Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/8fad67-bb6b-4773-b81e-c900a89f20f1/1/tMjH5QXeshpuu27oU5R5UA8zNKk.roa
File: tMjH5QXeshpuu27oU5R5UA8zNKk.roa (raw, json)
Hash identifier: TszT22VtqBCPeBgRvcyUReT4uQ+JOwABEztJ5LCOtTU=
Subject key identifier: B4:C8:C7:E5:05:DE:B2:1A:6E:BB:6E:E8:53:94:79:50:0F:33:34:A9
Certificate issuer: /CN=541fdc7a2f11a5766d3ad7bdf625ce5e119a8fdf
Certificate serial: 01856F14EA237F12CF5D572432A38630BCF8
Authority key identifier: 54:1F:DC:7A:2F:11:A5:76:6D:3A:D7:BD:F6:25:CE:5E:11:9A:8F:DF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VB_cei8RpXZtOte99iXOXhGaj98.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4d/8fad67-bb6b-4773-b81e-c900a89f20f1/1/tMjH5QXeshpuu27oU5R5UA8zNKk.roa
Signing time: Sun 01 Jan 2023 20:45:19 +0000
ROA not before: Sun 01 Jan 2023 20:45:19 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211237
IP address blocks: 185.104.40.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:14:ea:23:7f:12:cf:5d:57:24:32:a3:86:30:bc:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=541fdc7a2f11a5766d3ad7bdf625ce5e119a8fdf
Validity
Not Before: Jan 1 20:45:19 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b4c8c7e505deb21a6ebb6ee8539479500f3334a9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:13:69:7c:ed:f4:94:45:43:22:72:06:37:26:
2c:2e:4d:bf:59:14:2a:b1:49:6c:66:34:55:7f:0a:
83:55:b3:28:8a:6a:f1:f7:7a:29:33:64:fa:e8:16:
82:b2:04:ea:51:70:59:fd:12:ad:cd:57:44:51:0e:
d6:51:a8:d6:a9:c1:1d:17:02:19:92:99:6d:f5:bc:
20:84:66:8f:4a:17:02:a0:a3:9f:f4:6a:1b:c2:07:
bf:93:fe:86:d4:55:3e:6c:9d:bb:93:6d:a0:64:27:
6a:5a:a4:05:69:59:42:bb:98:4c:37:8f:de:93:bd:
fb:c9:f7:0b:6b:f5:5b:2f:b1:4e:af:5e:e4:b2:5c:
0b:23:b3:fe:ba:f2:7a:65:92:f6:e8:41:13:58:1b:
c5:5f:d6:01:6b:0d:c3:7a:05:ac:99:bf:5a:c6:1b:
9f:77:33:4c:a7:be:45:4a:73:24:42:6b:27:a7:ba:
81:91:af:2c:f7:81:18:f9:45:53:1d:31:c0:c4:2e:
1a:5e:a9:f9:3c:a9:68:f1:11:d0:dd:9c:5e:bf:14:
99:cc:0c:48:2c:1a:fa:ca:b4:b1:2d:a4:62:53:9e:
77:b4:04:6e:5d:02:53:a5:0b:39:64:27:e5:33:e3:
57:3a:2d:aa:f6:a7:89:d1:d5:d2:98:97:62:5c:16:
11:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:C8:C7:E5:05:DE:B2:1A:6E:BB:6E:E8:53:94:79:50:0F:33:34:A9
X509v3 Authority Key Identifier:
keyid:54:1F:DC:7A:2F:11:A5:76:6D:3A:D7:BD:F6:25:CE:5E:11:9A:8F:DF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VB_cei8RpXZtOte99iXOXhGaj98.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/8fad67-bb6b-4773-b81e-c900a89f20f1/1/tMjH5QXeshpuu27oU5R5UA8zNKk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/8fad67-bb6b-4773-b81e-c900a89f20f1/1/VB_cei8RpXZtOte99iXOXhGaj98.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.104.40.0/24
Signature Algorithm: sha256WithRSAEncryption
40:53:1a:32:6a:14:82:27:a1:55:8e:86:6d:f4:00:5e:f9:4f:
dd:32:e3:72:5c:13:d9:fb:06:21:06:be:a0:18:19:d6:0f:15:
82:87:e7:ed:1a:dd:e1:98:b6:7e:64:b9:a8:3a:f0:2a:cd:0e:
7f:fb:aa:d5:4d:e0:be:62:02:f2:4c:05:19:ce:ae:29:c8:51:
76:21:1e:9f:82:68:cc:cf:21:9e:89:b0:bb:e0:81:ca:91:73:
34:a2:4c:44:f4:8a:48:da:cc:75:c8:d8:09:bf:e5:bb:87:4f:
56:6c:eb:2a:00:ba:38:5f:8d:ed:f0:d2:cb:9a:0e:81:ec:c4:
c9:26:86:06:ec:6f:cd:63:28:79:5b:21:d7:67:84:02:d7:48:
75:6c:f0:cc:ad:db:30:3a:9c:be:b3:a6:53:f4:8c:df:f6:b9:
66:29:b1:5c:38:94:4f:06:62:e7:22:61:c3:38:8b:8f:1b:2c:
19:47:0f:9f:1d:4f:e9:e1:c8:e8:01:80:b7:c4:14:68:03:d3:
27:62:3b:11:ab:14:65:5a:36:47:c2:a6:bf:80:56:32:7a:a7:
66:8e:2e:7b:be:f0:64:cd:b3:64:8a:7d:f2:9c:56:cd:a0:dc:
3f:76:73:74:98:e2:d2:ee:37:2b:f7:85:8b:81:3b:41:b1:0f:
57:5f:86:04
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvFOojfxLPXVckMqOGMLz4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU0MWZkYzdhMmYxMWE1NzY2ZDNhZDdiZGY2MjVjZTVlMTE5
YThmZGYwHhcNMjMwMTAxMjA0NTE5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNGM4YzdlNTA1ZGViMjFhNmViYjZlZTg1Mzk0Nzk1MDBmMzMzNGE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArxNpfO30lEVDInIGNyYsLk2/WRQq
sUlsZjRVfwqDVbMoimrx93opM2T66BaCsgTqUXBZ/RKtzVdEUQ7WUajWqcEdFwIZ
kplt9bwghGaPShcCoKOf9Gobwge/k/6G1FU+bJ27k22gZCdqWqQFaVlCu5hMN4/e
k737yfcLa/VbL7FOr17kslwLI7P+uvJ6ZZL26EETWBvFX9YBaw3DegWsmb9axhuf
dzNMp75FSnMkQmsnp7qBka8s94EY+UVTHTHAxC4aXqn5PKlo8RHQ3ZxevxSZzAxI
LBr6yrSxLaRiU553tARuXQJTpQs5ZCflM+NXOi2q9qeJ0dXSmJdiXBYRzQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLTIx+UF3rIabrtu6FOUeVAPMzSpMB8GA1UdIwQY
MBaAFFQf3HovEaV2bTrXvfYlzl4Rmo/fMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVkJfY2VpOFJwWFp0T3RlOTlpWE9YaEdhajk4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZC84ZmFkNjctYmI2Yi00NzczLWI4MWUt
YzkwMGE4OWYyMGYxLzEvdE1qSDVRWGVzaHB1dTI3b1U1UjVVQTh6TktrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZC84ZmFkNjctYmI2Yi00NzczLWI4MWUtYzkwMGE4OWYyMGYx
LzEvVkJfY2VpOFJwWFp0T3RlOTlpWE9YaEdhajk4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuWgoMA0G
CSqGSIb3DQEBCwUAA4IBAQBAUxoyahSCJ6FVjoZt9ABe+U/dMuNyXBPZ+wYhBr6g
GBnWDxWCh+ftGt3hmLZ+ZLmoOvAqzQ5/+6rVTeC+YgLyTAUZzq4pyFF2IR6fgmjM
zyGeibC74IHKkXM0okxE9IpI2sx1yNgJv+W7h09WbOsqALo4X43t8NLLmg6B7MTJ
JoYG7G/NYyh5WyHXZ4QC10h1bPDMrdswOpy+s6ZT9Izf9rlmKbFcOJRPBmLnImHD
OIuPGywZRw+fHU/p4cjoAYC3xBRoA9MnYjsRqxRlWjZHwqa/gFYyeqdmji57vvBk
zbNkin3ynFbNoNw/dnN0mOLS7jcr94WLgTtBsQ9XX4YE
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:47:57 2023 by rpki-client on console-fra.rpki-client.org