Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/8fad67-bb6b-4773-b81e-c900a89f20f1/1/wXwIgJH4wqd0CME_lJZOKt1_Ngs.roa
File: wXwIgJH4wqd0CME_lJZOKt1_Ngs.roa (raw, json)
Hash identifier: 7OXmw6jF4qNjHSI844xPMuVCsKPortsU6nygs5V3eJ4=
Subject key identifier: C1:7C:08:80:91:F8:C2:A7:74:08:C1:3F:94:96:4E:2A:DD:7F:36:0B
Certificate issuer: /CN=541fdc7a2f11a5766d3ad7bdf625ce5e119a8fdf
Certificate serial: 01856F14E90549422B620C7B3775DD2870FA
Authority key identifier: 54:1F:DC:7A:2F:11:A5:76:6D:3A:D7:BD:F6:25:CE:5E:11:9A:8F:DF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VB_cei8RpXZtOte99iXOXhGaj98.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4d/8fad67-bb6b-4773-b81e-c900a89f20f1/1/wXwIgJH4wqd0CME_lJZOKt1_Ngs.roa
Signing time: Sun 01 Jan 2023 20:45:19 +0000
ROA not before: Sun 01 Jan 2023 20:45:19 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207279
IP address blocks: 185.104.43.0/24 maxlen: 24
185.101.170.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:14:e9:05:49:42:2b:62:0c:7b:37:75:dd:28:70:fa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=541fdc7a2f11a5766d3ad7bdf625ce5e119a8fdf
Validity
Not Before: Jan 1 20:45:19 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c17c088091f8c2a77408c13f94964e2add7f360b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:a4:32:d1:d3:e4:5d:a8:47:a6:ae:fa:5c:58:
d1:56:97:64:37:4e:f1:1e:fa:24:1e:8e:37:f2:e1:
93:31:14:2b:8d:09:8c:44:d2:15:e2:95:1a:e6:69:
90:9a:00:8b:2b:b0:b4:94:b1:a0:41:27:94:cf:50:
95:31:b9:1a:fd:34:a6:af:0e:83:12:2b:b2:1c:ae:
10:f3:65:44:65:da:b4:62:8a:50:06:f2:95:2f:d3:
0e:3a:d4:bc:62:15:00:8f:24:31:1d:ce:33:9c:01:
fe:f4:8f:7b:d6:fe:d6:e2:e9:01:8f:cc:1c:a0:15:
be:95:7d:46:d9:6d:b2:21:ad:6a:cd:da:c5:68:65:
ba:68:60:41:7d:d7:a7:bf:10:f7:b1:7e:7e:f9:e1:
a8:3f:f5:ab:a9:ee:dc:6b:d7:0a:f7:71:9f:4d:93:
17:1e:e0:09:e9:d7:52:fe:ac:2a:a3:8a:55:c2:f4:
b9:80:0a:94:31:e1:a8:7e:44:93:e8:81:6e:40:85:
7c:ce:fc:91:9e:7d:ef:a8:0e:f4:63:23:65:51:5c:
63:3f:63:bb:a2:c2:91:42:c5:8d:23:53:ae:66:40:
c1:e7:90:7b:d4:31:ea:d3:9c:19:93:a4:7e:04:f5:
d2:14:3e:55:53:c7:57:63:63:60:8e:19:04:83:ad:
71:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:7C:08:80:91:F8:C2:A7:74:08:C1:3F:94:96:4E:2A:DD:7F:36:0B
X509v3 Authority Key Identifier:
keyid:54:1F:DC:7A:2F:11:A5:76:6D:3A:D7:BD:F6:25:CE:5E:11:9A:8F:DF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VB_cei8RpXZtOte99iXOXhGaj98.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/8fad67-bb6b-4773-b81e-c900a89f20f1/1/wXwIgJH4wqd0CME_lJZOKt1_Ngs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/8fad67-bb6b-4773-b81e-c900a89f20f1/1/VB_cei8RpXZtOte99iXOXhGaj98.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.101.170.0/24
185.104.43.0/24
Signature Algorithm: sha256WithRSAEncryption
87:42:c1:5d:2a:b5:1d:8a:ed:10:bb:64:a5:d2:c5:c6:0c:31:
7d:83:e4:df:21:0d:4e:bf:c0:79:f7:4b:a6:a4:af:90:6b:82:
1c:01:12:98:97:c2:10:73:cf:c0:f0:e1:90:7d:de:be:85:0c:
15:72:ee:21:6c:e0:51:ea:a6:c9:7f:ae:63:a9:54:ee:07:e5:
cb:13:c3:ae:b6:95:2f:5b:9c:c4:66:78:e9:22:47:ab:32:2a:
01:19:1d:a1:08:d1:e9:13:0b:bb:ed:78:a9:37:4c:a5:dd:50:
d6:dc:1d:b7:a1:22:b5:6c:ea:68:77:41:16:9f:f2:63:73:3e:
de:61:4b:42:b0:3e:18:07:03:6b:48:22:1c:9e:15:19:a5:8c:
ed:07:07:cb:a6:09:98:ff:79:37:da:25:6c:68:96:a8:59:92:
a5:0c:a6:c8:31:6c:44:39:c8:2f:2a:61:7c:52:73:0f:4e:9e:
de:87:85:78:2f:f8:2d:dc:00:60:02:f6:68:2e:fa:56:8b:8c:
12:1d:50:c8:86:c0:8d:5c:01:df:e3:4e:08:7f:38:04:00:92:
29:62:b9:14:91:da:2b:76:8b:89:dd:27:b5:08:05:1c:53:fb:
79:1a:e8:86:f8:84:ff:1f:52:29:76:f3:03:d0:c1:08:c7:20:
34:28:89:88
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVvFOkFSUIrYgx7N3XdKHD6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU0MWZkYzdhMmYxMWE1NzY2ZDNhZDdiZGY2MjVjZTVlMTE5
YThmZGYwHhcNMjMwMTAxMjA0NTE5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMTdjMDg4MDkxZjhjMmE3NzQwOGMxM2Y5NDk2NGUyYWRkN2YzNjBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwKQy0dPkXahHpq76XFjRVpdkN07x
HvokHo438uGTMRQrjQmMRNIV4pUa5mmQmgCLK7C0lLGgQSeUz1CVMbka/TSmrw6D
EiuyHK4Q82VEZdq0YopQBvKVL9MOOtS8YhUAjyQxHc4znAH+9I971v7W4ukBj8wc
oBW+lX1G2W2yIa1qzdrFaGW6aGBBfdenvxD3sX5++eGoP/Wrqe7ca9cK93GfTZMX
HuAJ6ddS/qwqo4pVwvS5gAqUMeGofkST6IFuQIV8zvyRnn3vqA70YyNlUVxjP2O7
osKRQsWNI1OuZkDB55B71DHq05wZk6R+BPXSFD5VU8dXY2NgjhkEg61xFQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFMF8CICR+MKndAjBP5SWTirdfzYLMB8GA1UdIwQY
MBaAFFQf3HovEaV2bTrXvfYlzl4Rmo/fMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVkJfY2VpOFJwWFp0T3RlOTlpWE9YaEdhajk4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZC84ZmFkNjctYmI2Yi00NzczLWI4MWUt
YzkwMGE4OWYyMGYxLzEvd1h3SWdKSDR3cWQwQ01FX2xKWk9LdDFfTmdzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZC84ZmFkNjctYmI2Yi00NzczLWI4MWUtYzkwMGE4OWYyMGYx
LzEvVkJfY2VpOFJwWFp0T3RlOTlpWE9YaEdhajk4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAuWWqAwQA
uWgrMA0GCSqGSIb3DQEBCwUAA4IBAQCHQsFdKrUdiu0Qu2Sl0sXGDDF9g+TfIQ1O
v8B590umpK+Qa4IcARKYl8IQc8/A8OGQfd6+hQwVcu4hbOBR6qbJf65jqVTuB+XL
E8OutpUvW5zEZnjpIkerMioBGR2hCNHpEwu77XipN0yl3VDW3B23oSK1bOpod0EW
n/Jjcz7eYUtCsD4YBwNrSCIcnhUZpYztBwfLpgmY/3k32iVsaJaoWZKlDKbIMWxE
OcgvKmF8UnMPTp7eh4V4L/gt3ABgAvZoLvpWi4wSHVDIhsCNXAHf404IfzgEAJIp
YrkUkdordouJ3Se1CAUcU/t5GuiG+IT/H1IpdvMD0MEIxyA0KImI
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:47:57 2023 by rpki-client on console-fra.rpki-client.org