Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3b/afbab5-adcf-4e57-92ea-9f4025571cba/1/bw7Q17Mn1LirPuxCC8YEslIMB7c.roa
File: bw7Q17Mn1LirPuxCC8YEslIMB7c.roa (raw, json)
Hash identifier: ADJN/AKb7mS3viCo4tbFqPYUsAHRmmHON7rA7M6sM3c=
Subject key identifier: 6F:0E:D0:D7:B3:27:D4:B8:AB:3E:EC:42:0B:C6:04:B2:52:0C:07:B7
Certificate issuer: /CN=7acfd0797e2d9bd3539d195a031241a56a02a16a
Certificate serial: 44E898
Authority key identifier: 7A:CF:D0:79:7E:2D:9B:D3:53:9D:19:5A:03:12:41:A5:6A:02:A1:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/es_QeX4tm9NTnRlaAxJBpWoCoWo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3b/afbab5-adcf-4e57-92ea-9f4025571cba/1/bw7Q17Mn1LirPuxCC8YEslIMB7c.roa
Signing time: Mon 31 Jan 2022 07:47:07 +0000
ROA not before: Mon 31 Jan 2022 07:47:07 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 202984
IP address blocks: 109.107.164.0/23 maxlen: 23
109.107.172.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4515992 (0x44e898)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7acfd0797e2d9bd3539d195a031241a56a02a16a
Validity
Not Before: Jan 31 07:47:07 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6f0ed0d7b327d4b8ab3eec420bc604b2520c07b7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:8a:cf:ca:7b:09:3b:55:44:53:68:88:8c:1c:
2a:c7:79:4e:b9:14:b1:4c:3b:8e:b5:60:55:28:01:
6c:13:35:37:c0:10:e9:9f:7a:83:0d:5f:73:2b:ee:
55:7b:b7:13:a6:86:a1:89:e5:e6:26:a8:54:af:82:
cd:c5:14:ab:10:8d:96:43:54:b2:61:70:0a:72:7c:
8b:83:48:36:70:e3:1d:b8:7f:98:c9:96:20:b6:2e:
4c:14:f4:63:cc:03:24:cf:19:bf:34:3e:78:21:f4:
b7:4b:d0:8a:20:d0:e9:2c:c5:cc:d1:f5:79:d0:d7:
4f:41:17:8b:3e:10:14:ff:59:5a:a1:43:71:94:ba:
aa:a5:e6:60:c2:2f:a6:4e:9b:2e:46:69:72:ae:7f:
ae:3e:cc:58:7c:fa:3b:72:ce:89:c7:59:e0:c3:ba:
6d:c1:bb:b3:28:13:8a:43:48:66:1c:5a:42:c9:27:
26:f2:9c:ae:07:f4:91:0e:7b:5a:37:60:17:f6:48:
5b:35:90:19:14:b2:3b:96:0f:c9:27:5c:15:1e:f2:
7c:f3:62:42:bb:ee:49:a4:45:d4:ff:21:81:1f:2b:
c1:11:44:e1:16:41:a5:7c:6c:c6:2f:6c:fe:f8:33:
66:ba:9b:ea:5f:65:25:4f:5b:6d:f6:51:ca:ca:cf:
a0:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:0E:D0:D7:B3:27:D4:B8:AB:3E:EC:42:0B:C6:04:B2:52:0C:07:B7
X509v3 Authority Key Identifier:
keyid:7A:CF:D0:79:7E:2D:9B:D3:53:9D:19:5A:03:12:41:A5:6A:02:A1:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/es_QeX4tm9NTnRlaAxJBpWoCoWo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/afbab5-adcf-4e57-92ea-9f4025571cba/1/bw7Q17Mn1LirPuxCC8YEslIMB7c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/afbab5-adcf-4e57-92ea-9f4025571cba/1/es_QeX4tm9NTnRlaAxJBpWoCoWo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.107.164.0/23
109.107.172.0/22
Signature Algorithm: sha256WithRSAEncryption
66:39:20:37:d1:66:10:8d:38:66:42:a9:a0:ae:1e:5c:95:bd:
60:0f:c1:2b:66:d6:ea:b0:5d:3d:2c:a1:78:57:31:e9:05:64:
6f:ba:56:a9:a2:63:3f:f1:25:b5:91:3d:cc:7a:5a:ed:fb:56:
1d:5e:14:a6:73:c8:a4:fa:be:5f:c7:c2:77:01:62:f1:74:21:
a9:67:57:db:cb:ce:54:0e:0d:73:ed:51:5d:af:d1:d7:a6:a5:
28:59:cd:02:04:c1:91:cd:57:e9:52:bd:35:29:13:a6:ff:b9:
7a:f3:a7:07:d3:98:fe:36:f4:ad:48:0c:6c:8a:7a:62:a5:a5:
05:25:42:d4:80:7e:7f:53:44:ef:f3:6b:1b:63:d8:d4:1d:1f:
2f:2c:3e:d5:c4:d9:cb:97:55:05:49:b6:c3:d7:0c:69:ad:da:
96:cc:ab:e7:60:14:62:c9:87:3e:95:9a:91:07:a2:06:cf:f9:
e4:8f:18:53:26:eb:4a:c2:2a:e3:58:66:6f:07:fb:4f:4c:43:
56:13:37:74:43:60:10:e5:63:ad:81:70:0c:73:3f:0d:40:20:
93:76:1a:52:63:42:16:df:85:16:0b:f2:0f:c7:55:63:ff:6f:
2e:c7:9b:b5:24:7d:f2:07:e1:98:74:80:36:b6:d7:07:90:45:
38:1f:62:17
-----BEGIN CERTIFICATE-----
MIIE9DCCA9ygAwIBAgIDROiYMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDdh
Y2ZkMDc5N2UyZDliZDM1MzlkMTk1YTAzMTI0MWE1NmEwMmExNmEwHhcNMjIwMTMx
MDc0NzA3WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyg2ZjBlZDBkN2IzMjdk
NGI4YWIzZWVjNDIwYmM2MDRiMjUyMGMwN2I3MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAuIrPynsJO1VEU2iIjBwqx3lOuRSxTDuOtWBVKAFsEzU3wBDp
n3qDDV9zK+5Ve7cTpoahieXmJqhUr4LNxRSrEI2WQ1SyYXAKcnyLg0g2cOMduH+Y
yZYgti5MFPRjzAMkzxm/ND54IfS3S9CKINDpLMXM0fV50NdPQReLPhAU/1laoUNx
lLqqpeZgwi+mTpsuRmlyrn+uPsxYfPo7cs6Jx1ngw7ptwbuzKBOKQ0hmHFpCyScm
8pyuB/SRDntaN2AX9khbNZAZFLI7lg/JJ1wVHvJ882JCu+5JpEXU/yGBHyvBEUTh
FkGlfGzGL2z++DNmupvqX2UlT1tt9lHKys+gAQIDAQABo4ICDzCCAgswHQYDVR0O
BBYEFG8O0NezJ9S4qz7sQgvGBLJSDAe3MB8GA1UdIwQYMBaAFHrP0Hl+LZvTU50Z
WgMSQaVqAqFqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
ZXNfUWVYNHRtOU5UblJsYUF4SkJwV29Db1dvLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC8zYi9hZmJhYjUtYWRjZi00ZTU3LTkyZWEtOWY0MDI1NTcxY2JhLzEv
Ync3UTE3TW4xTGlyUHV4Q0M4WUVzbElNQjdjLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYi9h
ZmJhYjUtYWRjZi00ZTU3LTkyZWEtOWY0MDI1NTcxY2JhLzEvZXNfUWVYNHRtOU5U
blJsYUF4SkJwV29Db1dvLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCUG
CCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBbWukAwQCbWusMA0GCSqGSIb3DQEB
CwUAA4IBAQBmOSA30WYQjThmQqmgrh5clb1gD8ErZtbqsF09LKF4VzHpBWRvulap
omM/8SW1kT3Melrt+1YdXhSmc8ik+r5fx8J3AWLxdCGpZ1fby85UDg1z7VFdr9HX
pqUoWc0CBMGRzVfpUr01KROm/7l686cH05j+NvStSAxsinpipaUFJULUgH5/U0Tv
82sbY9jUHR8vLD7VxNnLl1UFSbbD1wxprdqWzKvnYBRiyYc+lZqRB6IGz/nkjxhT
JutKwirjWGZvB/tPTENWEzd0Q2AQ5WOtgXAMcz8NQCCTdhpSY0IW34UWC/IPx1Vj
/28ux5u1JH3yB+GYdIA2ttcHkEU4H2IX
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:26:09 2024 by rpki-client on console-fra.rpki-client.org