Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3b/afbab5-adcf-4e57-92ea-9f4025571cba/1/4tiQe23dQYWfE55pYijpj0xV-MU.roa
File: 4tiQe23dQYWfE55pYijpj0xV-MU.roa (raw, json)
Hash identifier: IZ1+VCsMAuoQgCWck/IkG6EEg/SRIkU8RRhvAJwlbME=
Subject key identifier: E2:D8:90:7B:6D:DD:41:85:9F:13:9E:69:62:28:E9:8F:4C:55:F8:C5
Certificate issuer: /CN=7acfd0797e2d9bd3539d195a031241a56a02a16a
Certificate serial: B2CB54
Authority key identifier: 7A:CF:D0:79:7E:2D:9B:D3:53:9D:19:5A:03:12:41:A5:6A:02:A1:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/es_QeX4tm9NTnRlaAxJBpWoCoWo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3b/afbab5-adcf-4e57-92ea-9f4025571cba/1/4tiQe23dQYWfE55pYijpj0xV-MU.roa
Signing time: Sun 20 Mar 2022 17:19:38 +0000
ROA not before: Sun 20 Mar 2022 17:19:38 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 202984
IP address blocks: 109.107.164.0/23 maxlen: 23
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 11717460 (0xb2cb54)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7acfd0797e2d9bd3539d195a031241a56a02a16a
Validity
Not Before: Mar 20 17:19:38 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e2d8907b6ddd41859f139e696228e98f4c55f8c5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:07:7c:80:06:43:72:c3:19:76:fe:01:f1:d0:
e8:83:70:66:b2:9a:a5:1d:56:46:71:16:37:f9:f5:
3a:62:ba:90:8e:2f:dc:55:d7:99:84:71:45:4e:4e:
ea:2d:f6:34:f1:bb:79:b2:13:58:79:7e:e1:9b:a9:
9b:84:cd:83:6f:97:48:c6:86:96:f4:1c:72:2f:99:
14:a1:2c:fe:0b:a3:03:b1:0b:fe:1d:30:1d:13:9d:
82:74:3e:b5:a3:3a:08:c7:3f:39:2b:92:07:5d:ab:
24:c9:43:3f:08:71:7e:91:91:41:66:aa:66:6e:51:
1f:70:8b:a7:1f:c0:81:06:c7:c1:43:8a:c8:41:d4:
b0:1f:79:00:b7:c8:95:85:c2:40:98:04:fa:3c:62:
06:db:24:cc:87:6a:fe:30:cc:07:aa:24:86:b8:51:
ef:61:7e:e7:69:8b:5a:0f:11:9c:97:79:68:78:ec:
ed:fe:80:a3:56:fc:1c:4b:1e:df:76:eb:2c:9a:72:
f0:36:f8:8e:f4:91:cd:d3:3b:dc:48:5a:71:c7:4d:
11:0e:a3:ef:aa:73:c8:6e:74:b4:d3:3a:e8:3a:be:
08:02:e7:fd:40:18:56:da:55:0b:f9:1e:72:81:8e:
cc:2c:f6:b6:a9:e8:ee:66:7e:43:48:05:ce:9e:e1:
46:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:D8:90:7B:6D:DD:41:85:9F:13:9E:69:62:28:E9:8F:4C:55:F8:C5
X509v3 Authority Key Identifier:
keyid:7A:CF:D0:79:7E:2D:9B:D3:53:9D:19:5A:03:12:41:A5:6A:02:A1:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/es_QeX4tm9NTnRlaAxJBpWoCoWo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/afbab5-adcf-4e57-92ea-9f4025571cba/1/4tiQe23dQYWfE55pYijpj0xV-MU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/afbab5-adcf-4e57-92ea-9f4025571cba/1/es_QeX4tm9NTnRlaAxJBpWoCoWo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.107.164.0/23
Signature Algorithm: sha256WithRSAEncryption
79:3c:ce:6f:47:97:84:df:2e:27:7d:a8:3c:38:f3:1b:24:79:
05:bf:a0:7c:9f:72:8e:93:e8:d7:b4:62:14:4e:85:96:09:6c:
7c:ad:3b:ca:9e:b7:50:9e:bb:4c:ec:68:00:76:31:f1:51:97:
2e:eb:58:51:dd:d1:a2:e8:55:2d:28:94:46:18:37:67:09:04:
46:6f:f8:5c:94:93:2f:b6:dc:67:ee:36:ed:48:28:45:bd:e1:
9f:54:cf:62:2f:f5:c6:57:1e:d0:04:ca:52:29:f6:86:03:a2:
ad:2a:b9:82:ef:fa:ba:0d:e3:72:34:ac:88:29:cf:5b:34:35:
b4:54:be:7f:c2:cd:ee:18:1a:f1:20:f0:12:7b:ce:43:c8:d5:
d3:b8:56:fa:40:19:9e:0a:94:95:b4:bf:63:d2:2e:b1:e0:b9:
09:0d:76:17:08:2e:9f:bb:ba:a1:de:2c:17:30:02:a0:da:ba:
e3:42:49:d3:28:0a:c7:07:9f:29:b4:c6:a7:c4:02:c0:9c:34:
9c:1f:91:22:2c:42:7c:54:61:d9:ef:e9:e3:6a:49:35:80:31:
82:36:a0:b9:3b:6a:79:4c:a5:7d:7e:39:49:78:ef:b7:8e:0c:
4a:3f:0f:92:26:d2:d5:60:34:e1:ec:a6:c1:01:ef:fd:d7:82:
65:f0:87:79
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEALLLVDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
YWNmZDA3OTdlMmQ5YmQzNTM5ZDE5NWEwMzEyNDFhNTZhMDJhMTZhMB4XDTIyMDMy
MDE3MTkzOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZTJkODkwN2I2ZGRk
NDE4NTlmMTM5ZTY5NjIyOGU5OGY0YzU1ZjhjNTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOQHfIAGQ3LDGXb+AfHQ6INwZrKapR1WRnEWN/n1OmK6kI4v
3FXXmYRxRU5O6i32NPG7ebITWHl+4Zupm4TNg2+XSMaGlvQcci+ZFKEs/gujA7EL
/h0wHROdgnQ+taM6CMc/OSuSB12rJMlDPwhxfpGRQWaqZm5RH3CLpx/AgQbHwUOK
yEHUsB95ALfIlYXCQJgE+jxiBtskzIdq/jDMB6okhrhR72F+52mLWg8RnJd5aHjs
7f6Ao1b8HEse33brLJpy8Db4jvSRzdM73EhaccdNEQ6j76pzyG50tNM66Dq+CALn
/UAYVtpVC/kecoGOzCz2tqno7mZ+Q0gFzp7hRikCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTi2JB7bd1BhZ8TnmliKOmPTFX4xTAfBgNVHSMEGDAWgBR6z9B5fi2b01Od
GVoDEkGlagKhajAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2VzX1FlWDR0bTlOVG5SbGFBeEpCcFdvQ29Xby5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvM2IvYWZiYWI1LWFkY2YtNGU1Ny05MmVhLTlmNDAyNTU3MWNiYS8x
LzR0aVFlMjNkUVlXZkU1NXBZaWpwajB4Vi1NVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvM2Iv
YWZiYWI1LWFkY2YtNGU1Ny05MmVhLTlmNDAyNTU3MWNiYS8xL2VzX1FlWDR0bTlO
VG5SbGFBeEpCcFdvQ29Xby5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAW1rpDANBgkqhkiG9w0BAQsFAAOC
AQEAeTzOb0eXhN8uJ32oPDjzGyR5Bb+gfJ9yjpPo17RiFE6FlglsfK07yp63UJ67
TOxoAHYx8VGXLutYUd3RouhVLSiURhg3ZwkERm/4XJSTL7bcZ+427UgoRb3hn1TP
Yi/1xlce0ATKUin2hgOirSq5gu/6ug3jcjSsiCnPWzQ1tFS+f8LN7hga8SDwEnvO
Q8jV07hW+kAZngqUlbS/Y9IuseC5CQ12Fwgun7u6od4sFzACoNq640JJ0ygKxwef
KbTGp8QCwJw0nB+RIixCfFRh2e/p42pJNYAxgjaguTtqeUylfX45SXjvt44MSj8P
kibS1WA04eymwQHv/deCZfCHeQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:04:05 2024 by rpki-client on console-ams.rpki-client.org