8b:98:33:3a:84:33:c2:92:a9:
06:61:89:73:98:62:fd:c8:cc:c6:23:23:b6:15:75:1f:b0:be:
8a:43:1e:f6:0d:53:db:a3:6f:53:5f:50:23:d4:c1:62:3c:22:
81:30:74:ae:47:5b:4c:99:84:43:4e:1b:f7:fd:31:0b:bb:e9:
26:58:ef:8d:71:dc:ed:40:51:56:89:3c:e8:2c:64:bd:4d:ba:
f4:71:59:b2:ba:cf:7e:74:4d:2b:6a:e9:65:96:3e:79:a7:e6:
3e:bf:dc:67:4e:68:2c:a2:b9:b7:e3:92:23:ba:70:64:d8:ed:
2a:98:65:14:9b:c6:fb:48:6a:e4:c7:3e:26:cc:8e:00:54:13:
03:15:84:3b:26:c7:de:ee:84:c1:77:eb:02:4b:aa:00:2b:2c:
3f:2e:3f:dc
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEKfoIJjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
MDQ1ZGFjYzgzNzc5OGMzZTZjZjMxZjRkMjc5NDZhMzNiMGRlNjYxMB4XDTIyMDEw
MTEzNTQzMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNTYwN2FkMGVhNjRk
MGZjNjA4ZjdlM2NjZjA1YjViNGU4NmUwOWE1ODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALpO1lyw4snz3/pgjp/Z53Kl3Y9ij1dRl+0MZH1FwET4mPWD
Jm+hyGNm/dNuHKQjA0vR7seMgVE0260zOfzceFMydr0D49fZ2DabcFyREbn1NDdO
4+wuUNgF/NbGkq4HLA79yoO/kexwjw4gr6Rwxr4h2CIPwD/aPg5ap7k5W5IObqft
+P1UGgqV1+NnCwXSJw8SrR6rKX89KIwsnLF/bHdaD/HOEC94dEyDrvxBtwqk1oQp
iXS46UMxx5Bxhjj9bSJ6UJabbRe4qHdy92HanoIPbUx2ByxSwJWLT/O8RE+/vLwh
+E/IngEy8bAI/R4re9nRuw7ml1UmtygVyMJ1tj0CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRWB60Opk0Pxgj348zwW1tOhuCaWDAfBgNVHSMEGDAWgBQQRdrMg3eYw+bP
MfTSeUajOw3mYTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0VFWGF6SU4zbU1QbXp6SDAwbmxHb3pzTjVtRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZjIvMjY2Y2FmLTNiNDMtNDllMC1iNmUxLTljMTc0ZTUzZTRmZS8x
L1ZnZXREcVpORDhZSTktUE04RnRiVG9iZ21sZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZjIv
MjY2Y2FmLTNiNDMtNDllMC1iNmUxLTljMTc0ZTUzZTRmZS8xL0VFWGF6SU4zbU1Q
bXp6SDAwbmxHb3pzTjVtRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALkNITANBgkqhkiG9w0BAQsFAAOC
AQEANKbIK3CdFbEOrttyEdRBR4h+disElqg09CALJsx8z40y6A3zTLqMCow1Nk7g
hqLdgydIsNjxnwVpFZRa5+9J9RaEnrlFsOROodaWSA7r04yZC9FnaPsb+IyMnPwR
XOHBIGQFi5gzOoQzwpKpBmGJc5hi/cjMxiMjthV1H7C+ikMe9g1T26NvU19QI9TB
YjwigTB0rkdbTJmEQ04b9/0xC7vpJljvjXHc7UBRVok86CxkvU269HFZsrrPfnRN
K2rpZZY+eafmPr/cZ05oLKK5t+OSI7pwZNjtKphlFJvG+0hq5Mc+JsyOAFQTAxWE
OybH3u6EwXfrAkuqACssPy4/3A==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:19 2023 by rpki-client on console-fra.rpki-client.org