Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/23/95eebb-0a9d-4f71-b3f9-5649e1b192bb/1/BPUSG1vgmxhqL6RFi19t_7_GlT0.roa
File: BPUSG1vgmxhqL6RFi19t_7_GlT0.roa (raw, json)
Hash identifier: NdXYNjEQFE9Lrb/DEe3816IEqyytdGD4WCLkR7OKJes=
Subject key identifier: 04:F5:12:1B:5B:E0:9B:18:6A:2F:A4:45:8B:5F:6D:FF:BF:C6:95:3D
Certificate issuer: /CN=fbf62f7606273f41a6ccc8e2956076f3c0a1eb54
Certificate serial: 0BD6B9CD
Authority key identifier: FB:F6:2F:76:06:27:3F:41:A6:CC:C8:E2:95:60:76:F3:C0:A1:EB:54
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-_YvdgYnP0GmzMjilWB288Ch61Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/23/95eebb-0a9d-4f71-b3f9-5649e1b192bb/1/BPUSG1vgmxhqL6RFi19t_7_GlT0.roa
Signing time: Thu 03 Feb 2022 15:01:52 +0000
ROA not before: Thu 03 Feb 2022 15:01:52 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 197706
IP address blocks: 109.104.149.0/24 maxlen: 24
109.104.147.0/24 maxlen: 24
109.104.148.0/24 maxlen: 24
109.104.146.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 198621645 (0xbd6b9cd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fbf62f7606273f41a6ccc8e2956076f3c0a1eb54
Validity
Not Before: Feb 3 15:01:52 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=04f5121b5be09b186a2fa4458b5f6dffbfc6953d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f6:f3:16:51:d8:db:63:3b:af:3f:ae:ff:9f:7d:
8e:3d:cd:43:46:cc:ec:c0:cf:48:d0:09:fe:0d:56:
82:7e:0c:08:5c:91:94:49:1e:a8:47:7b:4b:61:29:
0c:d3:be:2f:9e:d1:f2:f3:dd:f1:2f:d4:79:b8:67:
f9:cf:d9:98:04:d6:57:21:d3:2e:bd:e2:31:90:98:
7a:91:0f:a4:be:00:fa:03:dc:52:61:9e:e4:c4:99:
3b:ec:87:94:e1:cc:e7:0e:52:31:c1:ba:e8:69:1b:
2c:54:bb:8e:2f:76:26:06:8d:11:89:91:ab:30:72:
fd:b7:3e:68:90:91:2c:cf:ca:3d:08:ac:09:9c:54:
b1:f6:b8:52:5e:c8:ee:30:9d:6d:8d:03:23:ab:d7:
73:87:b1:41:01:e6:f3:06:5c:e8:15:c4:d9:db:e4:
81:68:d4:72:84:46:2b:04:29:c1:dc:70:0f:c0:96:
fe:02:85:35:22:3c:17:12:6e:e1:e2:28:a6:8d:f6:
c5:2f:2c:1e:14:86:35:b3:ec:32:04:25:c2:b5:ab:
c4:d6:84:6d:2d:01:5f:64:d8:5f:e4:e9:2a:17:b6:
17:d0:ae:0f:13:26:79:06:db:22:52:b6:b7:31:78:
d7:85:c1:b9:dd:f7:3d:8b:9f:0c:0b:3b:a1:27:c6:
57:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:F5:12:1B:5B:E0:9B:18:6A:2F:A4:45:8B:5F:6D:FF:BF:C6:95:3D
X509v3 Authority Key Identifier:
keyid:FB:F6:2F:76:06:27:3F:41:A6:CC:C8:E2:95:60:76:F3:C0:A1:EB:54
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-_YvdgYnP0GmzMjilWB288Ch61Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/23/95eebb-0a9d-4f71-b3f9-5649e1b192bb/1/BPUSG1vgmxhqL6RFi19t_7_GlT0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/23/95eebb-0a9d-4f71-b3f9-5649e1b192bb/1/1-_YvdgYnP0GmzMjilWB288Ch61Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.104.146.0-109.104.149.255
Signature Algorithm: sha256WithRSAEncryption
23:9c:99:08:38:4f:18:93:c8:d0:ed:c0:e7:ca:83:9b:ad:ad:
c3:db:7b:e5:d5:fe:58:d1:83:33:98:69:8b:4f:de:fb:9d:80:
cb:e3:fb:fd:f9:b7:49:55:7e:3c:67:fd:fb:9d:08:c7:aa:65:
7f:78:a2:c2:ba:ce:e5:29:42:b6:3b:d4:de:28:a3:d1:47:7a:
ec:cb:83:7f:d0:a1:81:b9:c8:3d:39:e3:d6:66:ee:c7:af:7d:
f0:e4:7a:df:28:aa:21:30:07:fa:9a:08:34:80:24:5c:eb:eb:
54:2b:3b:5d:f4:db:f0:11:56:e3:17:21:97:5c:9c:c5:26:bd:
10:48:05:5f:97:a6:b6:a7:2e:68:ef:e9:50:1a:a9:67:83:36:
34:d3:c4:b0:86:db:71:fd:6e:8b:00:36:2b:ce:ec:0e:80:af:
da:12:28:51:e0:2f:f0:86:e4:bc:ab:bb:bf:3d:8f:44:48:31:
ea:e7:b3:59:e7:7d:75:4e:15:7e:29:bd:60:42:bd:6b:c6:30:
b0:3a:23:d0:66:cb:da:2a:67:31:15:50:b5:6d:b6:81:da:12:
08:5a:87:06:68:55:0f:0b:4d:50:5e:1e:32:99:0a:55:d9:8d:
93:5d:c6:73:73:af:d5:7c:1e:e9:24:92:ae:f5:75:42:95:2d:
9b:d0:ee:e8
-----BEGIN CERTIFICATE-----
MIIE+TCCA+GgAwIBAgIEC9a5zTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
YmY2MmY3NjA2MjczZjQxYTZjY2M4ZTI5NTYwNzZmM2MwYTFlYjU0MB4XDTIyMDIw
MzE1MDE1MloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMDRmNTEyMWI1YmUw
OWIxODZhMmZhNDQ1OGI1ZjZkZmZiZmM2OTUzZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAPbzFlHY22M7rz+u/599jj3NQ0bM7MDPSNAJ/g1Wgn4MCFyR
lEkeqEd7S2EpDNO+L57R8vPd8S/Uebhn+c/ZmATWVyHTLr3iMZCYepEPpL4A+gPc
UmGe5MSZO+yHlOHM5w5SMcG66GkbLFS7ji92JgaNEYmRqzBy/bc+aJCRLM/KPQis
CZxUsfa4Ul7I7jCdbY0DI6vXc4exQQHm8wZc6BXE2dvkgWjUcoRGKwQpwdxwD8CW
/gKFNSI8FxJu4eIopo32xS8sHhSGNbPsMgQlwrWrxNaEbS0BX2TYX+TpKhe2F9Cu
DxMmeQbbIlK2tzF414XBud33PYufDAs7oSfGV0MCAwEAAaOCAhMwggIPMB0GA1Ud
DgQWBBQE9RIbW+CbGGovpEWLX23/v8aVPTAfBgNVHSMEGDAWgBT79i92Bic/QabM
yOKVYHbzwKHrVDAOBgNVHQ8BAf8EBAMCB4AwZQYIKwYBBQUHAQEEWTBXMFUGCCsG
AQUFBzAChklyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzEtX1l2ZGdZblAwR216TWppbFdCMjg4Q2g2MVEuY2VyMIGNBggrBgEFBQcBCwSB
gDB+MHwGCCsGAQUFBzALhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS9ERUZBVUxULzIzLzk1ZWViYi0wYTlkLTRmNzEtYjNmOS01NjQ5ZTFiMTkyYmIv
MS9CUFVTRzF2Z214aHFMNlJGaTE5dF83X0dsVDAucm9hMIGCBgNVHR8EezB5MHeg
daBzhnFyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzIz
Lzk1ZWViYi0wYTlkLTRmNzEtYjNmOS01NjQ5ZTFiMTkyYmIvMS8xLV9ZdmRnWW5Q
MEdtek1qaWxXQjI4OENoNjFRLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4C
MCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAFtaJIDBAFtaJQwDQYJKoZI
hvcNAQELBQADggEBACOcmQg4TxiTyNDtwOfKg5utrcPbe+XV/ljRgzOYaYtP3vud
gMvj+/35t0lVfjxn/fudCMeqZX94osK6zuUpQrY71N4oo9FHeuzLg3/QoYG5yD05
49Zm7sevffDket8oqiEwB/qaCDSAJFzr61QrO1302/ARVuMXIZdcnMUmvRBIBV+X
pranLmjv6VAaqWeDNjTTxLCG23H9bosANivO7A6Ar9oSKFHgL/CG5Lyru789j0RI
Merns1nnfXVOFX4pvWBCvWvGMLA6I9Bmy9oqZzEVULVttoHaEghahwZoVQ8LTVBe
HjKZClXZjZNdxnNzr9V8Hukkkq71dUKVLZvQ7ug=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:45:17 2023 by rpki-client on console-fra.rpki-client.org