Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/89/1decb3-1593-45db-af56-0cc4c0000858/1/KmVQ2khKiWgoTS2vIXNV-DEMDU8.roa
File: KmVQ2khKiWgoTS2vIXNV-DEMDU8.roa (raw, json)
Hash identifier: UBcD/uC7TJaYQ2XPVRImzgD64XJH+aCpkpufnfjmWdQ=
Subject key identifier: 2A:65:50:DA:48:4A:89:68:28:4D:2D:AF:21:73:55:F8:31:0C:0D:4F
Certificate issuer: /CN=a811a2c9fc8de9679bb158581b10ceaee91ff791
Certificate serial: 091CC1CF
Authority key identifier: A8:11:A2:C9:FC:8D:E9:67:9B:B1:58:58:1B:10:CE:AE:E9:1F:F7:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qBGiyfyN6WebsVhYGxDOrukf95E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/89/1decb3-1593-45db-af56-0cc4c0000858/1/KmVQ2khKiWgoTS2vIXNV-DEMDU8.roa
Signing time: Tue 22 Mar 2022 12:51:35 +0000
ROA not before: Tue 22 Mar 2022 12:51:35 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 207287
IP address blocks: 109.197.35.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 152879567 (0x91cc1cf)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a811a2c9fc8de9679bb158581b10ceaee91ff791
Validity
Not Before: Mar 22 12:51:35 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2a6550da484a8968284d2daf217355f8310c0d4f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:29:cd:09:32:ad:91:89:9a:73:37:44:0b:88:
e0:b3:c8:78:b6:66:7f:63:7a:36:ba:04:5c:0d:73:
bf:f0:94:c5:d0:a2:45:b1:86:2a:d4:93:23:d4:01:
e9:6f:cf:a9:5a:72:d3:d6:b3:13:48:c1:5b:fe:18:
f4:ec:c9:63:e2:c4:a9:e0:05:aa:95:b5:aa:03:64:
e5:d2:0d:80:a0:d8:62:81:7c:93:22:c7:52:fa:39:
a4:11:eb:5e:ac:7f:af:9a:b2:a5:52:a1:9f:f0:26:
e3:99:8a:8e:8d:86:74:42:6b:25:bd:43:1f:be:8d:
ce:77:8b:84:9c:3e:d0:fb:ec:3b:bd:45:4c:bb:26:
ed:f4:58:88:7d:11:21:55:67:f0:40:8a:ac:8c:5f:
97:56:59:bf:5b:85:cb:78:73:61:6a:9a:6d:f8:46:
96:2d:4e:b0:90:d9:53:cb:18:3e:67:56:bf:69:c0:
da:00:4d:81:5c:34:4b:ad:80:2e:28:e7:d6:b7:ba:
da:55:57:0d:33:e1:69:07:80:38:e2:eb:ba:48:e8:
b5:48:d4:9a:6d:4a:fa:43:0d:c6:82:1f:f5:5d:4d:
a7:35:56:f7:2c:60:d3:31:7b:28:35:0f:7c:c6:25:
10:1d:0e:00:57:84:90:75:0f:7b:1f:0c:fa:16:d8:
f3:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:65:50:DA:48:4A:89:68:28:4D:2D:AF:21:73:55:F8:31:0C:0D:4F
X509v3 Authority Key Identifier:
keyid:A8:11:A2:C9:FC:8D:E9:67:9B:B1:58:58:1B:10:CE:AE:E9:1F:F7:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qBGiyfyN6WebsVhYGxDOrukf95E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/89/1decb3-1593-45db-af56-0cc4c0000858/1/KmVQ2khKiWgoTS2vIXNV-DEMDU8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/89/1decb3-1593-45db-af56-0cc4c0000858/1/qBGiyfyN6WebsVhYGxDOrukf95E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.197.35.0/24
Signature Algorithm: sha256WithRSAEncryption
50:c0:ce:27:0c:16:e0:66:71:03:63:97:fe:df:bb:cd:c0:b9:
0e:e0:7f:af:a0:d7:ac:88:93:1a:37:d3:0c:a2:31:06:23:8f:
cc:59:fd:ea:ec:99:e7:7f:a8:d1:36:cf:27:6c:7c:79:ab:94:
2e:4c:a8:03:6e:00:88:e8:4d:42:53:7f:e9:6e:57:f4:69:43:
63:81:e8:e6:58:63:a9:a8:c2:a5:c6:a7:11:c5:51:2b:05:22:
e0:55:ed:b7:22:2d:34:a9:5b:f5:a9:40:b3:1a:7a:b5:e9:5d:
f6:4a:9e:4e:5f:a5:25:84:bb:ef:b5:3e:49:95:d6:81:67:94:
02:ee:76:53:55:9f:4d:9e:cd:6e:15:a4:6a:53:c7:2e:88:3e:
66:c4:ca:23:fb:17:5f:2e:4a:8f:18:a5:6d:a2:f1:93:b0:19:
51:42:66:d2:27:d5:4c:de:bd:fa:31:07:83:1e:b8:91:3d:18:
02:48:fd:0e:42:ac:42:cd:c5:21:d1:f2:62:77:3a:86:13:e8:
38:0e:e8:30:56:d8:af:cd:e7:24:59:b6:03:ae:38:5e:5e:f2:
39:1a:98:75:eb:89:68:b2:79:54:69:db:45:c1:39:a4:fd:bc:
cb:ad:26:73:d3:fd:95:cd:dd:de:8c:9f:69:38:41:ec:6a:09:
70:5f:1a:84
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIECRzBzzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
ODExYTJjOWZjOGRlOTY3OWJiMTU4NTgxYjEwY2VhZWU5MWZmNzkxMB4XDTIyMDMy
MjEyNTEzNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMmE2NTUwZGE0ODRh
ODk2ODI4NGQyZGFmMjE3MzU1ZjgzMTBjMGQ0ZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJopzQkyrZGJmnM3RAuI4LPIeLZmf2N6NroEXA1zv/CUxdCi
RbGGKtSTI9QB6W/PqVpy09azE0jBW/4Y9OzJY+LEqeAFqpW1qgNk5dINgKDYYoF8
kyLHUvo5pBHrXqx/r5qypVKhn/Am45mKjo2GdEJrJb1DH76NzneLhJw+0PvsO71F
TLsm7fRYiH0RIVVn8ECKrIxfl1ZZv1uFy3hzYWqabfhGli1OsJDZU8sYPmdWv2nA
2gBNgVw0S62ALijn1re62lVXDTPhaQeAOOLrukjotUjUmm1K+kMNxoIf9V1NpzVW
9yxg0zF7KDUPfMYlEB0OAFeEkHUPex8M+hbY8yECAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQqZVDaSEqJaChNLa8hc1X4MQwNTzAfBgNVHSMEGDAWgBSoEaLJ/I3pZ5ux
WFgbEM6u6R/3kTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3FCR2l5ZnlONldlYnNWaFlHeERPcnVrZjk1RS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvODkvMWRlY2IzLTE1OTMtNDVkYi1hZjU2LTBjYzRjMDAwMDg1OC8x
L0ttVlEya2hLaVdnb1RTMnZJWE5WLURFTURVOC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODkv
MWRlY2IzLTE1OTMtNDVkYi1hZjU2LTBjYzRjMDAwMDg1OC8xL3FCR2l5ZnlONldl
YnNWaFlHeERPcnVrZjk1RS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAG3FIzANBgkqhkiG9w0BAQsFAAOC
AQEAUMDOJwwW4GZxA2OX/t+7zcC5DuB/r6DXrIiTGjfTDKIxBiOPzFn96uyZ53+o
0TbPJ2x8eauULkyoA24AiOhNQlN/6W5X9GlDY4Ho5lhjqajCpcanEcVRKwUi4FXt
tyItNKlb9alAsxp6teld9kqeTl+lJYS777U+SZXWgWeUAu52U1WfTZ7NbhWkalPH
Log+ZsTKI/sXXy5KjxilbaLxk7AZUUJm0ifVTN69+jEHgx64kT0YAkj9DkKsQs3F
IdHyYnc6hhPoOA7oMFbYr83nJFm2A644Xl7yORqYdeuJaLJ5VGnbRcE5pP28y60m
c9P9lc3d3oyfaThB7GoJcF8ahA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:37:59 2024 by rpki-client on console-fra.rpki-client.org