Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/8fad67-bb6b-4773-b81e-c900a89f20f1/1/_NXx9MCOvo_pUqYQcOPbuhJrfRc.roa
File: _NXx9MCOvo_pUqYQcOPbuhJrfRc.roa (raw, json)
Hash identifier: 4QliyNqSWtQm+4630SNE3+irBkEoq8sA16b5pZxJQ+A=
Subject key identifier: FC:D5:F1:F4:C0:8E:BE:8F:E9:52:A6:10:70:E3:DB:BA:12:6B:7D:17
Certificate issuer: /CN=541fdc7a2f11a5766d3ad7bdf625ce5e119a8fdf
Certificate serial: 0184EC33FA86AA2ECB440B3C3D6AE2CF34B2
Authority key identifier: 54:1F:DC:7A:2F:11:A5:76:6D:3A:D7:BD:F6:25:CE:5E:11:9A:8F:DF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VB_cei8RpXZtOte99iXOXhGaj98.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4d/8fad67-bb6b-4773-b81e-c900a89f20f1/1/_NXx9MCOvo_pUqYQcOPbuhJrfRc.roa
Signing time: Wed 07 Dec 2022 10:49:00 +0000
ROA not before: Wed 07 Dec 2022 10:49:00 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 207279
IP address blocks: 185.104.43.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:ec:33:fa:86:aa:2e:cb:44:0b:3c:3d:6a:e2:cf:34:b2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=541fdc7a2f11a5766d3ad7bdf625ce5e119a8fdf
Validity
Not Before: Dec 7 10:49:00 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=fcd5f1f4c08ebe8fe952a61070e3dbba126b7d17
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:ce:67:36:7e:6b:1e:e8:c5:3d:9e:9d:80:87:
c2:b7:7b:81:fb:44:93:33:87:10:c5:d0:fd:33:4d:
22:bc:02:73:e3:05:72:00:fd:6c:6c:16:e9:f1:70:
bb:c0:97:ac:6d:8a:2a:c7:19:ed:c5:52:95:a3:23:
be:58:f1:6d:f2:bd:37:27:8a:eb:e1:69:c7:f8:99:
fb:19:df:28:0a:14:67:f9:5b:48:ea:1b:5d:ed:79:
1c:fa:af:17:49:5e:32:70:89:f7:25:9d:b9:f2:96:
02:7e:e0:8b:53:6f:02:28:ed:da:0b:65:21:b2:3f:
73:b0:2e:ba:11:fd:8a:7f:11:e7:69:a6:6e:d9:1c:
b0:05:eb:12:93:52:1b:9b:a8:ba:f2:1d:7a:73:26:
09:11:63:2f:53:32:a2:66:0b:a6:b6:98:6d:63:a0:
0b:fd:1f:8e:7b:c5:ea:f8:2b:8d:3a:be:51:77:ab:
1e:77:27:ad:a7:da:bd:c7:9a:58:12:dc:9d:bd:2c:
88:75:6b:6d:32:5c:f6:0f:dd:82:d8:88:c1:16:20:
d0:3b:fe:77:5a:f6:28:ee:e6:a0:f8:95:59:40:e4:
0a:07:74:95:6f:86:39:7f:91:3d:e9:a9:f7:dd:69:
a9:a9:3e:89:92:a8:25:50:f5:44:5f:59:97:c3:99:
98:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FC:D5:F1:F4:C0:8E:BE:8F:E9:52:A6:10:70:E3:DB:BA:12:6B:7D:17
X509v3 Authority Key Identifier:
keyid:54:1F:DC:7A:2F:11:A5:76:6D:3A:D7:BD:F6:25:CE:5E:11:9A:8F:DF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VB_cei8RpXZtOte99iXOXhGaj98.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/8fad67-bb6b-4773-b81e-c900a89f20f1/1/_NXx9MCOvo_pUqYQcOPbuhJrfRc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/8fad67-bb6b-4773-b81e-c900a89f20f1/1/VB_cei8RpXZtOte99iXOXhGaj98.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.104.43.0/24
Signature Algorithm: sha256WithRSAEncryption
67:c7:66:5e:eb:9a:c0:10:af:9f:18:9a:8e:a2:de:c5:6d:4e:
f9:01:b1:56:f9:c2:e1:30:57:72:c2:86:bd:75:80:5b:a3:f0:
8b:6e:5c:02:d3:17:10:54:13:be:cf:c6:20:67:99:86:b8:39:
a0:9b:fe:ee:eb:51:67:c5:25:ff:49:3b:c6:2a:e0:3c:e8:0f:
14:6a:b1:7e:e2:52:23:18:23:c2:5a:61:1b:3d:b7:a5:06:3e:
e8:56:9d:0b:cb:7c:8b:c0:da:2d:9f:d6:34:bf:20:23:7d:4f:
18:1b:4d:32:05:36:47:22:ac:90:64:31:8b:61:15:42:7b:49:
76:38:09:2a:57:d4:6d:5e:89:f5:bb:5b:65:aa:41:1c:8d:69:
59:e4:55:db:cc:1b:ba:00:a8:a8:51:b3:71:fd:9a:d8:bf:0e:
80:6a:47:f3:02:a1:ac:ae:9d:91:26:1a:c9:05:ee:8c:9c:6d:
88:32:d0:58:20:c9:5e:cb:6b:1e:10:14:38:f3:c8:e1:1e:70:
16:60:c6:7a:ef:c6:82:6a:e9:f9:26:85:e0:d5:08:1b:99:7d:
ef:fb:5f:c9:c7:57:88:c3:2d:7a:ae:fd:fc:6f:35:f2:9f:5a:
5c:41:d9:8f:5b:64:ca:c7:39:3f:dc:17:8c:42:2a:71:14:59:
d7:06:4b:68
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYTsM/qGqi7LRAs8PWrizzSyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU0MWZkYzdhMmYxMWE1NzY2ZDNhZDdiZGY2MjVjZTVlMTE5
YThmZGYwHhcNMjIxMjA3MTA0OTAwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmY2Q1ZjFmNGMwOGViZThmZTk1MmE2MTA3MGUzZGJiYTEyNmI3ZDE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq85nNn5rHujFPZ6dgIfCt3uB+0ST
M4cQxdD9M00ivAJz4wVyAP1sbBbp8XC7wJesbYoqxxntxVKVoyO+WPFt8r03J4rr
4WnH+Jn7Gd8oChRn+VtI6htd7Xkc+q8XSV4ycIn3JZ258pYCfuCLU28CKO3aC2Uh
sj9zsC66Ef2KfxHnaaZu2RywBesSk1Ibm6i68h16cyYJEWMvUzKiZgumtphtY6AL
/R+Oe8Xq+CuNOr5Rd6sedyetp9q9x5pYEtydvSyIdWttMlz2D92C2IjBFiDQO/53
WvYo7uag+JVZQOQKB3SVb4Y5f5E96an33WmpqT6JkqglUPVEX1mXw5mY8QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPzV8fTAjr6P6VKmEHDj27oSa30XMB8GA1UdIwQY
MBaAFFQf3HovEaV2bTrXvfYlzl4Rmo/fMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVkJfY2VpOFJwWFp0T3RlOTlpWE9YaEdhajk4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZC84ZmFkNjctYmI2Yi00NzczLWI4MWUt
YzkwMGE4OWYyMGYxLzEvX05YeDlNQ092b19wVXFZUWNPUGJ1aEpyZlJjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZC84ZmFkNjctYmI2Yi00NzczLWI4MWUtYzkwMGE4OWYyMGYx
LzEvVkJfY2VpOFJwWFp0T3RlOTlpWE9YaEdhajk4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuWgrMA0G
CSqGSIb3DQEBCwUAA4IBAQBnx2Ze65rAEK+fGJqOot7FbU75AbFW+cLhMFdywoa9
dYBbo/CLblwC0xcQVBO+z8YgZ5mGuDmgm/7u61FnxSX/STvGKuA86A8UarF+4lIj
GCPCWmEbPbelBj7oVp0Ly3yLwNotn9Y0vyAjfU8YG00yBTZHIqyQZDGLYRVCe0l2
OAkqV9RtXon1u1tlqkEcjWlZ5FXbzBu6AKioUbNx/ZrYvw6AakfzAqGsrp2RJhrJ
Be6MnG2IMtBYIMley2seEBQ488jhHnAWYMZ678aCaun5JoXg1QgbmX3v+1/Jx1eI
wy16rv38bzXyn1pcQdmPW2TKxzk/3BeMQipxFFnXBkto
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:51:39 2023 by rpki-client on console-ams.rpki-client.org