Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3b/afbab5-adcf-4e57-92ea-9f4025571cba/1/7l4dwIkPgwX4-iq0cw6tGyLjjS0.roa
File: 7l4dwIkPgwX4-iq0cw6tGyLjjS0.roa (raw, json)
Hash identifier: uI7jfAP9ssqmoZQuQTjdySfCmu8QBEed12UHvsXDWmU=
Subject key identifier: EE:5E:1D:C0:89:0F:83:05:F8:FA:2A:B4:73:0E:AD:1B:22:E3:8D:2D
Certificate issuer: /CN=7acfd0797e2d9bd3539d195a031241a56a02a16a
Certificate serial: 018AB6C0673F1D1CD5C8E22C365379F7369F
Authority key identifier: 7A:CF:D0:79:7E:2D:9B:D3:53:9D:19:5A:03:12:41:A5:6A:02:A1:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/es_QeX4tm9NTnRlaAxJBpWoCoWo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3b/afbab5-adcf-4e57-92ea-9f4025571cba/1/7l4dwIkPgwX4-iq0cw6tGyLjjS0.roa
Signing time: Thu 21 Sep 2023 07:59:37 +0000
ROA not before: Thu 21 Sep 2023 07:59:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 210644
IP address blocks: 109.107.189.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:b6:c0:67:3f:1d:1c:d5:c8:e2:2c:36:53:79:f7:36:9f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7acfd0797e2d9bd3539d195a031241a56a02a16a
Validity
Not Before: Sep 21 07:59:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ee5e1dc0890f8305f8fa2ab4730ead1b22e38d2d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:b0:85:77:83:3f:93:bd:17:1d:71:57:8e:da:
d3:f6:1e:b6:57:b9:f3:2b:a0:52:49:6c:48:da:d4:
ec:41:98:25:fa:3f:aa:95:b3:b2:04:bd:91:e1:1c:
de:f6:d1:0f:70:b5:7f:8d:63:52:e9:d2:d3:b7:04:
99:6f:a3:44:ac:e8:8f:b8:72:7c:4a:4f:0c:18:ea:
8d:4e:e4:db:e1:c6:61:1d:62:2c:70:c7:c4:55:a7:
62:c2:6f:da:f5:2f:5b:db:91:18:37:5a:82:9d:52:
24:97:35:22:22:dd:1b:8a:18:f1:e6:15:90:5c:bf:
b7:78:c1:f4:3b:cb:e8:98:07:9c:38:f8:c1:85:f8:
67:cc:fc:dc:a5:2d:0f:d8:7c:ca:48:83:4d:e8:c7:
c3:16:ab:6d:d0:2f:59:0e:6f:0d:d0:64:ae:7a:e1:
e3:8e:1b:1c:d7:36:ae:7d:32:c3:18:7c:f0:bc:34:
36:9c:36:e7:aa:e8:04:66:55:d6:af:d2:66:4f:e2:
28:ce:b6:25:88:4b:e5:46:9d:5a:39:6c:17:02:c8:
8d:98:48:32:bc:14:ba:cc:e1:41:c5:c6:60:b5:2d:
b5:b0:57:36:83:d6:4f:d7:25:cb:89:49:51:e5:1c:
19:4d:d6:9a:43:09:84:7e:37:28:52:b0:3b:54:f1:
6f:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EE:5E:1D:C0:89:0F:83:05:F8:FA:2A:B4:73:0E:AD:1B:22:E3:8D:2D
X509v3 Authority Key Identifier:
keyid:7A:CF:D0:79:7E:2D:9B:D3:53:9D:19:5A:03:12:41:A5:6A:02:A1:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/es_QeX4tm9NTnRlaAxJBpWoCoWo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/afbab5-adcf-4e57-92ea-9f4025571cba/1/7l4dwIkPgwX4-iq0cw6tGyLjjS0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/afbab5-adcf-4e57-92ea-9f4025571cba/1/es_QeX4tm9NTnRlaAxJBpWoCoWo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.107.189.0/24
Signature Algorithm: sha256WithRSAEncryption
93:85:3a:51:b1:87:6f:e5:4c:c9:d2:9e:40:72:5b:b2:df:24:
15:23:1c:8d:75:b3:2d:36:f3:8e:b9:23:7a:a7:70:e3:cb:96:
e2:6a:eb:4e:e6:0c:0a:b9:ee:ef:66:33:ff:61:2c:af:27:7f:
72:4e:01:93:57:01:27:b9:95:e1:04:b2:a8:e1:ce:46:8e:40:
85:62:35:30:5b:95:5f:e2:75:3a:df:18:a9:16:82:9f:78:a7:
ed:ea:c6:d8:58:cf:ff:6f:8f:f8:e3:7b:f0:d9:01:48:9b:69:
18:c4:19:83:b8:a8:9a:05:75:53:fc:fd:2d:2f:69:8a:34:81:
79:68:68:4c:4a:7f:ce:32:89:b7:1a:c0:ec:0c:6b:f9:d9:4a:
d1:16:df:33:99:98:30:fd:a2:39:15:25:48:3e:2c:0d:92:ef:
04:0a:f2:f0:1e:18:42:24:2f:d8:34:16:fa:e6:98:7f:2f:89:
7b:89:57:33:bf:6e:7d:39:89:ec:c8:96:d1:ee:06:3e:5d:79:
ff:c8:fb:88:1f:a1:b6:9d:eb:c2:80:a8:90:35:c3:c0:ec:37:
24:95:b3:1a:ab:c1:1e:37:1d:b8:2c:05:64:95:65:f2:ad:71:
df:c6:18:6d:a0:9f:88:f6:25:4f:5b:e3:8d:df:6f:a3:62:15:
71:04:12:29
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYq2wGc/HRzVyOIsNlN59zafMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhY2ZkMDc5N2UyZDliZDM1MzlkMTk1YTAzMTI0MWE1NmEw
MmExNmEwHhcNMjMwOTIxMDc1OTM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZTVlMWRjMDg5MGY4MzA1ZjhmYTJhYjQ3MzBlYWQxYjIyZTM4ZDJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq7CFd4M/k70XHXFXjtrT9h62V7nz
K6BSSWxI2tTsQZgl+j+qlbOyBL2R4Rze9tEPcLV/jWNS6dLTtwSZb6NErOiPuHJ8
Sk8MGOqNTuTb4cZhHWIscMfEVadiwm/a9S9b25EYN1qCnVIklzUiIt0bihjx5hWQ
XL+3eMH0O8vomAecOPjBhfhnzPzcpS0P2HzKSINN6MfDFqtt0C9ZDm8N0GSueuHj
jhsc1zaufTLDGHzwvDQ2nDbnqugEZlXWr9JmT+IozrYliEvlRp1aOWwXAsiNmEgy
vBS6zOFBxcZgtS21sFc2g9ZP1yXLiUlR5RwZTdaaQwmEfjcoUrA7VPFvrQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFO5eHcCJD4MF+PoqtHMOrRsi440tMB8GA1UdIwQY
MBaAFHrP0Hl+LZvTU50ZWgMSQaVqAqFqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZXNfUWVYNHRtOU5UblJsYUF4SkJwV29Db1dvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYi9hZmJhYjUtYWRjZi00ZTU3LTkyZWEt
OWY0MDI1NTcxY2JhLzEvN2w0ZHdJa1Bnd1g0LWlxMGN3NnRHeUxqalMwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYi9hZmJhYjUtYWRjZi00ZTU3LTkyZWEtOWY0MDI1NTcxY2Jh
LzEvZXNfUWVYNHRtOU5UblJsYUF4SkJwV29Db1dvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAbWu9MA0G
CSqGSIb3DQEBCwUAA4IBAQCThTpRsYdv5UzJ0p5Acluy3yQVIxyNdbMtNvOOuSN6
p3Djy5biautO5gwKue7vZjP/YSyvJ39yTgGTVwEnuZXhBLKo4c5GjkCFYjUwW5Vf
4nU63xipFoKfeKft6sbYWM//b4/443vw2QFIm2kYxBmDuKiaBXVT/P0tL2mKNIF5
aGhMSn/OMom3GsDsDGv52UrRFt8zmZgw/aI5FSVIPiwNku8ECvLwHhhCJC/YNBb6
5ph/L4l7iVczv259OYnsyJbR7gY+XXn/yPuIH6G2nevCgKiQNcPA7DcklbMaq8Ee
Nx24LAVklWXyrXHfxhhtoJ+I9iVPW+ON32+jYhVxBBIp
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:26:09 2024 by rpki-client on console-fra.rpki-client.org