Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/8fad67-bb6b-4773-b81e-c900a89f20f1/1/4_tVAcXbU4RsyPb3rUrXAnKTJAc.roa
File: 4_tVAcXbU4RsyPb3rUrXAnKTJAc.roa (raw, json)
Hash identifier: ZlR7BwVVuirUjZYh2UrV78xXDpQgKt/jiHTgkJ2uAXc=
Subject key identifier: E3:FB:55:01:C5:DB:53:84:6C:C8:F6:F7:AD:4A:D7:02:72:93:24:07
Certificate issuer: /CN=541fdc7a2f11a5766d3ad7bdf625ce5e119a8fdf
Certificate serial: 0187742313BA493BDF33277423A8AB2E03F2
Authority key identifier: 54:1F:DC:7A:2F:11:A5:76:6D:3A:D7:BD:F6:25:CE:5E:11:9A:8F:DF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VB_cei8RpXZtOte99iXOXhGaj98.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4d/8fad67-bb6b-4773-b81e-c900a89f20f1/1/4_tVAcXbU4RsyPb3rUrXAnKTJAc.roa
Signing time: Wed 12 Apr 2023 06:24:28 +0000
ROA not before: Wed 12 Apr 2023 06:24:28 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48881
IP address blocks: 185.104.180.0/22 maxlen: 22
185.104.43.0/24 maxlen: 24
185.104.48.0/21 maxlen: 21
185.101.171.0/24 maxlen: 24
2a06:1fc0::/29 maxlen: 29
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:74:23:13:ba:49:3b:df:33:27:74:23:a8:ab:2e:03:f2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=541fdc7a2f11a5766d3ad7bdf625ce5e119a8fdf
Validity
Not Before: Apr 12 06:24:28 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e3fb5501c5db53846cc8f6f7ad4ad70272932407
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:e0:be:b2:d0:55:6c:e5:bb:e5:66:56:32:2a:
20:45:9c:5b:69:43:85:5f:30:82:25:60:66:f0:cb:
22:be:49:8e:1e:14:5d:8d:23:4d:1d:11:db:a6:7f:
63:33:52:11:86:13:9c:ca:0a:72:ae:d9:71:47:8a:
c5:9b:59:85:b0:ed:4b:b9:64:a4:1d:91:b9:15:f5:
7d:1a:b1:7a:ae:03:fc:ee:41:bd:43:17:8f:52:bc:
0d:d4:02:4a:b9:29:7f:c5:ab:7c:a9:35:08:1b:5a:
ae:b1:79:d0:0a:72:b2:d2:e7:83:93:1d:5c:76:8b:
38:7c:2a:dd:f1:22:0f:91:5e:0b:de:a8:42:fc:a1:
b3:3f:55:59:89:8a:a8:2d:11:88:8a:35:75:b0:d3:
01:21:d5:3e:cc:fb:42:5a:6e:43:e7:5e:b7:d6:29:
8f:2a:95:ab:ec:49:07:cf:ec:ea:89:62:c9:9e:f9:
c9:7b:2e:37:6c:a7:22:cd:ec:3a:9d:c3:8c:61:de:
f9:b3:3c:90:16:5a:55:69:ae:1e:e3:19:7e:02:a1:
45:a2:0e:5e:4c:a2:5c:57:fd:c3:42:22:c2:0b:85:
03:a7:01:53:7b:10:49:a7:5c:55:ce:53:9f:37:40:
6f:88:3a:f5:8a:b7:bc:c7:2d:18:82:79:e4:2d:01:
2d:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:FB:55:01:C5:DB:53:84:6C:C8:F6:F7:AD:4A:D7:02:72:93:24:07
X509v3 Authority Key Identifier:
keyid:54:1F:DC:7A:2F:11:A5:76:6D:3A:D7:BD:F6:25:CE:5E:11:9A:8F:DF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VB_cei8RpXZtOte99iXOXhGaj98.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/8fad67-bb6b-4773-b81e-c900a89f20f1/1/4_tVAcXbU4RsyPb3rUrXAnKTJAc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/8fad67-bb6b-4773-b81e-c900a89f20f1/1/VB_cei8RpXZtOte99iXOXhGaj98.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.101.171.0/24
185.104.43.0/24
185.104.48.0/21
185.104.180.0/22
IPv6:
2a06:1fc0::/29
Signature Algorithm: sha256WithRSAEncryption
57:ab:d1:8b:11:1e:72:01:f3:62:e1:49:69:d2:d6:fb:d2:17:
a6:a2:e8:f8:82:b1:8d:9d:5d:5f:b8:68:fe:25:99:6e:88:3c:
f9:4f:e4:57:a5:c4:81:3b:6e:83:fb:01:02:35:1c:74:99:61:
72:48:fb:36:ae:10:be:d8:d1:f0:7e:04:22:2b:71:aa:cb:a3:
96:24:5e:f9:73:63:2e:07:79:8f:a8:9f:0f:a1:43:52:dc:66:
b5:1c:a2:63:04:b5:4c:ea:60:3b:ae:6e:71:b7:dd:22:60:ad:
f5:96:54:ae:35:5c:8f:3a:11:1d:e1:eb:43:f6:3e:d7:d0:9d:
0f:aa:89:7b:a1:c1:da:98:5a:d8:3b:14:f9:90:c0:c3:a9:3e:
6a:be:f6:42:6b:fd:2a:a6:29:84:6e:22:b9:83:71:16:4b:53:
f7:e9:54:9a:02:cf:9f:4c:f2:fb:4f:09:33:31:29:93:b7:6e:
d1:0d:35:3d:44:8b:ec:53:dc:9b:e1:f7:21:39:73:72:38:97:
d7:f9:21:3b:aa:f5:4b:af:03:06:83:16:03:7c:38:05:33:93:
bc:43:51:26:72:4f:19:0c:19:53:49:26:76:ff:e1:5a:74:0e:
66:19:ce:fc:db:8c:0b:fe:1f:ef:e0:55:4f:c7:55:df:cf:7e:
0a:17:82:39
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYd0IxO6STvfMyd0I6irLgPyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU0MWZkYzdhMmYxMWE1NzY2ZDNhZDdiZGY2MjVjZTVlMTE5
YThmZGYwHhcNMjMwNDEyMDYyNDI4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlM2ZiNTUwMWM1ZGI1Mzg0NmNjOGY2ZjdhZDRhZDcwMjcyOTMyNDA3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAneC+stBVbOW75WZWMiogRZxbaUOF
XzCCJWBm8MsivkmOHhRdjSNNHRHbpn9jM1IRhhOcygpyrtlxR4rFm1mFsO1LuWSk
HZG5FfV9GrF6rgP87kG9QxePUrwN1AJKuSl/xat8qTUIG1qusXnQCnKy0ueDkx1c
dos4fCrd8SIPkV4L3qhC/KGzP1VZiYqoLRGIijV1sNMBIdU+zPtCWm5D51631imP
KpWr7EkHz+zqiWLJnvnJey43bKcizew6ncOMYd75szyQFlpVaa4e4xl+AqFFog5e
TKJcV/3DQiLCC4UDpwFTexBJp1xVzlOfN0BviDr1ire8xy0YgnnkLQEtNQIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFOP7VQHF21OEbMj2961K1wJykyQHMB8GA1UdIwQY
MBaAFFQf3HovEaV2bTrXvfYlzl4Rmo/fMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVkJfY2VpOFJwWFp0T3RlOTlpWE9YaEdhajk4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZC84ZmFkNjctYmI2Yi00NzczLWI4MWUt
YzkwMGE4OWYyMGYxLzEvNF90VkFjWGJVNFJzeVBiM3JVclhBbktUSkFjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZC84ZmFkNjctYmI2Yi00NzczLWI4MWUtYzkwMGE4OWYyMGYx
LzEvVkJfY2VpOFJwWFp0T3RlOTlpWE9YaEdhajk4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQAuWWrAwQA
uWgrAwQDuWgwAwQCuWi0MA0EAgACMAcDBQMqBh/AMA0GCSqGSIb3DQEBCwUAA4IB
AQBXq9GLER5yAfNi4Ulp0tb70hemouj4grGNnV1fuGj+JZluiDz5T+RXpcSBO26D
+wECNRx0mWFySPs2rhC+2NHwfgQiK3Gqy6OWJF75c2MuB3mPqJ8PoUNS3Ga1HKJj
BLVM6mA7rm5xt90iYK31llSuNVyPOhEd4etD9j7X0J0Pqol7ocHamFrYOxT5kMDD
qT5qvvZCa/0qpimEbiK5g3EWS1P36VSaAs+fTPL7TwkzMSmTt27RDTU9RIvsU9yb
4fchOXNyOJfX+SE7qvVLrwMGgxYDfDgFM5O8Q1Emck8ZDBlTSSZ2/+FadA5mGc78
24wL/h/v4FVPx1Xfz34KF4I5
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:41:15 2023 by rpki-client on console.sobornost.net