Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/8fad67-bb6b-4773-b81e-c900a89f20f1/1/v2UWNBiFQZdu3WQ55HMJ8ZkliKE.roa
File: v2UWNBiFQZdu3WQ55HMJ8ZkliKE.roa (raw, json)
Hash identifier: /ia20Ldkp02EAwjVWlmFWhEYuexZNhuGZ2UPuZPohAM=
Subject key identifier: BF:65:16:34:18:85:41:97:6E:DD:64:39:E4:73:09:F1:99:25:88:A1
Certificate issuer: /CN=541fdc7a2f11a5766d3ad7bdf625ce5e119a8fdf
Certificate serial: 05E5A7BD
Authority key identifier: 54:1F:DC:7A:2F:11:A5:76:6D:3A:D7:BD:F6:25:CE:5E:11:9A:8F:DF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VB_cei8RpXZtOte99iXOXhGaj98.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4d/8fad67-bb6b-4773-b81e-c900a89f20f1/1/v2UWNBiFQZdu3WQ55HMJ8ZkliKE.roa
Signing time: Sun 19 Jun 2022 12:37:44 +0000
ROA not before: Sun 19 Jun 2022 12:37:44 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 40676
IP address blocks: 185.104.42.0/24 maxlen: 24
185.101.171.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 98936765 (0x5e5a7bd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=541fdc7a2f11a5766d3ad7bdf625ce5e119a8fdf
Validity
Not Before: Jun 19 12:37:44 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=bf651634188541976edd6439e47309f1992588a1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:5a:a0:d5:23:80:6d:59:76:76:17:3f:44:f7:
fd:9c:f7:6d:14:ee:52:fa:e4:29:c3:e2:4f:f3:03:
9b:0c:fd:94:bc:b0:dd:4a:7f:71:d4:72:72:23:56:
b1:16:ee:b3:2e:2e:82:de:41:b5:e5:54:8d:f2:0e:
ca:80:a1:ec:d4:6c:90:3d:1b:8b:48:01:93:6c:da:
52:22:43:18:98:24:40:31:b1:54:aa:7b:70:59:d4:
62:75:11:f5:7f:d6:60:d1:91:1c:8a:5d:9e:06:1c:
4c:b6:5f:a8:53:37:88:e8:3a:74:de:5e:a6:bb:58:
7f:2e:63:22:c6:d3:af:6e:59:10:00:1a:fb:78:56:
b0:15:02:ad:9b:e5:82:93:c1:30:59:1d:5f:ea:52:
f4:0a:91:fa:2b:22:98:f1:0a:67:80:89:84:f7:e5:
32:7a:26:a8:01:67:c7:20:b2:48:75:46:e6:17:49:
2e:36:82:29:64:fe:76:d3:56:0c:fe:33:84:03:7f:
f7:0f:53:f9:18:ec:27:42:1e:38:12:7d:97:29:6b:
a5:ac:7c:b6:58:2e:ad:f3:6a:62:f6:ff:12:5b:c6:
6f:c2:86:1d:af:1c:b1:4d:9c:2f:38:86:83:fd:d4:
01:8a:e9:dc:39:26:35:fe:7a:47:f0:47:e7:a9:fa:
2b:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:65:16:34:18:85:41:97:6E:DD:64:39:E4:73:09:F1:99:25:88:A1
X509v3 Authority Key Identifier:
keyid:54:1F:DC:7A:2F:11:A5:76:6D:3A:D7:BD:F6:25:CE:5E:11:9A:8F:DF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VB_cei8RpXZtOte99iXOXhGaj98.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/8fad67-bb6b-4773-b81e-c900a89f20f1/1/v2UWNBiFQZdu3WQ55HMJ8ZkliKE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/8fad67-bb6b-4773-b81e-c900a89f20f1/1/VB_cei8RpXZtOte99iXOXhGaj98.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.101.171.0/24
185.104.42.0/24
Signature Algorithm: sha256WithRSAEncryption
a0:0e:f1:f9:40:8d:d2:7f:50:ef:75:e6:1b:9b:0f:de:04:6f:
db:c5:42:2d:81:03:4e:76:1c:67:d7:55:3c:0b:11:4d:f7:2f:
3c:4c:ec:a6:cb:28:1b:6b:aa:c8:cf:18:5f:ce:f8:09:05:7e:
14:d3:0c:ef:74:d0:b1:dd:b0:77:c7:e7:16:60:3f:45:d3:63:
8d:c7:fc:3d:93:d6:85:eb:ab:6b:15:6e:fb:61:4d:d3:63:35:
d3:25:e1:74:d6:46:78:fd:f5:fd:1e:e4:18:55:17:ce:80:ee:
f1:a9:eb:52:78:4a:35:8e:f8:a8:67:9e:c3:d4:ef:cf:b6:d5:
fc:aa:81:bf:f6:fa:92:b4:a9:e7:2d:db:d4:e4:c8:cf:cc:29:
10:ff:2c:61:fe:64:9c:38:48:65:12:c5:ca:2f:14:40:23:01:
1f:f0:03:4c:d7:ab:aa:e1:21:4a:23:17:67:0e:07:48:ce:3b:
e7:a7:74:5a:26:6c:71:33:61:91:59:ca:04:b2:21:7e:4d:60:
b1:72:a3:5e:83:fc:fd:38:77:25:62:8b:ea:ad:46:07:91:49:
f1:2a:8c:ce:14:dc:2f:f9:be:f4:68:dd:d5:41:be:b0:a0:a6:
02:69:2e:cc:68:19:54:62:26:59:1c:1d:de:d2:99:0a:1b:55:
21:d0:4f:d1
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEBeWnvTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
NDFmZGM3YTJmMTFhNTc2NmQzYWQ3YmRmNjI1Y2U1ZTExOWE4ZmRmMB4XDTIyMDYx
OTEyMzc0NFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYmY2NTE2MzQxODg1
NDE5NzZlZGQ2NDM5ZTQ3MzA5ZjE5OTI1ODhhMTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKtaoNUjgG1ZdnYXP0T3/Zz3bRTuUvrkKcPiT/MDmwz9lLyw
3Up/cdRyciNWsRbusy4ugt5BteVUjfIOyoCh7NRskD0bi0gBk2zaUiJDGJgkQDGx
VKp7cFnUYnUR9X/WYNGRHIpdngYcTLZfqFM3iOg6dN5eprtYfy5jIsbTr25ZEAAa
+3hWsBUCrZvlgpPBMFkdX+pS9AqR+isimPEKZ4CJhPflMnomqAFnxyCySHVG5hdJ
LjaCKWT+dtNWDP4zhAN/9w9T+RjsJ0IeOBJ9lylrpax8tlgurfNqYvb/ElvGb8KG
Ha8csU2cLziGg/3UAYrp3DkmNf56R/BH56n6KycCAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBS/ZRY0GIVBl27dZDnkcwnxmSWIoTAfBgNVHSMEGDAWgBRUH9x6LxGldm06
1732Jc5eEZqP3zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1ZCX2NlaThScFhadE90ZTk5aVhPWGhHYWo5OC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNGQvOGZhZDY3LWJiNmItNDc3My1iODFlLWM5MDBhODlmMjBmMS8x
L3YyVVdOQmlGUVpkdTNXUTU1SE1KOFprbGlLRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNGQv
OGZhZDY3LWJiNmItNDc3My1iODFlLWM5MDBhODlmMjBmMS8xL1ZCX2NlaThScFha
dE90ZTk5aVhPWGhHYWo5OC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEALllqwMEALloKjANBgkqhkiG9w0B
AQsFAAOCAQEAoA7x+UCN0n9Q73XmG5sP3gRv28VCLYEDTnYcZ9dVPAsRTfcvPEzs
pssoG2uqyM8YX874CQV+FNMM73TQsd2wd8fnFmA/RdNjjcf8PZPWheuraxVu+2FN
02M10yXhdNZGeP31/R7kGFUXzoDu8anrUnhKNY74qGeew9Tvz7bV/KqBv/b6krSp
5y3b1OTIz8wpEP8sYf5knDhIZRLFyi8UQCMBH/ADTNerquEhSiMXZw4HSM4756d0
WiZscTNhkVnKBLIhfk1gsXKjXoP8/Th3JWKL6q1GB5FJ8SqMzhTcL/m+9Gjd1UG+
sKCmAmkuzGgZVGImWRwd3tKZChtVIdBP0Q==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:51:39 2023 by rpki-client on console-ams.rpki-client.org