Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/8fad67-bb6b-4773-b81e-c900a89f20f1/1/crAtY-Cb8APi-Vy-d_jxcUDncEw.roa
File: crAtY-Cb8APi-Vy-d_jxcUDncEw.roa (raw, json)
Hash identifier: XjfCG0zAlLTsvIK/d2e2kqgjyZMWJZWVPxGmow+HZ+s=
Subject key identifier: 72:B0:2D:63:E0:9B:F0:03:E2:F9:5C:BE:77:F8:F1:71:40:E7:70:4C
Certificate issuer: /CN=541fdc7a2f11a5766d3ad7bdf625ce5e119a8fdf
Certificate serial: 0184377D4ECA57AEE3DA40177DBCEC540AFC
Authority key identifier: 54:1F:DC:7A:2F:11:A5:76:6D:3A:D7:BD:F6:25:CE:5E:11:9A:8F:DF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VB_cei8RpXZtOte99iXOXhGaj98.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4d/8fad67-bb6b-4773-b81e-c900a89f20f1/1/crAtY-Cb8APi-Vy-d_jxcUDncEw.roa
Signing time: Wed 02 Nov 2022 08:37:49 +0000
ROA not before: Wed 02 Nov 2022 08:37:49 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 210439
IP address blocks: 185.104.43.0/24 maxlen: 24
185.101.170.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:37:7d:4e:ca:57:ae:e3:da:40:17:7d:bc:ec:54:0a:fc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=541fdc7a2f11a5766d3ad7bdf625ce5e119a8fdf
Validity
Not Before: Nov 2 08:37:49 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=72b02d63e09bf003e2f95cbe77f8f17140e7704c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:3a:a1:21:28:c2:15:f8:84:28:d7:db:c3:55:
bf:bf:ed:3e:82:41:42:62:53:c2:b6:f7:fc:d7:0a:
35:d2:16:b9:e5:79:f0:b3:4c:40:90:41:3d:75:5c:
59:89:86:95:da:ea:6e:9a:f5:b2:d7:7e:92:38:70:
db:4f:73:2f:85:09:fc:3c:7e:88:36:c1:94:14:ae:
90:8d:15:40:bc:5b:99:41:e8:01:fd:c4:15:67:73:
f3:7b:13:4f:b2:c2:52:87:a7:77:17:65:c6:7c:68:
27:a3:84:f3:95:3a:88:af:70:0d:b7:80:e4:21:fc:
b3:76:8b:af:f7:ce:dc:7e:10:1e:47:69:10:27:84:
4b:58:57:b2:c8:71:36:b9:4a:89:00:09:37:1d:bd:
98:c9:d8:c9:a6:96:f6:13:77:21:a1:5b:21:f4:cc:
c0:9c:35:86:1c:75:37:34:f0:24:7b:64:b9:d0:27:
a7:6d:db:72:18:cc:9a:36:fe:97:df:af:73:1a:c0:
56:41:91:8a:2e:14:1a:f1:f4:a0:6d:e7:45:e3:ac:
a8:93:e5:5e:df:c2:15:c5:90:2e:83:58:40:b4:ab:
8a:55:2b:d1:05:79:6d:1e:f4:b0:d2:1e:53:d6:c3:
e1:ed:37:6d:a9:ab:c1:0e:12:43:f0:f5:84:3f:17:
83:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:B0:2D:63:E0:9B:F0:03:E2:F9:5C:BE:77:F8:F1:71:40:E7:70:4C
X509v3 Authority Key Identifier:
keyid:54:1F:DC:7A:2F:11:A5:76:6D:3A:D7:BD:F6:25:CE:5E:11:9A:8F:DF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VB_cei8RpXZtOte99iXOXhGaj98.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/8fad67-bb6b-4773-b81e-c900a89f20f1/1/crAtY-Cb8APi-Vy-d_jxcUDncEw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/8fad67-bb6b-4773-b81e-c900a89f20f1/1/VB_cei8RpXZtOte99iXOXhGaj98.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.101.170.0/24
185.104.43.0/24
Signature Algorithm: sha256WithRSAEncryption
08:57:4e:39:da:be:39:78:07:ba:1e:1c:c5:f2:ae:1e:b3:5a:
3c:f1:ae:1d:69:b7:e6:7b:03:3f:0b:d0:65:08:b1:62:a2:52:
a4:9a:85:65:cc:ae:04:a3:1c:26:44:9a:02:b7:3b:64:a5:11:
28:ca:c7:f7:09:da:17:6e:1e:54:97:7e:db:ba:de:52:b4:f0:
77:bc:80:3f:f8:96:25:df:7e:fa:3a:c2:2d:c9:10:f1:68:21:
98:62:d4:03:d1:ee:a0:97:7a:22:b6:52:c5:8a:78:d8:72:6f:
bc:dc:a5:ed:70:21:bf:dc:50:ca:ed:b1:b1:e3:7d:f0:9d:d5:
d2:9f:88:f9:37:64:5b:a3:57:68:5f:d5:a6:ca:6d:82:7a:8a:
7f:b3:65:a2:b7:31:e4:e5:22:a3:e7:dd:96:96:d3:8c:fc:57:
43:a7:29:a8:90:ca:32:f3:ac:59:e0:10:06:cb:d1:18:38:96:
e1:1b:e0:be:e2:df:5e:29:75:30:a4:36:4e:37:35:cd:12:2b:
1b:2e:31:e6:34:90:59:c2:7a:52:43:92:5b:f0:9d:eb:09:15:
55:13:e2:fe:2a:30:e4:4e:2a:5c:41:f5:d2:e5:0a:c0:9e:89:
57:33:77:b8:61:cd:e5:60:00:4a:8d:49:5b:7e:a9:6e:99:69:
83:32:cd:5d
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYQ3fU7KV67j2kAXfbzsVAr8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU0MWZkYzdhMmYxMWE1NzY2ZDNhZDdiZGY2MjVjZTVlMTE5
YThmZGYwHhcNMjIxMTAyMDgzNzQ5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MmIwMmQ2M2UwOWJmMDAzZTJmOTVjYmU3N2Y4ZjE3MTQwZTc3MDRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiDqhISjCFfiEKNfbw1W/v+0+gkFC
YlPCtvf81wo10ha55Xnws0xAkEE9dVxZiYaV2upumvWy136SOHDbT3MvhQn8PH6I
NsGUFK6QjRVAvFuZQegB/cQVZ3PzexNPssJSh6d3F2XGfGgno4TzlTqIr3ANt4Dk
Ifyzdouv987cfhAeR2kQJ4RLWFeyyHE2uUqJAAk3Hb2YydjJppb2E3choVsh9MzA
nDWGHHU3NPAke2S50CenbdtyGMyaNv6X369zGsBWQZGKLhQa8fSgbedF46yok+Ve
38IVxZAug1hAtKuKVSvRBXltHvSw0h5T1sPh7TdtqavBDhJD8PWEPxeDAwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFHKwLWPgm/AD4vlcvnf48XFA53BMMB8GA1UdIwQY
MBaAFFQf3HovEaV2bTrXvfYlzl4Rmo/fMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVkJfY2VpOFJwWFp0T3RlOTlpWE9YaEdhajk4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZC84ZmFkNjctYmI2Yi00NzczLWI4MWUt
YzkwMGE4OWYyMGYxLzEvY3JBdFktQ2I4QVBpLVZ5LWRfanhjVURuY0V3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZC84ZmFkNjctYmI2Yi00NzczLWI4MWUtYzkwMGE4OWYyMGYx
LzEvVkJfY2VpOFJwWFp0T3RlOTlpWE9YaEdhajk4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAuWWqAwQA
uWgrMA0GCSqGSIb3DQEBCwUAA4IBAQAIV0452r45eAe6HhzF8q4es1o88a4dabfm
ewM/C9BlCLFiolKkmoVlzK4EoxwmRJoCtztkpREoysf3CdoXbh5Ul37but5StPB3
vIA/+JYl3376OsItyRDxaCGYYtQD0e6gl3oitlLFinjYcm+83KXtcCG/3FDK7bGx
433wndXSn4j5N2Rbo1doX9Wmym2Ceop/s2WitzHk5SKj592WltOM/FdDpymokMoy
86xZ4BAGy9EYOJbhG+C+4t9eKXUwpDZONzXNEisbLjHmNJBZwnpSQ5Jb8J3rCRVV
E+L+KjDkTipcQfXS5QrAnolXM3e4Yc3lYABKjUlbfqlumWmDMs1d
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:51:39 2023 by rpki-client on console-ams.rpki-client.org