Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/8fad67-bb6b-4773-b81e-c900a89f20f1/1/RKaChgXt_wVT0CNoW4BMtNSpYhw.roa
File: RKaChgXt_wVT0CNoW4BMtNSpYhw.roa (raw, json)
Hash identifier: hItdRGVLcZyy0ZOapbPzs+hPcyodp5Qw1VrgRJmQK/s=
Subject key identifier: 44:A6:82:86:05:ED:FF:05:53:D0:23:68:5B:80:4C:B4:D4:A9:62:1C
Certificate issuer: /CN=541fdc7a2f11a5766d3ad7bdf625ce5e119a8fdf
Certificate serial: 018417EC33C66A441316B0ABB6284E16DD6A
Authority key identifier: 54:1F:DC:7A:2F:11:A5:76:6D:3A:D7:BD:F6:25:CE:5E:11:9A:8F:DF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VB_cei8RpXZtOte99iXOXhGaj98.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4d/8fad67-bb6b-4773-b81e-c900a89f20f1/1/RKaChgXt_wVT0CNoW4BMtNSpYhw.roa
Signing time: Thu 27 Oct 2022 05:31:06 +0000
ROA not before: Thu 27 Oct 2022 05:31:06 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 211237
IP address blocks: 185.104.40.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:17:ec:33:c6:6a:44:13:16:b0:ab:b6:28:4e:16:dd:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=541fdc7a2f11a5766d3ad7bdf625ce5e119a8fdf
Validity
Not Before: Oct 27 05:31:06 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=44a6828605edff0553d023685b804cb4d4a9621c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:a4:f9:8e:d1:e3:a5:f3:78:68:2b:50:41:72:
bb:e0:94:77:4d:63:71:b8:9b:9b:79:c1:c8:9c:1f:
24:a0:a3:e0:63:ab:30:89:9e:7a:7a:e4:22:50:de:
5d:da:3f:ea:6d:a9:5d:48:24:17:a7:d7:87:b2:13:
80:96:4e:9b:00:3c:ea:ef:ce:f2:78:1f:ab:e2:72:
54:91:ba:5d:70:8e:cc:3e:24:a8:37:61:f6:da:e3:
ce:e8:de:92:3d:b8:25:5f:b7:28:2f:a4:8d:84:95:
b6:b7:74:3c:7f:97:8d:02:91:76:81:9a:0f:b3:d4:
53:5e:aa:ea:12:da:92:4c:ee:e4:6f:7c:34:3d:14:
b6:a4:09:04:0c:be:24:37:ba:e8:48:ef:c0:f0:6b:
a9:c7:97:4a:26:ee:4f:ec:76:53:14:d7:17:86:d7:
96:86:3a:af:4e:bc:5a:ed:e5:4f:bf:c1:43:fe:eb:
d7:2f:05:ed:cc:58:48:76:4f:4d:37:22:53:04:de:
53:53:ab:76:f8:03:40:71:ca:42:ed:fc:2f:45:e9:
a1:86:b6:6b:c8:01:3f:90:57:f6:8c:0e:79:76:e7:
66:0f:08:d2:8a:75:5f:c1:63:e1:d1:2c:3a:a9:81:
55:97:7e:da:8b:60:fd:2a:4b:ad:7a:ec:2e:21:8a:
be:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:A6:82:86:05:ED:FF:05:53:D0:23:68:5B:80:4C:B4:D4:A9:62:1C
X509v3 Authority Key Identifier:
keyid:54:1F:DC:7A:2F:11:A5:76:6D:3A:D7:BD:F6:25:CE:5E:11:9A:8F:DF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VB_cei8RpXZtOte99iXOXhGaj98.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/8fad67-bb6b-4773-b81e-c900a89f20f1/1/RKaChgXt_wVT0CNoW4BMtNSpYhw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/8fad67-bb6b-4773-b81e-c900a89f20f1/1/VB_cei8RpXZtOte99iXOXhGaj98.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.104.40.0/24
Signature Algorithm: sha256WithRSAEncryption
4c:1d:90:f2:12:74:4b:5b:b9:c8:74:5f:5d:20:c3:f8:d4:ec:
c5:e2:c9:40:58:7c:16:e3:f8:de:b6:58:3a:5b:e7:09:10:06:
58:26:34:d5:c6:63:b4:09:df:99:5e:ba:4c:46:6c:d9:8e:70:
a0:51:9e:41:bd:03:c9:9c:48:b6:2b:d0:6d:f0:c3:76:1d:21:
b7:80:05:cd:2b:26:f6:9b:73:06:bd:cf:e2:a5:19:7d:36:76:
7a:ea:ee:98:da:27:cd:0b:5c:39:fb:53:f0:68:d2:5d:00:fd:
bc:bb:87:f1:8c:d5:43:8d:14:59:10:f8:e3:21:fa:fd:c4:1f:
d2:7f:1c:af:28:58:4b:2b:73:87:99:05:25:6e:24:d5:d4:1a:
39:37:0b:82:1c:ca:11:1f:f3:2c:44:d5:29:e0:bf:a7:a6:32:
96:44:fb:29:7b:e3:f2:00:41:4a:d0:e4:4f:00:ec:b3:93:c3:
66:45:df:11:44:40:27:6b:99:08:4c:8d:14:81:52:9e:f1:0f:
4d:56:1d:a7:32:6d:e4:25:0a:14:4b:93:f0:50:01:e5:a5:15:
6d:c0:fa:c9:dd:eb:1f:c4:4b:11:51:c1:52:4b:c8:18:11:c9:
62:4b:e7:d8:4b:4f:e0:16:9f:a9:b1:bb:5c:42:0f:27:53:87:
60:02:7c:49
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYQX7DPGakQTFrCrtihOFt1qMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU0MWZkYzdhMmYxMWE1NzY2ZDNhZDdiZGY2MjVjZTVlMTE5
YThmZGYwHhcNMjIxMDI3MDUzMTA2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NGE2ODI4NjA1ZWRmZjA1NTNkMDIzNjg1YjgwNGNiNGQ0YTk2MjFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzKT5jtHjpfN4aCtQQXK74JR3TWNx
uJubecHInB8koKPgY6swiZ56euQiUN5d2j/qbaldSCQXp9eHshOAlk6bADzq787y
eB+r4nJUkbpdcI7MPiSoN2H22uPO6N6SPbglX7coL6SNhJW2t3Q8f5eNApF2gZoP
s9RTXqrqEtqSTO7kb3w0PRS2pAkEDL4kN7roSO/A8Gupx5dKJu5P7HZTFNcXhteW
hjqvTrxa7eVPv8FD/uvXLwXtzFhIdk9NNyJTBN5TU6t2+ANAccpC7fwvRemhhrZr
yAE/kFf2jA55dudmDwjSinVfwWPh0Sw6qYFVl37ai2D9KkuteuwuIYq+tQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFESmgoYF7f8FU9AjaFuATLTUqWIcMB8GA1UdIwQY
MBaAFFQf3HovEaV2bTrXvfYlzl4Rmo/fMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVkJfY2VpOFJwWFp0T3RlOTlpWE9YaEdhajk4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZC84ZmFkNjctYmI2Yi00NzczLWI4MWUt
YzkwMGE4OWYyMGYxLzEvUkthQ2hnWHRfd1ZUMENOb1c0Qk10TlNwWWh3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZC84ZmFkNjctYmI2Yi00NzczLWI4MWUtYzkwMGE4OWYyMGYx
LzEvVkJfY2VpOFJwWFp0T3RlOTlpWE9YaEdhajk4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuWgoMA0G
CSqGSIb3DQEBCwUAA4IBAQBMHZDyEnRLW7nIdF9dIMP41OzF4slAWHwW4/jetlg6
W+cJEAZYJjTVxmO0Cd+ZXrpMRmzZjnCgUZ5BvQPJnEi2K9Bt8MN2HSG3gAXNKyb2
m3MGvc/ipRl9NnZ66u6Y2ifNC1w5+1PwaNJdAP28u4fxjNVDjRRZEPjjIfr9xB/S
fxyvKFhLK3OHmQUlbiTV1Bo5NwuCHMoRH/MsRNUp4L+npjKWRPspe+PyAEFK0ORP
AOyzk8NmRd8RREAna5kITI0UgVKe8Q9NVh2nMm3kJQoUS5PwUAHlpRVtwPrJ3esf
xEsRUcFSS8gYEcliS+fYS0/gFp+psbtcQg8nU4dgAnxJ
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:47:57 2023 by rpki-client on console-fra.rpki-client.org