Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3b/afbab5-adcf-4e57-92ea-9f4025571cba/1/uXPK-nriI1uPQ75lMyDs517V1HI.roa
File: uXPK-nriI1uPQ75lMyDs517V1HI.roa (raw, json)
Hash identifier: pfSfwhv97tXHjtkFCYlY1ljt9XaxLjqMT59UDximK9g=
Subject key identifier: B9:73:CA:FA:7A:E2:23:5B:8F:43:BE:65:33:20:EC:E7:5E:D5:D4:72
Certificate issuer: /CN=7acfd0797e2d9bd3539d195a031241a56a02a16a
Certificate serial: 0183E4C9894622431465E8175677E4D57430
Authority key identifier: 7A:CF:D0:79:7E:2D:9B:D3:53:9D:19:5A:03:12:41:A5:6A:02:A1:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/es_QeX4tm9NTnRlaAxJBpWoCoWo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3b/afbab5-adcf-4e57-92ea-9f4025571cba/1/uXPK-nriI1uPQ75lMyDs517V1HI.roa
Signing time: Mon 17 Oct 2022 07:12:36 +0000
ROA not before: Mon 17 Oct 2022 07:12:36 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 56380
IP address blocks: 109.107.166.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:e4:c9:89:46:22:43:14:65:e8:17:56:77:e4:d5:74:30
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7acfd0797e2d9bd3539d195a031241a56a02a16a
Validity
Not Before: Oct 17 07:12:36 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b973cafa7ae2235b8f43be653320ece75ed5d472
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:ee:c6:c4:18:b2:f0:df:b9:a4:32:9d:d2:29:
14:09:49:e0:23:5f:db:86:d7:8f:d8:5d:d8:d9:ee:
af:24:32:21:0b:4f:4f:29:65:80:da:0d:f8:f2:c8:
0b:fd:d8:46:8a:95:7d:0b:19:e6:c3:df:16:7b:c8:
b2:8b:7c:aa:a8:4b:b3:33:48:97:e1:8c:1a:05:d2:
8b:68:80:fa:87:be:ad:3d:ec:9d:73:77:24:be:92:
57:57:b5:b4:cf:72:06:7e:bd:db:52:71:68:92:14:
fe:93:51:ac:84:fa:e2:fb:19:10:b3:3e:b2:bc:6c:
d7:48:b1:04:70:55:df:a4:74:39:eb:b8:0c:97:4c:
09:04:39:31:ad:b0:b4:ed:ff:19:7c:25:31:fe:04:
b4:cc:a5:c8:28:72:f9:8a:17:89:ae:c1:44:45:64:
d3:4b:b5:ef:e6:de:64:1f:e0:b2:81:ae:01:6f:5c:
3d:79:97:d8:3d:83:17:a9:93:c8:de:37:df:e5:0a:
07:8b:a2:69:93:62:14:a7:1e:ab:73:68:23:96:25:
43:c8:2b:be:ab:48:64:7d:62:18:1d:7b:55:ef:1c:
a1:a7:2e:44:9e:7b:38:92:ca:53:67:d3:2f:96:99:
af:8e:3d:fc:7c:45:fb:9d:a7:32:fb:19:79:80:1a:
47:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:73:CA:FA:7A:E2:23:5B:8F:43:BE:65:33:20:EC:E7:5E:D5:D4:72
X509v3 Authority Key Identifier:
keyid:7A:CF:D0:79:7E:2D:9B:D3:53:9D:19:5A:03:12:41:A5:6A:02:A1:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/es_QeX4tm9NTnRlaAxJBpWoCoWo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/afbab5-adcf-4e57-92ea-9f4025571cba/1/uXPK-nriI1uPQ75lMyDs517V1HI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/afbab5-adcf-4e57-92ea-9f4025571cba/1/es_QeX4tm9NTnRlaAxJBpWoCoWo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.107.166.0/24
Signature Algorithm: sha256WithRSAEncryption
0f:29:94:5f:70:22:d4:5f:32:d1:b4:26:07:b0:38:80:a1:6f:
7f:9a:c5:bf:83:13:e7:df:6a:3c:65:bd:8d:96:dd:00:ab:c3:
b8:a6:0f:85:7e:8a:75:79:1f:07:17:0b:79:97:76:90:73:6c:
2d:75:17:d1:8f:74:02:e8:87:69:fa:66:c7:3a:8e:f8:50:ff:
c9:3b:78:c5:fc:b7:30:13:ff:89:dc:37:5d:8c:80:86:d0:7c:
95:10:01:b0:79:e9:95:57:d6:71:7f:7c:df:2e:16:07:69:96:
e6:c8:93:5f:22:61:a1:05:03:b7:c0:3c:9e:73:9a:ac:54:15:
5e:ab:ae:be:28:b4:30:b1:6c:50:ac:59:dc:d0:2b:16:dd:b5:
93:86:be:de:20:cc:a3:ad:ff:bd:81:2e:be:22:09:e2:a9:7f:
25:a5:89:c3:16:1f:7a:62:44:a7:43:81:94:7c:1c:09:ac:d0:
85:b9:57:cf:ff:f5:04:99:33:4d:49:8e:a7:95:cc:33:cc:7e:
2a:5a:ee:bf:66:e1:cc:a3:c5:0e:c4:e8:2c:92:00:11:81:79:
31:ed:91:9e:b0:f0:90:43:2a:17:85:af:59:22:62:f7:d7:d0:
37:bc:7c:07:2e:e3:98:bc:b6:9a:55:26:87:4d:94:4d:e4:54:
61:33:17:60
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYPkyYlGIkMUZegXVnfk1XQwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhY2ZkMDc5N2UyZDliZDM1MzlkMTk1YTAzMTI0MWE1NmEw
MmExNmEwHhcNMjIxMDE3MDcxMjM2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOTczY2FmYTdhZTIyMzViOGY0M2JlNjUzMzIwZWNlNzVlZDVkNDcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAie7GxBiy8N+5pDKd0ikUCUngI1/b
hteP2F3Y2e6vJDIhC09PKWWA2g348sgL/dhGipV9Cxnmw98We8iyi3yqqEuzM0iX
4YwaBdKLaID6h76tPeydc3ckvpJXV7W0z3IGfr3bUnFokhT+k1GshPri+xkQsz6y
vGzXSLEEcFXfpHQ567gMl0wJBDkxrbC07f8ZfCUx/gS0zKXIKHL5iheJrsFERWTT
S7Xv5t5kH+Cyga4Bb1w9eZfYPYMXqZPI3jff5QoHi6Jpk2IUpx6rc2gjliVDyCu+
q0hkfWIYHXtV7xyhpy5Enns4kspTZ9Mvlpmvjj38fEX7nacy+xl5gBpHaQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLlzyvp64iNbj0O+ZTMg7Ode1dRyMB8GA1UdIwQY
MBaAFHrP0Hl+LZvTU50ZWgMSQaVqAqFqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZXNfUWVYNHRtOU5UblJsYUF4SkJwV29Db1dvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYi9hZmJhYjUtYWRjZi00ZTU3LTkyZWEt
OWY0MDI1NTcxY2JhLzEvdVhQSy1ucmlJMXVQUTc1bE15RHM1MTdWMUhJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYi9hZmJhYjUtYWRjZi00ZTU3LTkyZWEtOWY0MDI1NTcxY2Jh
LzEvZXNfUWVYNHRtOU5UblJsYUF4SkJwV29Db1dvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAbWumMA0G
CSqGSIb3DQEBCwUAA4IBAQAPKZRfcCLUXzLRtCYHsDiAoW9/msW/gxPn32o8Zb2N
lt0Aq8O4pg+Ffop1eR8HFwt5l3aQc2wtdRfRj3QC6Idp+mbHOo74UP/JO3jF/Lcw
E/+J3DddjICG0HyVEAGweemVV9Zxf3zfLhYHaZbmyJNfImGhBQO3wDyec5qsVBVe
q66+KLQwsWxQrFnc0CsW3bWThr7eIMyjrf+9gS6+IgniqX8lpYnDFh96YkSnQ4GU
fBwJrNCFuVfP//UEmTNNSY6nlcwzzH4qWu6/ZuHMo8UOxOgskgARgXkx7ZGesPCQ
QyoXha9ZImL319A3vHwHLuOYvLaaVSaHTZRN5FRhMxdg
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:26:09 2024 by rpki-client on console-fra.rpki-client.org