Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3b/afbab5-adcf-4e57-92ea-9f4025571cba/1/aaYSA0BDAXrw1EgwKZfW7lLSYFg.roa
File: aaYSA0BDAXrw1EgwKZfW7lLSYFg.roa (raw, json)
Hash identifier: 3911Olx94LXQ0iI0cPnFsi8Zm+b9u7xeKYkfqh6lIeY=
Subject key identifier: 69:A6:12:03:40:43:01:7A:F0:D4:48:30:29:97:D6:EE:52:D2:60:58
Certificate issuer: /CN=7acfd0797e2d9bd3539d195a031241a56a02a16a
Certificate serial: 018AB6C067B4924A77A54087316AE2C1076F
Authority key identifier: 7A:CF:D0:79:7E:2D:9B:D3:53:9D:19:5A:03:12:41:A5:6A:02:A1:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/es_QeX4tm9NTnRlaAxJBpWoCoWo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3b/afbab5-adcf-4e57-92ea-9f4025571cba/1/aaYSA0BDAXrw1EgwKZfW7lLSYFg.roa
Signing time: Thu 21 Sep 2023 07:59:37 +0000
ROA not before: Thu 21 Sep 2023 07:59:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212441
IP address blocks: 109.107.185.0/24 maxlen: 24
109.107.186.0/24 maxlen: 24
109.107.184.0/24 maxlen: 24
109.107.182.0/24 maxlen: 24
109.107.183.0/24 maxlen: 24
109.107.181.0/24 maxlen: 24
109.107.187.0/24 maxlen: 24
109.107.188.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:b6:c0:67:b4:92:4a:77:a5:40:87:31:6a:e2:c1:07:6f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7acfd0797e2d9bd3539d195a031241a56a02a16a
Validity
Not Before: Sep 21 07:59:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=69a612034043017af0d448302997d6ee52d26058
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:35:2c:0c:21:59:07:ff:d2:48:64:0d:7f:2c:
a9:be:c7:fc:1b:de:6b:cb:33:af:f3:e0:4d:28:73:
3f:09:20:71:65:7b:89:16:3c:12:26:56:a2:f4:0b:
98:e2:f8:5c:c4:80:3f:65:84:2e:5a:33:79:c3:7c:
3c:41:5c:d5:c8:9d:84:a5:73:23:66:3d:8e:83:76:
c6:3f:e4:b5:f7:e5:13:c5:66:7d:36:3e:f3:99:55:
cf:30:0b:4d:74:45:dc:bb:dc:8b:0d:f3:fc:cc:69:
22:18:c4:b0:2f:67:a0:ce:5a:0f:59:cb:e5:11:bc:
d6:83:0f:94:e6:36:e2:79:dd:b2:a2:27:86:65:e6:
39:7b:a1:f3:31:c0:d2:e2:0c:4d:45:e7:b1:d9:73:
0a:55:63:60:8a:dc:f0:65:63:e2:0b:4b:16:88:8f:
ea:59:39:b7:06:17:0f:66:0e:61:54:16:ed:5f:4c:
41:92:09:8c:69:4c:07:10:9a:7c:0a:ed:13:b0:97:
c4:c0:c0:a2:5f:03:76:4f:4c:1c:c5:4f:5f:39:7a:
69:71:78:9f:d3:3c:8b:62:2c:4c:4b:2a:9f:04:a2:
da:8f:25:f3:d4:39:06:91:47:5e:b7:ed:0b:ef:99:
2f:07:86:53:1e:57:3f:dd:25:1e:63:cf:de:c4:ff:
b5:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:A6:12:03:40:43:01:7A:F0:D4:48:30:29:97:D6:EE:52:D2:60:58
X509v3 Authority Key Identifier:
keyid:7A:CF:D0:79:7E:2D:9B:D3:53:9D:19:5A:03:12:41:A5:6A:02:A1:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/es_QeX4tm9NTnRlaAxJBpWoCoWo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/afbab5-adcf-4e57-92ea-9f4025571cba/1/aaYSA0BDAXrw1EgwKZfW7lLSYFg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/afbab5-adcf-4e57-92ea-9f4025571cba/1/es_QeX4tm9NTnRlaAxJBpWoCoWo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.107.181.0-109.107.188.255
Signature Algorithm: sha256WithRSAEncryption
88:01:7b:4b:a7:cf:6c:e3:44:27:a1:27:a2:46:bb:b9:0a:48:
7b:46:1a:94:e2:2d:04:e7:bc:12:13:dd:68:a7:10:2d:2a:9e:
8e:82:7b:37:e2:83:46:b1:8b:6c:73:8b:30:f1:01:75:56:de:
93:29:a8:19:cb:76:6e:6a:b8:60:ea:12:71:1b:e9:ae:ff:f9:
98:6f:04:f9:32:2c:dc:ec:54:51:45:3f:90:25:6e:0f:1f:82:
44:ef:85:f1:0f:f6:c4:f1:ff:f7:f3:c7:2f:c2:56:af:c4:8d:
22:b9:72:da:05:69:46:60:5d:47:ca:f8:a6:8d:93:ed:76:65:
bf:43:4d:88:2e:da:b7:06:ee:7b:1a:e6:b3:0d:49:c3:fc:38:
39:cc:2c:a8:ef:9d:ab:f9:56:dc:64:d2:1d:69:76:79:32:30:
41:cc:f2:86:0a:46:8d:dc:ae:94:35:58:6a:aa:ff:7a:d1:2d:
14:94:db:d8:29:fb:26:ac:18:5a:76:8f:7a:3b:d3:77:e0:dc:
ec:40:e6:a2:19:99:1f:36:d6:d2:d0:b1:ba:4f:f6:99:a5:da:
6d:13:0f:29:50:26:5f:e9:45:4b:66:04:aa:b5:ce:b0:a5:f7:
d5:90:06:24:4e:6f:cd:7f:fd:ee:8c:25:68:84:a4:5e:98:2e:
5b:bd:ce:28
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYq2wGe0kkp3pUCHMWriwQdvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhY2ZkMDc5N2UyZDliZDM1MzlkMTk1YTAzMTI0MWE1NmEw
MmExNmEwHhcNMjMwOTIxMDc1OTM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OWE2MTIwMzQwNDMwMTdhZjBkNDQ4MzAyOTk3ZDZlZTUyZDI2MDU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjjUsDCFZB//SSGQNfyypvsf8G95r
yzOv8+BNKHM/CSBxZXuJFjwSJlai9AuY4vhcxIA/ZYQuWjN5w3w8QVzVyJ2EpXMj
Zj2Og3bGP+S19+UTxWZ9Nj7zmVXPMAtNdEXcu9yLDfP8zGkiGMSwL2egzloPWcvl
EbzWgw+U5jbied2yoieGZeY5e6HzMcDS4gxNReex2XMKVWNgitzwZWPiC0sWiI/q
WTm3BhcPZg5hVBbtX0xBkgmMaUwHEJp8Cu0TsJfEwMCiXwN2T0wcxU9fOXppcXif
0zyLYixMSyqfBKLajyXz1DkGkUdet+0L75kvB4ZTHlc/3SUeY8/exP+15QIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFGmmEgNAQwF68NRIMCmX1u5S0mBYMB8GA1UdIwQY
MBaAFHrP0Hl+LZvTU50ZWgMSQaVqAqFqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZXNfUWVYNHRtOU5UblJsYUF4SkJwV29Db1dvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYi9hZmJhYjUtYWRjZi00ZTU3LTkyZWEt
OWY0MDI1NTcxY2JhLzEvYWFZU0EwQkRBWHJ3MUVnd0taZlc3bExTWUZnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYi9hZmJhYjUtYWRjZi00ZTU3LTkyZWEtOWY0MDI1NTcxY2Jh
LzEvZXNfUWVYNHRtOU5UblJsYUF4SkJwV29Db1dvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBABta7UD
BABta7wwDQYJKoZIhvcNAQELBQADggEBAIgBe0unz2zjRCehJ6JGu7kKSHtGGpTi
LQTnvBIT3WinEC0qno6Cezfig0axi2xzizDxAXVW3pMpqBnLdm5quGDqEnEb6a7/
+ZhvBPkyLNzsVFFFP5Albg8fgkTvhfEP9sTx//fzxy/CVq/EjSK5ctoFaUZgXUfK
+KaNk+12Zb9DTYgu2rcG7nsa5rMNScP8ODnMLKjvnav5Vtxk0h1pdnkyMEHM8oYK
Ro3crpQ1WGqq/3rRLRSU29gp+yasGFp2j3o703fg3OxA5qIZmR821tLQsbpP9pml
2m0TDylQJl/pRUtmBKq1zrCl99WQBiROb81//e6MJWiEpF6YLlu9zig=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:04:05 2024 by rpki-client on console-ams.rpki-client.org