Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/8fad67-bb6b-4773-b81e-c900a89f20f1/1/JTaTvd2RKwEBENtSLDCi4TPQUvI.roa
File: JTaTvd2RKwEBENtSLDCi4TPQUvI.roa (raw, json)
Hash identifier: fb8d8CycgT13wUWkiNCV6RDefyO9Vh2gTCZ6/Gkmkes=
Subject key identifier: 25:36:93:BD:DD:91:2B:01:01:10:DB:52:2C:30:A2:E1:33:D0:52:F2
Certificate issuer: /CN=541fdc7a2f11a5766d3ad7bdf625ce5e119a8fdf
Certificate serial: 018417EC32F2E7F0FFA62F2BEF9A0942D1E8
Authority key identifier: 54:1F:DC:7A:2F:11:A5:76:6D:3A:D7:BD:F6:25:CE:5E:11:9A:8F:DF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VB_cei8RpXZtOte99iXOXhGaj98.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4d/8fad67-bb6b-4773-b81e-c900a89f20f1/1/JTaTvd2RKwEBENtSLDCi4TPQUvI.roa
Signing time: Thu 27 Oct 2022 05:31:06 +0000
ROA not before: Thu 27 Oct 2022 05:31:06 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 61317
IP address blocks: 185.104.43.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:17:ec:32:f2:e7:f0:ff:a6:2f:2b:ef:9a:09:42:d1:e8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=541fdc7a2f11a5766d3ad7bdf625ce5e119a8fdf
Validity
Not Before: Oct 27 05:31:06 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=253693bddd912b010110db522c30a2e133d052f2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:60:f6:a1:a8:45:39:bd:0b:0e:2b:73:21:f3:
64:62:c8:84:b9:83:e9:36:1a:d5:4d:07:ed:45:83:
86:2f:1e:ac:72:4b:1f:9a:f3:07:48:7f:b6:b1:74:
77:63:8b:fb:50:f2:60:4d:70:69:4b:1a:2c:94:9c:
e2:db:7e:b3:38:5b:2c:02:82:47:f7:ea:73:84:ff:
ae:07:4f:a5:00:d3:0b:b9:1c:23:21:48:74:c4:d2:
67:aa:c7:e4:ea:b1:ad:51:51:76:1f:b7:00:08:f0:
b0:4d:26:67:52:37:07:41:84:64:ce:5c:27:1d:c4:
c7:81:fe:58:98:ea:7d:06:b5:1a:58:1b:a1:88:e6:
6d:53:af:53:96:82:dd:7a:d4:8c:c9:de:a3:10:50:
b8:a9:da:6b:d7:a9:b8:7f:75:dd:36:f7:19:30:2f:
a2:53:2c:3d:05:90:74:51:29:06:06:e9:52:ed:90:
03:4b:4a:cc:88:6d:87:71:f6:40:f0:27:ef:ca:a5:
73:ba:75:46:cd:9b:e7:11:22:a2:fd:10:68:c9:16:
58:99:4f:9f:60:f6:51:b2:52:3c:1d:e0:81:a2:a5:
c6:a6:e9:aa:95:9b:35:ef:54:21:c0:9c:26:e0:58:
e7:82:62:b4:ee:a0:13:64:b6:74:ea:9a:02:61:dc:
e4:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:36:93:BD:DD:91:2B:01:01:10:DB:52:2C:30:A2:E1:33:D0:52:F2
X509v3 Authority Key Identifier:
keyid:54:1F:DC:7A:2F:11:A5:76:6D:3A:D7:BD:F6:25:CE:5E:11:9A:8F:DF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VB_cei8RpXZtOte99iXOXhGaj98.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/8fad67-bb6b-4773-b81e-c900a89f20f1/1/JTaTvd2RKwEBENtSLDCi4TPQUvI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/8fad67-bb6b-4773-b81e-c900a89f20f1/1/VB_cei8RpXZtOte99iXOXhGaj98.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.104.43.0/24
Signature Algorithm: sha256WithRSAEncryption
6d:d7:6f:9f:31:63:a3:e8:ad:2d:2b:23:d0:70:e8:c1:5f:16:
f7:be:99:b1:cc:bc:21:1d:7b:4e:b5:35:f7:0c:88:e1:89:5e:
db:19:4b:c4:17:d4:ca:b6:65:cf:81:e2:9b:50:7e:98:e3:4c:
c5:88:fb:c1:ad:38:1e:e1:fa:d4:ba:95:cf:dc:41:b2:92:3b:
53:df:10:f5:6c:e9:53:ea:50:c4:bf:a4:97:34:c3:a1:ba:1f:
62:b3:3a:4a:01:d4:fb:40:13:21:f8:7d:74:90:2e:28:2d:dd:
45:76:8c:11:1f:db:86:0e:2b:6e:68:26:e9:7f:8e:be:93:a6:
bf:57:50:3e:06:5e:57:ae:88:4c:9b:b6:67:54:3b:bd:10:08:
4a:6a:d1:69:de:63:e2:bf:3a:ff:90:d4:60:27:6d:89:86:10:
19:90:9e:4f:23:e3:98:36:a9:dd:32:0a:7a:f6:08:82:0c:31:
21:5d:d1:cc:4e:ec:e1:d6:04:9c:2a:51:56:b4:7e:2f:82:d4:
56:23:60:e5:9e:da:23:4f:67:7d:f4:91:3e:85:6f:3f:c6:f6:
1f:6f:fc:c6:55:f1:6b:7a:91:38:79:7f:df:fa:8e:86:a0:20:
fb:ea:f9:52:49:bc:a5:62:b1:aa:cf:f3:76:48:74:2e:42:1b:
a1:6b:0a:76
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYQX7DLy5/D/pi8r75oJQtHoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU0MWZkYzdhMmYxMWE1NzY2ZDNhZDdiZGY2MjVjZTVlMTE5
YThmZGYwHhcNMjIxMDI3MDUzMTA2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNTM2OTNiZGRkOTEyYjAxMDExMGRiNTIyYzMwYTJlMTMzZDA1MmYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnGD2oahFOb0LDitzIfNkYsiEuYPp
NhrVTQftRYOGLx6scksfmvMHSH+2sXR3Y4v7UPJgTXBpSxoslJzi236zOFssAoJH
9+pzhP+uB0+lANMLuRwjIUh0xNJnqsfk6rGtUVF2H7cACPCwTSZnUjcHQYRkzlwn
HcTHgf5YmOp9BrUaWBuhiOZtU69TloLdetSMyd6jEFC4qdpr16m4f3XdNvcZMC+i
Uyw9BZB0USkGBulS7ZADS0rMiG2HcfZA8CfvyqVzunVGzZvnESKi/RBoyRZYmU+f
YPZRslI8HeCBoqXGpumqlZs171QhwJwm4FjngmK07qATZLZ06poCYdzkSQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCU2k73dkSsBARDbUiwwouEz0FLyMB8GA1UdIwQY
MBaAFFQf3HovEaV2bTrXvfYlzl4Rmo/fMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVkJfY2VpOFJwWFp0T3RlOTlpWE9YaEdhajk4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZC84ZmFkNjctYmI2Yi00NzczLWI4MWUt
YzkwMGE4OWYyMGYxLzEvSlRhVHZkMlJLd0VCRU50U0xEQ2k0VFBRVXZJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZC84ZmFkNjctYmI2Yi00NzczLWI4MWUtYzkwMGE4OWYyMGYx
LzEvVkJfY2VpOFJwWFp0T3RlOTlpWE9YaEdhajk4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuWgrMA0G
CSqGSIb3DQEBCwUAA4IBAQBt12+fMWOj6K0tKyPQcOjBXxb3vpmxzLwhHXtOtTX3
DIjhiV7bGUvEF9TKtmXPgeKbUH6Y40zFiPvBrTge4frUupXP3EGykjtT3xD1bOlT
6lDEv6SXNMOhuh9iszpKAdT7QBMh+H10kC4oLd1FdowRH9uGDituaCbpf46+k6a/
V1A+Bl5XrohMm7ZnVDu9EAhKatFp3mPivzr/kNRgJ22JhhAZkJ5PI+OYNqndMgp6
9giCDDEhXdHMTuzh1gScKlFWtH4vgtRWI2DlntojT2d99JE+hW8/xvYfb/zGVfFr
epE4eX/f+o6GoCD76vlSSbylYrGqz/N2SHQuQhuhawp2
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:47:57 2023 by rpki-client on console-fra.rpki-client.org