Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/23/95eebb-0a9d-4f71-b3f9-5649e1b192bb/1/4rOKYjNL1dm3bbxaheghAvDWIjc.roa
File: 4rOKYjNL1dm3bbxaheghAvDWIjc.roa (raw, json)
Hash identifier: r0oZBeM1YpXQFqEZyhpgMNaah0c/vQsReazhaaIlPeg=
Subject key identifier: E2:B3:8A:62:33:4B:D5:D9:B7:6D:BC:5A:85:E8:21:02:F0:D6:22:37
Certificate issuer: /CN=fbf62f7606273f41a6ccc8e2956076f3c0a1eb54
Certificate serial: 0B955F47
Authority key identifier: FB:F6:2F:76:06:27:3F:41:A6:CC:C8:E2:95:60:76:F3:C0:A1:EB:54
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-_YvdgYnP0GmzMjilWB288Ch61Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/23/95eebb-0a9d-4f71-b3f9-5649e1b192bb/1/4rOKYjNL1dm3bbxaheghAvDWIjc.roa
Signing time: Fri 07 Jan 2022 13:27:35 +0000
ROA not before: Fri 07 Jan 2022 13:27:35 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 197706
IP address blocks: 109.104.149.0/24 maxlen: 24
109.104.147.0/24 maxlen: 24
109.104.148.0/24 maxlen: 24
109.104.146.0/24 maxlen: 24
109.104.150.0/24 maxlen: 24
109.104.151.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 194338631 (0xb955f47)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fbf62f7606273f41a6ccc8e2956076f3c0a1eb54
Validity
Not Before: Jan 7 13:27:35 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e2b38a62334bd5d9b76dbc5a85e82102f0d62237
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:a4:fc:94:63:e3:f9:ea:b7:9e:22:25:bd:15:
8f:71:4c:64:fb:ff:9c:21:d3:19:be:03:2e:f2:82:
c5:5b:90:4a:7d:94:6b:38:d4:9a:90:12:63:15:4e:
e2:57:18:e8:7c:b2:4f:c5:99:2b:e7:1f:35:52:ea:
40:4b:44:0d:02:9a:fb:a2:a1:05:86:eb:91:db:03:
66:3d:1e:62:9e:32:73:e9:14:b5:fd:c8:82:99:e8:
7a:40:95:02:53:dd:d6:8d:80:4f:e1:6e:5f:19:fd:
c2:bf:f0:ad:f8:38:ab:ee:a6:ae:83:3f:6e:34:62:
3d:67:09:0f:3c:98:a3:4a:9c:15:12:c1:53:93:25:
71:f7:14:4b:fa:80:6d:ab:e1:51:72:d3:46:ad:39:
58:54:79:6c:6c:6b:6b:fa:98:68:d0:6d:2c:4f:75:
ea:60:38:84:8f:1b:41:b1:5a:89:22:f4:fa:de:7d:
c5:a0:ed:5c:10:a8:a7:7c:30:7b:5c:18:2c:f5:71:
e7:32:f8:a6:ec:78:b3:87:c0:ff:b3:0d:3a:68:ef:
11:d1:9a:0c:df:6a:ab:f2:2b:ec:dd:dd:22:2f:b8:
05:14:a3:bb:fa:1a:35:46:5a:55:73:5c:80:50:d8:
64:9a:0a:c8:33:d2:69:a3:0e:79:c7:40:1a:b0:df:
12:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:B3:8A:62:33:4B:D5:D9:B7:6D:BC:5A:85:E8:21:02:F0:D6:22:37
X509v3 Authority Key Identifier:
keyid:FB:F6:2F:76:06:27:3F:41:A6:CC:C8:E2:95:60:76:F3:C0:A1:EB:54
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-_YvdgYnP0GmzMjilWB288Ch61Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/23/95eebb-0a9d-4f71-b3f9-5649e1b192bb/1/4rOKYjNL1dm3bbxaheghAvDWIjc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/23/95eebb-0a9d-4f71-b3f9-5649e1b192bb/1/1-_YvdgYnP0GmzMjilWB288Ch61Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.104.146.0-109.104.151.255
Signature Algorithm: sha256WithRSAEncryption
b4:ca:ed:13:dc:22:b0:78:72:36:c2:42:87:a1:c3:7c:09:cd:
37:eb:8d:10:91:ab:2b:ca:a3:57:50:9f:c1:0f:0c:c4:1c:32:
97:a3:65:3a:c0:0c:72:7b:7f:6a:76:8c:ad:41:cb:b6:b7:eb:
d1:cc:52:23:70:0e:c1:f7:df:a3:f2:e7:9a:6d:62:9d:50:b5:
b5:02:6f:a0:f5:59:29:ab:83:38:f4:fb:a8:ba:fa:57:5c:67:
92:ea:98:83:71:96:3b:14:a3:4d:1d:83:df:2c:6c:17:fa:ab:
d6:a9:68:bf:7f:6b:1f:d2:7d:c6:92:40:53:c0:b9:8b:e0:cb:
72:9e:b8:5a:f6:ff:7a:ca:4c:df:4a:e9:32:ec:d1:59:5e:94:
22:2b:1c:29:96:10:81:a0:f3:39:86:81:f0:b2:46:09:5f:11:
f2:aa:ac:8a:5d:0b:92:cb:86:d9:8d:12:95:d5:7f:0c:5e:14:
d4:b3:ae:e8:e0:ef:0c:a1:8c:48:27:5d:b0:b4:8c:14:64:98:
44:7a:cf:72:a6:44:f3:f7:b2:85:5e:4a:c9:38:0f:d4:b9:0b:
49:a2:6e:3f:32:f8:cf:c4:00:3d:35:e4:b5:a5:81:36:1b:7d:
c8:18:ff:88:7c:05:8b:58:8b:c3:92:f7:25:c4:b0:e6:37:21:
75:8a:8d:a2
-----BEGIN CERTIFICATE-----
MIIE+TCCA+GgAwIBAgIEC5VfRzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
YmY2MmY3NjA2MjczZjQxYTZjY2M4ZTI5NTYwNzZmM2MwYTFlYjU0MB4XDTIyMDEw
NzEzMjczNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZTJiMzhhNjIzMzRi
ZDVkOWI3NmRiYzVhODVlODIxMDJmMGQ2MjIzNzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANCk/JRj4/nqt54iJb0Vj3FMZPv/nCHTGb4DLvKCxVuQSn2U
azjUmpASYxVO4lcY6HyyT8WZK+cfNVLqQEtEDQKa+6KhBYbrkdsDZj0eYp4yc+kU
tf3IgpnoekCVAlPd1o2AT+FuXxn9wr/wrfg4q+6mroM/bjRiPWcJDzyYo0qcFRLB
U5MlcfcUS/qAbavhUXLTRq05WFR5bGxra/qYaNBtLE916mA4hI8bQbFaiSL0+t59
xaDtXBCop3wwe1wYLPVx5zL4pux4s4fA/7MNOmjvEdGaDN9qq/Ir7N3dIi+4BRSj
u/oaNUZaVXNcgFDYZJoKyDPSaaMOecdAGrDfEgECAwEAAaOCAhMwggIPMB0GA1Ud
DgQWBBTis4piM0vV2bdtvFqF6CEC8NYiNzAfBgNVHSMEGDAWgBT79i92Bic/QabM
yOKVYHbzwKHrVDAOBgNVHQ8BAf8EBAMCB4AwZQYIKwYBBQUHAQEEWTBXMFUGCCsG
AQUFBzAChklyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzEtX1l2ZGdZblAwR216TWppbFdCMjg4Q2g2MVEuY2VyMIGNBggrBgEFBQcBCwSB
gDB+MHwGCCsGAQUFBzALhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS9ERUZBVUxULzIzLzk1ZWViYi0wYTlkLTRmNzEtYjNmOS01NjQ5ZTFiMTkyYmIv
MS80ck9LWWpOTDFkbTNiYnhhaGVnaEF2RFdJamMucm9hMIGCBgNVHR8EezB5MHeg
daBzhnFyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzIz
Lzk1ZWViYi0wYTlkLTRmNzEtYjNmOS01NjQ5ZTFiMTkyYmIvMS8xLV9ZdmRnWW5Q
MEdtek1qaWxXQjI4OENoNjFRLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4C
MCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAFtaJIDBANtaJAwDQYJKoZI
hvcNAQELBQADggEBALTK7RPcIrB4cjbCQoehw3wJzTfrjRCRqyvKo1dQn8EPDMQc
MpejZTrADHJ7f2p2jK1By7a369HMUiNwDsH336Py55ptYp1QtbUCb6D1WSmrgzj0
+6i6+ldcZ5LqmINxljsUo00dg98sbBf6q9apaL9/ax/SfcaSQFPAuYvgy3KeuFr2
/3rKTN9K6TLs0VlelCIrHCmWEIGg8zmGgfCyRglfEfKqrIpdC5LLhtmNEpXVfwxe
FNSzrujg7wyhjEgnXbC0jBRkmER6z3KmRPP3soVeSsk4D9S5C0mibj8y+M/EAD01
5LWlgTYbfcgY/4h8BYtYi8OS9yXEsOY3IXWKjaI=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:58:14 2024 by rpki-client on console-ams.rpki-client.org