Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3b/afbab5-adcf-4e57-92ea-9f4025571cba/1/LWDy2fflF-r1_hle6GOIpLWJBIc.roa
File: LWDy2fflF-r1_hle6GOIpLWJBIc.roa (raw, json)
Hash identifier: KdZcHwGplO39kolXNYqWnLKmkd8NdNHnAn3VaXGPWgk=
Subject key identifier: 2D:60:F2:D9:F7:E5:17:EA:F5:FE:19:5E:E8:63:88:A4:B5:89:04:87
Certificate issuer: /CN=7acfd0797e2d9bd3539d195a031241a56a02a16a
Certificate serial: 037541
Authority key identifier: 7A:CF:D0:79:7E:2D:9B:D3:53:9D:19:5A:03:12:41:A5:6A:02:A1:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/es_QeX4tm9NTnRlaAxJBpWoCoWo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3b/afbab5-adcf-4e57-92ea-9f4025571cba/1/LWDy2fflF-r1_hle6GOIpLWJBIc.roa
Signing time: Sat 01 Jan 2022 00:51:16 +0000
ROA not before: Sat 01 Jan 2022 00:51:16 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 202984
IP address blocks: 109.107.164.0/23 maxlen: 23
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 226625 (0x37541)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7acfd0797e2d9bd3539d195a031241a56a02a16a
Validity
Not Before: Jan 1 00:51:16 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2d60f2d9f7e517eaf5fe195ee86388a4b5890487
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:f1:2d:60:ce:88:52:1e:0e:8f:bc:c7:09:d8:
65:a4:19:fc:89:69:c1:e4:ca:a0:89:de:63:29:14:
f2:8a:66:33:36:82:6a:e5:98:c6:b7:3d:81:96:b8:
eb:20:c9:cc:b4:49:20:4a:1d:6f:4f:57:d4:46:67:
26:22:ee:4b:5b:b5:cf:17:b0:e6:e0:e4:fb:c1:84:
8e:20:b6:76:53:18:cd:0a:3d:36:c8:02:12:b7:7d:
44:4c:e1:43:27:34:c5:e3:60:72:55:0f:33:fc:b6:
bb:58:ee:e8:95:2f:32:43:ae:ca:a9:4e:92:6b:16:
36:79:de:0a:a4:c6:23:0a:00:91:cc:5b:b1:56:13:
f3:4c:4b:92:3a:50:e5:df:89:e7:4a:d0:a4:db:d0:
0f:ff:48:d1:ca:c8:65:dc:c2:af:d4:81:f9:a8:f9:
c9:bd:bc:c4:75:57:75:43:6a:ef:f6:8d:3f:03:11:
8a:32:01:a4:68:07:a2:2d:23:91:24:11:c5:0e:0d:
76:f2:88:36:13:e3:41:dd:92:dc:b4:a1:ea:7f:f6:
04:64:ac:92:ac:02:6c:2e:4e:53:25:90:40:75:83:
34:6f:54:4d:45:18:d3:2e:fc:ee:28:14:75:75:f2:
e1:1d:2e:f8:7e:99:0f:ac:87:05:da:f0:3d:0c:b7:
dd:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:60:F2:D9:F7:E5:17:EA:F5:FE:19:5E:E8:63:88:A4:B5:89:04:87
X509v3 Authority Key Identifier:
keyid:7A:CF:D0:79:7E:2D:9B:D3:53:9D:19:5A:03:12:41:A5:6A:02:A1:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/es_QeX4tm9NTnRlaAxJBpWoCoWo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/afbab5-adcf-4e57-92ea-9f4025571cba/1/LWDy2fflF-r1_hle6GOIpLWJBIc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/afbab5-adcf-4e57-92ea-9f4025571cba/1/es_QeX4tm9NTnRlaAxJBpWoCoWo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.107.164.0/23
Signature Algorithm: sha256WithRSAEncryption
66:39:02:57:6f:b1:e9:d5:83:6c:4a:0b:b3:37:b4:47:af:1b:
ed:d8:37:5d:b6:25:4e:58:ea:15:1d:04:56:9a:9b:a5:1a:50:
29:5c:61:fd:f3:f7:51:04:44:b3:1a:85:39:96:b8:5a:b6:cd:
e4:9d:fc:6a:31:9b:b3:ff:75:ad:93:21:d5:4c:8b:67:0d:9d:
bf:40:c1:5d:79:98:52:4b:f2:65:f7:da:6f:a5:1e:c8:59:02:
b1:f4:de:e2:8b:d4:6b:8c:5a:82:59:86:2d:b5:f7:0f:08:1c:
08:13:7e:d5:9f:0b:6c:0e:a4:a6:43:b7:20:e6:72:52:ec:5b:
42:ce:db:78:68:67:75:38:32:a7:b4:3d:3e:30:85:9e:b5:57:
56:9a:35:50:7f:cf:cd:6e:96:f6:85:d7:f9:fd:b6:8b:49:7d:
27:d2:68:de:cf:35:57:48:8d:96:1b:39:31:90:66:a8:1f:d4:
bb:9e:87:cd:ba:e2:19:10:bd:70:0f:1c:6f:fa:e6:89:55:b8:
33:5d:95:09:f8:0f:5e:da:18:50:66:80:9b:b0:a7:b5:ab:2e:
16:a7:c1:52:c1:5b:32:c5:0b:4d:0d:a8:34:79:c8:d8:bd:85:
55:eb:93:6f:58:cf:33:bc:ae:34:f8:b2:ff:cb:e6:bd:07:8d:
cb:7b:88:4a
-----BEGIN CERTIFICATE-----
MIIE7jCCA9agAwIBAgIDA3VBMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDdh
Y2ZkMDc5N2UyZDliZDM1MzlkMTk1YTAzMTI0MWE1NmEwMmExNmEwHhcNMjIwMTAx
MDA1MTE2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEygyZDYwZjJkOWY3ZTUx
N2VhZjVmZTE5NWVlODYzODhhNGI1ODkwNDg3MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAs/EtYM6IUh4Oj7zHCdhlpBn8iWnB5Mqgid5jKRTyimYzNoJq
5ZjGtz2BlrjrIMnMtEkgSh1vT1fURmcmIu5LW7XPF7Dm4OT7wYSOILZ2UxjNCj02
yAISt31ETOFDJzTF42ByVQ8z/La7WO7olS8yQ67KqU6SaxY2ed4KpMYjCgCRzFux
VhPzTEuSOlDl34nnStCk29AP/0jRyshl3MKv1IH5qPnJvbzEdVd1Q2rv9o0/AxGK
MgGkaAeiLSORJBHFDg128og2E+NB3ZLctKHqf/YEZKySrAJsLk5TJZBAdYM0b1RN
RRjTLvzuKBR1dfLhHS74fpkPrIcF2vA9DLfdSwIDAQABo4ICCTCCAgUwHQYDVR0O
BBYEFC1g8tn35Rfq9f4ZXuhjiKS1iQSHMB8GA1UdIwQYMBaAFHrP0Hl+LZvTU50Z
WgMSQaVqAqFqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
ZXNfUWVYNHRtOU5UblJsYUF4SkJwV29Db1dvLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC8zYi9hZmJhYjUtYWRjZi00ZTU3LTkyZWEtOWY0MDI1NTcxY2JhLzEv
TFdEeTJmZmxGLXIxX2hsZTZHT0lwTFdKQkljLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYi9h
ZmJhYjUtYWRjZi00ZTU3LTkyZWEtOWY0MDI1NTcxY2JhLzEvZXNfUWVYNHRtOU5U
blJsYUF4SkJwV29Db1dvLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8G
CCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBbWukMA0GCSqGSIb3DQEBCwUAA4IB
AQBmOQJXb7Hp1YNsSguzN7RHrxvt2DddtiVOWOoVHQRWmpulGlApXGH98/dRBESz
GoU5lrhats3knfxqMZuz/3WtkyHVTItnDZ2/QMFdeZhSS/Jl99pvpR7IWQKx9N7i
i9RrjFqCWYYttfcPCBwIE37VnwtsDqSmQ7cg5nJS7FtCztt4aGd1ODKntD0+MIWe
tVdWmjVQf8/Nbpb2hdf5/baLSX0n0mjezzVXSI2WGzkxkGaoH9S7nofNuuIZEL1w
Dxxv+uaJVbgzXZUJ+A9e2hhQZoCbsKe1qy4Wp8FSwVsyxQtNDag0ecjYvYVV65Nv
WM8zvK40+LL/y+a9B43Le4hK
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:04:05 2024 by rpki-client on console-ams.rpki-client.org