Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3b/afbab5-adcf-4e57-92ea-9f4025571cba/1/n4gaSbPD-xmUFkViulVqC2CKI9A.roa
File: n4gaSbPD-xmUFkViulVqC2CKI9A.roa (raw, json)
Hash identifier: ySXWBELfGK23/kt4zjdttKmRsyzklhpOlJakfKBhiT4=
Subject key identifier: 9F:88:1A:49:B3:C3:FB:19:94:16:45:62:BA:55:6A:0B:60:8A:23:D0
Certificate issuer: /CN=7acfd0797e2d9bd3539d195a031241a56a02a16a
Certificate serial: 018A3C69C5853A242923BEFD292ECFD9D574
Authority key identifier: 7A:CF:D0:79:7E:2D:9B:D3:53:9D:19:5A:03:12:41:A5:6A:02:A1:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/es_QeX4tm9NTnRlaAxJBpWoCoWo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3b/afbab5-adcf-4e57-92ea-9f4025571cba/1/n4gaSbPD-xmUFkViulVqC2CKI9A.roa
Signing time: Mon 28 Aug 2023 13:51:19 +0000
ROA not before: Mon 28 Aug 2023 13:51:19 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 198769
IP address blocks: 109.107.190.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:3c:69:c5:85:3a:24:29:23:be:fd:29:2e:cf:d9:d5:74
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7acfd0797e2d9bd3539d195a031241a56a02a16a
Validity
Not Before: Aug 28 13:51:19 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9f881a49b3c3fb1994164562ba556a0b608a23d0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:2a:8b:46:5f:9b:0f:a3:88:af:b5:97:96:a8:
34:5e:56:42:9e:b8:73:bf:9b:10:78:48:a1:54:df:
bc:44:9d:ea:98:d6:a1:54:61:0c:31:df:b9:ca:12:
a5:da:15:2c:e8:12:30:9e:89:a2:da:69:9d:73:70:
80:6d:f7:bb:51:2e:4e:d1:af:e9:57:86:8f:17:b5:
46:b3:11:b8:3a:c4:90:2b:52:e3:5a:dd:d6:12:35:
c0:cb:89:74:1a:01:8c:4a:bf:82:d9:08:5d:08:8c:
04:b4:ce:9b:27:3d:7c:ee:23:bb:28:02:c7:db:bd:
40:86:fe:e5:7d:08:d7:75:b7:89:17:32:6e:2b:d0:
31:4a:36:0d:26:4e:79:96:e2:c3:43:14:3a:08:79:
a1:45:71:3b:29:54:03:7c:9b:fe:af:b5:d3:4b:4d:
5c:97:3a:92:7a:f4:d4:e6:10:27:b9:3b:57:85:90:
a9:75:a5:b6:db:76:4e:67:0a:2a:08:f5:ee:4b:47:
e9:13:fc:f8:f4:a7:7d:56:fd:21:39:20:75:52:96:
31:a0:fc:8e:87:12:26:91:fc:70:39:5e:f1:42:74:
16:7f:8a:e1:c5:73:f5:0a:83:86:11:39:5d:0f:18:
bf:84:97:ca:a2:ad:b1:38:7e:20:5e:73:f9:fa:c8:
4a:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:88:1A:49:B3:C3:FB:19:94:16:45:62:BA:55:6A:0B:60:8A:23:D0
X509v3 Authority Key Identifier:
keyid:7A:CF:D0:79:7E:2D:9B:D3:53:9D:19:5A:03:12:41:A5:6A:02:A1:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/es_QeX4tm9NTnRlaAxJBpWoCoWo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/afbab5-adcf-4e57-92ea-9f4025571cba/1/n4gaSbPD-xmUFkViulVqC2CKI9A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/afbab5-adcf-4e57-92ea-9f4025571cba/1/es_QeX4tm9NTnRlaAxJBpWoCoWo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.107.190.0/24
Signature Algorithm: sha256WithRSAEncryption
8c:de:9e:71:24:53:45:f4:56:4a:1d:b3:e9:ac:51:38:62:bb:
fd:ce:59:63:c3:83:f5:6c:9c:6b:53:ed:f7:4a:54:92:61:05:
08:d4:bd:fe:25:7f:a4:21:47:63:8d:88:01:67:82:75:1a:5f:
3d:d4:0b:f6:e2:99:7f:51:9c:c3:5d:a8:dd:53:5f:31:0d:3b:
47:98:cf:e1:ac:37:02:40:70:99:85:52:fa:40:04:47:35:51:
39:b0:ee:d6:50:a6:bf:09:cd:15:77:d4:ea:9d:63:3c:20:e6:
f0:db:6b:1f:a7:10:2f:f8:fc:73:45:f2:41:cd:4c:1b:44:65:
a7:c7:e9:b7:5d:4d:65:fe:95:62:0f:98:73:54:f6:7e:7b:cd:
c8:ee:9f:89:ed:6a:c9:7c:cd:c1:c4:ae:46:7e:3f:02:8a:59:
b7:97:5d:b5:b9:b1:14:dc:d2:1e:95:bf:eb:a6:bd:25:d6:8a:
58:93:7f:30:22:d4:25:ba:01:fb:0c:aa:ce:a3:55:41:24:51:
d5:e1:ca:57:06:8a:8c:af:d7:6c:09:bc:4f:e5:15:5c:71:b7:
53:a1:17:a2:24:70:29:1d:45:3c:a4:40:25:d8:a9:f3:2f:51:
33:7b:51:0e:a0:4c:6a:b8:cb:15:d8:90:dd:64:bd:65:a0:70:
a8:e9:70:7b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYo8acWFOiQpI779KS7P2dV0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhY2ZkMDc5N2UyZDliZDM1MzlkMTk1YTAzMTI0MWE1NmEw
MmExNmEwHhcNMjMwODI4MTM1MTE5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5Zjg4MWE0OWIzYzNmYjE5OTQxNjQ1NjJiYTU1NmEwYjYwOGEyM2QwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2CqLRl+bD6OIr7WXlqg0XlZCnrhz
v5sQeEihVN+8RJ3qmNahVGEMMd+5yhKl2hUs6BIwnomi2mmdc3CAbfe7US5O0a/p
V4aPF7VGsxG4OsSQK1LjWt3WEjXAy4l0GgGMSr+C2QhdCIwEtM6bJz187iO7KALH
271Ahv7lfQjXdbeJFzJuK9AxSjYNJk55luLDQxQ6CHmhRXE7KVQDfJv+r7XTS01c
lzqSevTU5hAnuTtXhZCpdaW223ZOZwoqCPXuS0fpE/z49Kd9Vv0hOSB1UpYxoPyO
hxImkfxwOV7xQnQWf4rhxXP1CoOGETldDxi/hJfKoq2xOH4gXnP5+shK7QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJ+IGkmzw/sZlBZFYrpVagtgiiPQMB8GA1UdIwQY
MBaAFHrP0Hl+LZvTU50ZWgMSQaVqAqFqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZXNfUWVYNHRtOU5UblJsYUF4SkJwV29Db1dvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYi9hZmJhYjUtYWRjZi00ZTU3LTkyZWEt
OWY0MDI1NTcxY2JhLzEvbjRnYVNiUEQteG1VRmtWaXVsVnFDMkNLSTlBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYi9hZmJhYjUtYWRjZi00ZTU3LTkyZWEtOWY0MDI1NTcxY2Jh
LzEvZXNfUWVYNHRtOU5UblJsYUF4SkJwV29Db1dvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAbWu+MA0G
CSqGSIb3DQEBCwUAA4IBAQCM3p5xJFNF9FZKHbPprFE4Yrv9zlljw4P1bJxrU+33
SlSSYQUI1L3+JX+kIUdjjYgBZ4J1Gl891Av24pl/UZzDXajdU18xDTtHmM/hrDcC
QHCZhVL6QARHNVE5sO7WUKa/Cc0Vd9TqnWM8IObw22sfpxAv+PxzRfJBzUwbRGWn
x+m3XU1l/pViD5hzVPZ+e83I7p+J7WrJfM3BxK5Gfj8Cilm3l121ubEU3NIelb/r
pr0l1opYk38wItQlugH7DKrOo1VBJFHV4cpXBoqMr9dsCbxP5RVccbdToReiJHAp
HUU8pEAl2KnzL1Eze1EOoExquMsV2JDdZL1loHCo6XB7
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:04:05 2024 by rpki-client on console-ams.rpki-client.org