Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3b/afbab5-adcf-4e57-92ea-9f4025571cba/1/Gn__jukAKdS-0-FtzRL0xYMjbes.roa
File: Gn__jukAKdS-0-FtzRL0xYMjbes.roa (raw, json)
Hash identifier: 9J7ZAq0ENm/rXW15lVT3iz1Xr0FassObXiPvNzZamx4=
Subject key identifier: 1A:7F:FF:8E:E9:00:29:D4:BE:D3:E1:6D:CD:12:F4:C5:83:23:6D:EB
Certificate issuer: /CN=7acfd0797e2d9bd3539d195a031241a56a02a16a
Certificate serial: 0189DA3A90C8603C056B19C9423E2A2A3E29
Authority key identifier: 7A:CF:D0:79:7E:2D:9B:D3:53:9D:19:5A:03:12:41:A5:6A:02:A1:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/es_QeX4tm9NTnRlaAxJBpWoCoWo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3b/afbab5-adcf-4e57-92ea-9f4025571cba/1/Gn__jukAKdS-0-FtzRL0xYMjbes.roa
Signing time: Wed 09 Aug 2023 12:16:58 +0000
ROA not before: Wed 09 Aug 2023 12:16:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 52000
IP address blocks: 109.107.170.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:da:3a:90:c8:60:3c:05:6b:19:c9:42:3e:2a:2a:3e:29
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7acfd0797e2d9bd3539d195a031241a56a02a16a
Validity
Not Before: Aug 9 12:16:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1a7fff8ee90029d4bed3e16dcd12f4c583236deb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:58:00:5f:cc:cc:f1:06:02:a7:b2:9b:1a:15:
d9:2d:cd:65:fa:26:5c:f7:00:95:41:b3:67:97:88:
53:e6:65:eb:5c:69:b5:ab:e4:04:07:e1:a8:6b:b7:
22:71:83:d7:6c:3f:45:c2:3e:fc:4a:11:b2:ca:ac:
13:27:8f:0d:d8:28:9d:e2:96:74:2f:0f:51:bf:12:
bf:d6:c6:ad:3f:e7:96:fc:a6:25:8a:af:3a:c6:30:
d2:df:cd:f7:1e:c1:0c:34:45:58:d3:bf:25:60:42:
4d:cd:e8:94:99:38:8b:f4:3d:f5:44:61:92:14:6b:
55:d2:b7:b5:de:f6:d0:60:64:09:bf:d8:6d:67:03:
eb:a3:e5:f8:17:6f:c0:01:c3:f1:91:b8:a9:7b:6d:
b1:f7:7a:4a:e9:32:ff:06:f4:66:2a:f0:2c:69:5c:
19:23:61:c8:d7:69:26:6b:6c:77:70:68:c6:f1:2e:
78:4a:02:d9:a0:47:b9:a0:ac:88:e5:71:0e:0f:84:
28:f9:a2:b5:e8:ff:b2:24:56:54:17:1a:fb:b3:84:
b9:a9:c0:81:bb:35:19:dd:a7:2c:0a:1c:3b:79:24:
67:8d:fc:e8:e9:f6:c7:19:4b:c5:c7:59:0e:1b:bb:
94:8d:1f:e8:cd:d1:bf:1f:e2:14:90:26:b5:20:a9:
a2:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:7F:FF:8E:E9:00:29:D4:BE:D3:E1:6D:CD:12:F4:C5:83:23:6D:EB
X509v3 Authority Key Identifier:
keyid:7A:CF:D0:79:7E:2D:9B:D3:53:9D:19:5A:03:12:41:A5:6A:02:A1:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/es_QeX4tm9NTnRlaAxJBpWoCoWo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/afbab5-adcf-4e57-92ea-9f4025571cba/1/Gn__jukAKdS-0-FtzRL0xYMjbes.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/afbab5-adcf-4e57-92ea-9f4025571cba/1/es_QeX4tm9NTnRlaAxJBpWoCoWo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.107.170.0/24
Signature Algorithm: sha256WithRSAEncryption
2a:22:37:12:a9:d5:d7:11:c6:1f:54:6b:a7:e9:df:9c:57:5e:
e6:77:93:fa:6f:f8:29:35:0e:c1:19:8a:71:f8:21:f0:2c:78:
a3:e4:f8:a5:df:0d:d4:9a:f6:43:12:b8:8c:19:62:bd:13:94:
f6:b4:3c:bf:45:48:5e:02:88:71:50:f9:b7:7b:51:83:51:9d:
b7:8f:5b:cf:07:5c:b9:54:a9:35:84:1d:38:4f:d9:3d:b2:a7:
5e:ce:3e:33:b5:db:9d:9f:f5:43:19:4d:1c:71:18:be:22:45:
e8:de:50:49:bb:a4:53:23:1d:7b:5b:ff:d8:ff:22:40:08:2f:
a8:c1:8c:f3:96:af:c3:46:02:93:06:0d:db:19:93:76:85:5d:
b4:08:6a:30:b2:20:fe:f0:2c:cc:bb:ec:6b:57:a6:65:ed:4d:
e6:81:f6:e9:07:f4:41:10:16:e5:97:9f:38:41:3b:bf:a9:b8:
f5:a6:4f:09:51:b7:b7:09:8d:cc:6e:82:ce:5b:29:ac:c0:40:
8f:45:19:b2:49:df:a7:9a:e6:85:46:44:61:9b:d6:b6:f1:a9:
5a:7a:07:56:37:b6:1c:32:7f:81:2c:71:3d:05:9b:99:52:64:
e8:6e:7a:ce:7e:c2:1f:9a:b7:5d:d8:f2:34:f8:8e:1b:c9:f4:
c9:7c:92:f1
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYnaOpDIYDwFaxnJQj4qKj4pMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhY2ZkMDc5N2UyZDliZDM1MzlkMTk1YTAzMTI0MWE1NmEw
MmExNmEwHhcNMjMwODA5MTIxNjU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYTdmZmY4ZWU5MDAyOWQ0YmVkM2UxNmRjZDEyZjRjNTgzMjM2ZGViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl1gAX8zM8QYCp7KbGhXZLc1l+iZc
9wCVQbNnl4hT5mXrXGm1q+QEB+Goa7cicYPXbD9Fwj78ShGyyqwTJ48N2Cid4pZ0
Lw9RvxK/1satP+eW/KYliq86xjDS3833HsEMNEVY078lYEJNzeiUmTiL9D31RGGS
FGtV0re13vbQYGQJv9htZwPro+X4F2/AAcPxkbipe22x93pK6TL/BvRmKvAsaVwZ
I2HI12kma2x3cGjG8S54SgLZoEe5oKyI5XEOD4Qo+aK16P+yJFZUFxr7s4S5qcCB
uzUZ3acsChw7eSRnjfzo6fbHGUvFx1kOG7uUjR/ozdG/H+IUkCa1IKmiOwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBp//47pACnUvtPhbc0S9MWDI23rMB8GA1UdIwQY
MBaAFHrP0Hl+LZvTU50ZWgMSQaVqAqFqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZXNfUWVYNHRtOU5UblJsYUF4SkJwV29Db1dvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYi9hZmJhYjUtYWRjZi00ZTU3LTkyZWEt
OWY0MDI1NTcxY2JhLzEvR25fX2p1a0FLZFMtMC1GdHpSTDB4WU1qYmVzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYi9hZmJhYjUtYWRjZi00ZTU3LTkyZWEtOWY0MDI1NTcxY2Jh
LzEvZXNfUWVYNHRtOU5UblJsYUF4SkJwV29Db1dvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAbWuqMA0G
CSqGSIb3DQEBCwUAA4IBAQAqIjcSqdXXEcYfVGun6d+cV17md5P6b/gpNQ7BGYpx
+CHwLHij5Pil3w3UmvZDEriMGWK9E5T2tDy/RUheAohxUPm3e1GDUZ23j1vPB1y5
VKk1hB04T9k9sqdezj4ztdudn/VDGU0ccRi+IkXo3lBJu6RTIx17W//Y/yJACC+o
wYzzlq/DRgKTBg3bGZN2hV20CGowsiD+8CzMu+xrV6Zl7U3mgfbpB/RBEBbll584
QTu/qbj1pk8JUbe3CY3MboLOWymswECPRRmySd+nmuaFRkRhm9a28alaegdWN7Yc
Mn+BLHE9BZuZUmTobnrOfsIfmrdd2PI0+I4byfTJfJLx
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:26:09 2024 by rpki-client on console-fra.rpki-client.org