Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3b/afbab5-adcf-4e57-92ea-9f4025571cba/1/TYVVge8feOrOjX621EpF1KnBJsg.roa
File: TYVVge8feOrOjX621EpF1KnBJsg.roa (raw, json)
Hash identifier: KdsijmzRwQDVJR07Iwm7BjTZJWbynFvTl7n8aF9n/KY=
Subject key identifier: 4D:85:55:81:EF:1F:78:EA:CE:8D:7E:B6:D4:4A:45:D4:A9:C1:26:C8
Certificate issuer: /CN=7acfd0797e2d9bd3539d195a031241a56a02a16a
Certificate serial: 018B291359AF65A30BDB15CD0440ABCBCD22
Authority key identifier: 7A:CF:D0:79:7E:2D:9B:D3:53:9D:19:5A:03:12:41:A5:6A:02:A1:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/es_QeX4tm9NTnRlaAxJBpWoCoWo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3b/afbab5-adcf-4e57-92ea-9f4025571cba/1/TYVVge8feOrOjX621EpF1KnBJsg.roa
Signing time: Fri 13 Oct 2023 12:46:55 +0000
ROA not before: Fri 13 Oct 2023 12:46:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 213369
IP address blocks: 109.107.162.0/24 maxlen: 24
109.107.162.0/23 maxlen: 23
109.107.163.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:29:13:59:af:65:a3:0b:db:15:cd:04:40:ab:cb:cd:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7acfd0797e2d9bd3539d195a031241a56a02a16a
Validity
Not Before: Oct 13 12:46:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4d855581ef1f78eace8d7eb6d44a45d4a9c126c8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:32:04:71:7c:48:95:bd:6c:49:1d:26:d5:17:
31:75:59:e8:97:43:c6:97:e2:3c:9a:40:ff:c5:10:
5f:e8:f8:09:87:8c:16:65:20:f0:a7:19:ce:fe:59:
91:a3:c6:29:bc:67:b5:6f:e6:39:8f:43:ce:7d:c0:
53:29:f2:76:99:99:7c:db:7c:1b:11:f6:e1:c6:48:
fd:13:5a:de:a0:c8:05:11:87:2e:8a:c0:a1:b2:db:
17:82:20:fc:1b:0a:39:22:85:c9:83:40:12:45:93:
9b:98:79:a4:4e:a3:5a:a8:24:db:92:a7:39:c2:79:
45:8f:3f:97:7d:ae:f7:ba:a6:d8:1e:4a:d9:88:c9:
96:5e:05:20:58:a4:9c:03:a1:41:08:82:16:44:50:
8e:8d:07:11:31:5d:e5:57:2a:20:2d:e8:d2:05:d2:
eb:1e:97:7f:23:93:8d:b2:2e:33:49:85:65:61:d4:
36:c3:55:40:77:22:f8:b5:a7:df:12:09:b4:42:97:
49:3f:ff:e6:ac:b3:1b:3c:f1:79:90:f6:6c:08:d1:
63:be:6f:42:21:47:bd:e7:f0:97:35:05:d6:4a:c7:
51:d9:7f:4f:99:18:15:49:b7:fa:3a:34:5b:20:9d:
97:e1:0e:2e:d1:63:2b:3d:cf:51:5d:8c:55:d0:da:
7d:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:85:55:81:EF:1F:78:EA:CE:8D:7E:B6:D4:4A:45:D4:A9:C1:26:C8
X509v3 Authority Key Identifier:
keyid:7A:CF:D0:79:7E:2D:9B:D3:53:9D:19:5A:03:12:41:A5:6A:02:A1:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/es_QeX4tm9NTnRlaAxJBpWoCoWo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/afbab5-adcf-4e57-92ea-9f4025571cba/1/TYVVge8feOrOjX621EpF1KnBJsg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/afbab5-adcf-4e57-92ea-9f4025571cba/1/es_QeX4tm9NTnRlaAxJBpWoCoWo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.107.162.0/23
Signature Algorithm: sha256WithRSAEncryption
36:23:72:56:6a:46:b7:99:b7:b0:4b:73:e0:ee:d9:1d:ab:df:
ea:e4:de:7f:44:fd:4f:7a:3b:a4:2d:76:75:69:e8:14:fe:ac:
63:60:15:e5:6f:b5:eb:cf:c5:c5:26:b3:4a:53:9d:dd:9e:5a:
5e:27:1b:e0:1f:14:50:aa:da:c4:df:16:84:35:9e:93:88:2a:
bb:f1:4b:53:bc:28:ac:f9:19:34:b7:9a:99:67:f5:c4:ff:1e:
40:86:2c:78:e3:70:f6:d5:e3:02:e7:41:ed:e1:b9:9c:bb:d6:
06:8f:99:28:2e:59:88:f3:22:d7:7c:4f:b6:8c:5b:a4:f3:d9:
ce:37:c8:54:9f:f7:f6:75:52:51:54:97:5a:42:82:ee:f1:4d:
b3:1c:3e:bc:5e:d0:32:d0:ed:d8:da:90:b5:2b:33:1b:57:da:
4d:f7:90:58:cc:fe:f4:9e:1c:ec:ae:27:5f:bc:c9:8e:d4:72:
4f:82:57:07:e7:4e:81:f1:6d:67:e9:c7:d8:13:9d:20:62:ad:
04:80:7f:28:58:f2:fe:37:7b:54:bf:1d:24:d0:11:e5:a3:6b:
4b:c4:47:8b:51:8a:54:4c:70:66:c5:ad:51:88:5f:55:14:35:
d3:be:f4:19:a8:d7:ea:05:d8:6f:84:4e:cd:0c:a1:2d:05:39:
ea:2f:89:95
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYspE1mvZaML2xXNBECry80iMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhY2ZkMDc5N2UyZDliZDM1MzlkMTk1YTAzMTI0MWE1NmEw
MmExNmEwHhcNMjMxMDEzMTI0NjU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZDg1NTU4MWVmMWY3OGVhY2U4ZDdlYjZkNDRhNDVkNGE5YzEyNmM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2DIEcXxIlb1sSR0m1RcxdVnol0PG
l+I8mkD/xRBf6PgJh4wWZSDwpxnO/lmRo8YpvGe1b+Y5j0POfcBTKfJ2mZl823wb
Efbhxkj9E1reoMgFEYcuisChstsXgiD8Gwo5IoXJg0ASRZObmHmkTqNaqCTbkqc5
wnlFjz+Xfa73uqbYHkrZiMmWXgUgWKScA6FBCIIWRFCOjQcRMV3lVyogLejSBdLr
Hpd/I5ONsi4zSYVlYdQ2w1VAdyL4taffEgm0QpdJP//mrLMbPPF5kPZsCNFjvm9C
IUe95/CXNQXWSsdR2X9PmRgVSbf6OjRbIJ2X4Q4u0WMrPc9RXYxV0Np9+QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFE2FVYHvH3jqzo1+ttRKRdSpwSbIMB8GA1UdIwQY
MBaAFHrP0Hl+LZvTU50ZWgMSQaVqAqFqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZXNfUWVYNHRtOU5UblJsYUF4SkJwV29Db1dvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYi9hZmJhYjUtYWRjZi00ZTU3LTkyZWEt
OWY0MDI1NTcxY2JhLzEvVFlWVmdlOGZlT3JPalg2MjFFcEYxS25CSnNnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYi9hZmJhYjUtYWRjZi00ZTU3LTkyZWEtOWY0MDI1NTcxY2Jh
LzEvZXNfUWVYNHRtOU5UblJsYUF4SkJwV29Db1dvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBbWuiMA0G
CSqGSIb3DQEBCwUAA4IBAQA2I3JWaka3mbewS3Pg7tkdq9/q5N5/RP1PejukLXZ1
aegU/qxjYBXlb7Xrz8XFJrNKU53dnlpeJxvgHxRQqtrE3xaENZ6TiCq78UtTvCis
+Rk0t5qZZ/XE/x5Ahix443D21eMC50Ht4bmcu9YGj5koLlmI8yLXfE+2jFuk89nO
N8hUn/f2dVJRVJdaQoLu8U2zHD68XtAy0O3Y2pC1KzMbV9pN95BYzP70nhzsridf
vMmO1HJPglcH506B8W1n6cfYE50gYq0EgH8oWPL+N3tUvx0k0BHlo2tLxEeLUYpU
THBmxa1RiF9VFDXTvvQZqNfqBdhvhE7NDKEtBTnqL4mV
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:04:05 2024 by rpki-client on console-ams.rpki-client.org