Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/17836a-d678-41ca-8fb2-5eb7bef9a7a8/1/VN4VBAOHAIRpkRkh7_qJQspQk9Y.roa
File: VN4VBAOHAIRpkRkh7_qJQspQk9Y.roa (raw, json)
Hash identifier: vqwwnAfcHur86VndaMuSUgSR1kC9pN2viAtGbk76OHk=
Subject key identifier: 54:DE:15:04:03:87:00:84:69:91:19:21:EF:FA:89:42:CA:50:93:D6
Certificate issuer: /CN=fb744006eac3084bf88f128349b0e733bb3d79e3
Certificate serial: 09A21007
Authority key identifier: FB:74:40:06:EA:C3:08:4B:F8:8F:12:83:49:B0:E7:33:BB:3D:79:E3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-3RABurDCEv4jxKDSbDnM7s9eeM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/17836a-d678-41ca-8fb2-5eb7bef9a7a8/1/VN4VBAOHAIRpkRkh7_qJQspQk9Y.roa
Signing time: Fri 04 Mar 2022 15:20:01 +0000
ROA not before: Fri 04 Mar 2022 15:20:01 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 210558
IP address blocks: 2.58.56.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 161615879 (0x9a21007)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fb744006eac3084bf88f128349b0e733bb3d79e3
Validity
Not Before: Mar 4 15:20:01 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=54de15040387008469911921effa8942ca5093d6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:72:c0:ae:fe:1f:38:dc:8f:aa:9c:3d:0e:88:
80:94:84:0b:4b:ae:53:56:14:19:56:e8:22:60:70:
d4:ae:94:0d:e0:e7:1c:a9:f5:91:fe:30:b6:4d:ae:
1b:b9:d0:7f:9a:c3:75:13:5b:ee:2c:04:f6:4d:48:
e8:c5:b0:f4:24:86:ae:f1:0c:7d:c8:66:52:7a:bc:
78:0b:92:f0:ea:05:01:25:ef:51:58:49:64:5d:25:
ce:a6:57:26:7f:bb:14:bb:c6:4d:99:de:89:f1:a1:
87:e0:b3:f2:4a:6b:ff:dc:10:10:55:21:ef:96:f9:
e4:c2:31:68:79:e4:ae:db:ac:40:c2:96:9d:63:32:
23:5b:6e:93:5f:c0:e0:84:96:98:c8:5a:39:e8:73:
8d:31:58:88:36:57:48:bc:b0:3e:73:f8:b6:b4:21:
8e:e8:45:ea:ef:58:f1:c9:f4:00:4b:32:dc:9f:5f:
ec:08:75:f4:51:02:0b:e6:04:93:89:3b:66:91:2f:
b4:63:06:46:b0:73:f4:36:19:25:a4:78:e9:cf:35:
82:10:7c:1b:e9:17:db:17:5d:bd:dc:0b:df:f4:c6:
12:4d:fa:ee:47:b2:51:8b:2c:a7:13:e6:e9:e5:2f:
98:a0:10:5b:ad:a6:ff:5d:de:b9:2d:2e:c7:71:0b:
aa:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:DE:15:04:03:87:00:84:69:91:19:21:EF:FA:89:42:CA:50:93:D6
X509v3 Authority Key Identifier:
keyid:FB:74:40:06:EA:C3:08:4B:F8:8F:12:83:49:B0:E7:33:BB:3D:79:E3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-3RABurDCEv4jxKDSbDnM7s9eeM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/17836a-d678-41ca-8fb2-5eb7bef9a7a8/1/VN4VBAOHAIRpkRkh7_qJQspQk9Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/17836a-d678-41ca-8fb2-5eb7bef9a7a8/1/1-3RABurDCEv4jxKDSbDnM7s9eeM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.58.56.0/24
Signature Algorithm: sha256WithRSAEncryption
66:bb:2c:75:6c:46:e9:14:4b:6a:7f:44:a6:e7:5a:02:bd:0e:
97:7f:ed:b2:e4:d2:eb:e1:4b:f9:95:9b:73:70:47:2c:4f:d7:
f4:15:02:90:94:f8:b8:f3:82:3e:b5:5e:f8:57:c1:0b:77:8a:
11:61:eb:1a:a0:5f:fb:fb:94:68:35:24:0e:79:3a:81:c1:a7:
26:81:85:fb:70:76:d0:eb:c5:c0:8c:a6:55:8b:02:c1:bd:d8:
62:8b:57:5f:7b:95:13:16:37:9b:7c:da:51:86:3a:d0:46:cc:
3f:42:f7:42:7d:7f:1c:04:d0:f3:60:93:b0:53:f4:39:cb:7d:
31:f3:de:92:b8:61:ff:4f:9b:09:06:37:da:3d:d2:88:c2:45:
73:01:a2:a0:d7:e1:c9:2e:3d:5e:25:13:e6:b1:10:13:14:24:
c6:e9:7f:33:7c:a8:a1:c0:2b:d7:49:43:4b:7d:52:20:da:dc:
d1:85:1c:3b:6b:e0:2c:ef:6b:d0:4b:5e:e0:1e:ef:c5:7c:c7:
f6:9c:ac:42:ab:c5:69:1e:ea:ba:63:c8:61:b4:5e:6f:27:4c:
94:d8:9c:52:9a:c3:4a:0e:cb:eb:eb:45:a3:1a:f4:9f:18:34:
14:6b:7e:d7:be:0c:01:f8:bd:fe:c3:ef:c6:d7:d2:45:86:a0:
fd:e7:7c:32
-----BEGIN CERTIFICATE-----
MIIE8TCCA9mgAwIBAgIECaIQBzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
Yjc0NDAwNmVhYzMwODRiZjg4ZjEyODM0OWIwZTczM2JiM2Q3OWUzMB4XDTIyMDMw
NDE1MjAwMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNTRkZTE1MDQwMzg3
MDA4NDY5OTExOTIxZWZmYTg5NDJjYTUwOTNkNjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKBywK7+Hzjcj6qcPQ6IgJSEC0uuU1YUGVboImBw1K6UDeDn
HKn1kf4wtk2uG7nQf5rDdRNb7iwE9k1I6MWw9CSGrvEMfchmUnq8eAuS8OoFASXv
UVhJZF0lzqZXJn+7FLvGTZneifGhh+Cz8kpr/9wQEFUh75b55MIxaHnkrtusQMKW
nWMyI1tuk1/A4ISWmMhaOehzjTFYiDZXSLywPnP4trQhjuhF6u9Y8cn0AEsy3J9f
7Ah19FECC+YEk4k7ZpEvtGMGRrBz9DYZJaR46c81ghB8G+kX2xddvdwL3/TGEk36
7keyUYsspxPm6eUvmKAQW62m/13euS0ux3ELqnMCAwEAAaOCAgswggIHMB0GA1Ud
DgQWBBRU3hUEA4cAhGmRGSHv+olCylCT1jAfBgNVHSMEGDAWgBT7dEAG6sMIS/iP
EoNJsOczuz154zAOBgNVHQ8BAf8EBAMCB4AwZQYIKwYBBQUHAQEEWTBXMFUGCCsG
AQUFBzAChklyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzEtM1JBQnVyRENFdjRqeEtEU2JEbk03czllZU0uY2VyMIGNBggrBgEFBQcBCwSB
gDB+MHwGCCsGAQUFBzALhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS9ERUZBVUxUL2ZlLzE3ODM2YS1kNjc4LTQxY2EtOGZiMi01ZWI3YmVmOWE3YTgv
MS9WTjRWQkFPSEFJUnBrUmtoN19xSlFzcFFrOVkucm9hMIGCBgNVHR8EezB5MHeg
daBzhnFyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2Zl
LzE3ODM2YS1kNjc4LTQxY2EtOGZiMi01ZWI3YmVmOWE3YTgvMS8xLTNSQUJ1ckRD
RXY0anhLRFNiRG5NN3M5ZWVNLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4C
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAAjo4MA0GCSqGSIb3DQEBCwUA
A4IBAQBmuyx1bEbpFEtqf0Sm51oCvQ6Xf+2y5NLr4Uv5lZtzcEcsT9f0FQKQlPi4
84I+tV74V8ELd4oRYesaoF/7+5RoNSQOeTqBwacmgYX7cHbQ68XAjKZViwLBvdhi
i1dfe5UTFjebfNpRhjrQRsw/QvdCfX8cBNDzYJOwU/Q5y30x896SuGH/T5sJBjfa
PdKIwkVzAaKg1+HJLj1eJRPmsRATFCTG6X8zfKihwCvXSUNLfVIg2tzRhRw7a+As
72vQS17gHu/FfMf2nKxCq8VpHuq6Y8hhtF5vJ0yU2JxSmsNKDsvr60WjGvSfGDQU
a37XvgwB+L3+w+/G19JFhqD953wy
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:07:00 2023 by rpki-client on console-fra.rpki-client.org