Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/8fad67-bb6b-4773-b81e-c900a89f20f1/1/WIICKysRk2tkXSqsnlAttzbzukI.roa
File: WIICKysRk2tkXSqsnlAttzbzukI.roa (raw, json)
Hash identifier: emf7Ghy0vqt9QCiDKWf3t1r8i7oQ+76bXCYUs0H/9YE=
Subject key identifier: 58:82:02:2B:2B:11:93:6B:64:5D:2A:AC:9E:50:2D:B7:36:F3:BA:42
Certificate issuer: /CN=541fdc7a2f11a5766d3ad7bdf625ce5e119a8fdf
Certificate serial: 057DE0BF
Authority key identifier: 54:1F:DC:7A:2F:11:A5:76:6D:3A:D7:BD:F6:25:CE:5E:11:9A:8F:DF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VB_cei8RpXZtOte99iXOXhGaj98.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4d/8fad67-bb6b-4773-b81e-c900a89f20f1/1/WIICKysRk2tkXSqsnlAttzbzukI.roa
Signing time: Wed 04 May 2022 06:10:03 +0000
ROA not before: Wed 04 May 2022 06:10:03 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 40676
IP address blocks: 185.104.42.0/24 maxlen: 24
185.104.43.0/24 maxlen: 24
185.101.171.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 92135615 (0x57de0bf)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=541fdc7a2f11a5766d3ad7bdf625ce5e119a8fdf
Validity
Not Before: May 4 06:10:03 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5882022b2b11936b645d2aac9e502db736f3ba42
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:9a:c7:26:88:d2:ce:15:6e:1d:e8:35:4d:0c:
1d:e6:aa:76:c4:8a:08:73:62:66:ad:82:52:92:10:
ac:cd:86:c4:1e:50:df:81:6d:95:db:5d:ac:7d:ad:
76:bf:78:6e:d3:c6:ed:54:fd:35:41:ec:98:61:17:
76:1e:6e:67:58:54:2b:32:4b:54:a8:b8:cd:c8:7b:
b3:0d:67:95:93:d2:ae:1c:f6:6e:f3:15:b0:5a:9b:
58:c7:b0:1b:48:10:e8:42:2a:1c:1a:72:e8:4b:1b:
23:40:18:62:56:96:f2:57:6d:76:a6:b8:fe:0b:1e:
c0:13:ff:cd:dd:fb:d3:bc:7a:e9:8c:52:0a:da:26:
84:be:92:a1:3d:24:52:04:fe:a7:67:a6:12:00:20:
bb:d1:43:e0:5e:33:b1:da:fa:ed:a5:96:f8:bb:ee:
91:c9:ad:14:93:31:b3:4c:ec:92:1c:84:7e:fa:34:
ef:c8:5f:b9:e3:9c:13:2a:85:97:e7:1f:ec:aa:bd:
ce:2f:58:52:7e:1f:da:b9:9f:3e:7e:af:13:66:b8:
da:32:77:b1:32:81:ba:9b:0c:54:ed:7c:1d:92:e3:
07:eb:a8:17:0c:17:b9:4b:33:89:a4:81:42:8a:99:
6e:0a:50:da:cf:be:d0:27:05:80:29:ca:f4:93:bf:
a2:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:82:02:2B:2B:11:93:6B:64:5D:2A:AC:9E:50:2D:B7:36:F3:BA:42
X509v3 Authority Key Identifier:
keyid:54:1F:DC:7A:2F:11:A5:76:6D:3A:D7:BD:F6:25:CE:5E:11:9A:8F:DF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VB_cei8RpXZtOte99iXOXhGaj98.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/8fad67-bb6b-4773-b81e-c900a89f20f1/1/WIICKysRk2tkXSqsnlAttzbzukI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/8fad67-bb6b-4773-b81e-c900a89f20f1/1/VB_cei8RpXZtOte99iXOXhGaj98.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.101.171.0/24
185.104.42.0/23
Signature Algorithm: sha256WithRSAEncryption
0e:3a:ca:7f:33:29:8a:f0:06:82:4e:de:c2:70:1f:3f:fc:53:
75:2f:48:a7:8b:18:e4:4a:fc:b1:44:41:66:36:ee:a1:05:a3:
40:a9:47:a2:1d:c6:9b:61:d2:cf:dc:ba:5e:a0:a7:90:70:7a:
e3:b4:b7:ac:4e:8f:92:01:ac:eb:30:be:1f:ea:c7:f0:19:60:
29:95:85:84:c7:45:97:17:4a:3f:2c:cb:24:df:75:c4:9e:02:
93:80:95:ea:4c:6f:38:dd:77:7b:80:4c:29:fb:d8:ac:cd:2d:
95:91:53:99:63:fe:f2:23:cd:d9:2c:88:c7:3b:86:fc:e8:e3:
96:0b:50:81:a6:62:9e:28:75:45:80:4d:a7:09:3e:0f:40:71:
18:8a:8e:6a:7d:59:b9:69:91:65:60:41:fb:4d:e3:92:cb:66:
20:1c:c7:d6:e7:81:f2:d7:b5:9c:74:7e:71:81:ad:06:01:87:
8b:8d:29:5a:e4:fe:ee:d0:9b:36:8c:a3:85:b2:e6:c2:80:b8:
d0:db:fb:26:ee:ac:db:c9:d0:23:86:45:eb:8e:08:2c:c9:6b:
0f:e6:84:64:1a:67:04:d4:62:76:75:61:f8:e8:cc:a8:eb:16:
7e:bf:7f:fb:47:ee:76:c3:8e:99:75:50:1c:56:67:83:61:39:
4c:13:fc:2a
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEBX3gvzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
NDFmZGM3YTJmMTFhNTc2NmQzYWQ3YmRmNjI1Y2U1ZTExOWE4ZmRmMB4XDTIyMDUw
NDA2MTAwM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNTg4MjAyMmIyYjEx
OTM2YjY0NWQyYWFjOWU1MDJkYjczNmYzYmE0MjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJaaxyaI0s4Vbh3oNU0MHeaqdsSKCHNiZq2CUpIQrM2GxB5Q
34FtldtdrH2tdr94btPG7VT9NUHsmGEXdh5uZ1hUKzJLVKi4zch7sw1nlZPSrhz2
bvMVsFqbWMewG0gQ6EIqHBpy6EsbI0AYYlaW8ldtdqa4/gsewBP/zd3707x66YxS
CtomhL6SoT0kUgT+p2emEgAgu9FD4F4zsdr67aWW+LvukcmtFJMxs0zskhyEfvo0
78hfueOcEyqFl+cf7Kq9zi9YUn4f2rmfPn6vE2a42jJ3sTKBupsMVO18HZLjB+uo
FwwXuUsziaSBQoqZbgpQ2s++0CcFgCnK9JO/oiECAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBRYggIrKxGTa2RdKqyeUC23NvO6QjAfBgNVHSMEGDAWgBRUH9x6LxGldm06
1732Jc5eEZqP3zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1ZCX2NlaThScFhadE90ZTk5aVhPWGhHYWo5OC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNGQvOGZhZDY3LWJiNmItNDc3My1iODFlLWM5MDBhODlmMjBmMS8x
L1dJSUNLeXNSazJ0a1hTcXNubEF0dHpienVrSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNGQv
OGZhZDY3LWJiNmItNDc3My1iODFlLWM5MDBhODlmMjBmMS8xL1ZCX2NlaThScFha
dE90ZTk5aVhPWGhHYWo5OC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEALllqwMEAbloKjANBgkqhkiG9w0B
AQsFAAOCAQEADjrKfzMpivAGgk7ewnAfP/xTdS9Ip4sY5Er8sURBZjbuoQWjQKlH
oh3Gm2HSz9y6XqCnkHB647S3rE6PkgGs6zC+H+rH8BlgKZWFhMdFlxdKPyzLJN91
xJ4Ck4CV6kxvON13e4BMKfvYrM0tlZFTmWP+8iPN2SyIxzuG/OjjlgtQgaZinih1
RYBNpwk+D0BxGIqOan1ZuWmRZWBB+03jkstmIBzH1ueB8te1nHR+cYGtBgGHi40p
WuT+7tCbNoyjhbLmwoC40Nv7Ju6s28nQI4ZF644ILMlrD+aEZBpnBNRidnVh+OjM
qOsWfr9/+0fudsOOmXVQHFZng2E5TBP8Kg==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:51:39 2023 by rpki-client on console-ams.rpki-client.org