Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/23/95eebb-0a9d-4f71-b3f9-5649e1b192bb/1/d6Rg6FWWc_b7ukMU0L5zObAuPnY.roa
File: d6Rg6FWWc_b7ukMU0L5zObAuPnY.roa (raw, json)
Hash identifier: 8GkAK/z3P0TUDDzFe/c6+5a9lrLdCmrOi+mMHFzXpWY=
Subject key identifier: 77:A4:60:E8:55:96:73:F6:FB:BA:43:14:D0:BE:73:39:B0:2E:3E:76
Certificate issuer: /CN=fbf62f7606273f41a6ccc8e2956076f3c0a1eb54
Certificate serial: 0184A38F1E28E4DA3EB263164016666C9E5B
Authority key identifier: FB:F6:2F:76:06:27:3F:41:A6:CC:C8:E2:95:60:76:F3:C0:A1:EB:54
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-_YvdgYnP0GmzMjilWB288Ch61Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/23/95eebb-0a9d-4f71-b3f9-5649e1b192bb/1/d6Rg6FWWc_b7ukMU0L5zObAuPnY.roa
Signing time: Wed 23 Nov 2022 08:16:16 +0000
ROA not before: Wed 23 Nov 2022 08:16:16 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 208485
IP address blocks: 109.104.148.0/24 maxlen: 24
109.104.150.0/24 maxlen: 24
109.104.149.0/24 maxlen: 24
109.104.146.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:a3:8f:1e:28:e4:da:3e:b2:63:16:40:16:66:6c:9e:5b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fbf62f7606273f41a6ccc8e2956076f3c0a1eb54
Validity
Not Before: Nov 23 08:16:16 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=77a460e8559673f6fbba4314d0be7339b02e3e76
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:cd:0d:8a:5c:d6:f1:1e:eb:92:fc:d0:99:fb:
4f:6c:61:b1:36:c6:17:78:99:8e:c0:ee:70:0f:c7:
1a:72:1c:62:91:80:64:71:84:7b:b0:ef:b6:59:d6:
14:cb:8d:a6:8e:bd:cb:9c:ce:f0:ac:2c:70:32:76:
39:da:f6:c8:9d:c1:55:e1:9b:70:8c:d9:b6:d2:b0:
2d:ad:9e:34:8b:68:dd:57:30:0a:f4:5d:63:72:1a:
7b:00:81:72:55:de:93:9e:ac:66:3b:70:85:7f:d9:
03:aa:d2:a7:51:8f:3a:93:fe:f4:c2:73:9b:45:b2:
98:05:6c:f2:8e:67:c7:b4:35:37:d8:d7:93:24:50:
75:90:22:e2:34:45:73:17:ad:14:cd:91:40:91:2c:
fb:e3:cf:f3:09:a0:be:c9:b2:cf:a9:d3:e7:0f:75:
c2:09:3b:85:7d:3c:76:3f:b3:bd:ca:02:77:0a:e5:
73:63:b0:d3:36:9f:f9:ec:77:00:03:c3:94:2f:fb:
c7:62:d8:0d:8d:29:ba:22:e0:de:73:99:46:cd:b7:
18:e4:ec:12:b7:31:b0:cb:94:ad:c9:17:a6:4c:ec:
35:70:8c:d9:85:44:94:0e:34:f8:b5:73:ad:a5:82:
8a:ac:16:b3:a8:0e:3d:8b:b4:cc:e1:3b:4f:29:66:
77:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:A4:60:E8:55:96:73:F6:FB:BA:43:14:D0:BE:73:39:B0:2E:3E:76
X509v3 Authority Key Identifier:
keyid:FB:F6:2F:76:06:27:3F:41:A6:CC:C8:E2:95:60:76:F3:C0:A1:EB:54
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-_YvdgYnP0GmzMjilWB288Ch61Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/23/95eebb-0a9d-4f71-b3f9-5649e1b192bb/1/d6Rg6FWWc_b7ukMU0L5zObAuPnY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/23/95eebb-0a9d-4f71-b3f9-5649e1b192bb/1/1-_YvdgYnP0GmzMjilWB288Ch61Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.104.146.0/24
109.104.148.0-109.104.150.255
Signature Algorithm: sha256WithRSAEncryption
04:d4:3e:88:14:1f:08:9b:a1:5d:da:28:1a:d7:68:68:9d:34:
2b:2a:46:76:f9:4b:72:5f:6c:24:8c:29:0b:45:39:3c:04:8b:
ff:25:d6:fa:b6:97:da:85:aa:d4:d8:07:c5:24:f6:6e:ef:1c:
5d:29:6e:ca:0e:96:07:7f:3f:a8:b7:f9:f5:d8:f3:55:1a:07:
b9:7a:94:2c:7e:2d:8b:28:2b:04:02:70:af:63:d2:89:4d:c4:
77:38:93:6f:2b:8f:d7:59:fb:9d:00:be:f3:c6:f7:16:c7:77:
d7:80:28:c3:5e:24:38:9f:ef:48:3b:1e:ea:9b:15:1d:12:9d:
87:fd:58:af:5b:47:92:25:a5:95:af:dc:10:27:ce:22:28:22:
de:45:49:1f:fa:61:b7:61:fb:02:9f:4a:87:38:79:f8:d8:73:
e2:72:45:c8:dd:9d:59:15:8c:8c:46:2a:27:e3:c7:24:51:d9:
dd:60:0f:f4:dc:01:10:42:61:46:65:d1:8f:be:fa:c3:9a:f4:
3f:8b:0b:87:96:cb:da:62:a4:a9:80:44:d3:0b:dd:dc:ca:11:
b1:28:1d:61:ce:aa:4a:16:bf:80:7a:a2:fa:53:29:5e:0f:57:
0a:68:66:dc:8d:2a:95:64:e0:d6:76:d6:b7:95:02:b5:67:cc:
ea:61:ab:e8
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgISAYSjjx4o5No+smMWQBZmbJ5bMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZiZjYyZjc2MDYyNzNmNDFhNmNjYzhlMjk1NjA3NmYzYzBh
MWViNTQwHhcNMjIxMTIzMDgxNjE2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3N2E0NjBlODU1OTY3M2Y2ZmJiYTQzMTRkMGJlNzMzOWIwMmUzZTc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmc0NilzW8R7rkvzQmftPbGGxNsYX
eJmOwO5wD8cachxikYBkcYR7sO+2WdYUy42mjr3LnM7wrCxwMnY52vbIncFV4Ztw
jNm20rAtrZ40i2jdVzAK9F1jchp7AIFyVd6TnqxmO3CFf9kDqtKnUY86k/70wnOb
RbKYBWzyjmfHtDU32NeTJFB1kCLiNEVzF60UzZFAkSz748/zCaC+ybLPqdPnD3XC
CTuFfTx2P7O9ygJ3CuVzY7DTNp/57HcAA8OUL/vHYtgNjSm6IuDec5lGzbcY5OwS
tzGwy5StyRemTOw1cIzZhUSUDjT4tXOtpYKKrBazqA49i7TM4TtPKWZ3ewIDAQAB
o4ICGTCCAhUwHQYDVR0OBBYEFHekYOhVlnP2+7pDFNC+czmwLj52MB8GA1UdIwQY
MBaAFPv2L3YGJz9BpszI4pVgdvPAoetUMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1fWXZkZ1luUDBHbXpNamlsV0IyODhDaDYxUS5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjMvOTVlZWJiLTBhOWQtNGY3MS1iM2Y5
LTU2NDllMWIxOTJiYi8xL2Q2Umc2RldXY19iN3VrTVUwTDV6T2JBdVBuWS5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMjMvOTVlZWJiLTBhOWQtNGY3MS1iM2Y5LTU2NDllMWIxOTJi
Yi8xLzEtX1l2ZGdZblAwR216TWppbFdCMjg4Q2g2MVEuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwLQYIKwYBBQUHAQcBAf8EHjAcMBoEAgABMBQDBABtaJIw
DAMEAm1olAMEAG1oljANBgkqhkiG9w0BAQsFAAOCAQEABNQ+iBQfCJuhXdooGtdo
aJ00KypGdvlLcl9sJIwpC0U5PASL/yXW+raX2oWq1NgHxST2bu8cXSluyg6WB38/
qLf59djzVRoHuXqULH4tiygrBAJwr2PSiU3EdziTbyuP11n7nQC+88b3Fsd314Ao
w14kOJ/vSDse6psVHRKdh/1Yr1tHkiWlla/cECfOIigi3kVJH/pht2H7Ap9Khzh5
+Nhz4nJFyN2dWRWMjEYqJ+PHJFHZ3WAP9NwBEEJhRmXRj776w5r0P4sLh5bL2mKk
qYBE0wvd3MoRsSgdYc6qSha/gHqi+lMpXg9XCmhm3I0qlWTg1nbWt5UCtWfM6mGr
6A==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:22:26 2024 by rpki-client on console-fra.rpki-client.org