Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3b/afbab5-adcf-4e57-92ea-9f4025571cba/1/wTU81ps-rxnwZALP57wpizaS15I.roa
File: wTU81ps-rxnwZALP57wpizaS15I.roa (raw, json)
Hash identifier: /NJG+fL46pCCYPf/jpzUirrO3kCPhzSF4WH46wl7Qt8=
Subject key identifier: C1:35:3C:D6:9B:3E:AF:19:F0:64:02:CF:E7:BC:29:8B:36:92:D7:92
Certificate issuer: /CN=7acfd0797e2d9bd3539d195a031241a56a02a16a
Certificate serial: 01856E38AF078ACCC4510DC000070989F601
Authority key identifier: 7A:CF:D0:79:7E:2D:9B:D3:53:9D:19:5A:03:12:41:A5:6A:02:A1:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/es_QeX4tm9NTnRlaAxJBpWoCoWo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3b/afbab5-adcf-4e57-92ea-9f4025571cba/1/wTU81ps-rxnwZALP57wpizaS15I.roa
Signing time: Sun 01 Jan 2023 16:44:46 +0000
ROA not before: Sun 01 Jan 2023 16:44:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 56380
IP address blocks: 109.107.166.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:38:af:07:8a:cc:c4:51:0d:c0:00:07:09:89:f6:01
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7acfd0797e2d9bd3539d195a031241a56a02a16a
Validity
Not Before: Jan 1 16:44:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c1353cd69b3eaf19f06402cfe7bc298b3692d792
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:c1:ef:44:74:eb:3c:7e:13:36:64:01:b3:ef:
d8:ed:2d:1e:a4:5c:51:62:18:87:68:ca:3d:3a:37:
40:c9:7c:fe:45:16:ee:1b:f2:a9:d7:f1:be:c0:10:
25:a3:7e:0c:4d:02:bc:71:b1:ab:e2:e1:28:88:5c:
cf:eb:23:f4:9d:60:ee:6d:36:95:bc:f2:8e:ab:03:
bd:99:69:39:bf:a7:f2:d3:9f:d0:5d:54:c8:99:ff:
5c:a8:49:52:ef:f5:9a:9f:07:ee:17:8f:14:05:1c:
e3:4c:27:71:b3:be:a6:16:f2:a8:4a:d5:bb:a4:55:
8e:0d:df:d0:ee:03:30:37:b4:de:07:97:e8:fa:f2:
05:39:4c:b7:e7:f1:d9:89:9b:be:46:72:d2:3e:91:
53:d0:b3:68:ce:b3:78:84:f6:7d:d6:17:cd:02:ba:
b4:84:32:0d:50:d3:66:f2:6a:5c:19:f6:ea:22:25:
e1:ec:a6:1b:b5:9e:00:30:90:b5:03:0e:2b:b1:88:
15:cd:1a:58:c1:83:34:eb:9f:29:68:e6:56:dd:bd:
3e:60:b3:17:b0:b8:11:49:e0:ce:b9:d3:13:ce:5c:
de:fe:33:3f:42:d9:83:e2:5e:f3:95:0d:af:c7:51:
29:20:ca:9c:2f:55:a1:f1:32:c7:8a:98:b6:3a:ed:
df:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:35:3C:D6:9B:3E:AF:19:F0:64:02:CF:E7:BC:29:8B:36:92:D7:92
X509v3 Authority Key Identifier:
keyid:7A:CF:D0:79:7E:2D:9B:D3:53:9D:19:5A:03:12:41:A5:6A:02:A1:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/es_QeX4tm9NTnRlaAxJBpWoCoWo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/afbab5-adcf-4e57-92ea-9f4025571cba/1/wTU81ps-rxnwZALP57wpizaS15I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/afbab5-adcf-4e57-92ea-9f4025571cba/1/es_QeX4tm9NTnRlaAxJBpWoCoWo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.107.166.0/24
Signature Algorithm: sha256WithRSAEncryption
29:34:bb:a3:7f:bb:f6:e8:e9:9c:03:fa:3c:63:1f:c1:fe:28:
6f:89:b6:ba:15:11:6c:9c:02:09:84:55:b2:4f:0d:70:66:5d:
58:1e:ba:e5:49:a4:66:40:fc:32:9f:ae:de:86:6c:04:3e:33:
90:da:ce:80:a2:18:74:22:19:96:1c:40:bf:da:98:43:e6:cc:
a4:49:bb:58:ad:bc:53:5d:46:19:e3:4d:4a:d6:6d:a9:b8:c1:
c4:79:66:99:ce:23:4f:10:45:06:d0:ec:fe:02:b8:2f:be:71:
63:b8:a2:ec:69:c9:4d:e8:93:a3:49:55:f9:2b:5e:20:94:49:
52:b3:a9:ba:d3:d6:1a:a9:f3:c5:d7:24:b4:ce:51:1f:1f:6a:
3b:9a:b5:15:c1:0e:a6:0c:ed:7b:ee:34:d6:96:87:58:b8:80:
90:a3:da:66:4a:ef:fa:42:92:f4:ef:72:9e:5d:73:7a:43:a4:
6b:68:3f:52:3a:88:5d:42:fd:06:a9:9a:2d:cf:87:13:e4:40:
ab:f0:b8:6b:44:46:76:ce:40:70:1b:e4:66:a0:00:41:08:45:
84:b8:22:b2:b0:dd:d5:cc:9f:b2:59:2b:69:0c:72:f6:40:77:
9f:fa:b6:3c:d5:15:9f:78:17:4d:01:d5:63:fb:3e:73:bf:5e:
92:65:92:8f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVuOK8HiszEUQ3AAAcJifYBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhY2ZkMDc5N2UyZDliZDM1MzlkMTk1YTAzMTI0MWE1NmEw
MmExNmEwHhcNMjMwMTAxMTY0NDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMTM1M2NkNjliM2VhZjE5ZjA2NDAyY2ZlN2JjMjk4YjM2OTJkNzkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsMHvRHTrPH4TNmQBs+/Y7S0epFxR
YhiHaMo9OjdAyXz+RRbuG/Kp1/G+wBAlo34MTQK8cbGr4uEoiFzP6yP0nWDubTaV
vPKOqwO9mWk5v6fy05/QXVTImf9cqElS7/WanwfuF48UBRzjTCdxs76mFvKoStW7
pFWODd/Q7gMwN7TeB5fo+vIFOUy35/HZiZu+RnLSPpFT0LNozrN4hPZ91hfNArq0
hDINUNNm8mpcGfbqIiXh7KYbtZ4AMJC1Aw4rsYgVzRpYwYM0658paOZW3b0+YLMX
sLgRSeDOudMTzlze/jM/QtmD4l7zlQ2vx1EpIMqcL1Wh8TLHipi2Ou3f+QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFME1PNabPq8Z8GQCz+e8KYs2kteSMB8GA1UdIwQY
MBaAFHrP0Hl+LZvTU50ZWgMSQaVqAqFqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZXNfUWVYNHRtOU5UblJsYUF4SkJwV29Db1dvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYi9hZmJhYjUtYWRjZi00ZTU3LTkyZWEt
OWY0MDI1NTcxY2JhLzEvd1RVODFwcy1yeG53WkFMUDU3d3BpemFTMTVJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYi9hZmJhYjUtYWRjZi00ZTU3LTkyZWEtOWY0MDI1NTcxY2Jh
LzEvZXNfUWVYNHRtOU5UblJsYUF4SkJwV29Db1dvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAbWumMA0G
CSqGSIb3DQEBCwUAA4IBAQApNLujf7v26OmcA/o8Yx/B/ihviba6FRFsnAIJhFWy
Tw1wZl1YHrrlSaRmQPwyn67ehmwEPjOQ2s6Aohh0IhmWHEC/2phD5sykSbtYrbxT
XUYZ401K1m2puMHEeWaZziNPEEUG0Oz+ArgvvnFjuKLsaclN6JOjSVX5K14glElS
s6m609YaqfPF1yS0zlEfH2o7mrUVwQ6mDO177jTWlodYuICQo9pmSu/6QpL073Ke
XXN6Q6RraD9SOohdQv0GqZotz4cT5ECr8LhrREZ2zkBwG+RmoABBCEWEuCKysN3V
zJ+yWStpDHL2QHef+rY81RWfeBdNAdVj+z5zv16SZZKP
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:04:06 2024 by rpki-client on console-ams.rpki-client.org