Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3b/afbab5-adcf-4e57-92ea-9f4025571cba/1/mF1WDVI-MACJBhb39D0JgSeivJw.roa
File: mF1WDVI-MACJBhb39D0JgSeivJw.roa (raw, json)
Hash identifier: AZHVcrWCv/xjx+mFjN7ag/QFcGOjlL/0LpuHvCMBwTg=
Subject key identifier: 98:5D:56:0D:52:3E:30:00:89:06:16:F7:F4:3D:09:81:27:A2:BC:9C
Certificate issuer: /CN=7acfd0797e2d9bd3539d195a031241a56a02a16a
Certificate serial: 018AA6FDDF1203D61069D078D5244FCE5B63
Authority key identifier: 7A:CF:D0:79:7E:2D:9B:D3:53:9D:19:5A:03:12:41:A5:6A:02:A1:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/es_QeX4tm9NTnRlaAxJBpWoCoWo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3b/afbab5-adcf-4e57-92ea-9f4025571cba/1/mF1WDVI-MACJBhb39D0JgSeivJw.roa
Signing time: Mon 18 Sep 2023 06:32:50 +0000
ROA not before: Mon 18 Sep 2023 06:32:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49505
IP address blocks: 109.107.190.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:a6:fd:df:12:03:d6:10:69:d0:78:d5:24:4f:ce:5b:63
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7acfd0797e2d9bd3539d195a031241a56a02a16a
Validity
Not Before: Sep 18 06:32:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=985d560d523e3000890616f7f43d098127a2bc9c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:1a:a5:82:77:b7:13:01:2b:6b:97:fe:6f:2b:
15:bc:a8:86:de:2d:fe:77:be:ae:b7:aa:d2:64:98:
68:5a:87:95:fe:3e:b7:1a:ee:aa:5f:b4:7a:99:34:
97:1c:d1:5e:bb:68:85:1f:31:8b:08:e6:6b:dc:96:
31:52:0f:9c:53:5f:77:4e:bd:5d:70:c5:f0:ee:cc:
be:f3:7c:7f:2f:78:ff:5d:17:b9:90:93:ed:df:43:
3d:20:ea:4c:f7:f0:06:76:38:ef:2f:9f:fa:a3:45:
22:ee:8c:55:e7:98:51:9b:63:8c:9a:d7:5b:46:b2:
c6:96:e1:b6:b6:c1:a0:10:7a:37:d0:86:38:7e:ed:
a4:66:1b:1e:8b:31:73:64:30:b3:a9:5a:c9:48:20:
3c:ce:c8:ce:c4:b3:7e:6a:1a:63:3c:72:1a:04:01:
94:1f:46:05:61:d1:1f:28:be:b5:49:f1:e7:b7:81:
4d:a2:13:4d:7a:08:a9:a3:d5:a7:59:d8:f9:92:71:
ce:a2:fa:46:e1:10:bf:3a:b0:26:84:1e:67:b6:54:
ef:0e:6f:a0:9c:44:44:59:9b:79:ed:ef:d0:f1:bd:
07:99:70:a9:a9:75:7d:af:4f:d6:0b:b6:a8:44:0b:
b1:66:9f:a3:00:bb:08:77:c9:59:19:4f:31:b5:82:
ac:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:5D:56:0D:52:3E:30:00:89:06:16:F7:F4:3D:09:81:27:A2:BC:9C
X509v3 Authority Key Identifier:
keyid:7A:CF:D0:79:7E:2D:9B:D3:53:9D:19:5A:03:12:41:A5:6A:02:A1:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/es_QeX4tm9NTnRlaAxJBpWoCoWo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/afbab5-adcf-4e57-92ea-9f4025571cba/1/mF1WDVI-MACJBhb39D0JgSeivJw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/afbab5-adcf-4e57-92ea-9f4025571cba/1/es_QeX4tm9NTnRlaAxJBpWoCoWo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.107.190.0/24
Signature Algorithm: sha256WithRSAEncryption
4f:45:2f:a1:6f:e4:d0:b6:22:7d:11:d5:ad:5c:3d:a9:a1:db:
41:e6:74:a4:4b:23:4f:10:39:81:9a:c4:00:96:8c:13:c2:a5:
7f:2c:92:43:a3:b3:14:74:7f:01:d4:06:fb:d6:c4:2c:d0:1c:
b9:40:a0:ad:30:ef:e3:8c:de:f9:72:7c:94:67:98:30:58:a9:
f8:8f:5a:94:99:24:1f:dc:56:51:7b:30:eb:a2:f2:d5:63:3f:
4c:9e:21:99:d8:1b:0a:e7:0e:7c:cf:68:78:d0:dc:b2:05:3d:
02:77:b9:5d:e7:db:1d:f8:b6:81:d4:f2:71:7f:d4:12:b6:b9:
2f:4f:5e:5a:cc:dc:39:c8:ac:c5:58:8a:d5:05:65:3d:cd:84:
40:43:7e:2f:79:63:d8:ee:50:f3:a7:2b:3c:3c:6f:fc:f5:1c:
df:b6:f5:2d:7b:ae:ad:38:23:61:bf:c8:26:f3:cf:50:28:73:
3d:0c:9c:27:2e:1a:a5:0b:a4:b2:0f:2b:95:42:6a:c0:49:63:
03:d2:95:8d:47:db:7a:79:ed:3b:2d:2e:2e:4a:32:e9:fd:64:
6e:53:3f:1a:a1:e8:99:fa:e4:77:28:26:ee:db:57:a2:d7:7a:
82:4f:58:50:ce:27:48:54:4e:d0:6d:5f:fc:09:05:7d:fc:a4:
c7:e5:b7:51
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYqm/d8SA9YQadB41SRPzltjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhY2ZkMDc5N2UyZDliZDM1MzlkMTk1YTAzMTI0MWE1NmEw
MmExNmEwHhcNMjMwOTE4MDYzMjUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ODVkNTYwZDUyM2UzMDAwODkwNjE2ZjdmNDNkMDk4MTI3YTJiYzljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhhqlgne3EwEra5f+bysVvKiG3i3+
d76ut6rSZJhoWoeV/j63Gu6qX7R6mTSXHNFeu2iFHzGLCOZr3JYxUg+cU193Tr1d
cMXw7sy+83x/L3j/XRe5kJPt30M9IOpM9/AGdjjvL5/6o0Ui7oxV55hRm2OMmtdb
RrLGluG2tsGgEHo30IY4fu2kZhseizFzZDCzqVrJSCA8zsjOxLN+ahpjPHIaBAGU
H0YFYdEfKL61SfHnt4FNohNNegipo9WnWdj5knHOovpG4RC/OrAmhB5ntlTvDm+g
nEREWZt57e/Q8b0HmXCpqXV9r0/WC7aoRAuxZp+jALsId8lZGU8xtYKs4wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJhdVg1SPjAAiQYW9/Q9CYEnorycMB8GA1UdIwQY
MBaAFHrP0Hl+LZvTU50ZWgMSQaVqAqFqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZXNfUWVYNHRtOU5UblJsYUF4SkJwV29Db1dvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYi9hZmJhYjUtYWRjZi00ZTU3LTkyZWEt
OWY0MDI1NTcxY2JhLzEvbUYxV0RWSS1NQUNKQmhiMzlEMEpnU2Vpdkp3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYi9hZmJhYjUtYWRjZi00ZTU3LTkyZWEtOWY0MDI1NTcxY2Jh
LzEvZXNfUWVYNHRtOU5UblJsYUF4SkJwV29Db1dvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAbWu+MA0G
CSqGSIb3DQEBCwUAA4IBAQBPRS+hb+TQtiJ9EdWtXD2podtB5nSkSyNPEDmBmsQA
lowTwqV/LJJDo7MUdH8B1Ab71sQs0By5QKCtMO/jjN75cnyUZ5gwWKn4j1qUmSQf
3FZRezDrovLVYz9MniGZ2BsK5w58z2h40NyyBT0Cd7ld59sd+LaB1PJxf9QStrkv
T15azNw5yKzFWIrVBWU9zYRAQ34veWPY7lDzpys8PG/89RzftvUte66tOCNhv8gm
889QKHM9DJwnLhqlC6SyDyuVQmrASWMD0pWNR9t6ee07LS4uSjLp/WRuUz8aoeiZ
+uR3KCbu21ei13qCT1hQzidIVE7QbV/8CQV9/KTH5bdR
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:26:09 2024 by rpki-client on console-fra.rpki-client.org