Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/8fad67-bb6b-4773-b81e-c900a89f20f1/1/18sJtgwzwi9BQuS8GfY4vI9TMb8.roa
File: 18sJtgwzwi9BQuS8GfY4vI9TMb8.roa (raw, json)
Hash identifier: WwXR+/q9g6hhMOjkSZXBNJ8Fa5np7G7smZ3gmJ4w/Hw=
Subject key identifier: D7:CB:09:B6:0C:33:C2:2F:41:42:E4:BC:19:F6:38:BC:8F:53:31:BF
Certificate issuer: /CN=541fdc7a2f11a5766d3ad7bdf625ce5e119a8fdf
Certificate serial: 0451A2D8
Authority key identifier: 54:1F:DC:7A:2F:11:A5:76:6D:3A:D7:BD:F6:25:CE:5E:11:9A:8F:DF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VB_cei8RpXZtOte99iXOXhGaj98.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4d/8fad67-bb6b-4773-b81e-c900a89f20f1/1/18sJtgwzwi9BQuS8GfY4vI9TMb8.roa
Signing time: Sat 01 Jan 2022 13:55:47 +0000
ROA not before: Sat 01 Jan 2022 13:55:47 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 61317
IP address blocks: 185.104.32.0/21 maxlen: 24
185.104.40.0/22 maxlen: 24
185.101.168.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 72458968 (0x451a2d8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=541fdc7a2f11a5766d3ad7bdf625ce5e119a8fdf
Validity
Not Before: Jan 1 13:55:47 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d7cb09b60c33c22f4142e4bc19f638bc8f5331bf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:ea:36:87:6e:66:17:99:3a:f7:d4:b3:5a:b4:
d5:16:b9:b1:7a:7d:e9:98:4d:45:27:4f:33:87:48:
23:d4:9a:30:59:bd:61:e1:9a:e5:fa:a5:e3:34:44:
1e:bd:15:7c:b0:3a:ac:61:4c:5a:86:53:8c:9c:aa:
90:7a:ab:36:83:73:f1:1a:35:de:52:ec:52:bf:96:
fb:a1:7b:37:c1:7f:13:e5:30:4e:13:fe:67:96:e7:
00:c1:12:f5:d8:32:a2:c8:ee:84:6e:a1:45:2d:5d:
06:3b:05:59:cb:9a:ae:20:95:51:29:36:fb:b8:27:
3f:f7:ac:69:bf:18:02:98:6b:6f:f7:ec:a7:b4:ef:
8c:bd:82:c7:fa:8b:b6:83:e0:40:80:50:06:cb:a1:
4b:c3:da:4c:83:65:91:98:2a:7e:f6:8a:d7:b2:a2:
2f:81:d5:3b:48:87:bf:6f:48:eb:63:36:60:46:85:
64:65:af:36:04:43:6d:e1:26:b6:04:3b:cb:ce:57:
1c:6c:75:0f:c0:36:cf:73:a3:e9:94:6e:b0:75:b6:
a7:9d:51:58:d7:e5:19:35:19:fe:8d:41:66:61:75:
e0:64:fc:75:7f:d3:bf:0b:c2:65:6b:03:fd:42:fe:
d3:41:34:96:d4:28:6f:35:5d:5b:29:8c:0d:2e:f7:
71:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:CB:09:B6:0C:33:C2:2F:41:42:E4:BC:19:F6:38:BC:8F:53:31:BF
X509v3 Authority Key Identifier:
keyid:54:1F:DC:7A:2F:11:A5:76:6D:3A:D7:BD:F6:25:CE:5E:11:9A:8F:DF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VB_cei8RpXZtOte99iXOXhGaj98.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/8fad67-bb6b-4773-b81e-c900a89f20f1/1/18sJtgwzwi9BQuS8GfY4vI9TMb8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/8fad67-bb6b-4773-b81e-c900a89f20f1/1/VB_cei8RpXZtOte99iXOXhGaj98.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.101.168.0/22
185.104.32.0-185.104.43.255
Signature Algorithm: sha256WithRSAEncryption
51:b5:95:65:c8:0d:ad:36:cb:45:5b:08:bc:2b:2d:21:67:21:
5a:d5:a6:ba:d5:f3:a6:b8:2f:6b:2e:ae:b2:4d:7f:f0:0d:c3:
a2:57:31:ca:8d:a2:a4:18:d3:03:9e:cb:cf:6e:1f:60:38:31:
74:08:03:1f:37:9e:d1:0d:17:f6:cf:1d:05:a1:68:b9:d7:6d:
19:a6:ce:2e:c4:51:52:a9:3a:89:aa:6a:38:b6:f5:0a:0a:72:
75:02:5a:e9:f9:31:75:fb:e2:0c:69:30:99:06:b7:88:9b:88:
7e:c8:97:18:fd:ce:dd:f1:7a:68:58:74:0e:ab:41:c2:71:cb:
79:b4:3c:0b:61:39:a1:1b:23:51:c0:ed:03:9e:56:89:46:89:
6e:8b:71:9b:60:70:36:17:1e:fc:71:3a:26:fc:d6:dd:92:f7:
46:52:46:9b:cc:88:9b:43:e4:ad:bb:d4:ce:a8:fe:17:0a:6c:
81:76:88:1d:55:5c:62:6e:ac:c2:db:ab:2c:51:c9:da:22:47:
f1:15:16:a9:c4:57:9c:70:c1:d3:7d:51:01:68:a3:56:c7:57:
fe:db:3e:de:99:35:a8:24:b3:93:cd:a7:1f:f5:46:06:82:fd:
1f:aa:60:b5:8c:a0:b6:1b:be:ee:44:c4:c8:53:20:5a:16:a5:
10:b0:31:b8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgIEBFGi2DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
NDFmZGM3YTJmMTFhNTc2NmQzYWQ3YmRmNjI1Y2U1ZTExOWE4ZmRmMB4XDTIyMDEw
MTEzNTU0N1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZDdjYjA5YjYwYzMz
YzIyZjQxNDJlNGJjMTlmNjM4YmM4ZjUzMzFiZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALrqNoduZheZOvfUs1q01Ra5sXp96ZhNRSdPM4dII9SaMFm9
YeGa5fql4zREHr0VfLA6rGFMWoZTjJyqkHqrNoNz8Ro13lLsUr+W+6F7N8F/E+Uw
ThP+Z5bnAMES9dgyosjuhG6hRS1dBjsFWcuariCVUSk2+7gnP/esab8YAphrb/fs
p7TvjL2Cx/qLtoPgQIBQBsuhS8PaTINlkZgqfvaK17KiL4HVO0iHv29I62M2YEaF
ZGWvNgRDbeEmtgQ7y85XHGx1D8A2z3Oj6ZRusHW2p51RWNflGTUZ/o1BZmF14GT8
dX/TvwvCZWsD/UL+00E0ltQobzVdWymMDS73cVkCAwEAAaOCAhcwggITMB0GA1Ud
DgQWBBTXywm2DDPCL0FC5LwZ9ji8j1MxvzAfBgNVHSMEGDAWgBRUH9x6LxGldm06
1732Jc5eEZqP3zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1ZCX2NlaThScFhadE90ZTk5aVhPWGhHYWo5OC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNGQvOGZhZDY3LWJiNmItNDc3My1iODFlLWM5MDBhODlmMjBmMS8x
LzE4c0p0Z3d6d2k5QlF1UzhHZlk0dkk5VE1iOC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNGQv
OGZhZDY3LWJiNmItNDc3My1iODFlLWM5MDBhODlmMjBmMS8xL1ZCX2NlaThScFha
dE90ZTk5aVhPWGhHYWo5OC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAt
BggrBgEFBQcBBwEB/wQeMBwwGgQCAAEwFAMEArllqDAMAwQFuWggAwQCuWgoMA0G
CSqGSIb3DQEBCwUAA4IBAQBRtZVlyA2tNstFWwi8Ky0hZyFa1aa61fOmuC9rLq6y
TX/wDcOiVzHKjaKkGNMDnsvPbh9gODF0CAMfN57RDRf2zx0FoWi5120Zps4uxFFS
qTqJqmo4tvUKCnJ1Alrp+TF1++IMaTCZBreIm4h+yJcY/c7d8XpoWHQOq0HCcct5
tDwLYTmhGyNRwO0DnlaJRolui3GbYHA2Fx78cTom/NbdkvdGUkabzIibQ+Stu9TO
qP4XCmyBdogdVVxibqzC26ssUcnaIkfxFRapxFeccMHTfVEBaKNWx1f+2z7emTWo
JLOTzacf9UYGgv0fqmC1jKC2G77uRMTIUyBaFqUQsDG4
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:51:39 2023 by rpki-client on console-ams.rpki-client.org