Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/23/95eebb-0a9d-4f71-b3f9-5649e1b192bb/1/WN2FTV3tp84WrEDIqwJ_3whI5r4.roa
File: WN2FTV3tp84WrEDIqwJ_3whI5r4.roa (raw, json)
Hash identifier: wZj+K/QX4swJIQBvF205rgbkXJaO0NBqng5h0s5AgC4=
Subject key identifier: 58:DD:85:4D:5D:ED:A7:CE:16:AC:40:C8:AB:02:7F:DF:08:48:E6:BE
Certificate issuer: /CN=fbf62f7606273f41a6ccc8e2956076f3c0a1eb54
Certificate serial: 0D2A5016
Authority key identifier: FB:F6:2F:76:06:27:3F:41:A6:CC:C8:E2:95:60:76:F3:C0:A1:EB:54
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-_YvdgYnP0GmzMjilWB288Ch61Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/23/95eebb-0a9d-4f71-b3f9-5649e1b192bb/1/WN2FTV3tp84WrEDIqwJ_3whI5r4.roa
Signing time: Wed 22 Jun 2022 20:29:32 +0000
ROA not before: Wed 22 Jun 2022 20:29:32 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 197706
IP address blocks: 109.104.149.0/24 maxlen: 24
109.104.148.0/24 maxlen: 24
109.104.146.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 220876822 (0xd2a5016)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fbf62f7606273f41a6ccc8e2956076f3c0a1eb54
Validity
Not Before: Jun 22 20:29:32 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=58dd854d5deda7ce16ac40c8ab027fdf0848e6be
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:37:72:36:44:df:e0:5d:c2:7e:e6:74:4b:eb:
9c:e2:b0:c4:6e:95:cc:09:fa:58:44:f1:57:e0:d4:
ab:d3:62:cc:31:92:44:c0:1e:c8:61:67:33:9a:44:
64:c7:a5:26:4c:11:86:50:f5:d2:6e:b8:df:3e:39:
3a:79:6b:59:fb:48:5c:e4:b3:9d:b1:06:99:13:dc:
e0:6f:2d:4e:7f:b2:94:58:00:87:ac:b4:e5:ba:63:
cd:e5:dd:4d:b3:09:b4:c1:e7:4e:52:58:41:cb:6e:
b8:ce:19:c0:95:10:c9:1d:d3:1a:52:30:3a:b3:d8:
e9:08:02:c8:e2:fd:2f:20:ba:36:b8:98:07:7e:e2:
97:f9:8f:51:fd:74:5b:7d:cf:c4:8a:c8:a9:1a:fe:
6a:7c:81:c8:f3:66:71:41:1c:1e:aa:27:14:31:53:
fa:68:f8:bb:02:62:57:83:1e:29:89:a2:ed:40:57:
2c:f0:7b:03:29:cb:bd:86:17:63:bb:db:65:c0:d4:
c8:34:99:78:b6:16:90:24:c4:94:38:ba:2e:9e:db:
5f:8c:4c:aa:26:04:4d:c5:d1:55:6c:d4:21:26:22:
ac:c7:fa:15:ed:d7:16:f7:00:b3:f2:a6:17:a4:63:
d0:11:48:a5:b1:73:c2:b1:8e:7e:99:13:15:52:a2:
8d:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:DD:85:4D:5D:ED:A7:CE:16:AC:40:C8:AB:02:7F:DF:08:48:E6:BE
X509v3 Authority Key Identifier:
keyid:FB:F6:2F:76:06:27:3F:41:A6:CC:C8:E2:95:60:76:F3:C0:A1:EB:54
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-_YvdgYnP0GmzMjilWB288Ch61Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/23/95eebb-0a9d-4f71-b3f9-5649e1b192bb/1/WN2FTV3tp84WrEDIqwJ_3whI5r4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/23/95eebb-0a9d-4f71-b3f9-5649e1b192bb/1/1-_YvdgYnP0GmzMjilWB288Ch61Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.104.146.0/24
109.104.148.0/23
Signature Algorithm: sha256WithRSAEncryption
a8:dd:97:ff:64:d4:71:18:3a:bc:ae:f7:cf:8e:f0:1b:07:7d:
1a:bd:46:a1:27:db:ce:80:96:f8:85:ab:7c:72:30:99:b3:c0:
55:94:88:a2:7a:1f:29:ba:ef:1b:67:d0:b0:45:75:45:2f:a5:
e8:a5:4e:80:a9:2d:09:6f:ca:e3:e4:8d:ff:cf:b0:15:e4:a3:
3b:60:ed:0f:45:04:aa:74:5b:ec:41:28:49:19:19:02:5f:d9:
1d:ed:37:ea:11:e3:79:c5:9f:a8:c6:0b:6f:f2:a8:04:78:1e:
14:39:a4:04:65:ed:5c:58:4e:17:91:51:51:28:49:d5:9e:78:
34:72:b9:f3:fd:c2:e6:c9:6a:ad:68:0d:3e:f5:ad:a9:4b:b2:
3d:54:83:06:57:5a:b8:17:24:01:0e:ee:be:27:28:77:17:4c:
63:0f:91:21:9e:f5:36:17:fd:fe:3a:f4:ff:ca:d5:2c:53:67:
18:85:ae:16:ec:5b:7f:d2:f4:78:01:41:8d:82:3c:50:29:24:
bf:4f:43:2d:94:7a:26:ad:33:46:51:1c:b3:16:8c:fe:be:d5:
51:f5:91:dc:6a:be:f3:ad:f2:0b:37:6b:4d:32:be:de:08:13:
1c:a8:85:13:12:97:77:cd:85:b3:33:69:52:0f:ef:eb:c7:e1:
e1:7d:ac:90
-----BEGIN CERTIFICATE-----
MIIE9zCCA9+gAwIBAgIEDSpQFjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
YmY2MmY3NjA2MjczZjQxYTZjY2M4ZTI5NTYwNzZmM2MwYTFlYjU0MB4XDTIyMDYy
MjIwMjkzMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNThkZDg1NGQ1ZGVk
YTdjZTE2YWM0MGM4YWIwMjdmZGYwODQ4ZTZiZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAL03cjZE3+Bdwn7mdEvrnOKwxG6VzAn6WETxV+DUq9NizDGS
RMAeyGFnM5pEZMelJkwRhlD10m643z45OnlrWftIXOSznbEGmRPc4G8tTn+ylFgA
h6y05bpjzeXdTbMJtMHnTlJYQctuuM4ZwJUQyR3TGlIwOrPY6QgCyOL9LyC6NriY
B37il/mPUf10W33PxIrIqRr+anyByPNmcUEcHqonFDFT+mj4uwJiV4MeKYmi7UBX
LPB7AynLvYYXY7vbZcDUyDSZeLYWkCTElDi6Lp7bX4xMqiYETcXRVWzUISYirMf6
Fe3XFvcAs/KmF6Rj0BFIpbFzwrGOfpkTFVKijXMCAwEAAaOCAhEwggINMB0GA1Ud
DgQWBBRY3YVNXe2nzhasQMirAn/fCEjmvjAfBgNVHSMEGDAWgBT79i92Bic/QabM
yOKVYHbzwKHrVDAOBgNVHQ8BAf8EBAMCB4AwZQYIKwYBBQUHAQEEWTBXMFUGCCsG
AQUFBzAChklyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzEtX1l2ZGdZblAwR216TWppbFdCMjg4Q2g2MVEuY2VyMIGNBggrBgEFBQcBCwSB
gDB+MHwGCCsGAQUFBzALhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS9ERUZBVUxULzIzLzk1ZWViYi0wYTlkLTRmNzEtYjNmOS01NjQ5ZTFiMTkyYmIv
MS9XTjJGVFYzdHA4NFdyRURJcXdKXzN3aEk1cjQucm9hMIGCBgNVHR8EezB5MHeg
daBzhnFyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzIz
Lzk1ZWViYi0wYTlkLTRmNzEtYjNmOS01NjQ5ZTFiMTkyYmIvMS8xLV9ZdmRnWW5Q
MEdtek1qaWxXQjI4OENoNjFRLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4C
MCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAbWiSAwQBbWiUMA0GCSqGSIb3
DQEBCwUAA4IBAQCo3Zf/ZNRxGDq8rvfPjvAbB30avUahJ9vOgJb4hat8cjCZs8BV
lIiieh8puu8bZ9CwRXVFL6XopU6AqS0Jb8rj5I3/z7AV5KM7YO0PRQSqdFvsQShJ
GRkCX9kd7TfqEeN5xZ+oxgtv8qgEeB4UOaQEZe1cWE4XkVFRKEnVnng0crnz/cLm
yWqtaA0+9a2pS7I9VIMGV1q4FyQBDu6+Jyh3F0xjD5EhnvU2F/3+OvT/ytUsU2cY
ha4W7Ft/0vR4AUGNgjxQKSS/T0MtlHomrTNGURyzFoz+vtVR9ZHcar7zrfILN2tN
Mr7eCBMcqIUTEpd3zYWzM2lSD+/rx+HhfayQ
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:49:04 2023 by rpki-client on console-ams.rpki-client.org