Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c4/18e9c2-bd1f-43a2-8660-384c541a59e1/1/T08oDzg7YxBY-5FIV0gmIrWMrx0.roa
File: T08oDzg7YxBY-5FIV0gmIrWMrx0.roa (raw, json)
Hash identifier: C7YDrXw0IzAY/AzbtASxpctkME1rrwRn7sTT2X7Ld/c=
Subject key identifier: 4F:4F:28:0F:38:3B:63:10:58:FB:91:48:57:48:26:22:B5:8C:AF:1D
Certificate issuer: /CN=175e203932401abb457968db37075a17c68f09f6
Certificate serial: 01856FC24FD92BFB1534C398AD33BDC0AB23
Authority key identifier: 17:5E:20:39:32:40:1A:BB:45:79:68:DB:37:07:5A:17:C6:8F:09:F6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/F14gOTJAGrtFeWjbNwdaF8aPCfY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c4/18e9c2-bd1f-43a2-8660-384c541a59e1/1/T08oDzg7YxBY-5FIV0gmIrWMrx0.roa
Signing time: Sun 01 Jan 2023 23:54:43 +0000
ROA not before: Sun 01 Jan 2023 23:54:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 64267
IP address blocks: 85.204.37.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:c2:4f:d9:2b:fb:15:34:c3:98:ad:33:bd:c0:ab:23
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=175e203932401abb457968db37075a17c68f09f6
Validity
Not Before: Jan 1 23:54:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4f4f280f383b631058fb914857482622b58caf1d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:97:75:67:9e:a3:5c:2b:ea:77:ca:fa:78:3e:
6f:6f:2f:6e:7c:b7:8a:19:51:2a:16:34:79:0a:3b:
7c:ac:c4:c2:7d:b6:e5:e4:8c:bb:e1:f5:41:c5:a9:
45:dc:24:a9:1a:82:dd:9b:72:62:c6:75:9a:14:de:
67:6d:2e:0a:fd:4c:69:05:f4:5e:ce:7a:00:2b:31:
03:e2:3e:88:ab:44:6a:3b:0b:04:26:7a:bc:a5:59:
58:0e:2b:b3:ea:8a:dc:a1:37:ad:04:b3:f4:89:78:
a6:2d:95:04:da:21:21:ba:01:be:aa:63:33:5c:d7:
03:a0:c2:97:60:17:f6:6f:21:74:42:37:4b:e6:73:
ad:03:77:0c:b1:95:e9:6b:ec:35:3c:04:c9:f4:44:
32:4c:39:07:97:e8:81:7d:cb:9e:ba:9c:d9:49:d4:
0a:65:b9:dc:39:97:a5:1f:37:91:e5:ae:cc:65:47:
75:e2:f3:44:5c:99:9b:52:dd:4c:8e:a0:97:51:45:
f7:70:46:56:c0:b8:64:e7:d8:67:f7:d9:ec:ee:8b:
69:a4:f7:3f:51:5a:ba:f0:16:3e:e3:01:06:da:24:
ad:1d:1c:9a:bd:3f:45:33:4c:87:7a:1d:3e:91:29:
ca:7a:c8:86:90:77:34:ed:a7:ce:16:8f:c4:4c:d4:
5a:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:4F:28:0F:38:3B:63:10:58:FB:91:48:57:48:26:22:B5:8C:AF:1D
X509v3 Authority Key Identifier:
keyid:17:5E:20:39:32:40:1A:BB:45:79:68:DB:37:07:5A:17:C6:8F:09:F6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/F14gOTJAGrtFeWjbNwdaF8aPCfY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/18e9c2-bd1f-43a2-8660-384c541a59e1/1/T08oDzg7YxBY-5FIV0gmIrWMrx0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/18e9c2-bd1f-43a2-8660-384c541a59e1/1/F14gOTJAGrtFeWjbNwdaF8aPCfY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.204.37.0/24
Signature Algorithm: sha256WithRSAEncryption
a8:01:b8:9f:3c:a9:de:69:b6:91:14:52:ef:21:7b:f1:03:1e:
31:5d:da:c2:01:16:03:0b:4d:62:be:fb:35:0e:70:02:a5:4b:
f5:8d:e3:2d:96:a1:6e:da:67:00:34:96:f1:e4:5b:ea:b4:fc:
53:48:f9:93:0d:07:52:9c:48:48:38:d5:f1:5a:64:37:67:98:
8a:e1:b2:28:69:0e:85:31:9e:52:ba:d6:a0:98:51:76:0f:8f:
9d:30:17:19:98:e3:c6:58:11:ad:8a:15:e2:e4:e3:86:ad:ea:
5d:0e:76:a6:db:38:06:9b:c0:fa:e0:1c:ff:ee:69:27:38:a0:
06:91:45:64:a1:f2:62:f6:da:98:fb:ef:61:ac:65:68:90:05:
29:50:fa:04:81:8f:2c:c4:11:b8:89:7d:79:9d:de:27:67:b6:
4a:e1:05:a3:b1:1f:3c:75:48:ec:82:b9:d8:fc:d2:9e:42:c6:
38:ad:bb:80:db:95:44:c4:6f:80:6b:d9:d2:93:e3:02:9b:97:
b3:71:df:98:5d:a7:66:61:d5:aa:2b:26:54:2b:40:69:6c:d3:
fe:d3:2f:a5:7e:16:a4:96:c7:2a:62:56:e6:db:47:98:c7:8e:
1c:f8:b9:24:a5:50:d0:44:94:92:0a:a0:81:6d:85:68:83:7b:
f8:e3:8f:ff
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvwk/ZK/sVNMOYrTO9wKsjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE3NWUyMDM5MzI0MDFhYmI0NTc5NjhkYjM3MDc1YTE3YzY4
ZjA5ZjYwHhcNMjMwMTAxMjM1NDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZjRmMjgwZjM4M2I2MzEwNThmYjkxNDg1NzQ4MjYyMmI1OGNhZjFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwJd1Z56jXCvqd8r6eD5vby9ufLeK
GVEqFjR5Cjt8rMTCfbbl5Iy74fVBxalF3CSpGoLdm3JixnWaFN5nbS4K/UxpBfRe
znoAKzED4j6Iq0RqOwsEJnq8pVlYDiuz6orcoTetBLP0iXimLZUE2iEhugG+qmMz
XNcDoMKXYBf2byF0QjdL5nOtA3cMsZXpa+w1PATJ9EQyTDkHl+iBfcueupzZSdQK
ZbncOZelHzeR5a7MZUd14vNEXJmbUt1MjqCXUUX3cEZWwLhk59hn99ns7otppPc/
UVq68BY+4wEG2iStHRyavT9FM0yHeh0+kSnKesiGkHc07afOFo/ETNRaPQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFE9PKA84O2MQWPuRSFdIJiK1jK8dMB8GA1UdIwQY
MBaAFBdeIDkyQBq7RXlo2zcHWhfGjwn2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRjE0Z09USkFHcnRGZVdqYk53ZGFGOGFQQ2ZZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNC8xOGU5YzItYmQxZi00M2EyLTg2NjAt
Mzg0YzU0MWE1OWUxLzEvVDA4b0R6ZzdZeEJZLTVGSVYwZ21JcldNcngwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNC8xOGU5YzItYmQxZi00M2EyLTg2NjAtMzg0YzU0MWE1OWUx
LzEvRjE0Z09USkFHcnRGZVdqYk53ZGFGOGFQQ2ZZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAVcwlMA0G
CSqGSIb3DQEBCwUAA4IBAQCoAbifPKneabaRFFLvIXvxAx4xXdrCARYDC01ivvs1
DnACpUv1jeMtlqFu2mcANJbx5FvqtPxTSPmTDQdSnEhIONXxWmQ3Z5iK4bIoaQ6F
MZ5SutagmFF2D4+dMBcZmOPGWBGtihXi5OOGrepdDnam2zgGm8D64Bz/7mknOKAG
kUVkofJi9tqY++9hrGVokAUpUPoEgY8sxBG4iX15nd4nZ7ZK4QWjsR88dUjsgrnY
/NKeQsY4rbuA25VExG+Aa9nSk+MCm5ezcd+YXadmYdWqKyZUK0BpbNP+0y+lfhak
lscqYlbm20eYx44c+LkkpVDQRJSSCqCBbYVog3v444//
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:07:24 2023 by rpki-client on console-ams.rpki-client.org