Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3b/afbab5-adcf-4e57-92ea-9f4025571cba/1/JIkDLBX0-o4EHil3692mgk_HiME.roa
File: JIkDLBX0-o4EHil3692mgk_HiME.roa (raw, json)
Hash identifier: g/NPl8avOqS9ZHNGmf3ZoqAY7SLPWsh+H9lG4JggzHY=
Subject key identifier: 24:89:03:2C:15:F4:FA:8E:04:1E:29:77:EB:DD:A6:82:4F:C7:88:C1
Certificate issuer: /CN=7acfd0797e2d9bd3539d195a031241a56a02a16a
Certificate serial: 018ADAFA8ADEF326660887E5D5D1BCFA8EEA
Authority key identifier: 7A:CF:D0:79:7E:2D:9B:D3:53:9D:19:5A:03:12:41:A5:6A:02:A1:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/es_QeX4tm9NTnRlaAxJBpWoCoWo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3b/afbab5-adcf-4e57-92ea-9f4025571cba/1/JIkDLBX0-o4EHil3692mgk_HiME.roa
Signing time: Thu 28 Sep 2023 08:49:27 +0000
ROA not before: Thu 28 Sep 2023 08:49:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 213369
IP address blocks: 109.107.162.0/24 maxlen: 24
109.107.162.0/23 maxlen: 23
109.107.163.0/24 maxlen: 24
109.107.182.0/23 maxlen: 23
109.107.183.0/24 maxlen: 24
109.107.182.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:da:fa:8a:de:f3:26:66:08:87:e5:d5:d1:bc:fa:8e:ea
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7acfd0797e2d9bd3539d195a031241a56a02a16a
Validity
Not Before: Sep 28 08:49:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2489032c15f4fa8e041e2977ebdda6824fc788c1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:40:b4:07:2b:88:0e:1e:72:32:de:e5:fa:38:
9e:e5:02:fa:ff:4f:ca:1b:a5:55:d9:6f:61:6b:d3:
c8:36:bc:5a:ec:33:05:c4:f4:72:6d:7d:cb:34:d2:
7d:a5:72:66:3d:5a:45:a8:27:73:e3:c6:2e:29:5c:
29:bb:a8:54:c5:af:aa:bf:e7:91:e8:a7:6c:70:6d:
23:15:4e:73:e5:57:78:4b:f3:ac:43:40:a8:50:0a:
4e:fa:1a:76:92:3b:2b:e4:be:4d:7d:6a:12:61:bb:
7f:96:cf:d7:bf:b7:66:86:53:36:bb:1e:a6:5a:d5:
f1:7d:ca:02:cb:ce:65:85:0e:bd:41:0b:02:22:5d:
de:c6:b6:07:b7:cc:1f:b5:9d:36:c7:fa:12:da:fe:
07:71:b6:6f:07:35:d7:7b:c7:43:86:74:a5:61:cf:
a3:b5:72:ac:32:c3:b6:48:31:d2:69:d3:88:e3:81:
4c:57:37:57:61:38:3c:5d:d9:da:50:54:05:46:40:
3e:6f:da:f7:b1:f3:4c:e7:c8:d6:69:03:e5:ba:da:
87:53:b4:cd:b7:65:f2:47:b5:3e:7e:9b:59:d2:46:
c2:e6:65:d1:45:dc:0f:17:d0:e5:8d:60:67:f8:e1:
dc:75:ef:14:2e:96:eb:00:6a:86:2d:09:4b:c8:89:
53:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:89:03:2C:15:F4:FA:8E:04:1E:29:77:EB:DD:A6:82:4F:C7:88:C1
X509v3 Authority Key Identifier:
keyid:7A:CF:D0:79:7E:2D:9B:D3:53:9D:19:5A:03:12:41:A5:6A:02:A1:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/es_QeX4tm9NTnRlaAxJBpWoCoWo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/afbab5-adcf-4e57-92ea-9f4025571cba/1/JIkDLBX0-o4EHil3692mgk_HiME.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/afbab5-adcf-4e57-92ea-9f4025571cba/1/es_QeX4tm9NTnRlaAxJBpWoCoWo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.107.162.0/23
109.107.182.0/23
Signature Algorithm: sha256WithRSAEncryption
15:e9:dd:b5:27:71:b2:36:87:27:37:52:19:95:c3:7f:b6:22:
1c:e2:d5:b0:2c:4a:92:82:a8:06:cb:18:56:a6:10:bc:da:ff:
28:6b:e3:6b:66:12:1a:9e:7b:d5:24:23:b2:03:66:22:af:a6:
86:91:b5:65:64:30:e9:08:67:52:a8:83:7e:10:99:0f:2f:0c:
e5:20:fb:a4:96:3a:20:3b:af:48:b6:a6:d0:1b:46:53:4e:a2:
ba:9f:ce:6a:0a:2f:3a:6c:1c:ab:e9:e0:2b:fa:5f:28:8e:5f:
19:59:bd:67:99:2f:57:3e:b3:a9:cf:70:45:02:50:9d:15:a9:
c3:ad:f6:2d:f2:7f:30:63:24:5b:d8:dd:07:aa:73:ec:7d:b0:
f1:88:4e:b7:00:11:db:f2:85:e4:59:e7:8f:c7:a0:a7:51:54:
94:93:f9:b4:35:a4:a4:0e:63:ee:b5:97:f5:9e:8c:4d:83:9a:
33:e4:6a:d2:9a:8a:66:0b:b2:ee:35:04:43:c3:2e:e0:e5:67:
dc:d1:e9:3b:65:1c:32:f1:a5:e0:69:78:c0:8d:88:fb:40:c4:
04:a3:ae:0c:d0:ad:f8:0e:9b:23:35:41:97:f2:96:95:fa:91:
d1:72:01:d3:da:df:d3:1e:68:22:e3:66:be:19:fe:87:e9:fe:
f7:03:a7:5c
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYra+ore8yZmCIfl1dG8+o7qMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhY2ZkMDc5N2UyZDliZDM1MzlkMTk1YTAzMTI0MWE1NmEw
MmExNmEwHhcNMjMwOTI4MDg0OTI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNDg5MDMyYzE1ZjRmYThlMDQxZTI5NzdlYmRkYTY4MjRmYzc4OGMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsEC0ByuIDh5yMt7l+jie5QL6/0/K
G6VV2W9ha9PINrxa7DMFxPRybX3LNNJ9pXJmPVpFqCdz48YuKVwpu6hUxa+qv+eR
6KdscG0jFU5z5Vd4S/OsQ0CoUApO+hp2kjsr5L5NfWoSYbt/ls/Xv7dmhlM2ux6m
WtXxfcoCy85lhQ69QQsCIl3exrYHt8wftZ02x/oS2v4HcbZvBzXXe8dDhnSlYc+j
tXKsMsO2SDHSadOI44FMVzdXYTg8XdnaUFQFRkA+b9r3sfNM58jWaQPlutqHU7TN
t2XyR7U+fptZ0kbC5mXRRdwPF9DljWBn+OHcde8ULpbrAGqGLQlLyIlTaQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFCSJAywV9PqOBB4pd+vdpoJPx4jBMB8GA1UdIwQY
MBaAFHrP0Hl+LZvTU50ZWgMSQaVqAqFqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZXNfUWVYNHRtOU5UblJsYUF4SkJwV29Db1dvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYi9hZmJhYjUtYWRjZi00ZTU3LTkyZWEt
OWY0MDI1NTcxY2JhLzEvSklrRExCWDAtbzRFSGlsMzY5Mm1na19IaU1FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYi9hZmJhYjUtYWRjZi00ZTU3LTkyZWEtOWY0MDI1NTcxY2Jh
LzEvZXNfUWVYNHRtOU5UblJsYUF4SkJwV29Db1dvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBbWuiAwQB
bWu2MA0GCSqGSIb3DQEBCwUAA4IBAQAV6d21J3GyNocnN1IZlcN/tiIc4tWwLEqS
gqgGyxhWphC82v8oa+NrZhIannvVJCOyA2Yir6aGkbVlZDDpCGdSqIN+EJkPLwzl
IPukljogO69ItqbQG0ZTTqK6n85qCi86bByr6eAr+l8ojl8ZWb1nmS9XPrOpz3BF
AlCdFanDrfYt8n8wYyRb2N0HqnPsfbDxiE63ABHb8oXkWeePx6CnUVSUk/m0NaSk
DmPutZf1noxNg5oz5GrSmopmC7LuNQRDwy7g5Wfc0ek7ZRwy8aXgaXjAjYj7QMQE
o64M0K34DpsjNUGX8paV+pHRcgHT2t/THmgi42a+Gf6H6f73A6dc
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:26:09 2024 by rpki-client on console-fra.rpki-client.org