Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/1aaf5d-4e6f-4974-bfe4-c572cf867cbf/1/VMBqWS381XfcfqOZt6Y1fAmMYaU.roa
File: VMBqWS381XfcfqOZt6Y1fAmMYaU.roa (raw, json)
Hash identifier: wWQFs1MoWs3uzX0US7FkWgWoXg6rmuTWSry9wP5RFps=
Subject key identifier: 54:C0:6A:59:2D:FC:D5:77:DC:7E:A3:99:B7:A6:35:7C:09:8C:61:A5
Certificate issuer: /CN=d540ab185cf399de6cdb3ca45ded296b6be68fea
Certificate serial: 018AC1BB1374CE3D11169934D2E72C5D0027
Authority key identifier: D5:40:AB:18:5C:F3:99:DE:6C:DB:3C:A4:5D:ED:29:6B:6B:E6:8F:EA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1UCrGFzzmd5s2zykXe0pa2vmj-o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/1aaf5d-4e6f-4974-bfe4-c572cf867cbf/1/VMBqWS381XfcfqOZt6Y1fAmMYaU.roa
Signing time: Sat 23 Sep 2023 11:09:37 +0000
ROA not before: Sat 23 Sep 2023 11:09:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 34119
IP address blocks: 185.103.228.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:c1:bb:13:74:ce:3d:11:16:99:34:d2:e7:2c:5d:00:27
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d540ab185cf399de6cdb3ca45ded296b6be68fea
Validity
Not Before: Sep 23 11:09:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=54c06a592dfcd577dc7ea399b7a6357c098c61a5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:ff:8a:5c:b3:d0:78:bf:99:0c:35:b7:7d:5e:
ef:59:14:3f:ef:67:28:c3:0e:61:54:2b:71:31:10:
7b:9d:09:cd:f6:a4:73:c0:7d:85:97:74:97:72:37:
cb:ca:d5:33:c1:2e:0e:f0:e9:2e:11:50:a6:54:85:
73:64:09:7a:3a:62:27:d8:57:ed:4c:52:d1:79:83:
cc:cb:8d:2c:35:ed:5b:9f:2c:75:c4:30:8f:2f:ca:
36:8a:cd:0f:50:46:89:c1:f8:08:fa:c9:2a:3e:44:
47:5b:6c:48:e1:81:0b:30:2e:69:71:42:32:66:cf:
24:93:a6:94:36:74:e0:f2:f9:7b:01:82:40:24:9d:
35:87:df:ea:ed:a2:6c:d1:e2:a1:d9:65:79:d6:a2:
ae:e3:fb:f6:33:55:ee:53:e3:05:a8:62:dc:37:f3:
c4:d6:b6:ad:fc:d1:f4:cf:b7:8b:4a:61:b0:95:e2:
51:36:70:e0:77:f7:45:9a:d2:73:cf:15:06:74:da:
63:05:28:ec:e8:21:32:8f:65:bb:1a:0d:9d:51:19:
a8:09:c1:e6:89:08:cd:ed:2a:6b:c0:31:e2:c6:cd:
4d:1f:66:67:d1:e4:ab:95:19:24:fc:92:13:80:a4:
ae:85:98:fb:6a:6f:cb:01:e0:01:91:38:88:0b:5a:
42:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:C0:6A:59:2D:FC:D5:77:DC:7E:A3:99:B7:A6:35:7C:09:8C:61:A5
X509v3 Authority Key Identifier:
keyid:D5:40:AB:18:5C:F3:99:DE:6C:DB:3C:A4:5D:ED:29:6B:6B:E6:8F:EA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1UCrGFzzmd5s2zykXe0pa2vmj-o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/1aaf5d-4e6f-4974-bfe4-c572cf867cbf/1/VMBqWS381XfcfqOZt6Y1fAmMYaU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/1aaf5d-4e6f-4974-bfe4-c572cf867cbf/1/1UCrGFzzmd5s2zykXe0pa2vmj-o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.103.228.0/22
Signature Algorithm: sha256WithRSAEncryption
1e:d5:fa:28:21:d6:f1:b8:f3:1c:03:74:23:1a:e7:62:30:d8:
4d:35:82:51:69:19:ee:e7:6a:37:c5:3e:21:1b:c8:fc:ce:2b:
72:10:f7:16:5b:a2:05:b2:68:3c:f6:6f:9e:0c:bf:9a:9e:17:
36:b9:2e:de:05:0e:4a:fd:ca:dc:99:30:c9:c2:27:37:0e:e3:
1a:da:e8:6c:ba:65:10:63:ea:f1:cd:9d:4d:9b:bb:ce:f6:83:
0b:cc:fc:82:60:20:d3:00:0e:32:44:31:76:f5:9a:2c:d2:cd:
86:89:19:fc:7e:e0:ae:8b:af:b0:7b:5a:19:1b:74:02:0d:49:
69:c2:1c:11:b7:46:07:1c:30:c9:6e:b9:bc:d3:33:38:a8:ce:
7f:c3:10:ca:98:91:75:ea:99:66:32:bb:25:ba:58:db:4c:0e:
1e:4e:df:b0:c8:77:f4:9e:4e:76:05:2d:f2:21:22:53:52:9a:
1c:6a:81:9a:af:04:89:e3:26:47:20:29:58:dc:03:5f:7f:c9:
57:e9:57:0e:59:b8:1d:59:ab:a8:9e:a4:9d:c5:87:50:18:fa:
5e:58:d6:71:dd:ea:04:3a:37:dc:63:55:b1:07:dc:b3:95:60:
aa:40:a9:7f:d6:60:d0:f8:81:0d:01:2e:fb:1f:6f:e2:1c:7a:
6d:8b:6c:3e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYrBuxN0zj0RFpk00ucsXQAnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ1NDBhYjE4NWNmMzk5ZGU2Y2RiM2NhNDVkZWQyOTZiNmJl
NjhmZWEwHhcNMjMwOTIzMTEwOTM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NGMwNmE1OTJkZmNkNTc3ZGM3ZWEzOTliN2E2MzU3YzA5OGM2MWE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw/+KXLPQeL+ZDDW3fV7vWRQ/72co
ww5hVCtxMRB7nQnN9qRzwH2Fl3SXcjfLytUzwS4O8OkuEVCmVIVzZAl6OmIn2Fft
TFLReYPMy40sNe1bnyx1xDCPL8o2is0PUEaJwfgI+skqPkRHW2xI4YELMC5pcUIy
Zs8kk6aUNnTg8vl7AYJAJJ01h9/q7aJs0eKh2WV51qKu4/v2M1XuU+MFqGLcN/PE
1rat/NH0z7eLSmGwleJRNnDgd/dFmtJzzxUGdNpjBSjs6CEyj2W7Gg2dURmoCcHm
iQjN7SprwDHixs1NH2Zn0eSrlRkk/JITgKSuhZj7am/LAeABkTiIC1pC1QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFTAalkt/NV33H6jmbemNXwJjGGlMB8GA1UdIwQY
MBaAFNVAqxhc85nebNs8pF3tKWtr5o/qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMVVDckdGenptZDVzMnp5a1hlMHBhMnZtai1vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC8xYWFmNWQtNGU2Zi00OTc0LWJmZTQt
YzU3MmNmODY3Y2JmLzEvVk1CcVdTMzgxWGZjZnFPWnQ2WTFmQW1NWWFVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC8xYWFmNWQtNGU2Zi00OTc0LWJmZTQtYzU3MmNmODY3Y2Jm
LzEvMVVDckdGenptZDVzMnp5a1hlMHBhMnZtai1vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuWfkMA0G
CSqGSIb3DQEBCwUAA4IBAQAe1fooIdbxuPMcA3QjGudiMNhNNYJRaRnu52o3xT4h
G8j8zityEPcWW6IFsmg89m+eDL+anhc2uS7eBQ5K/crcmTDJwic3DuMa2uhsumUQ
Y+rxzZ1Nm7vO9oMLzPyCYCDTAA4yRDF29Zos0s2GiRn8fuCui6+we1oZG3QCDUlp
whwRt0YHHDDJbrm80zM4qM5/wxDKmJF16plmMrsluljbTA4eTt+wyHf0nk52BS3y
ISJTUpocaoGarwSJ4yZHIClY3ANff8lX6VcOWbgdWauonqSdxYdQGPpeWNZx3eoE
OjfcY1WxB9yzlWCqQKl/1mDQ+IENAS77H2/iHHpti2w+
-----END CERTIFICATE-----
Generated at Fri Oct 6 08:36:11 2023 by rpki-client on console-fra.rpki-client.org