Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/23/95eebb-0a9d-4f71-b3f9-5649e1b192bb/1/SqA5YA2zyQt0_vXxLiVQyeXyZhM.roa
File: SqA5YA2zyQt0_vXxLiVQyeXyZhM.roa (raw, json)
Hash identifier: lDaOomag+szCEVD0u09+lLCJZkJlgzrxuIqjJxcoTBQ=
Subject key identifier: 4A:A0:39:60:0D:B3:C9:0B:74:FE:F5:F1:2E:25:50:C9:E5:F2:66:13
Certificate issuer: /CN=fbf62f7606273f41a6ccc8e2956076f3c0a1eb54
Certificate serial: 0C2635DD
Authority key identifier: FB:F6:2F:76:06:27:3F:41:A6:CC:C8:E2:95:60:76:F3:C0:A1:EB:54
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-_YvdgYnP0GmzMjilWB288Ch61Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/23/95eebb-0a9d-4f71-b3f9-5649e1b192bb/1/SqA5YA2zyQt0_vXxLiVQyeXyZhM.roa
Signing time: Mon 07 Mar 2022 08:05:09 +0000
ROA not before: Mon 07 Mar 2022 08:05:09 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 197706
IP address blocks: 109.104.149.0/24 maxlen: 24
109.104.147.0/24 maxlen: 24
109.104.148.0/24 maxlen: 24
109.104.146.0/24 maxlen: 24
109.104.150.0/24 maxlen: 24
109.104.151.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 203830749 (0xc2635dd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fbf62f7606273f41a6ccc8e2956076f3c0a1eb54
Validity
Not Before: Mar 7 08:05:09 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=4aa039600db3c90b74fef5f12e2550c9e5f26613
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:e4:0e:b8:ac:b7:0d:ce:f6:7e:9d:9b:d6:d5:
28:3a:8f:d7:41:47:cd:cb:f0:86:80:ce:e1:cd:31:
df:92:8f:a7:2a:01:94:45:e0:05:39:9f:ab:87:53:
c3:72:be:ac:af:3d:da:7d:fd:14:90:4d:2f:5c:91:
31:26:3d:14:ee:15:c6:5e:a8:2d:09:64:ff:64:27:
39:2c:29:1f:6e:30:2d:26:85:2d:d0:83:bb:26:f1:
07:1d:63:b7:53:ee:42:da:23:d0:8f:f2:98:34:18:
e8:83:9b:25:e3:b5:c6:a0:a4:64:7d:b6:06:72:e8:
a6:92:f2:ae:ac:19:87:2d:5a:f3:4f:ae:9e:4c:a4:
c4:99:d2:29:be:9d:5a:59:7c:dd:a9:79:eb:2f:33:
bb:c4:7f:4c:92:ce:5f:8d:b2:c9:78:5b:bf:48:64:
00:e5:63:d4:43:3a:37:67:32:ea:ae:d5:c1:a9:7a:
ae:21:d2:88:ef:e0:b8:f2:26:bb:7b:8f:2a:55:fd:
a0:ff:b5:44:f0:62:3c:70:1a:35:97:6d:06:96:b0:
40:8f:29:db:6b:9f:89:d6:61:2e:76:4b:9b:b8:2c:
2d:10:fc:aa:35:02:81:a5:12:3b:7d:db:c2:69:15:
77:7b:8a:92:15:a6:92:99:b6:b3:4d:22:a0:24:4a:
3c:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:A0:39:60:0D:B3:C9:0B:74:FE:F5:F1:2E:25:50:C9:E5:F2:66:13
X509v3 Authority Key Identifier:
keyid:FB:F6:2F:76:06:27:3F:41:A6:CC:C8:E2:95:60:76:F3:C0:A1:EB:54
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-_YvdgYnP0GmzMjilWB288Ch61Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/23/95eebb-0a9d-4f71-b3f9-5649e1b192bb/1/SqA5YA2zyQt0_vXxLiVQyeXyZhM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/23/95eebb-0a9d-4f71-b3f9-5649e1b192bb/1/1-_YvdgYnP0GmzMjilWB288Ch61Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.104.146.0-109.104.151.255
Signature Algorithm: sha256WithRSAEncryption
41:70:ca:83:6c:65:77:d9:0e:9a:3a:51:e8:03:46:e5:43:99:
04:2f:60:75:b0:c9:55:38:98:90:a8:a4:3d:d6:5f:4e:d3:36:
06:2b:3c:3e:54:cc:94:15:24:f9:76:72:7d:f2:f7:7c:dd:7b:
e4:0b:d7:f5:8f:38:29:52:ee:cd:56:28:06:38:e5:15:0b:b6:
3a:39:cd:49:d6:79:78:10:b8:f3:ed:2c:a6:bd:00:7a:45:14:
4e:f0:92:d9:37:5c:d3:48:a1:54:ec:0f:bf:e4:7c:9a:1a:a2:
56:69:0c:ae:16:ac:e9:68:6f:3c:24:55:0c:21:c6:7d:e4:3a:
d5:36:f8:9b:43:86:32:d6:28:67:7d:f6:cf:ea:3b:29:27:1a:
32:6a:0e:b2:49:c0:96:c6:90:27:02:93:4d:e7:c8:da:4d:da:
fa:76:66:87:ee:93:64:55:00:a3:d5:d6:28:96:9a:91:7f:4d:
b6:2a:42:3f:d0:00:75:50:de:35:e2:f8:6b:f5:c0:d4:42:ff:
82:b7:bb:a3:64:27:25:a4:e9:6b:b8:9d:d1:1f:7f:20:98:5d:
7c:a2:e1:83:f5:0f:f6:ff:3e:d5:1b:aa:ec:9e:34:2c:47:97:
c6:52:d7:4f:7b:04:8e:a1:ba:f0:b2:20:34:20:e5:6a:e4:d9:
6a:96:40:54
-----BEGIN CERTIFICATE-----
MIIE+TCCA+GgAwIBAgIEDCY13TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
YmY2MmY3NjA2MjczZjQxYTZjY2M4ZTI5NTYwNzZmM2MwYTFlYjU0MB4XDTIyMDMw
NzA4MDUwOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNGFhMDM5NjAwZGIz
YzkwYjc0ZmVmNWYxMmUyNTUwYzllNWYyNjYxMzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALDkDristw3O9n6dm9bVKDqP10FHzcvwhoDO4c0x35KPpyoB
lEXgBTmfq4dTw3K+rK892n39FJBNL1yRMSY9FO4Vxl6oLQlk/2QnOSwpH24wLSaF
LdCDuybxBx1jt1PuQtoj0I/ymDQY6IObJeO1xqCkZH22BnLoppLyrqwZhy1a80+u
nkykxJnSKb6dWll83al56y8zu8R/TJLOX42yyXhbv0hkAOVj1EM6N2cy6q7Vwal6
riHSiO/guPImu3uPKlX9oP+1RPBiPHAaNZdtBpawQI8p22ufidZhLnZLm7gsLRD8
qjUCgaUSO33bwmkVd3uKkhWmkpm2s00ioCRKPKECAwEAAaOCAhMwggIPMB0GA1Ud
DgQWBBRKoDlgDbPJC3T+9fEuJVDJ5fJmEzAfBgNVHSMEGDAWgBT79i92Bic/QabM
yOKVYHbzwKHrVDAOBgNVHQ8BAf8EBAMCB4AwZQYIKwYBBQUHAQEEWTBXMFUGCCsG
AQUFBzAChklyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzEtX1l2ZGdZblAwR216TWppbFdCMjg4Q2g2MVEuY2VyMIGNBggrBgEFBQcBCwSB
gDB+MHwGCCsGAQUFBzALhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS9ERUZBVUxULzIzLzk1ZWViYi0wYTlkLTRmNzEtYjNmOS01NjQ5ZTFiMTkyYmIv
MS9TcUE1WUEyenlRdDBfdlh4TGlWUXllWHlaaE0ucm9hMIGCBgNVHR8EezB5MHeg
daBzhnFyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzIz
Lzk1ZWViYi0wYTlkLTRmNzEtYjNmOS01NjQ5ZTFiMTkyYmIvMS8xLV9ZdmRnWW5Q
MEdtek1qaWxXQjI4OENoNjFRLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4C
MCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAFtaJIDBANtaJAwDQYJKoZI
hvcNAQELBQADggEBAEFwyoNsZXfZDpo6UegDRuVDmQQvYHWwyVU4mJCopD3WX07T
NgYrPD5UzJQVJPl2cn3y93zde+QL1/WPOClS7s1WKAY45RULtjo5zUnWeXgQuPPt
LKa9AHpFFE7wktk3XNNIoVTsD7/kfJoaolZpDK4WrOlobzwkVQwhxn3kOtU2+JtD
hjLWKGd99s/qOyknGjJqDrJJwJbGkCcCk03nyNpN2vp2Zofuk2RVAKPV1iiWmpF/
TbYqQj/QAHVQ3jXi+Gv1wNRC/4K3u6NkJyWk6Wu4ndEffyCYXXyi4YP1D/b/PtUb
quyeNCxHl8ZS1097BI6huvCyIDQg5Wrk2WqWQFQ=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:49:04 2023 by rpki-client on console-ams.rpki-client.org