Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f2/266caf-3b43-49e0-b6e1-9c174e53e4fe/1/x_VKVq5xrDxdYpJNamljT4Rk22Y.roa
File: x_VKVq5xrDxdYpJNamljT4Rk22Y.roa (raw, json)
Hash identifier: 69KJrsEJi4FwsSiEiKdtRpKzcB9v5vyckrWFxzKCp1k=
Subject key identifier: C7:F5:4A:56:AE:71:AC:3C:5D:62:92:4D:6A:69:63:4F:84:64:DB:66
Certificate issuer: /CN=1045dacc837798c3e6cf31f4d27946a33b0de661
Certificate serial: 29F09ABB
Authority key identifier: 10:45:DA:CC:83:77:98:C3:E6:CF:31:F4:D2:79:46:A3:3B:0D:E6:61
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EEXazIN3mMPmzzH00nlGozsN5mE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f2/266caf-3b43-49e0-b6e1-9c174e53e4fe/1/x_VKVq5xrDxdYpJNamljT4Rk22Y.roa
Signing time: Sat 01 Jan 2022 13:54:25 +0000
ROA not before: Sat 01 Jan 2022 13:54:25 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 198774
IP address blocks: 128.127.145.0/24 maxlen: 24
128.127.144.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 703634107 (0x29f09abb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1045dacc837798c3e6cf31f4d27946a33b0de661
Validity
Not Before: Jan 1 13:54:25 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c7f54a56ae71ac3c5d62924d6a69634f8464db66
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:c3:40:8c:d5:b5:52:b5:ca:79:01:51:3d:e5:
e2:46:8e:a7:c5:25:6e:f7:2f:ab:94:46:d1:81:d0:
58:ee:e2:d1:8a:6b:55:f1:6e:7b:04:37:d9:de:63:
8b:7a:06:b1:17:fc:0d:13:e2:ea:c4:2d:e9:36:85:
55:33:b1:5c:8b:ae:56:da:7d:30:2e:46:1b:82:9a:
f3:96:56:be:e5:a4:69:f1:1f:05:46:46:03:d7:65:
d1:82:38:e3:65:b8:72:05:3d:1e:29:45:ae:2e:70:
c3:51:60:89:c9:c8:89:37:16:2a:88:b0:a0:42:bf:
ff:4a:ed:93:9e:51:fe:d5:18:5b:d8:14:07:27:97:
c6:7f:46:bf:fb:28:b2:24:58:15:f0:c4:ab:e9:c3:
cb:70:8c:68:ba:9a:08:ae:c7:e8:78:5d:0c:16:dd:
2d:8d:21:8e:0e:87:87:ae:70:00:35:ab:4f:ae:48:
26:9f:38:01:58:2e:ad:87:c9:5d:d5:7e:8b:a1:eb:
62:e0:1b:a0:d4:2f:f6:45:e1:5b:19:81:75:4e:4c:
6d:a8:d4:dd:7d:58:d6:f9:93:09:16:ef:0e:12:9a:
61:07:77:ca:bb:c4:b0:b2:02:78:fd:64:2d:c1:4f:
66:c8:c9:04:6d:64:c0:0d:cc:5f:9e:9a:1b:7d:c2:
74:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:F5:4A:56:AE:71:AC:3C:5D:62:92:4D:6A:69:63:4F:84:64:DB:66
X509v3 Authority Key Identifier:
keyid:10:45:DA:CC:83:77:98:C3:E6:CF:31:F4:D2:79:46:A3:3B:0D:E6:61
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EEXazIN3mMPmzzH00nlGozsN5mE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/266caf-3b43-49e0-b6e1-9c174e53e4fe/1/x_VKVq5xrDxdYpJNamljT4Rk22Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/266caf-3b43-49e0-b6e1-9c174e53e4fe/1/EEXazIN3mMPmzzH00nlGozsN5mE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
128.127.144.0/23
Signature Algorithm: sha256WithRSAEncryption
b4:e0:5b:db:c8:58:54:4c:3a:be:c9:07:ad:2e:e0:c6:c9:dc:
ac:ee:d0:fb:fc:74:fd:5f:fa:db:7f:74:d4:a4:2b:f6:bf:89:
36:02:06:03:02:29:f2:46:33:5a:75:44:17:e2:7c:fe:e4:f1:
17:24:1e:60:0a:9f:3c:59:de:fb:ac:c6:7b:6a:bc:52:25:9c:
56:22:67:5f:14:f1:e3:4d:ea:68:26:81:a3:64:2f:8e:64:8e:
98:15:20:a4:8b:7d:06:17:da:96:40:b3:d1:57:c6:3a:42:81:
7e:46:d8:b3:27:9d:36:2d:81:f3:00:cb:b1:c1:94:43:e5:49:
e5:8e:bb:02:d2:6c:96:5a:a2:14:30:f5:d5:97:ea:7e:c1:69:
66:a9:fa:ec:20:32:c1:c3:d9:c9:a9:f0:34:e9:3d:f3:b2:9d:
b0:2f:98:8d:fc:0e:08:aa:0f:96:95:83:2c:22:ef:4e:b3:2b:
0e:67:18:48:8a:95:15:e0:ca:58:be:e8:22:fc:9a:c7:08:f7:
58:a7:01:0b:49:7c:9f:ef:70:e8:21:54:ea:74:b9:78:d6:1f:
c9:b3:f5:69:16:b3:35:31:1c:91:8f:d5:4f:2c:7e:64:02:6b:
89:ac:e9:38:f5:01:b0:14:05:fa:4f:4c:ef:90:59:c2:ba:d2:
73:24:2e:df
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEKfCauzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
MDQ1ZGFjYzgzNzc5OGMzZTZjZjMxZjRkMjc5NDZhMzNiMGRlNjYxMB4XDTIyMDEw
MTEzNTQyNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYzdmNTRhNTZhZTcx
YWMzYzVkNjI5MjRkNmE2OTYzNGY4NDY0ZGI2NjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAL/DQIzVtVK1ynkBUT3l4kaOp8Ulbvcvq5RG0YHQWO7i0Ypr
VfFuewQ32d5ji3oGsRf8DRPi6sQt6TaFVTOxXIuuVtp9MC5GG4Ka85ZWvuWkafEf
BUZGA9dl0YI442W4cgU9HilFri5ww1FgicnIiTcWKoiwoEK//0rtk55R/tUYW9gU
ByeXxn9Gv/sosiRYFfDEq+nDy3CMaLqaCK7H6HhdDBbdLY0hjg6Hh65wADWrT65I
Jp84AVgurYfJXdV+i6HrYuAboNQv9kXhWxmBdU5MbajU3X1Y1vmTCRbvDhKaYQd3
yrvEsLICeP1kLcFPZsjJBG1kwA3MX56aG33CdM8CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTH9UpWrnGsPF1ikk1qaWNPhGTbZjAfBgNVHSMEGDAWgBQQRdrMg3eYw+bP
MfTSeUajOw3mYTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0VFWGF6SU4zbU1QbXp6SDAwbmxHb3pzTjVtRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZjIvMjY2Y2FmLTNiNDMtNDllMC1iNmUxLTljMTc0ZTUzZTRmZS8x
L3hfVktWcTV4ckR4ZFlwSk5hbWxqVDRSazIyWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZjIv
MjY2Y2FmLTNiNDMtNDllMC1iNmUxLTljMTc0ZTUzZTRmZS8xL0VFWGF6SU4zbU1Q
bXp6SDAwbmxHb3pzTjVtRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAYB/kDANBgkqhkiG9w0BAQsFAAOC
AQEAtOBb28hYVEw6vskHrS7gxsncrO7Q+/x0/V/623901KQr9r+JNgIGAwIp8kYz
WnVEF+J8/uTxFyQeYAqfPFne+6zGe2q8UiWcViJnXxTx403qaCaBo2QvjmSOmBUg
pIt9BhfalkCz0VfGOkKBfkbYsyedNi2B8wDLscGUQ+VJ5Y67AtJsllqiFDD11Zfq
fsFpZqn67CAywcPZyanwNOk987KdsC+YjfwOCKoPlpWDLCLvTrMrDmcYSIqVFeDK
WL7oIvyaxwj3WKcBC0l8n+9w6CFU6nS5eNYfybP1aRazNTEckY/VTyx+ZAJriazp
OPUBsBQF+k9M75BZwrrScyQu3w==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:10:13 2023 by rpki-client on console-ams.rpki-client.org