Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f9/23929a-b247-4f3b-9cd1-8b1f5becdda2/1/VJ-BwB3pMmam5NkABfoKkR9R_Xo.roa
File: VJ-BwB3pMmam5NkABfoKkR9R_Xo.roa (raw, json)
Hash identifier: sXEzwve++HnV3bEbeCZ6UAz/TP/slW/tIVjWJxS+rhQ=
Subject key identifier: 54:9F:81:C0:1D:E9:32:66:A6:E4:D9:00:05:FA:0A:91:1F:51:FD:7A
Certificate issuer: /CN=e3c7c19f8d9b50ea60cce7498af0fd8c3908119e
Certificate serial: 015B4457
Authority key identifier: E3:C7:C1:9F:8D:9B:50:EA:60:CC:E7:49:8A:F0:FD:8C:39:08:11:9E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/48fBn42bUOpgzOdJivD9jDkIEZ4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f9/23929a-b247-4f3b-9cd1-8b1f5becdda2/1/VJ-BwB3pMmam5NkABfoKkR9R_Xo.roa
Signing time: Wed 04 May 2022 17:41:57 +0000
ROA not before: Wed 04 May 2022 17:41:57 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 205227
IP address blocks: 185.234.219.0/24 maxlen: 24
2a12:1780::/29 maxlen: 29
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 22758487 (0x15b4457)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e3c7c19f8d9b50ea60cce7498af0fd8c3908119e
Validity
Not Before: May 4 17:41:57 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=549f81c01de93266a6e4d90005fa0a911f51fd7a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:09:7e:99:3e:9f:66:fc:28:f4:76:a8:6c:4e:
ad:c2:ea:44:83:c7:9b:a7:e1:c9:f4:9b:8e:4c:d2:
43:67:27:95:28:73:60:2e:fe:0d:0a:5a:99:cf:92:
dc:06:30:46:37:ca:dd:73:3d:f7:de:7c:0d:c1:cd:
63:9d:44:23:61:ee:8d:72:62:14:c2:cd:9f:94:5c:
bb:90:4b:a5:38:d4:cb:58:26:6e:a2:1c:4b:18:83:
8f:74:7a:2d:3a:ee:64:28:b4:b1:eb:0e:f0:8e:18:
40:53:05:d5:a1:a7:1c:81:41:3d:53:a0:0b:cc:90:
2d:76:47:8c:21:cc:24:8d:12:b2:2b:93:9d:c4:94:
3e:b6:c7:17:f9:22:d3:e2:7a:0f:63:14:98:67:6d:
e2:c2:8e:18:d4:1f:55:df:b2:15:f3:b5:f3:14:9a:
80:73:7d:46:ed:e2:d1:dd:65:f5:58:97:ed:6f:cf:
1d:53:81:79:63:dc:9a:a1:16:45:51:b2:7a:7d:7b:
27:b6:31:53:93:23:17:d6:a8:1e:39:1c:d0:c0:2e:
16:4e:f2:89:57:2c:e3:d2:17:f5:31:3d:47:22:88:
31:6d:fd:6b:46:a2:77:b9:8c:be:0b:c0:d7:03:2e:
20:d0:35:c4:45:e9:32:22:6d:0d:f8:9b:18:4f:bb:
4a:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:9F:81:C0:1D:E9:32:66:A6:E4:D9:00:05:FA:0A:91:1F:51:FD:7A
X509v3 Authority Key Identifier:
keyid:E3:C7:C1:9F:8D:9B:50:EA:60:CC:E7:49:8A:F0:FD:8C:39:08:11:9E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/48fBn42bUOpgzOdJivD9jDkIEZ4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/23929a-b247-4f3b-9cd1-8b1f5becdda2/1/VJ-BwB3pMmam5NkABfoKkR9R_Xo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/23929a-b247-4f3b-9cd1-8b1f5becdda2/1/48fBn42bUOpgzOdJivD9jDkIEZ4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.234.219.0/24
IPv6:
2a12:1780::/29
Signature Algorithm: sha256WithRSAEncryption
bc:19:4a:bd:ca:ff:5a:dd:64:d6:b4:7d:34:e5:33:f5:e9:19:
25:75:28:62:c9:ce:42:60:3d:8c:6d:19:41:d6:3f:b1:e0:6a:
43:f0:37:56:74:25:cf:05:f4:22:71:c1:65:61:fe:a6:f0:75:
69:be:32:ea:1d:07:a6:2f:78:3a:2e:54:61:d2:7d:ab:83:ec:
31:88:6d:65:3b:9c:5d:d9:ed:9c:98:ba:13:28:69:e3:e9:10:
e2:97:87:9b:7e:84:36:98:6c:39:b3:ae:a8:ea:72:09:7a:f9:
44:a0:db:1d:b7:6e:5a:15:69:85:6a:94:d7:ba:66:6e:fa:48:
35:95:1c:0c:30:86:52:01:5f:1d:f8:ca:98:a4:02:d1:d8:85:
a5:82:13:2d:e6:80:b5:37:1a:f2:20:fa:be:74:1c:f5:84:1c:
7f:41:b6:f0:87:32:0d:74:88:65:b8:5b:30:55:3b:db:df:c0:
cc:e6:1f:26:6c:b4:f1:04:8c:bd:90:a9:38:ff:3a:4e:dc:b3:
3f:35:1b:94:51:01:85:c5:53:4e:1d:c8:82:3f:79:35:42:f8:
ba:74:20:c1:24:35:f4:79:e8:9b:ee:dc:60:f6:21:80:3a:b5:
d5:30:82:e2:98:a0:6b:1d:ca:13:52:75:cc:8b:40:07:b4:a0:
11:42:34:e8
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIEAVtEVzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
M2M3YzE5ZjhkOWI1MGVhNjBjY2U3NDk4YWYwZmQ4YzM5MDgxMTllMB4XDTIyMDUw
NDE3NDE1N1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNTQ5ZjgxYzAxZGU5
MzI2NmE2ZTRkOTAwMDVmYTBhOTExZjUxZmQ3YTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMcJfpk+n2b8KPR2qGxOrcLqRIPHm6fhyfSbjkzSQ2cnlShz
YC7+DQpamc+S3AYwRjfK3XM99958DcHNY51EI2HujXJiFMLNn5Rcu5BLpTjUy1gm
bqIcSxiDj3R6LTruZCi0sesO8I4YQFMF1aGnHIFBPVOgC8yQLXZHjCHMJI0SsiuT
ncSUPrbHF/ki0+J6D2MUmGdt4sKOGNQfVd+yFfO18xSagHN9Ru3i0d1l9ViX7W/P
HVOBeWPcmqEWRVGyen17J7YxU5MjF9aoHjkc0MAuFk7yiVcs49IX9TE9RyKIMW39
a0aid7mMvgvA1wMuINA1xEXpMiJtDfibGE+7SmECAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBRUn4HAHekyZqbk2QAF+gqRH1H9ejAfBgNVHSMEGDAWgBTjx8GfjZtQ6mDM
50mK8P2MOQgRnjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzQ4ZkJuNDJiVU9wZ3pPZEppdkQ5akRrSUVaNC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZjkvMjM5MjlhLWIyNDctNGYzYi05Y2QxLThiMWY1YmVjZGRhMi8x
L1ZKLUJ3QjNwTW1hbTVOa0FCZm9La1I5Ul9Yby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZjkv
MjM5MjlhLWIyNDctNGYzYi05Y2QxLThiMWY1YmVjZGRhMi8xLzQ4ZkJuNDJiVU9w
Z3pPZEppdkQ5akRrSUVaNC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEALnq2zANBAIAAjAHAwUDKhIXgDAN
BgkqhkiG9w0BAQsFAAOCAQEAvBlKvcr/Wt1k1rR9NOUz9ekZJXUoYsnOQmA9jG0Z
QdY/seBqQ/A3VnQlzwX0InHBZWH+pvB1ab4y6h0Hpi94Oi5UYdJ9q4PsMYhtZTuc
XdntnJi6Eyhp4+kQ4peHm36ENphsObOuqOpyCXr5RKDbHbduWhVphWqU17pmbvpI
NZUcDDCGUgFfHfjKmKQC0diFpYITLeaAtTca8iD6vnQc9YQcf0G28IcyDXSIZbhb
MFU729/AzOYfJmy08QSMvZCpOP86TtyzPzUblFEBhcVTTh3Igj95NUL4unQgwSQ1
9Hnom+7cYPYhgDq11TCC4pigax3KE1J1zItAB7SgEUI06A==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:10:33 2023 by rpki-client on console-ams.rpki-client.org