Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3b/afbab5-adcf-4e57-92ea-9f4025571cba/1/svPesFCvQQi821pNrEHgDMqm0hg.roa
File: svPesFCvQQi821pNrEHgDMqm0hg.roa (raw, json)
Hash identifier: AXzTPjT4PRiD2sL60O17Oppi1ogWX4W58rL2QKefl0s=
Subject key identifier: B2:F3:DE:B0:50:AF:41:08:BC:DB:5A:4D:AC:41:E0:0C:CA:A6:D2:18
Certificate issuer: /CN=7acfd0797e2d9bd3539d195a031241a56a02a16a
Certificate serial: 018AF4AED0012A9F411E1C7B6AD34C8E1374
Authority key identifier: 7A:CF:D0:79:7E:2D:9B:D3:53:9D:19:5A:03:12:41:A5:6A:02:A1:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/es_QeX4tm9NTnRlaAxJBpWoCoWo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3b/afbab5-adcf-4e57-92ea-9f4025571cba/1/svPesFCvQQi821pNrEHgDMqm0hg.roa
Signing time: Tue 03 Oct 2023 08:36:51 +0000
ROA not before: Tue 03 Oct 2023 08:36:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212441
IP address blocks: 109.107.185.0/24 maxlen: 24
109.107.186.0/24 maxlen: 24
109.107.184.0/24 maxlen: 24
109.107.187.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:f4:ae:d0:01:2a:9f:41:1e:1c:7b:6a:d3:4c:8e:13:74
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7acfd0797e2d9bd3539d195a031241a56a02a16a
Validity
Not Before: Oct 3 08:36:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b2f3deb050af4108bcdb5a4dac41e00ccaa6d218
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:63:b2:da:82:3f:06:cf:70:3b:9f:7d:2f:af:
5c:40:06:2f:4f:ad:99:3a:42:03:ba:5b:98:75:2d:
33:c4:f1:ef:a3:84:ea:9f:fe:a6:e1:81:ac:4d:f0:
ef:f0:b5:ce:8e:64:34:01:0e:5e:a3:28:43:a7:0f:
57:8a:72:37:88:6d:a4:07:8e:06:4c:02:f1:e8:f3:
18:9d:ca:92:36:d7:98:ef:16:96:f3:0d:01:0d:69:
39:e6:f6:e4:3f:b2:2a:b7:bf:b9:58:5e:fa:53:30:
a2:28:04:fb:ce:0c:02:56:92:88:1c:63:ea:6f:6d:
0e:4e:f2:d9:67:1e:72:ef:42:c3:d6:42:15:f5:b8:
bf:66:cf:69:60:4c:fa:05:26:2b:c6:34:0c:5b:5a:
29:2b:9c:d7:f3:4a:ed:99:53:22:12:57:25:e5:15:
11:e8:47:50:da:ce:01:14:15:48:34:d9:89:c2:67:
ab:0e:d5:79:a3:a6:10:a2:b9:ac:27:6a:29:b9:d2:
28:5e:82:ff:20:c1:f0:3c:a8:0c:3d:b4:86:2d:9e:
37:31:27:f5:3f:7e:a0:6c:91:66:4f:25:50:f1:54:
76:9a:75:89:99:d5:58:68:6d:99:24:0a:92:b9:2d:
08:f3:74:83:a6:76:01:f3:ec:cf:56:34:c6:2d:a9:
08:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:F3:DE:B0:50:AF:41:08:BC:DB:5A:4D:AC:41:E0:0C:CA:A6:D2:18
X509v3 Authority Key Identifier:
keyid:7A:CF:D0:79:7E:2D:9B:D3:53:9D:19:5A:03:12:41:A5:6A:02:A1:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/es_QeX4tm9NTnRlaAxJBpWoCoWo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/afbab5-adcf-4e57-92ea-9f4025571cba/1/svPesFCvQQi821pNrEHgDMqm0hg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/afbab5-adcf-4e57-92ea-9f4025571cba/1/es_QeX4tm9NTnRlaAxJBpWoCoWo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.107.184.0/22
Signature Algorithm: sha256WithRSAEncryption
74:5f:de:03:d8:69:9b:2b:83:2f:e3:7c:93:54:6b:49:64:be:
37:64:a8:07:be:ff:2a:e7:a9:e1:f1:f8:b3:12:b3:59:ce:ce:
03:d4:42:c0:af:82:a6:6c:95:5f:82:f1:aa:f7:3f:f3:b0:9f:
0d:d6:6a:b8:c0:ce:95:39:e2:d3:69:29:e8:23:6f:68:88:31:
44:61:eb:ee:6e:47:07:07:d7:e8:e8:fc:da:8c:84:c7:80:70:
88:5d:99:2b:38:f7:2c:6b:5c:80:c8:7a:5f:f1:06:eb:57:f5:
03:20:91:a9:ad:6b:e1:15:08:82:e7:4a:a0:86:0c:a7:22:77:
6c:05:c9:9f:8e:3d:cf:41:48:c9:73:18:1d:fc:44:45:44:6f:
32:c1:8d:1d:b5:2f:15:76:6e:ca:e6:73:b8:2c:5e:79:60:31:
93:e9:89:24:57:b8:5d:2c:40:4c:ec:87:ba:cf:29:f9:c3:ac:
a8:7c:90:95:01:cb:88:81:27:e5:37:87:0c:ce:76:3e:dd:1a:
9a:6e:b8:71:b0:d0:28:72:25:04:bb:81:ab:24:ce:89:71:b1:
53:66:b1:1e:3f:83:c6:50:6f:5a:7f:81:19:d2:42:f6:f4:d1:
85:a1:5b:0d:67:64:07:f9:98:fb:c7:bd:23:d6:0e:f8:49:72:
79:23:29:c0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYr0rtABKp9BHhx7atNMjhN0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhY2ZkMDc5N2UyZDliZDM1MzlkMTk1YTAzMTI0MWE1NmEw
MmExNmEwHhcNMjMxMDAzMDgzNjUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMmYzZGViMDUwYWY0MTA4YmNkYjVhNGRhYzQxZTAwY2NhYTZkMjE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoGOy2oI/Bs9wO599L69cQAYvT62Z
OkIDuluYdS0zxPHvo4Tqn/6m4YGsTfDv8LXOjmQ0AQ5eoyhDpw9XinI3iG2kB44G
TALx6PMYncqSNteY7xaW8w0BDWk55vbkP7Iqt7+5WF76UzCiKAT7zgwCVpKIHGPq
b20OTvLZZx5y70LD1kIV9bi/Zs9pYEz6BSYrxjQMW1opK5zX80rtmVMiElcl5RUR
6EdQ2s4BFBVINNmJwmerDtV5o6YQormsJ2opudIoXoL/IMHwPKgMPbSGLZ43MSf1
P36gbJFmTyVQ8VR2mnWJmdVYaG2ZJAqSuS0I83SDpnYB8+zPVjTGLakIjwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLLz3rBQr0EIvNtaTaxB4AzKptIYMB8GA1UdIwQY
MBaAFHrP0Hl+LZvTU50ZWgMSQaVqAqFqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZXNfUWVYNHRtOU5UblJsYUF4SkJwV29Db1dvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYi9hZmJhYjUtYWRjZi00ZTU3LTkyZWEt
OWY0MDI1NTcxY2JhLzEvc3ZQZXNGQ3ZRUWk4MjFwTnJFSGdETXFtMGhnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYi9hZmJhYjUtYWRjZi00ZTU3LTkyZWEtOWY0MDI1NTcxY2Jh
LzEvZXNfUWVYNHRtOU5UblJsYUF4SkJwV29Db1dvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCbWu4MA0G
CSqGSIb3DQEBCwUAA4IBAQB0X94D2GmbK4Mv43yTVGtJZL43ZKgHvv8q56nh8fiz
ErNZzs4D1ELAr4KmbJVfgvGq9z/zsJ8N1mq4wM6VOeLTaSnoI29oiDFEYevubkcH
B9fo6PzajITHgHCIXZkrOPcsa1yAyHpf8QbrV/UDIJGprWvhFQiC50qghgynInds
Bcmfjj3PQUjJcxgd/ERFRG8ywY0dtS8Vdm7K5nO4LF55YDGT6YkkV7hdLEBM7Ie6
zyn5w6yofJCVAcuIgSflN4cMznY+3RqabrhxsNAociUEu4GrJM6JcbFTZrEeP4PG
UG9af4EZ0kL29NGFoVsNZ2QH+Zj7x70j1g74SXJ5IynA
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:26:09 2024 by rpki-client on console-fra.rpki-client.org