Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/23/95eebb-0a9d-4f71-b3f9-5649e1b192bb/1/6tq6Kx2NXW4mfaA_OcnHuYBFHOM.roa
File: 6tq6Kx2NXW4mfaA_OcnHuYBFHOM.roa (raw, json)
Hash identifier: pixCVHo/GknntaAgtqpy6GZdbAWucS1raJIGWJyvoHY=
Subject key identifier: EA:DA:BA:2B:1D:8D:5D:6E:26:7D:A0:3F:39:C9:C7:B9:80:45:1C:E3
Certificate issuer: /CN=fbf62f7606273f41a6ccc8e2956076f3c0a1eb54
Certificate serial: 0183DBE0F3DF7987941E754002CE9DC4FFC2
Authority key identifier: FB:F6:2F:76:06:27:3F:41:A6:CC:C8:E2:95:60:76:F3:C0:A1:EB:54
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-_YvdgYnP0GmzMjilWB288Ch61Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/23/95eebb-0a9d-4f71-b3f9-5649e1b192bb/1/6tq6Kx2NXW4mfaA_OcnHuYBFHOM.roa
Signing time: Sat 15 Oct 2022 13:41:36 +0000
ROA not before: Sat 15 Oct 2022 13:41:36 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 197706
IP address blocks: 109.104.152.0/24 maxlen: 24
109.104.151.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:db:e0:f3:df:79:87:94:1e:75:40:02:ce:9d:c4:ff:c2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fbf62f7606273f41a6ccc8e2956076f3c0a1eb54
Validity
Not Before: Oct 15 13:41:36 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=eadaba2b1d8d5d6e267da03f39c9c7b980451ce3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:1a:b9:5c:15:dd:3e:f2:8c:0e:2f:4d:db:aa:
ae:6f:56:bf:1c:7f:f3:2c:65:e3:3c:8f:58:c5:e7:
7c:b5:c7:8f:37:3a:12:c2:59:17:58:59:cd:95:0e:
d1:8c:e1:69:e1:86:0e:33:9a:a5:e3:d2:36:12:e5:
b2:56:e5:93:ed:00:3a:43:a8:27:b0:b1:a8:a6:5c:
35:39:fe:9c:60:f7:46:12:35:90:6e:d7:3e:8c:52:
bb:2b:d9:02:f8:6e:d0:52:74:62:03:b9:c5:98:02:
34:27:13:41:0e:c5:7e:57:70:32:19:13:ad:db:0d:
8d:45:55:87:68:38:69:23:0d:eb:49:c6:04:4e:20:
6b:25:ec:8d:d0:7d:6a:9f:bc:bd:46:7c:ee:e3:a2:
c6:2b:4f:71:3f:0b:f3:07:f7:22:cd:f1:40:f9:a2:
35:00:45:c1:cd:cd:7f:1c:8f:86:d8:9a:ae:e8:11:
ba:fd:3a:f9:fc:5b:55:3b:ac:65:86:64:b6:f6:34:
01:9c:24:ae:22:fc:e4:99:80:69:84:08:c9:51:47:
63:f2:10:0e:c5:a0:1c:58:47:83:2e:c8:33:bb:1c:
f8:14:bd:47:40:c7:91:f0:5d:7f:ae:37:6c:53:af:
3f:de:d2:a2:86:92:4c:92:35:a2:d4:f7:d9:d9:d9:
8f:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EA:DA:BA:2B:1D:8D:5D:6E:26:7D:A0:3F:39:C9:C7:B9:80:45:1C:E3
X509v3 Authority Key Identifier:
keyid:FB:F6:2F:76:06:27:3F:41:A6:CC:C8:E2:95:60:76:F3:C0:A1:EB:54
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-_YvdgYnP0GmzMjilWB288Ch61Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/23/95eebb-0a9d-4f71-b3f9-5649e1b192bb/1/6tq6Kx2NXW4mfaA_OcnHuYBFHOM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/23/95eebb-0a9d-4f71-b3f9-5649e1b192bb/1/1-_YvdgYnP0GmzMjilWB288Ch61Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.104.151.0-109.104.152.255
Signature Algorithm: sha256WithRSAEncryption
d0:91:0d:6c:ab:66:9c:67:6c:b8:b1:06:b2:65:1b:67:64:cf:
b1:e1:a9:93:cb:eb:3e:c1:6f:a7:3b:93:8f:46:50:99:96:99:
26:0b:7f:61:e2:5b:e0:c1:3a:10:0c:cc:47:c5:42:cd:4f:9b:
fd:c8:ce:66:a9:ad:92:fd:da:d5:4f:05:8f:40:5b:68:ef:93:
1f:69:64:43:fa:7e:d2:ec:3e:c1:25:68:96:91:c6:c4:1e:4d:
83:9c:d5:f1:5a:e0:3e:88:62:4b:94:42:40:9e:77:51:b0:35:
96:06:f5:79:85:42:b4:9c:a4:6b:ca:a8:07:13:47:0c:9c:6e:
0b:1f:50:f2:89:65:a3:0b:67:8b:55:8a:ab:b2:48:78:26:c3:
61:d5:de:1b:88:e2:aa:c5:62:db:4a:43:02:1b:88:b4:68:a7:
ee:3a:aa:a3:6a:80:c5:41:af:5e:53:96:9e:b2:5d:81:6f:6d:
a6:70:e8:47:13:dd:52:6a:cd:ef:4e:d9:21:69:a2:6e:f6:7a:
32:7b:32:92:16:b1:af:aa:0f:59:c0:27:9c:67:b9:89:f1:c5:
d8:f8:aa:a7:6c:16:b1:cb:17:20:05:b7:3d:b9:f6:ff:4b:4e:
78:7f:b5:91:bb:ec:0d:11:d6:c2:2b:8f:a8:91:15:92:7d:b7:
d8:72:54:b2
-----BEGIN CERTIFICATE-----
MIIFBzCCA++gAwIBAgISAYPb4PPfeYeUHnVAAs6dxP/CMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZiZjYyZjc2MDYyNzNmNDFhNmNjYzhlMjk1NjA3NmYzYzBh
MWViNTQwHhcNMjIxMDE1MTM0MTM2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYWRhYmEyYjFkOGQ1ZDZlMjY3ZGEwM2YzOWM5YzdiOTgwNDUxY2UzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvBq5XBXdPvKMDi9N26qub1a/HH/z
LGXjPI9Yxed8tcePNzoSwlkXWFnNlQ7RjOFp4YYOM5ql49I2EuWyVuWT7QA6Q6gn
sLGoplw1Of6cYPdGEjWQbtc+jFK7K9kC+G7QUnRiA7nFmAI0JxNBDsV+V3AyGROt
2w2NRVWHaDhpIw3rScYETiBrJeyN0H1qn7y9Rnzu46LGK09xPwvzB/cizfFA+aI1
AEXBzc1/HI+G2Jqu6BG6/Tr5/FtVO6xlhmS29jQBnCSuIvzkmYBphAjJUUdj8hAO
xaAcWEeDLsgzuxz4FL1HQMeR8F1/rjdsU68/3tKihpJMkjWi1PfZ2dmPawIDAQAB
o4ICEzCCAg8wHQYDVR0OBBYEFOrauisdjV1uJn2gPznJx7mARRzjMB8GA1UdIwQY
MBaAFPv2L3YGJz9BpszI4pVgdvPAoetUMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1fWXZkZ1luUDBHbXpNamlsV0IyODhDaDYxUS5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjMvOTVlZWJiLTBhOWQtNGY3MS1iM2Y5
LTU2NDllMWIxOTJiYi8xLzZ0cTZLeDJOWFc0bWZhQV9PY25IdVlCRkhPTS5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMjMvOTVlZWJiLTBhOWQtNGY3MS1iM2Y5LTU2NDllMWIxOTJi
Yi8xLzEtX1l2ZGdZblAwR216TWppbFdCMjg4Q2g2MVEuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwJwYIKwYBBQUHAQcBAf8EGDAWMBQEAgABMA4wDAMEAG1o
lwMEAG1omDANBgkqhkiG9w0BAQsFAAOCAQEA0JENbKtmnGdsuLEGsmUbZ2TPseGp
k8vrPsFvpzuTj0ZQmZaZJgt/YeJb4ME6EAzMR8VCzU+b/cjOZqmtkv3a1U8Fj0Bb
aO+TH2lkQ/p+0uw+wSVolpHGxB5Ng5zV8VrgPohiS5RCQJ53UbA1lgb1eYVCtJyk
a8qoBxNHDJxuCx9Q8ollowtni1WKq7JIeCbDYdXeG4jiqsVi20pDAhuItGin7jqq
o2qAxUGvXlOWnrJdgW9tpnDoRxPdUmrN707ZIWmibvZ6Mnsykhaxr6oPWcAnnGe5
ifHF2Piqp2wWscsXIAW3Pbn2/0tOeH+1kbvsDRHWwiuPqJEVkn232HJUsg==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:49:04 2023 by rpki-client on console-ams.rpki-client.org