Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3b/afbab5-adcf-4e57-92ea-9f4025571cba/1/HtnCoqPvXidypVJ_cSP9qbMtfn8.roa
File: HtnCoqPvXidypVJ_cSP9qbMtfn8.roa (raw, json)
Hash identifier: T0lva4qpJy4xRp2zFyMRbW1//GhEh8W4Ax+2iCnEYVg=
Subject key identifier: 1E:D9:C2:A2:A3:EF:5E:27:72:A5:52:7F:71:23:FD:A9:B3:2D:7E:7F
Certificate issuer: /CN=7acfd0797e2d9bd3539d195a031241a56a02a16a
Certificate serial: 0189DA39A8E8D269BABE6032E28449FE471D
Authority key identifier: 7A:CF:D0:79:7E:2D:9B:D3:53:9D:19:5A:03:12:41:A5:6A:02:A1:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/es_QeX4tm9NTnRlaAxJBpWoCoWo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3b/afbab5-adcf-4e57-92ea-9f4025571cba/1/HtnCoqPvXidypVJ_cSP9qbMtfn8.roa
Signing time: Wed 09 Aug 2023 12:15:59 +0000
ROA not before: Wed 09 Aug 2023 12:15:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212441
IP address blocks: 109.107.185.0/24 maxlen: 24
109.107.186.0/24 maxlen: 24
109.107.184.0/24 maxlen: 24
109.107.182.0/24 maxlen: 24
109.107.183.0/24 maxlen: 24
109.107.181.0/24 maxlen: 24
109.107.189.0/24 maxlen: 24
109.107.190.0/24 maxlen: 24
109.107.187.0/24 maxlen: 24
109.107.188.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:da:39:a8:e8:d2:69:ba:be:60:32:e2:84:49:fe:47:1d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7acfd0797e2d9bd3539d195a031241a56a02a16a
Validity
Not Before: Aug 9 12:15:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1ed9c2a2a3ef5e2772a5527f7123fda9b32d7e7f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:89:ee:22:4a:92:28:43:b5:1f:fa:2d:84:64:
88:ac:4e:86:1a:2d:95:87:66:85:bc:0e:41:11:48:
85:7f:ff:91:b8:29:bc:09:35:56:35:c9:86:9e:89:
fe:cb:0d:70:bd:a3:36:e2:71:f3:3b:13:35:59:c7:
e1:25:cf:d2:03:6a:db:df:cf:c6:13:da:76:a0:d3:
c7:93:cb:01:98:44:34:17:0c:5c:c2:81:0d:2e:00:
31:30:ee:ff:56:e8:f6:26:07:4b:20:f5:56:01:84:
65:74:0d:61:ee:b3:35:6c:da:c4:a8:f8:86:66:bb:
38:a0:3e:8a:b4:82:6a:9c:3d:72:dc:05:1d:e8:9c:
95:29:d6:82:ee:59:1e:f5:6e:59:1f:07:a8:b2:ef:
51:f2:93:9a:1b:3f:f6:e6:3a:c0:99:f2:e0:2b:74:
ec:f8:ad:95:b3:6f:55:86:a1:00:43:6f:26:5f:89:
1f:0f:04:19:ad:40:87:f1:b5:70:e3:b9:d7:7e:50:
55:db:c5:1e:70:73:5a:dd:63:86:56:1a:1c:9d:6d:
eb:e0:c9:85:6c:a8:89:68:b6:a1:00:31:71:1b:3a:
f2:9c:de:c3:f2:c0:0a:cd:1d:72:57:28:80:0e:77:
85:2a:9f:d3:8c:46:e4:15:76:96:30:2f:93:85:19:
3f:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:D9:C2:A2:A3:EF:5E:27:72:A5:52:7F:71:23:FD:A9:B3:2D:7E:7F
X509v3 Authority Key Identifier:
keyid:7A:CF:D0:79:7E:2D:9B:D3:53:9D:19:5A:03:12:41:A5:6A:02:A1:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/es_QeX4tm9NTnRlaAxJBpWoCoWo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/afbab5-adcf-4e57-92ea-9f4025571cba/1/HtnCoqPvXidypVJ_cSP9qbMtfn8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/afbab5-adcf-4e57-92ea-9f4025571cba/1/es_QeX4tm9NTnRlaAxJBpWoCoWo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.107.181.0-109.107.190.255
Signature Algorithm: sha256WithRSAEncryption
0c:35:49:76:c0:a5:cb:d7:36:85:a0:82:f6:5e:4f:9d:0b:6f:
5c:94:e1:ea:7f:7d:17:ac:47:a4:ad:d7:c9:2a:2f:09:64:e4:
4d:72:2a:3c:f3:16:43:87:38:50:40:10:8d:27:95:bf:22:3e:
12:4b:57:8c:56:c6:35:fe:3f:cf:c0:ed:d2:2a:7c:44:48:57:
e3:ed:c2:c0:e5:f4:c5:d6:95:77:70:f7:a9:3f:65:bd:0d:35:
2d:b4:ca:1f:ea:3a:6a:2d:4f:b8:85:4d:fb:d9:e1:ec:8c:7b:
87:fc:ba:9a:19:76:e2:58:16:0c:27:09:f6:67:88:1f:4b:33:
ce:86:be:16:77:4a:04:4a:62:0b:89:98:1e:f4:20:e5:38:e6:
72:88:9c:3e:8b:27:8c:92:9f:89:ee:6c:b4:f1:c8:e3:f8:be:
8f:c8:bd:b6:d2:3e:6f:8b:ab:c2:5d:cf:ac:21:bd:6a:40:f1:
21:93:6b:34:58:d2:83:30:0b:d0:79:74:72:f2:c6:81:18:ec:
98:dc:eb:d3:b1:f8:88:81:c2:e3:33:7c:60:0a:11:06:7b:fc:
38:c3:7b:1e:72:4f:54:26:20:3a:83:41:72:73:c9:21:7f:eb:
22:bd:12:05:88:2e:c4:12:44:fe:f7:54:aa:f3:f6:8e:84:12:
93:ed:e4:d1
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYnaOajo0mm6vmAy4oRJ/kcdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhY2ZkMDc5N2UyZDliZDM1MzlkMTk1YTAzMTI0MWE1NmEw
MmExNmEwHhcNMjMwODA5MTIxNTU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZWQ5YzJhMmEzZWY1ZTI3NzJhNTUyN2Y3MTIzZmRhOWIzMmQ3ZTdmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsonuIkqSKEO1H/othGSIrE6GGi2V
h2aFvA5BEUiFf/+RuCm8CTVWNcmGnon+yw1wvaM24nHzOxM1WcfhJc/SA2rb38/G
E9p2oNPHk8sBmEQ0FwxcwoENLgAxMO7/Vuj2JgdLIPVWAYRldA1h7rM1bNrEqPiG
Zrs4oD6KtIJqnD1y3AUd6JyVKdaC7lke9W5ZHweosu9R8pOaGz/25jrAmfLgK3Ts
+K2Vs29VhqEAQ28mX4kfDwQZrUCH8bVw47nXflBV28UecHNa3WOGVhocnW3r4MmF
bKiJaLahADFxGzrynN7D8sAKzR1yVyiADneFKp/TjEbkFXaWMC+ThRk/mwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFB7ZwqKj714ncqVSf3Ej/amzLX5/MB8GA1UdIwQY
MBaAFHrP0Hl+LZvTU50ZWgMSQaVqAqFqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZXNfUWVYNHRtOU5UblJsYUF4SkJwV29Db1dvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYi9hZmJhYjUtYWRjZi00ZTU3LTkyZWEt
OWY0MDI1NTcxY2JhLzEvSHRuQ29xUHZYaWR5cFZKX2NTUDlxYk10Zm44LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYi9hZmJhYjUtYWRjZi00ZTU3LTkyZWEtOWY0MDI1NTcxY2Jh
LzEvZXNfUWVYNHRtOU5UblJsYUF4SkJwV29Db1dvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBABta7UD
BABta74wDQYJKoZIhvcNAQELBQADggEBAAw1SXbApcvXNoWggvZeT50Lb1yU4ep/
fResR6St18kqLwlk5E1yKjzzFkOHOFBAEI0nlb8iPhJLV4xWxjX+P8/A7dIqfERI
V+PtwsDl9MXWlXdw96k/Zb0NNS20yh/qOmotT7iFTfvZ4eyMe4f8upoZduJYFgwn
CfZniB9LM86GvhZ3SgRKYguJmB70IOU45nKInD6LJ4ySn4nubLTxyOP4vo/IvbbS
Pm+Lq8Jdz6whvWpA8SGTazRY0oMwC9B5dHLyxoEY7Jjc69Ox+IiBwuMzfGAKEQZ7
/DjDex5yT1QmIDqDQXJzySF/6yK9EgWILsQSRP73VKrz9o6EEpPt5NE=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:26:09 2024 by rpki-client on console-fra.rpki-client.org