Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c4/18e9c2-bd1f-43a2-8660-384c541a59e1/1/o3L6iWypgVMI2H_P_3lU4qFMezg.roa
File: o3L6iWypgVMI2H_P_3lU4qFMezg.roa (raw, json)
Hash identifier: j2RitNv8RWiLtSGEOKF0LB89k1QMfrb5OINrRkCY1x0=
Subject key identifier: A3:72:FA:89:6C:A9:81:53:08:D8:7F:CF:FF:79:54:E2:A1:4C:7B:38
Certificate issuer: /CN=175e203932401abb457968db37075a17c68f09f6
Certificate serial: 0182018B69C97DE987CA46AA0C77689E5834
Authority key identifier: 17:5E:20:39:32:40:1A:BB:45:79:68:DB:37:07:5A:17:C6:8F:09:F6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/F14gOTJAGrtFeWjbNwdaF8aPCfY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c4/18e9c2-bd1f-43a2-8660-384c541a59e1/1/o3L6iWypgVMI2H_P_3lU4qFMezg.roa
Signing time: Fri 15 Jul 2022 11:08:09 +0000
ROA not before: Fri 15 Jul 2022 11:08:09 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 150127
IP address blocks: 85.204.38.0/23 maxlen: 23
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:01:8b:69:c9:7d:e9:87:ca:46:aa:0c:77:68:9e:58:34
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=175e203932401abb457968db37075a17c68f09f6
Validity
Not Before: Jul 15 11:08:09 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a372fa896ca9815308d87fcfff7954e2a14c7b38
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:a2:83:b7:59:17:75:f0:e3:62:52:73:9c:27:
e8:b3:89:36:16:a9:6b:32:62:88:99:a1:2f:32:fc:
32:0e:6c:cb:c2:1c:e3:08:d9:90:cb:2a:e0:86:49:
91:df:5f:29:24:1b:96:75:9b:bf:36:4c:f6:f5:92:
8f:64:48:8b:23:70:99:8c:43:f6:82:3d:46:fc:e7:
48:14:43:80:5a:72:ec:a0:bb:1f:91:6c:3c:c2:82:
de:28:df:cb:1d:52:46:f6:9d:ab:c4:13:e9:4d:7e:
3d:95:01:ee:90:2d:40:b4:59:7b:8d:43:1a:20:cb:
1e:ef:82:1a:f2:81:19:49:12:2f:72:5a:ca:ae:0b:
fd:63:dc:dc:4c:1c:c1:1c:e1:85:ca:0e:4b:38:fd:
79:91:b7:8e:d4:1c:4f:84:b6:43:af:e5:50:ae:42:
97:fc:3c:da:b8:a9:dd:2a:e2:43:57:fd:51:bb:28:
13:72:82:ee:21:c2:19:90:8d:47:0a:ea:e6:c6:a2:
e4:bf:51:c6:fd:29:1b:4d:d0:47:5d:c3:fc:64:99:
05:c7:48:36:64:ed:db:7e:96:99:21:a8:de:8a:3a:
c3:81:3d:1d:6b:a2:4d:34:9e:2e:e1:85:49:a1:d1:
e7:52:c4:cd:6a:fb:94:08:4d:0d:a2:c7:ec:6f:35:
32:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:72:FA:89:6C:A9:81:53:08:D8:7F:CF:FF:79:54:E2:A1:4C:7B:38
X509v3 Authority Key Identifier:
keyid:17:5E:20:39:32:40:1A:BB:45:79:68:DB:37:07:5A:17:C6:8F:09:F6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/F14gOTJAGrtFeWjbNwdaF8aPCfY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/18e9c2-bd1f-43a2-8660-384c541a59e1/1/o3L6iWypgVMI2H_P_3lU4qFMezg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/18e9c2-bd1f-43a2-8660-384c541a59e1/1/F14gOTJAGrtFeWjbNwdaF8aPCfY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.204.38.0/23
Signature Algorithm: sha256WithRSAEncryption
b1:fd:8d:24:a7:13:83:7f:b3:70:e8:2e:92:b9:c0:26:55:ae:
fc:5c:a3:7d:2c:10:43:5f:6e:b6:eb:68:e0:d6:8f:fb:f3:51:
0d:5d:ff:d3:12:6c:68:1f:a2:86:ba:d1:7a:d6:a9:46:57:70:
1a:00:af:4f:35:3b:1d:8f:d4:d4:8b:72:a1:9e:71:57:38:0d:
1f:c9:c3:dc:01:e7:d8:24:24:fc:a3:c4:55:2f:62:8d:d3:36:
d5:c9:88:b7:1e:3b:e6:2a:e2:73:54:c4:dd:02:75:0c:d7:a6:
74:a3:2a:41:a8:52:e7:1c:ea:46:10:7a:f6:30:d3:ea:b7:ae:
8e:26:08:43:2c:9b:37:ad:bf:19:87:b8:21:cd:df:3c:8c:3b:
b7:4b:1c:02:06:69:78:56:54:b7:31:95:61:a8:c4:b7:9e:77:
91:19:e8:ca:04:f3:03:4e:1e:f0:b3:8b:ac:37:c8:f1:8e:93:
30:b6:d4:7b:f7:9e:cd:af:b6:a9:87:c9:2a:57:fa:9a:4b:20:
ea:58:3d:8f:45:41:30:31:a5:0c:e1:5d:89:be:a6:5d:69:c2:
42:ed:ef:6b:85:ef:1a:d9:21:ad:59:71:8e:8e:ac:f6:ba:51:
6d:f8:4d:2b:e7:23:7c:bd:67:76:0a:01:f0:43:0c:bf:26:68:
f2:bf:1f:59
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYIBi2nJfemHykaqDHdonlg0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE3NWUyMDM5MzI0MDFhYmI0NTc5NjhkYjM3MDc1YTE3YzY4
ZjA5ZjYwHhcNMjIwNzE1MTEwODA5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMzcyZmE4OTZjYTk4MTUzMDhkODdmY2ZmZjc5NTRlMmExNGM3YjM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApaKDt1kXdfDjYlJznCfos4k2Fqlr
MmKImaEvMvwyDmzLwhzjCNmQyyrghkmR318pJBuWdZu/Nkz29ZKPZEiLI3CZjEP2
gj1G/OdIFEOAWnLsoLsfkWw8woLeKN/LHVJG9p2rxBPpTX49lQHukC1AtFl7jUMa
IMse74Ia8oEZSRIvclrKrgv9Y9zcTBzBHOGFyg5LOP15kbeO1BxPhLZDr+VQrkKX
/DzauKndKuJDV/1RuygTcoLuIcIZkI1HCurmxqLkv1HG/SkbTdBHXcP8ZJkFx0g2
ZO3bfpaZIajeijrDgT0da6JNNJ4u4YVJodHnUsTNavuUCE0NosfsbzUyLQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKNy+olsqYFTCNh/z/95VOKhTHs4MB8GA1UdIwQY
MBaAFBdeIDkyQBq7RXlo2zcHWhfGjwn2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRjE0Z09USkFHcnRGZVdqYk53ZGFGOGFQQ2ZZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNC8xOGU5YzItYmQxZi00M2EyLTg2NjAt
Mzg0YzU0MWE1OWUxLzEvbzNMNmlXeXBnVk1JMkhfUF8zbFU0cUZNZXpnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNC8xOGU5YzItYmQxZi00M2EyLTg2NjAtMzg0YzU0MWE1OWUx
LzEvRjE0Z09USkFHcnRGZVdqYk53ZGFGOGFQQ2ZZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBVcwmMA0G
CSqGSIb3DQEBCwUAA4IBAQCx/Y0kpxODf7Nw6C6SucAmVa78XKN9LBBDX26262jg
1o/781ENXf/TEmxoH6KGutF61qlGV3AaAK9PNTsdj9TUi3KhnnFXOA0fycPcAefY
JCT8o8RVL2KN0zbVyYi3HjvmKuJzVMTdAnUM16Z0oypBqFLnHOpGEHr2MNPqt66O
JghDLJs3rb8Zh7ghzd88jDu3SxwCBml4VlS3MZVhqMS3nneRGejKBPMDTh7ws4us
N8jxjpMwttR7957Nr7aph8kqV/qaSyDqWD2PRUEwMaUM4V2JvqZdacJC7e9rhe8a
2SGtWXGOjqz2ulFt+E0r5yN8vWd2CgHwQwy/Jmjyvx9Z
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:03:32 2023 by rpki-client on console-fra.rpki-client.org