Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/8fad67-bb6b-4773-b81e-c900a89f20f1/1/LoJ5ZPKjIcprPMk4sxhj2CmmJKs.roa
File: LoJ5ZPKjIcprPMk4sxhj2CmmJKs.roa (raw, json)
Hash identifier: i82f8zkXL73ZpPRvNrsw0U54Ld0JfyAXeA3pgBShm8k=
Subject key identifier: 2E:82:79:64:F2:A3:21:CA:6B:3C:C9:38:B3:18:63:D8:29:A6:24:AB
Certificate issuer: /CN=541fdc7a2f11a5766d3ad7bdf625ce5e119a8fdf
Certificate serial: 0182B029FB45E94B71526E07AC27F23021BD
Authority key identifier: 54:1F:DC:7A:2F:11:A5:76:6D:3A:D7:BD:F6:25:CE:5E:11:9A:8F:DF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VB_cei8RpXZtOte99iXOXhGaj98.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4d/8fad67-bb6b-4773-b81e-c900a89f20f1/1/LoJ5ZPKjIcprPMk4sxhj2CmmJKs.roa
Signing time: Thu 18 Aug 2022 08:55:17 +0000
ROA not before: Thu 18 Aug 2022 08:55:17 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 61317
IP address blocks: 185.104.43.0/24 maxlen: 24
185.104.40.0/24 maxlen: 24
185.101.168.0/24 maxlen: 24
185.101.168.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:b0:29:fb:45:e9:4b:71:52:6e:07:ac:27:f2:30:21:bd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=541fdc7a2f11a5766d3ad7bdf625ce5e119a8fdf
Validity
Not Before: Aug 18 08:55:17 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2e827964f2a321ca6b3cc938b31863d829a624ab
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:29:3b:3e:be:f1:c4:57:2a:a8:d0:ac:2c:ec:
b5:3a:4a:1e:8a:1b:87:15:75:df:b4:3a:80:e6:ac:
9e:f0:40:33:f5:15:3d:1c:ae:cb:56:cf:33:ad:87:
12:84:b0:8c:49:95:f5:5d:41:ad:cb:47:47:5b:f4:
bc:0c:16:a9:48:d9:a6:85:91:f2:50:93:c5:3b:75:
7c:96:f6:c1:27:b4:84:6f:fa:aa:0b:eb:eb:21:89:
ea:3e:93:c2:4d:6f:37:eb:9b:52:b4:2c:41:16:5c:
a9:24:67:dc:b1:03:70:ad:7d:12:99:28:46:a2:fd:
c8:3b:d6:4e:4f:a3:f6:8e:7d:8c:5e:5c:61:77:15:
a7:c5:79:73:4e:6a:61:05:a8:b2:7f:61:63:77:ef:
bf:e7:a1:81:3d:cb:e2:9e:97:02:0f:27:13:10:86:
14:3c:e5:d7:c5:21:a8:31:e2:4c:53:a4:2f:21:05:
47:77:5a:d5:d6:1e:e8:be:e9:90:81:db:5f:90:a8:
5a:7f:29:bb:85:06:65:09:c6:f0:92:f6:b4:71:6d:
02:ea:37:d1:7e:3e:41:6e:92:02:be:64:c6:c9:a2:
1e:26:49:19:a2:ca:25:0b:85:6f:42:e1:75:63:49:
2d:db:e4:98:48:c5:b3:f0:9d:a2:3f:80:a6:13:01:
38:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:82:79:64:F2:A3:21:CA:6B:3C:C9:38:B3:18:63:D8:29:A6:24:AB
X509v3 Authority Key Identifier:
keyid:54:1F:DC:7A:2F:11:A5:76:6D:3A:D7:BD:F6:25:CE:5E:11:9A:8F:DF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VB_cei8RpXZtOte99iXOXhGaj98.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/8fad67-bb6b-4773-b81e-c900a89f20f1/1/LoJ5ZPKjIcprPMk4sxhj2CmmJKs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/8fad67-bb6b-4773-b81e-c900a89f20f1/1/VB_cei8RpXZtOte99iXOXhGaj98.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.101.168.0/22
185.104.40.0/24
185.104.43.0/24
Signature Algorithm: sha256WithRSAEncryption
26:eb:f5:c9:04:18:73:99:ad:5e:94:78:d8:2d:c4:1e:92:92:
a6:3f:dc:de:66:d9:7a:e7:4f:b7:9f:12:15:77:e6:f1:0f:f3:
b4:ec:98:b0:e6:c8:75:f1:1f:ee:ec:b8:a7:12:30:5b:03:3c:
a8:f9:ee:f9:5f:fb:e2:02:f9:8d:62:cb:5d:ab:c5:d5:b7:d4:
52:10:a1:73:b6:70:3d:91:15:2a:b8:2d:03:12:16:3d:25:30:
f8:18:9e:10:59:45:95:66:1e:36:d0:f2:09:a6:3a:6d:d7:f6:
0b:3c:cf:88:72:07:eb:e9:d3:81:8c:94:52:97:1e:79:bd:48:
7d:45:6c:b5:20:01:98:7e:4b:b9:f9:c0:7f:42:42:3a:d1:04:
e4:f6:37:b6:33:f4:fd:8d:85:88:d6:5a:16:68:05:e3:55:3d:
93:c1:dc:c7:33:02:0c:e8:f3:76:52:8a:36:98:39:ad:d6:03:
d6:81:9a:eb:90:3e:af:8b:fe:e9:d4:09:fe:37:fe:53:6b:9f:
55:88:66:30:47:03:9f:9a:a2:1a:1f:a9:1b:91:b7:a3:04:95:
32:8a:4d:51:0c:46:20:22:6a:75:64:d3:68:75:a2:75:c2:28:
94:5f:52:f3:7b:4d:89:98:96:fe:08:56:b5:51:c5:2b:d5:de:
1c:18:d9:af
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYKwKftF6UtxUm4HrCfyMCG9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU0MWZkYzdhMmYxMWE1NzY2ZDNhZDdiZGY2MjVjZTVlMTE5
YThmZGYwHhcNMjIwODE4MDg1NTE3WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZTgyNzk2NGYyYTMyMWNhNmIzY2M5MzhiMzE4NjNkODI5YTYyNGFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqyk7Pr7xxFcqqNCsLOy1OkoeihuH
FXXftDqA5qye8EAz9RU9HK7LVs8zrYcShLCMSZX1XUGty0dHW/S8DBapSNmmhZHy
UJPFO3V8lvbBJ7SEb/qqC+vrIYnqPpPCTW8365tStCxBFlypJGfcsQNwrX0SmShG
ov3IO9ZOT6P2jn2MXlxhdxWnxXlzTmphBaiyf2Fjd++/56GBPcvinpcCDycTEIYU
POXXxSGoMeJMU6QvIQVHd1rV1h7ovumQgdtfkKhafym7hQZlCcbwkva0cW0C6jfR
fj5BbpICvmTGyaIeJkkZosolC4VvQuF1Y0kt2+SYSMWz8J2iP4CmEwE4owIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFC6CeWTyoyHKazzJOLMYY9gppiSrMB8GA1UdIwQY
MBaAFFQf3HovEaV2bTrXvfYlzl4Rmo/fMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVkJfY2VpOFJwWFp0T3RlOTlpWE9YaEdhajk4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZC84ZmFkNjctYmI2Yi00NzczLWI4MWUt
YzkwMGE4OWYyMGYxLzEvTG9KNVpQS2pJY3ByUE1rNHN4aGoyQ21tSktzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZC84ZmFkNjctYmI2Yi00NzczLWI4MWUtYzkwMGE4OWYyMGYx
LzEvVkJfY2VpOFJwWFp0T3RlOTlpWE9YaEdhajk4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCuWWoAwQA
uWgoAwQAuWgrMA0GCSqGSIb3DQEBCwUAA4IBAQAm6/XJBBhzma1elHjYLcQekpKm
P9zeZtl650+3nxIVd+bxD/O07Jiw5sh18R/u7LinEjBbAzyo+e75X/viAvmNYstd
q8XVt9RSEKFztnA9kRUquC0DEhY9JTD4GJ4QWUWVZh420PIJpjpt1/YLPM+Icgfr
6dOBjJRSlx55vUh9RWy1IAGYfku5+cB/QkI60QTk9je2M/T9jYWI1loWaAXjVT2T
wdzHMwIM6PN2Uoo2mDmt1gPWgZrrkD6vi/7p1An+N/5Ta59ViGYwRwOfmqIaH6kb
kbejBJUyik1RDEYgImp1ZNNodaJ1wiiUX1Lze02JmJb+CFa1UcUr1d4cGNmv
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:47:57 2023 by rpki-client on console-fra.rpki-client.org