Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3b/afbab5-adcf-4e57-92ea-9f4025571cba/1/3N_SzEkr3adMMzglHhoCwPGEbNg.roa
File: 3N_SzEkr3adMMzglHhoCwPGEbNg.roa (raw, json)
Hash identifier: JeHQXhW0+QC1hQl2Wx7nJbPinMPSL2xl69RIrplK61c=
Subject key identifier: DC:DF:D2:CC:49:2B:DD:A7:4C:33:38:25:1E:1A:02:C0:F1:84:6C:D8
Certificate issuer: /CN=7acfd0797e2d9bd3539d195a031241a56a02a16a
Certificate serial: 2B44EA
Authority key identifier: 7A:CF:D0:79:7E:2D:9B:D3:53:9D:19:5A:03:12:41:A5:6A:02:A1:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/es_QeX4tm9NTnRlaAxJBpWoCoWo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3b/afbab5-adcf-4e57-92ea-9f4025571cba/1/3N_SzEkr3adMMzglHhoCwPGEbNg.roa
Signing time: Thu 20 Jan 2022 12:31:35 +0000
ROA not before: Thu 20 Jan 2022 12:31:35 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 52000
IP address blocks: 109.107.160.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2835690 (0x2b44ea)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7acfd0797e2d9bd3539d195a031241a56a02a16a
Validity
Not Before: Jan 20 12:31:35 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=dcdfd2cc492bdda74c3338251e1a02c0f1846cd8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:39:7b:ac:6a:a2:4e:e9:8c:e0:21:7d:90:77:
17:ad:b3:bc:20:ec:49:0b:30:19:eb:01:4b:87:c3:
d1:b3:a7:69:ba:d3:8b:3c:51:f9:fe:80:d1:0f:43:
a6:1e:42:2b:be:9a:b8:8e:fe:80:4d:e5:21:c7:45:
47:ec:0a:eb:c9:ee:2f:03:34:2c:cb:42:73:0d:63:
67:be:a5:07:13:be:13:1e:66:3a:f6:03:5a:d3:68:
45:13:2e:ce:44:8c:97:fd:71:9d:48:ef:b5:ea:67:
7f:e3:b2:2d:83:a0:c2:14:f5:1a:ff:8d:33:ab:57:
5e:2f:eb:fd:c9:27:5c:db:8e:b1:ae:d3:fd:ab:bc:
74:17:82:07:ef:88:07:3b:33:4a:37:cb:68:e1:e8:
53:20:b9:82:be:36:8b:85:71:49:5a:30:9d:d4:21:
9b:94:c9:2c:51:97:fb:18:de:65:7b:bb:ba:1f:c8:
ca:a9:ca:c8:88:a3:d8:cf:ce:6a:90:c7:09:64:ac:
7d:0e:e5:9c:61:64:ed:52:a4:16:b1:d1:82:7f:22:
5e:4d:8f:f4:3e:23:ab:6c:98:a8:f1:c0:44:fd:0e:
48:5a:af:12:35:9a:7c:0a:c4:4b:2c:79:05:96:e3:
11:9c:23:96:9d:48:68:84:fb:2f:36:1c:ab:a0:24:
4a:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:DF:D2:CC:49:2B:DD:A7:4C:33:38:25:1E:1A:02:C0:F1:84:6C:D8
X509v3 Authority Key Identifier:
keyid:7A:CF:D0:79:7E:2D:9B:D3:53:9D:19:5A:03:12:41:A5:6A:02:A1:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/es_QeX4tm9NTnRlaAxJBpWoCoWo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/afbab5-adcf-4e57-92ea-9f4025571cba/1/3N_SzEkr3adMMzglHhoCwPGEbNg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/afbab5-adcf-4e57-92ea-9f4025571cba/1/es_QeX4tm9NTnRlaAxJBpWoCoWo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.107.160.0/22
Signature Algorithm: sha256WithRSAEncryption
54:d9:b4:a4:f2:62:20:2e:67:dd:9c:fa:f1:22:44:a7:86:0c:
4e:da:5a:cd:13:f7:44:a0:39:21:1e:b6:97:4b:1e:30:b7:d1:
d4:0a:ed:80:bd:41:ea:af:06:92:76:85:3b:60:b9:20:62:15:
9b:54:05:8a:5c:25:03:fb:6e:5e:99:fb:88:c6:57:fa:19:31:
d2:05:2a:fd:cd:54:72:00:77:a5:2e:b8:6a:70:c8:52:db:8d:
12:52:c0:bd:1d:48:38:6b:e1:73:3f:64:15:c9:ae:74:5e:04:
ca:a9:f4:72:3d:40:8d:cd:3b:6f:d1:fc:75:81:80:c0:18:1f:
00:fe:d2:28:ff:c0:21:69:7b:80:3d:31:7f:db:3a:35:6e:a6:
33:c4:4b:66:35:75:e7:22:f4:61:ff:c8:5b:76:61:83:4d:d1:
be:1c:df:bc:c8:aa:af:21:20:f6:df:bf:e6:aa:3a:bb:3e:ca:
83:15:78:13:a2:06:b4:61:88:aa:a9:73:6e:b2:d7:94:4b:9f:
3a:b4:78:20:65:5e:8b:13:f6:de:49:41:bc:19:b2:61:8a:8f:
39:f4:9c:d6:46:fa:dc:f4:01:85:36:60:0e:cb:f3:49:2f:3c:
53:5b:6d:cb:11:95:68:31:f5:51:b0:1c:d3:31:54:cb:e2:0d:
bb:f1:6f:22
-----BEGIN CERTIFICATE-----
MIIE7jCCA9agAwIBAgIDK0TqMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDdh
Y2ZkMDc5N2UyZDliZDM1MzlkMTk1YTAzMTI0MWE1NmEwMmExNmEwHhcNMjIwMTIw
MTIzMTM1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyhkY2RmZDJjYzQ5MmJk
ZGE3NGMzMzM4MjUxZTFhMDJjMGYxODQ2Y2Q4MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAoDl7rGqiTumM4CF9kHcXrbO8IOxJCzAZ6wFLh8PRs6dputOL
PFH5/oDRD0OmHkIrvpq4jv6ATeUhx0VH7Arrye4vAzQsy0JzDWNnvqUHE74THmY6
9gNa02hFEy7ORIyX/XGdSO+16md/47Itg6DCFPUa/40zq1deL+v9ySdc246xrtP9
q7x0F4IH74gHOzNKN8to4ehTILmCvjaLhXFJWjCd1CGblMksUZf7GN5le7u6H8jK
qcrIiKPYz85qkMcJZKx9DuWcYWTtUqQWsdGCfyJeTY/0PiOrbJio8cBE/Q5IWq8S
NZp8CsRLLHkFluMRnCOWnUhohPsvNhyroCRKFQIDAQABo4ICCTCCAgUwHQYDVR0O
BBYEFNzf0sxJK92nTDM4JR4aAsDxhGzYMB8GA1UdIwQYMBaAFHrP0Hl+LZvTU50Z
WgMSQaVqAqFqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
ZXNfUWVYNHRtOU5UblJsYUF4SkJwV29Db1dvLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC8zYi9hZmJhYjUtYWRjZi00ZTU3LTkyZWEtOWY0MDI1NTcxY2JhLzEv
M05fU3pFa3IzYWRNTXpnbEhob0N3UEdFYk5nLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYi9h
ZmJhYjUtYWRjZi00ZTU3LTkyZWEtOWY0MDI1NTcxY2JhLzEvZXNfUWVYNHRtOU5U
blJsYUF4SkJwV29Db1dvLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8G
CCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCbWugMA0GCSqGSIb3DQEBCwUAA4IB
AQBU2bSk8mIgLmfdnPrxIkSnhgxO2lrNE/dEoDkhHraXSx4wt9HUCu2AvUHqrwaS
doU7YLkgYhWbVAWKXCUD+25emfuIxlf6GTHSBSr9zVRyAHelLrhqcMhS240SUsC9
HUg4a+FzP2QVya50XgTKqfRyPUCNzTtv0fx1gYDAGB8A/tIo/8AhaXuAPTF/2zo1
bqYzxEtmNXXnIvRh/8hbdmGDTdG+HN+8yKqvISD237/mqjq7PsqDFXgToga0YYiq
qXNusteUS586tHggZV6LE/beSUG8GbJhio859JzWRvrc9AGFNmAOy/NJLzxTW23L
EZVoMfVRsBzTMVTL4g278W8i
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:04:05 2024 by rpki-client on console-ams.rpki-client.org