Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c4/18e9c2-bd1f-43a2-8660-384c541a59e1/1/85RvzFLR201itoHLUuVcsgxAqYo.roa
File: 85RvzFLR201itoHLUuVcsgxAqYo.roa (raw, json)
Hash identifier: GxPFnqyhCi6iGLJIbgQSPaLt+vGTyV8KjR7vMHZn52c=
Subject key identifier: F3:94:6F:CC:52:D1:DB:4D:62:B6:81:CB:52:E5:5C:B2:0C:40:A9:8A
Certificate issuer: /CN=175e203932401abb457968db37075a17c68f09f6
Certificate serial: 01856FC251C8E8C7165EC08675A8196EF97E
Authority key identifier: 17:5E:20:39:32:40:1A:BB:45:79:68:DB:37:07:5A:17:C6:8F:09:F6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/F14gOTJAGrtFeWjbNwdaF8aPCfY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c4/18e9c2-bd1f-43a2-8660-384c541a59e1/1/85RvzFLR201itoHLUuVcsgxAqYo.roa
Signing time: Sun 01 Jan 2023 23:54:43 +0000
ROA not before: Sun 01 Jan 2023 23:54:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212170
IP address blocks: 185.81.120.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:c2:51:c8:e8:c7:16:5e:c0:86:75:a8:19:6e:f9:7e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=175e203932401abb457968db37075a17c68f09f6
Validity
Not Before: Jan 1 23:54:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f3946fcc52d1db4d62b681cb52e55cb20c40a98a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:73:a2:8a:61:74:95:fe:98:10:69:f6:7a:c8:
c0:4b:25:0d:0e:3d:ce:53:b7:b9:da:f8:62:6e:52:
e1:08:57:e9:f5:fe:56:b4:6a:ce:de:40:02:50:8b:
0e:21:6d:de:36:59:47:fe:72:c9:7d:f8:9b:52:01:
19:3f:15:42:51:16:d4:60:13:0f:e2:82:86:24:c9:
9c:10:ae:73:5f:b0:f6:65:b7:33:7d:07:06:48:b2:
e8:1c:e8:35:f5:c8:3f:e8:00:ce:eb:6e:9b:da:c2:
5f:60:2b:f0:6c:dc:db:04:a3:a4:84:52:ae:56:3c:
bc:af:35:ac:1f:23:97:bd:02:d5:2a:e3:fe:44:58:
f7:27:56:a7:8f:06:2e:1e:73:38:e6:ed:0c:91:f5:
a6:87:83:ed:fd:ae:c9:f4:aa:b8:f6:a1:36:d1:bd:
78:d0:26:bb:9f:47:e1:b7:ce:0c:61:fe:d1:e4:23:
e2:78:88:9d:65:06:f1:77:f8:3e:51:91:d6:c8:2b:
28:ce:2b:a0:68:cc:90:ff:bb:7f:9f:96:d1:4d:b9:
bf:04:0f:3f:2a:75:43:ed:ed:d5:0d:e3:19:7a:0e:
38:a7:26:af:95:f0:e3:91:13:a4:21:66:90:03:dd:
70:68:75:bf:5d:04:dd:15:bf:28:f9:2b:6a:8d:15:
f0:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:94:6F:CC:52:D1:DB:4D:62:B6:81:CB:52:E5:5C:B2:0C:40:A9:8A
X509v3 Authority Key Identifier:
keyid:17:5E:20:39:32:40:1A:BB:45:79:68:DB:37:07:5A:17:C6:8F:09:F6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/F14gOTJAGrtFeWjbNwdaF8aPCfY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/18e9c2-bd1f-43a2-8660-384c541a59e1/1/85RvzFLR201itoHLUuVcsgxAqYo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/18e9c2-bd1f-43a2-8660-384c541a59e1/1/F14gOTJAGrtFeWjbNwdaF8aPCfY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.81.120.0/22
Signature Algorithm: sha256WithRSAEncryption
11:14:74:17:f0:3e:77:e8:d0:72:97:6c:61:04:54:a9:4d:f7:
04:51:4d:af:7d:bb:48:40:8c:ef:e5:80:1f:77:92:10:ae:bb:
91:d3:3c:9b:c5:f7:23:a5:7a:60:c6:f3:ac:3a:33:c0:c6:b1:
8d:41:29:15:68:ab:6e:5a:2f:56:4e:b2:1f:c9:98:e8:ff:7e:
96:63:6d:bd:5b:f6:85:0f:93:4c:cc:72:93:24:73:5f:18:ca:
31:da:98:46:eb:20:d8:ae:a9:16:4b:69:d3:0e:0d:9d:47:d0:
0e:03:66:7f:74:f9:09:21:2c:a3:ea:0b:bc:a7:cb:e0:1b:18:
0d:18:ec:53:21:0c:bb:14:99:93:f1:99:45:18:27:c2:ec:2f:
f4:a0:eb:27:3d:87:dc:0a:d2:66:58:99:14:45:0e:44:e4:a5:
22:e5:ba:20:d3:15:33:02:af:06:1d:14:d7:be:1e:75:17:74:
bd:35:79:bc:11:b0:9e:de:b6:d7:74:83:c5:32:2c:80:3c:cc:
e4:1d:f9:f4:90:a6:16:11:d5:4e:ec:5a:17:15:f0:7e:78:0b:
40:2b:c4:48:20:26:f1:e4:d2:58:9d:cc:23:49:57:6e:94:d3:
6b:03:ee:fc:69:ad:c3:64:3d:2d:fa:ae:64:c7:36:19:95:b8:
96:0d:ac:1c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvwlHI6McWXsCGdagZbvl+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE3NWUyMDM5MzI0MDFhYmI0NTc5NjhkYjM3MDc1YTE3YzY4
ZjA5ZjYwHhcNMjMwMTAxMjM1NDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMzk0NmZjYzUyZDFkYjRkNjJiNjgxY2I1MmU1NWNiMjBjNDBhOThhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsXOiimF0lf6YEGn2esjASyUNDj3O
U7e52vhiblLhCFfp9f5WtGrO3kACUIsOIW3eNllH/nLJffibUgEZPxVCURbUYBMP
4oKGJMmcEK5zX7D2ZbczfQcGSLLoHOg19cg/6ADO626b2sJfYCvwbNzbBKOkhFKu
Vjy8rzWsHyOXvQLVKuP+RFj3J1anjwYuHnM45u0MkfWmh4Pt/a7J9Kq49qE20b14
0Ca7n0fht84MYf7R5CPieIidZQbxd/g+UZHWyCsoziugaMyQ/7t/n5bRTbm/BA8/
KnVD7e3VDeMZeg44pyavlfDjkROkIWaQA91waHW/XQTdFb8o+StqjRXwTQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPOUb8xS0dtNYraBy1LlXLIMQKmKMB8GA1UdIwQY
MBaAFBdeIDkyQBq7RXlo2zcHWhfGjwn2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRjE0Z09USkFHcnRGZVdqYk53ZGFGOGFQQ2ZZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNC8xOGU5YzItYmQxZi00M2EyLTg2NjAt
Mzg0YzU0MWE1OWUxLzEvODVSdnpGTFIyMDFpdG9ITFV1VmNzZ3hBcVlvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNC8xOGU5YzItYmQxZi00M2EyLTg2NjAtMzg0YzU0MWE1OWUx
LzEvRjE0Z09USkFHcnRGZVdqYk53ZGFGOGFQQ2ZZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuVF4MA0G
CSqGSIb3DQEBCwUAA4IBAQARFHQX8D536NByl2xhBFSpTfcEUU2vfbtIQIzv5YAf
d5IQrruR0zybxfcjpXpgxvOsOjPAxrGNQSkVaKtuWi9WTrIfyZjo/36WY229W/aF
D5NMzHKTJHNfGMox2phG6yDYrqkWS2nTDg2dR9AOA2Z/dPkJISyj6gu8p8vgGxgN
GOxTIQy7FJmT8ZlFGCfC7C/0oOsnPYfcCtJmWJkURQ5E5KUi5bog0xUzAq8GHRTX
vh51F3S9NXm8EbCe3rbXdIPFMiyAPMzkHfn0kKYWEdVO7FoXFfB+eAtAK8RIICbx
5NJYncwjSVdulNNrA+78aa3DZD0t+q5kxzYZlbiWDawc
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:07:24 2023 by rpki-client on console-ams.rpki-client.org