Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/8fad67-bb6b-4773-b81e-c900a89f20f1/1/1EZ9dBLMVmoFleKCS8XaN_C6dyk.roa
File: 1EZ9dBLMVmoFleKCS8XaN_C6dyk.roa (raw, json)
Hash identifier: 1Jio2MlD+XgtVI8tMQEu4GNwcProFYdJ8lzn733ewCY=
Subject key identifier: D4:46:7D:74:12:CC:56:6A:05:95:E2:82:4B:C5:DA:37:F0:BA:77:29
Certificate issuer: /CN=541fdc7a2f11a5766d3ad7bdf625ce5e119a8fdf
Certificate serial: 018225554CD5B3EC370EB46FD5F6247A522F
Authority key identifier: 54:1F:DC:7A:2F:11:A5:76:6D:3A:D7:BD:F6:25:CE:5E:11:9A:8F:DF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VB_cei8RpXZtOte99iXOXhGaj98.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4d/8fad67-bb6b-4773-b81e-c900a89f20f1/1/1EZ9dBLMVmoFleKCS8XaN_C6dyk.roa
Signing time: Fri 22 Jul 2022 09:55:23 +0000
ROA not before: Fri 22 Jul 2022 09:55:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 211975
IP address blocks: 185.104.40.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:25:55:4c:d5:b3:ec:37:0e:b4:6f:d5:f6:24:7a:52:2f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=541fdc7a2f11a5766d3ad7bdf625ce5e119a8fdf
Validity
Not Before: Jul 22 09:55:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d4467d7412cc566a0595e2824bc5da37f0ba7729
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:5f:e4:c8:ef:f7:dc:7c:5a:98:89:18:a9:cb:
ce:1d:46:1d:be:f6:93:1d:00:be:36:ba:14:c4:48:
e6:e5:b1:07:b4:d7:4f:d0:05:10:f3:53:da:6e:4e:
3f:3a:e4:31:26:7e:53:fc:22:23:0a:2f:1d:ae:c2:
8a:fc:91:9f:f0:ce:3d:6c:03:e7:7d:50:d9:39:3c:
00:d0:5a:d5:d3:80:45:3d:8d:ce:dc:50:c5:2e:19:
6c:eb:ba:05:46:f6:ce:42:35:00:34:9d:05:ce:32:
45:3f:0c:a1:88:34:ae:dc:69:27:26:c0:19:19:54:
25:3a:d9:89:83:fd:8a:24:a5:49:29:4a:16:8e:43:
4e:89:46:db:e5:59:db:72:da:ac:f5:5c:20:33:af:
b3:c1:41:d1:02:bb:3b:17:f8:21:d3:63:dd:6c:be:
d4:a9:76:49:d8:6d:be:c4:62:76:1b:06:1a:4d:b3:
82:63:82:82:e1:6c:23:73:ce:df:08:18:51:ac:3a:
ac:99:a2:89:52:bd:91:7f:43:e0:f2:cd:b2:f7:9f:
7a:e6:79:2f:f6:0d:40:a2:93:44:20:6b:eb:1b:87:
94:1f:a3:a8:33:0a:2a:15:a5:34:43:41:56:50:0b:
af:80:f9:22:51:7a:cf:9d:51:87:13:f5:da:c7:08:
79:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:46:7D:74:12:CC:56:6A:05:95:E2:82:4B:C5:DA:37:F0:BA:77:29
X509v3 Authority Key Identifier:
keyid:54:1F:DC:7A:2F:11:A5:76:6D:3A:D7:BD:F6:25:CE:5E:11:9A:8F:DF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VB_cei8RpXZtOte99iXOXhGaj98.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/8fad67-bb6b-4773-b81e-c900a89f20f1/1/1EZ9dBLMVmoFleKCS8XaN_C6dyk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/8fad67-bb6b-4773-b81e-c900a89f20f1/1/VB_cei8RpXZtOte99iXOXhGaj98.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.104.40.0/24
Signature Algorithm: sha256WithRSAEncryption
76:be:25:12:2f:e6:66:37:84:a0:65:d0:2b:54:9c:96:46:7d:
90:0f:7d:72:f7:72:7f:2a:c0:08:40:1b:f7:de:24:aa:44:1d:
c8:ce:e9:c0:85:50:5b:98:e9:3e:84:40:70:3c:2a:f6:fa:a9:
f2:c1:59:48:a1:77:02:5c:0c:95:45:98:2a:69:6f:0e:c2:12:
99:55:07:06:71:72:08:93:2c:65:01:13:c3:5b:d0:d5:b2:7a:
27:ed:0f:9d:6b:11:38:a3:93:54:d7:0b:6b:3c:a6:55:b0:fb:
36:97:bb:94:9d:92:7a:29:9b:c5:b1:b9:f4:90:c5:bd:6a:3c:
d4:17:93:16:1c:d8:f9:fd:84:e3:d8:67:b7:02:62:f9:14:ab:
20:ae:7e:c9:61:8e:dd:f4:ce:ed:c4:0c:7d:2b:99:a5:f0:8f:
9d:fc:fe:3e:14:04:2b:bd:f7:7c:fb:ca:b5:13:67:e4:83:54:
d8:9a:7c:ca:70:53:be:ad:71:1c:4d:f3:5f:b8:4d:63:61:ef:
15:58:1c:0b:98:fb:8a:15:26:b4:6c:7b:03:23:e7:1a:bd:cd:
ea:b6:99:da:fb:39:89:ed:84:82:17:a3:84:9b:55:30:06:ae:
c6:77:d2:ef:ef:c2:83:a0:e8:52:96:1e:d4:25:c8:c1:6b:90:
ef:09:ed:40
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYIlVUzVs+w3DrRv1fYkelIvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU0MWZkYzdhMmYxMWE1NzY2ZDNhZDdiZGY2MjVjZTVlMTE5
YThmZGYwHhcNMjIwNzIyMDk1NTIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNDQ2N2Q3NDEyY2M1NjZhMDU5NWUyODI0YmM1ZGEzN2YwYmE3NzI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAil/kyO/33HxamIkYqcvOHUYdvvaT
HQC+NroUxEjm5bEHtNdP0AUQ81Pabk4/OuQxJn5T/CIjCi8drsKK/JGf8M49bAPn
fVDZOTwA0FrV04BFPY3O3FDFLhls67oFRvbOQjUANJ0FzjJFPwyhiDSu3GknJsAZ
GVQlOtmJg/2KJKVJKUoWjkNOiUbb5Vnbctqs9VwgM6+zwUHRArs7F/gh02PdbL7U
qXZJ2G2+xGJ2GwYaTbOCY4KC4Wwjc87fCBhRrDqsmaKJUr2Rf0Pg8s2y95965nkv
9g1AopNEIGvrG4eUH6OoMwoqFaU0Q0FWUAuvgPkiUXrPnVGHE/Xaxwh55QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNRGfXQSzFZqBZXigkvF2jfwuncpMB8GA1UdIwQY
MBaAFFQf3HovEaV2bTrXvfYlzl4Rmo/fMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVkJfY2VpOFJwWFp0T3RlOTlpWE9YaEdhajk4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZC84ZmFkNjctYmI2Yi00NzczLWI4MWUt
YzkwMGE4OWYyMGYxLzEvMUVaOWRCTE1WbW9GbGVLQ1M4WGFOX0M2ZHlrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZC84ZmFkNjctYmI2Yi00NzczLWI4MWUtYzkwMGE4OWYyMGYx
LzEvVkJfY2VpOFJwWFp0T3RlOTlpWE9YaEdhajk4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuWgoMA0G
CSqGSIb3DQEBCwUAA4IBAQB2viUSL+ZmN4SgZdArVJyWRn2QD31y93J/KsAIQBv3
3iSqRB3IzunAhVBbmOk+hEBwPCr2+qnywVlIoXcCXAyVRZgqaW8OwhKZVQcGcXII
kyxlARPDW9DVsnon7Q+daxE4o5NU1wtrPKZVsPs2l7uUnZJ6KZvFsbn0kMW9ajzU
F5MWHNj5/YTj2Ge3AmL5FKsgrn7JYY7d9M7txAx9K5ml8I+d/P4+FAQrvfd8+8q1
E2fkg1TYmnzKcFO+rXEcTfNfuE1jYe8VWBwLmPuKFSa0bHsDI+cavc3qtpna+zmJ
7YSCF6OEm1UwBq7Gd9Lv78KDoOhSlh7UJcjBa5DvCe1A
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:51:39 2023 by rpki-client on console-ams.rpki-client.org