Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3b/afbab5-adcf-4e57-92ea-9f4025571cba/1/82u6olTXtquseUBvpAnqQUKyPP4.roa
File: 82u6olTXtquseUBvpAnqQUKyPP4.roa (raw, json)
Hash identifier: wjnBd9aQGH9AtYrXSezkap6bGe+fPXuDgyJrA8R089A=
Subject key identifier: F3:6B:BA:A2:54:D7:B6:AB:AC:79:40:6F:A4:09:EA:41:42:B2:3C:FE
Certificate issuer: /CN=7acfd0797e2d9bd3539d195a031241a56a02a16a
Certificate serial: 3E2876
Authority key identifier: 7A:CF:D0:79:7E:2D:9B:D3:53:9D:19:5A:03:12:41:A5:6A:02:A1:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/es_QeX4tm9NTnRlaAxJBpWoCoWo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3b/afbab5-adcf-4e57-92ea-9f4025571cba/1/82u6olTXtquseUBvpAnqQUKyPP4.roa
Signing time: Fri 28 Jan 2022 08:31:13 +0000
ROA not before: Fri 28 Jan 2022 08:31:13 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 137263
IP address blocks: 109.107.168.0/23 maxlen: 23
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4073590 (0x3e2876)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7acfd0797e2d9bd3539d195a031241a56a02a16a
Validity
Not Before: Jan 28 08:31:13 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f36bbaa254d7b6abac79406fa409ea4142b23cfe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:fe:51:0b:f5:24:cd:88:57:7e:3b:6d:01:ae:
b8:f6:38:e9:43:2a:1d:49:3a:aa:2c:f6:21:c5:0c:
7a:a7:3c:3b:44:f7:de:35:98:07:94:1b:23:e3:9a:
09:12:47:76:70:a2:1d:db:11:b3:46:e5:a8:02:c8:
e7:f2:c6:2d:6b:06:0c:7c:e0:d1:51:a5:1a:ed:00:
ae:26:6a:1d:db:ab:98:9d:b9:9e:eb:c4:4f:b8:e9:
58:06:6a:2f:58:cb:b7:22:8f:8b:2a:af:da:95:7e:
99:b6:c7:93:2c:ee:26:96:f8:6d:71:97:13:90:54:
39:a7:e2:fc:cf:38:d9:e8:43:91:b9:6c:94:90:3e:
31:d2:d2:1b:3b:e2:68:6e:cc:72:25:31:5c:40:6c:
4a:a8:13:57:87:d0:21:fa:3e:a7:ff:ad:10:0e:60:
c8:02:2f:85:b5:c0:ed:5d:0f:9a:9a:c1:13:8a:d4:
28:97:d6:7f:4b:95:95:d2:fb:46:56:6b:27:15:aa:
64:ac:99:e9:4d:d2:f9:8a:8f:9a:4e:84:e6:81:b6:
8e:df:e8:9d:9f:31:9c:72:26:c8:ec:7d:f3:8e:66:
26:69:f4:36:4c:3f:da:93:23:99:64:fe:30:28:c2:
ab:85:1b:77:c7:52:7c:80:64:3e:fa:7c:5e:a8:b2:
36:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:6B:BA:A2:54:D7:B6:AB:AC:79:40:6F:A4:09:EA:41:42:B2:3C:FE
X509v3 Authority Key Identifier:
keyid:7A:CF:D0:79:7E:2D:9B:D3:53:9D:19:5A:03:12:41:A5:6A:02:A1:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/es_QeX4tm9NTnRlaAxJBpWoCoWo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/afbab5-adcf-4e57-92ea-9f4025571cba/1/82u6olTXtquseUBvpAnqQUKyPP4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/afbab5-adcf-4e57-92ea-9f4025571cba/1/es_QeX4tm9NTnRlaAxJBpWoCoWo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.107.168.0/23
Signature Algorithm: sha256WithRSAEncryption
55:50:66:d5:de:72:f8:2e:4d:ca:b9:31:c2:86:86:7e:d5:29:
4b:9e:1b:42:a8:97:4b:d8:4d:3d:62:02:33:6b:fa:36:65:7e:
ee:ad:60:e2:02:ee:88:29:ae:c2:56:1c:9e:a3:80:8d:89:de:
1d:92:b1:18:fe:b5:d0:e7:1d:0f:b8:c0:92:b8:46:11:8f:10:
b6:32:9f:2f:22:af:52:6b:96:7c:22:7c:d1:d0:f2:50:28:ab:
f9:79:88:05:f1:c9:dc:55:66:93:33:07:26:92:5e:7b:d2:cc:
55:58:11:7a:ce:46:b0:2e:57:38:8d:51:70:69:f8:8d:ce:5d:
7b:1c:ce:df:a2:27:6c:37:52:bd:55:1b:40:00:18:ae:b5:d2:
d3:aa:6b:1b:59:3c:96:2a:5c:55:bf:d5:e3:f9:a1:6e:2a:f9:
64:48:bf:96:a9:a3:c0:de:5b:2b:60:6c:3a:53:b7:9e:8d:63:
21:fe:13:7b:f0:76:df:57:65:81:ec:20:14:6f:a2:04:c0:87:
79:77:0c:06:5d:19:c4:0a:e7:bd:dc:4b:43:32:e4:1e:95:19:
39:50:c1:b8:c6:13:23:a1:e7:6c:a1:b7:e2:34:5b:cb:83:a3:
71:94:7f:63:52:d8:94:72:ec:7f:64:b0:23:f6:ae:d8:2a:ba:
6f:be:2f:cd
-----BEGIN CERTIFICATE-----
MIIE7jCCA9agAwIBAgIDPih2MA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDdh
Y2ZkMDc5N2UyZDliZDM1MzlkMTk1YTAzMTI0MWE1NmEwMmExNmEwHhcNMjIwMTI4
MDgzMTEzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyhmMzZiYmFhMjU0ZDdi
NmFiYWM3OTQwNmZhNDA5ZWE0MTQyYjIzY2ZlMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAz/5RC/UkzYhXfjttAa649jjpQyodSTqqLPYhxQx6pzw7RPfe
NZgHlBsj45oJEkd2cKId2xGzRuWoAsjn8sYtawYMfODRUaUa7QCuJmod26uYnbme
68RPuOlYBmovWMu3Io+LKq/alX6ZtseTLO4mlvhtcZcTkFQ5p+L8zzjZ6EORuWyU
kD4x0tIbO+JobsxyJTFcQGxKqBNXh9Ah+j6n/60QDmDIAi+FtcDtXQ+amsETitQo
l9Z/S5WV0vtGVmsnFapkrJnpTdL5io+aToTmgbaO3+idnzGccibI7H3zjmYmafQ2
TD/akyOZZP4wKMKrhRt3x1J8gGQ++nxeqLI2BQIDAQABo4ICCTCCAgUwHQYDVR0O
BBYEFPNruqJU17arrHlAb6QJ6kFCsjz+MB8GA1UdIwQYMBaAFHrP0Hl+LZvTU50Z
WgMSQaVqAqFqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
ZXNfUWVYNHRtOU5UblJsYUF4SkJwV29Db1dvLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC8zYi9hZmJhYjUtYWRjZi00ZTU3LTkyZWEtOWY0MDI1NTcxY2JhLzEv
ODJ1Nm9sVFh0cXVzZVVCdnBBbnFRVUt5UFA0LnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYi9h
ZmJhYjUtYWRjZi00ZTU3LTkyZWEtOWY0MDI1NTcxY2JhLzEvZXNfUWVYNHRtOU5U
blJsYUF4SkJwV29Db1dvLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8G
CCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBbWuoMA0GCSqGSIb3DQEBCwUAA4IB
AQBVUGbV3nL4Lk3KuTHChoZ+1SlLnhtCqJdL2E09YgIza/o2ZX7urWDiAu6IKa7C
Vhyeo4CNid4dkrEY/rXQ5x0PuMCSuEYRjxC2Mp8vIq9Sa5Z8InzR0PJQKKv5eYgF
8cncVWaTMwcmkl570sxVWBF6zkawLlc4jVFwafiNzl17HM7foidsN1K9VRtAABiu
tdLTqmsbWTyWKlxVv9Xj+aFuKvlkSL+WqaPA3lsrYGw6U7eejWMh/hN78HbfV2WB
7CAUb6IEwId5dwwGXRnECue93EtDMuQelRk5UMG4xhMjoedsobfiNFvLg6NxlH9j
UtiUcux/ZLAj9q7YKrpvvi/N
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:26:09 2024 by rpki-client on console-fra.rpki-client.org