Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c4/18e9c2-bd1f-43a2-8660-384c541a59e1/1/i1fjQCMKOpQW3FfyXOHN6brb6YM.roa
File: i1fjQCMKOpQW3FfyXOHN6brb6YM.roa (raw, json)
Hash identifier: xhhrA0839y7TdPGeztFtbmr+hBZubMmrC5xWYW7kLpE=
Subject key identifier: 8B:57:E3:40:23:0A:3A:94:16:DC:57:F2:5C:E1:CD:E9:BA:DB:E9:83
Certificate issuer: /CN=175e203932401abb457968db37075a17c68f09f6
Certificate serial: 018317B1F9C0B66C1C78EE179E6A4E9F7490
Authority key identifier: 17:5E:20:39:32:40:1A:BB:45:79:68:DB:37:07:5A:17:C6:8F:09:F6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/F14gOTJAGrtFeWjbNwdaF8aPCfY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c4/18e9c2-bd1f-43a2-8660-384c541a59e1/1/i1fjQCMKOpQW3FfyXOHN6brb6YM.roa
Signing time: Wed 07 Sep 2022 11:24:43 +0000
ROA not before: Wed 07 Sep 2022 11:24:43 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 212170
IP address blocks: 185.81.120.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:17:b1:f9:c0:b6:6c:1c:78:ee:17:9e:6a:4e:9f:74:90
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=175e203932401abb457968db37075a17c68f09f6
Validity
Not Before: Sep 7 11:24:43 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=8b57e340230a3a9416dc57f25ce1cde9badbe983
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:b1:25:d2:8b:55:64:3b:45:d9:2f:ca:9a:b1:
3c:9c:f5:c6:f0:48:fa:e1:4f:12:a2:e0:75:94:a6:
79:5f:f0:26:0c:89:e6:5a:cb:15:91:2e:32:fc:e5:
cc:11:fe:d2:1d:78:41:c7:2f:cd:8f:64:48:4f:eb:
b6:54:e0:6c:b1:ee:a1:43:8e:0b:45:66:4d:15:83:
a0:ce:f1:af:4d:2e:4a:9c:43:9d:f2:12:a4:10:74:
bb:6f:40:30:49:a9:7a:e3:e9:de:f7:72:de:70:0b:
81:ab:2f:4a:c0:e8:ba:b1:1c:bc:35:7d:7e:e5:25:
d5:11:a2:fb:a7:c3:21:ff:87:e4:00:c1:d0:67:07:
30:37:9b:a1:cf:ef:e7:42:8e:5e:b2:c7:cc:74:30:
40:c6:cf:7c:fe:5d:b4:db:3c:20:30:8c:97:e5:a5:
63:60:65:b9:42:7b:7b:39:47:46:62:af:d6:85:5d:
24:04:0e:61:c7:ae:1d:2a:f2:9f:2a:30:53:18:a8:
59:b7:76:d5:93:31:22:aa:06:35:93:7d:be:35:3d:
bb:69:d5:a3:b4:07:13:94:39:e7:7c:ec:74:ba:7f:
7e:03:ff:5e:ef:bf:18:00:20:a5:f1:c5:01:2d:76:
8b:79:86:00:46:22:75:d2:68:9e:00:5b:fe:42:cd:
d4:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:57:E3:40:23:0A:3A:94:16:DC:57:F2:5C:E1:CD:E9:BA:DB:E9:83
X509v3 Authority Key Identifier:
keyid:17:5E:20:39:32:40:1A:BB:45:79:68:DB:37:07:5A:17:C6:8F:09:F6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/F14gOTJAGrtFeWjbNwdaF8aPCfY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/18e9c2-bd1f-43a2-8660-384c541a59e1/1/i1fjQCMKOpQW3FfyXOHN6brb6YM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/18e9c2-bd1f-43a2-8660-384c541a59e1/1/F14gOTJAGrtFeWjbNwdaF8aPCfY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.81.120.0/22
Signature Algorithm: sha256WithRSAEncryption
b0:6c:bd:19:c1:32:d0:02:b1:84:b7:1c:5d:a4:f0:7d:e4:11:
e6:f3:0e:34:48:06:3d:96:c2:38:a4:95:c1:52:a9:38:d3:1c:
e0:1e:06:68:9a:94:0a:3d:ec:60:5e:87:e4:c3:b6:9e:d9:42:
7b:8e:a1:1b:c4:d8:6d:51:cd:2f:6a:92:8f:bc:08:dc:6b:3c:
8c:ee:d1:31:3c:80:6a:fa:a9:c0:6b:fe:78:dd:4c:c3:87:fb:
28:e0:c4:63:25:aa:f2:95:52:be:d4:e8:9e:70:4d:7e:7a:4e:
de:43:d9:4a:c2:02:cd:18:f9:e7:6d:48:79:4e:86:90:c2:ea:
01:3f:08:d4:1b:59:42:d9:9d:69:19:1d:7b:78:8d:d2:a1:1f:
e6:a7:05:ec:b6:28:ac:11:4b:ce:ff:f0:4d:9b:62:c5:a1:92:
f1:c9:5b:25:51:e5:da:0b:8c:9b:5f:57:91:3d:bb:91:7e:a4:
39:15:7f:6b:24:ba:50:4e:ac:f8:17:5c:86:33:ee:8f:d7:c1:
73:8e:4b:bc:4d:0e:dd:64:09:88:ec:e0:a7:b9:22:14:ac:04:
34:2e:de:63:41:0e:4e:c1:8d:20:f4:f3:55:79:e1:2a:23:b5:
c8:48:21:fe:68:56:ee:c3:93:d8:12:cc:1b:64:9a:ac:95:ad:
a6:9c:be:69
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYMXsfnAtmwceO4XnmpOn3SQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE3NWUyMDM5MzI0MDFhYmI0NTc5NjhkYjM3MDc1YTE3YzY4
ZjA5ZjYwHhcNMjIwOTA3MTEyNDQzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YjU3ZTM0MDIzMGEzYTk0MTZkYzU3ZjI1Y2UxY2RlOWJhZGJlOTgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhrEl0otVZDtF2S/KmrE8nPXG8Ej6
4U8SouB1lKZ5X/AmDInmWssVkS4y/OXMEf7SHXhBxy/Nj2RIT+u2VOBsse6hQ44L
RWZNFYOgzvGvTS5KnEOd8hKkEHS7b0AwSal64+ne93LecAuBqy9KwOi6sRy8NX1+
5SXVEaL7p8Mh/4fkAMHQZwcwN5uhz+/nQo5essfMdDBAxs98/l202zwgMIyX5aVj
YGW5Qnt7OUdGYq/WhV0kBA5hx64dKvKfKjBTGKhZt3bVkzEiqgY1k32+NT27adWj
tAcTlDnnfOx0un9+A/9e778YACCl8cUBLXaLeYYARiJ10mieAFv+Qs3UpQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFItX40AjCjqUFtxX8lzhzem62+mDMB8GA1UdIwQY
MBaAFBdeIDkyQBq7RXlo2zcHWhfGjwn2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRjE0Z09USkFHcnRGZVdqYk53ZGFGOGFQQ2ZZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNC8xOGU5YzItYmQxZi00M2EyLTg2NjAt
Mzg0YzU0MWE1OWUxLzEvaTFmalFDTUtPcFFXM0ZmeVhPSE42YnJiNllNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNC8xOGU5YzItYmQxZi00M2EyLTg2NjAtMzg0YzU0MWE1OWUx
LzEvRjE0Z09USkFHcnRGZVdqYk53ZGFGOGFQQ2ZZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuVF4MA0G
CSqGSIb3DQEBCwUAA4IBAQCwbL0ZwTLQArGEtxxdpPB95BHm8w40SAY9lsI4pJXB
Uqk40xzgHgZompQKPexgXofkw7ae2UJ7jqEbxNhtUc0vapKPvAjcazyM7tExPIBq
+qnAa/543UzDh/so4MRjJarylVK+1OiecE1+ek7eQ9lKwgLNGPnnbUh5ToaQwuoB
PwjUG1lC2Z1pGR17eI3SoR/mpwXstiisEUvO//BNm2LFoZLxyVslUeXaC4ybX1eR
PbuRfqQ5FX9rJLpQTqz4F1yGM+6P18Fzjku8TQ7dZAmI7OCnuSIUrAQ0Lt5jQQ5O
wY0g9PNVeeEqI7XISCH+aFbuw5PYEswbZJqsla2mnL5p
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:03:32 2023 by rpki-client on console-fra.rpki-client.org