Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/23/95eebb-0a9d-4f71-b3f9-5649e1b192bb/1/lwfTtVz7KqMoeejTSSvYmAzCaHE.roa
File: lwfTtVz7KqMoeejTSSvYmAzCaHE.roa (raw, json)
Hash identifier: WWchWbbXzaYYbj3CJIDVuxOcb5RKTtN+tQenyfzx3ig=
Subject key identifier: 97:07:D3:B5:5C:FB:2A:A3:28:79:E8:D3:49:2B:D8:98:0C:C2:68:71
Certificate issuer: /CN=fbf62f7606273f41a6ccc8e2956076f3c0a1eb54
Certificate serial: 018215D448C2F7568A03DB62BA6D6D8D33C9
Authority key identifier: FB:F6:2F:76:06:27:3F:41:A6:CC:C8:E2:95:60:76:F3:C0:A1:EB:54
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-_YvdgYnP0GmzMjilWB288Ch61Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/23/95eebb-0a9d-4f71-b3f9-5649e1b192bb/1/lwfTtVz7KqMoeejTSSvYmAzCaHE.roa
Signing time: Tue 19 Jul 2022 09:40:09 +0000
ROA not before: Tue 19 Jul 2022 09:40:09 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 197706
IP address blocks: 109.104.149.0/24 maxlen: 24
109.104.146.0/24 maxlen: 24
109.104.152.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:15:d4:48:c2:f7:56:8a:03:db:62:ba:6d:6d:8d:33:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fbf62f7606273f41a6ccc8e2956076f3c0a1eb54
Validity
Not Before: Jul 19 09:40:09 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9707d3b55cfb2aa32879e8d3492bd8980cc26871
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:66:fe:a3:4a:17:31:7c:da:0e:6f:9c:98:37:
ab:3f:3c:2c:f3:90:a6:2d:c2:c7:40:db:5e:66:3b:
fb:eb:a7:90:19:46:92:c5:db:59:f7:01:ca:51:89:
51:46:d1:ba:8d:81:db:6f:96:70:6b:3c:2f:8b:8e:
4c:81:ab:35:d1:66:c9:66:c6:2d:f4:4c:a6:2e:9f:
fd:3e:51:20:a2:86:1a:ff:ce:aa:64:45:99:19:f1:
8c:23:83:04:09:33:8f:16:99:3c:3f:95:59:32:7a:
3c:2b:8e:f8:df:dc:52:15:3a:e1:db:14:3e:89:c8:
b6:19:f8:a3:81:a1:b7:d2:89:97:48:f5:dc:b2:ee:
9c:4d:16:64:11:53:bc:55:9a:55:40:76:66:44:9c:
67:c5:d9:64:d2:9c:b6:7d:93:9e:15:3e:77:b6:26:
f8:83:aa:a3:0c:0f:99:1f:02:44:c9:70:02:91:7f:
30:40:c2:03:39:6a:0c:cc:d2:e8:64:74:51:3e:71:
5c:cc:53:a5:88:da:d9:7b:7a:2d:8f:33:08:8b:ab:
7f:77:79:8b:ed:15:a1:d8:96:47:cd:c8:06:37:c3:
6c:7f:84:34:a5:97:a8:57:03:06:76:24:5f:a3:e7:
bd:48:9f:fc:f4:4a:48:7e:cd:50:77:6c:39:ba:2a:
0b:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:07:D3:B5:5C:FB:2A:A3:28:79:E8:D3:49:2B:D8:98:0C:C2:68:71
X509v3 Authority Key Identifier:
keyid:FB:F6:2F:76:06:27:3F:41:A6:CC:C8:E2:95:60:76:F3:C0:A1:EB:54
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-_YvdgYnP0GmzMjilWB288Ch61Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/23/95eebb-0a9d-4f71-b3f9-5649e1b192bb/1/lwfTtVz7KqMoeejTSSvYmAzCaHE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/23/95eebb-0a9d-4f71-b3f9-5649e1b192bb/1/1-_YvdgYnP0GmzMjilWB288Ch61Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.104.146.0/24
109.104.149.0/24
109.104.152.0/24
Signature Algorithm: sha256WithRSAEncryption
c3:5c:b0:88:92:fb:28:50:02:be:b0:4e:73:7f:32:51:93:82:
89:c0:3d:94:4f:14:c3:68:97:f2:9f:cf:65:53:1a:7f:a4:07:
f2:19:8d:4c:73:73:33:ab:07:ad:d5:86:a4:02:2d:91:13:e0:
7f:a9:bf:ef:8e:c1:a4:3e:55:54:90:fb:9b:d6:5c:eb:aa:d9:
87:03:75:03:73:2f:5a:fe:33:58:d1:82:a9:97:0b:64:89:d9:
17:3d:13:6c:16:7e:14:54:79:97:aa:29:e4:b4:b2:b9:d9:b5:
c5:1d:a4:fb:d8:f1:64:4a:2e:09:92:63:6e:83:5c:23:b3:ef:
ac:d1:42:5c:3a:63:a7:fc:ef:97:6f:11:17:87:d3:01:dd:51:
89:0d:0f:68:6d:43:02:14:76:01:84:e8:2f:60:8c:07:cf:d4:
33:6d:17:11:fb:4c:fc:7c:2d:87:6f:67:2f:64:8c:e1:81:c9:
14:31:3c:aa:65:a1:c5:50:e0:5c:8d:82:d0:61:4a:a5:dd:54:
5a:39:46:a5:0a:71:ad:99:c7:ec:ca:3c:e5:35:8e:c3:df:42:
7a:6b:3e:03:51:ad:d7:88:33:24:55:b6:04:1c:bc:8c:c7:6c:
af:c8:05:ef:83:8b:7b:80:3c:19:6b:56:33:32:e3:9c:16:b9:
a5:57:13:79
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYIV1EjC91aKA9tium1tjTPJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZiZjYyZjc2MDYyNzNmNDFhNmNjYzhlMjk1NjA3NmYzYzBh
MWViNTQwHhcNMjIwNzE5MDk0MDA5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NzA3ZDNiNTVjZmIyYWEzMjg3OWU4ZDM0OTJiZDg5ODBjYzI2ODcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjWb+o0oXMXzaDm+cmDerPzws85Cm
LcLHQNteZjv766eQGUaSxdtZ9wHKUYlRRtG6jYHbb5Zwazwvi45Mgas10WbJZsYt
9EymLp/9PlEgooYa/86qZEWZGfGMI4MECTOPFpk8P5VZMno8K47439xSFTrh2xQ+
ici2GfijgaG30omXSPXcsu6cTRZkEVO8VZpVQHZmRJxnxdlk0py2fZOeFT53tib4
g6qjDA+ZHwJEyXACkX8wQMIDOWoMzNLoZHRRPnFczFOliNrZe3otjzMIi6t/d3mL
7RWh2JZHzcgGN8Nsf4Q0pZeoVwMGdiRfo+e9SJ/89EpIfs1Qd2w5uioLuQIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFJcH07Vc+yqjKHno00kr2JgMwmhxMB8GA1UdIwQY
MBaAFPv2L3YGJz9BpszI4pVgdvPAoetUMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1fWXZkZ1luUDBHbXpNamlsV0IyODhDaDYxUS5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjMvOTVlZWJiLTBhOWQtNGY3MS1iM2Y5
LTU2NDllMWIxOTJiYi8xL2x3ZlR0Vno3S3FNb2VlalRTU3ZZbUF6Q2FIRS5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMjMvOTVlZWJiLTBhOWQtNGY3MS1iM2Y5LTU2NDllMWIxOTJi
Yi8xLzEtX1l2ZGdZblAwR216TWppbFdCMjg4Q2g2MVEuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBIDBABtaJID
BABtaJUDBABtaJgwDQYJKoZIhvcNAQELBQADggEBAMNcsIiS+yhQAr6wTnN/MlGT
gonAPZRPFMNol/Kfz2VTGn+kB/IZjUxzczOrB63VhqQCLZET4H+pv++OwaQ+VVSQ
+5vWXOuq2YcDdQNzL1r+M1jRgqmXC2SJ2Rc9E2wWfhRUeZeqKeS0srnZtcUdpPvY
8WRKLgmSY26DXCOz76zRQlw6Y6f875dvEReH0wHdUYkND2htQwIUdgGE6C9gjAfP
1DNtFxH7TPx8LYdvZy9kjOGByRQxPKplocVQ4FyNgtBhSqXdVFo5RqUKca2Zx+zK
POU1jsPfQnprPgNRrdeIMyRVtgQcvIzHbK/IBe+Di3uAPBlrVjMy45wWuaVXE3k=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:58:14 2024 by rpki-client on console-ams.rpki-client.org