Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/39/d334ad-5240-4daa-a050-9f5bf736720e/1/aWUUdVhMA1IyH6gDXQkgcN5JtEg.roa
File: aWUUdVhMA1IyH6gDXQkgcN5JtEg.roa (raw, json)
Hash identifier: VIWWIpX7e1amCfAn5wEDPmX2tOHnAuxBeVo47yYdK+A=
Subject key identifier: 69:65:14:75:58:4C:03:52:32:1F:A8:03:5D:09:20:70:DE:49:B4:48
Certificate issuer: /CN=7bab6c11d41162db0306858f83e5e65121132a6b
Certificate serial: 03ECF4C6
Authority key identifier: 7B:AB:6C:11:D4:11:62:DB:03:06:85:8F:83:E5:E6:51:21:13:2A:6B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/e6tsEdQRYtsDBoWPg-XmUSETKms.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/39/d334ad-5240-4daa-a050-9f5bf736720e/1/aWUUdVhMA1IyH6gDXQkgcN5JtEg.roa
Signing time: Sat 01 Jan 2022 06:00:45 +0000
ROA not before: Sat 01 Jan 2022 06:00:45 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 14618
IP address blocks: 107.150.176.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 65860806 (0x3ecf4c6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7bab6c11d41162db0306858f83e5e65121132a6b
Validity
Not Before: Jan 1 06:00:45 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=69651475584c0352321fa8035d092070de49b448
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:9f:0f:0f:d1:01:c3:74:07:fe:ed:f8:c7:91:
01:3f:19:89:7a:7c:56:2b:34:30:74:c9:7e:b8:4a:
12:66:4d:45:13:b5:24:9c:55:dc:0a:af:18:9c:70:
fb:4c:6a:b8:53:6b:da:31:45:b1:4d:6d:e5:4a:0f:
9d:00:a4:4c:30:c1:21:31:85:be:19:cb:85:e1:26:
02:b2:13:fc:1d:8e:7a:36:be:83:b7:09:1e:9b:ae:
26:91:85:10:ad:54:26:d8:6c:86:98:e6:02:21:c1:
e4:d9:98:af:aa:61:ad:51:ba:c7:41:f6:65:a9:46:
c8:64:9f:33:80:67:67:15:2f:48:b0:29:0a:0c:f5:
76:c4:df:ab:70:1d:fd:f6:38:0f:e9:a6:20:0b:59:
c2:2a:72:b6:aa:e9:71:ff:38:80:b9:88:dc:4d:70:
a5:bd:0d:d9:a1:2e:f0:da:e4:40:80:39:22:fd:de:
60:e1:8c:f2:5a:20:e1:2c:b0:01:a4:dd:04:d5:3d:
5e:cd:d4:49:4b:8a:ca:5a:bb:9f:50:dd:4f:9a:a8:
a4:f1:53:fa:33:dd:ca:6e:28:7a:6e:7e:44:c3:04:
b9:7d:83:1b:9c:77:90:9c:ee:ec:ed:0b:8e:2c:37:
69:20:ba:f6:7b:65:01:ae:a6:23:ea:e1:fd:87:af:
54:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:65:14:75:58:4C:03:52:32:1F:A8:03:5D:09:20:70:DE:49:B4:48
X509v3 Authority Key Identifier:
keyid:7B:AB:6C:11:D4:11:62:DB:03:06:85:8F:83:E5:E6:51:21:13:2A:6B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6tsEdQRYtsDBoWPg-XmUSETKms.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/39/d334ad-5240-4daa-a050-9f5bf736720e/1/aWUUdVhMA1IyH6gDXQkgcN5JtEg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/39/d334ad-5240-4daa-a050-9f5bf736720e/1/e6tsEdQRYtsDBoWPg-XmUSETKms.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
107.150.176.0/24
Signature Algorithm: sha256WithRSAEncryption
a6:79:5a:28:b0:d8:6f:34:88:e0:e9:61:6b:e7:2c:88:ed:16:
c5:bb:f5:27:0c:ac:94:cb:16:b5:84:56:98:e1:5e:39:47:f3:
33:c8:ee:ad:0b:a7:f6:24:c3:18:b9:b0:c2:41:5c:56:7b:e4:
de:a2:f7:a2:03:59:49:ac:af:ae:7c:1d:69:25:22:0a:3f:d2:
d2:95:3f:72:fd:e5:2a:b4:67:e6:c8:0a:0d:1c:9b:ba:a9:ec:
4d:bb:b2:6c:ac:cf:55:8a:72:9b:46:66:8d:30:36:65:f2:34:
a7:ec:a3:ba:fa:d2:2e:b7:7f:30:7e:0d:7b:99:55:6f:b9:da:
51:4c:be:5e:0b:0d:08:c1:7a:50:ad:a4:bc:b1:01:03:0d:64:
a9:00:3c:99:4d:95:f6:f4:a5:72:87:e9:00:c1:8d:a5:9d:4d:
6a:36:aa:a5:b2:c0:10:15:2d:01:65:03:a7:60:22:fb:bf:c9:
81:43:aa:0b:b9:c1:1c:3d:b4:15:06:32:c0:24:d9:03:de:91:
58:d8:8a:5d:a6:05:5d:35:fc:be:f9:33:13:ae:88:8a:54:82:
b5:76:a2:d9:79:2b:d0:aa:10:95:29:9a:ab:49:7f:73:b1:79:
2f:fe:e0:e8:af:66:5f:8f:3a:a2:22:f6:98:9c:11:a6:de:ba:
46:ef:fb:c1
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEA+z0xjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
YmFiNmMxMWQ0MTE2MmRiMDMwNjg1OGY4M2U1ZTY1MTIxMTMyYTZiMB4XDTIyMDEw
MTA2MDA0NVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNjk2NTE0NzU1ODRj
MDM1MjMyMWZhODAzNWQwOTIwNzBkZTQ5YjQ0ODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKCfDw/RAcN0B/7t+MeRAT8ZiXp8Vis0MHTJfrhKEmZNRRO1
JJxV3AqvGJxw+0xquFNr2jFFsU1t5UoPnQCkTDDBITGFvhnLheEmArIT/B2Oeja+
g7cJHpuuJpGFEK1UJthshpjmAiHB5NmYr6phrVG6x0H2ZalGyGSfM4BnZxUvSLAp
Cgz1dsTfq3Ad/fY4D+mmIAtZwipytqrpcf84gLmI3E1wpb0N2aEu8NrkQIA5Iv3e
YOGM8log4SywAaTdBNU9Xs3USUuKylq7n1DdT5qopPFT+jPdym4oem5+RMMEuX2D
G5x3kJzu7O0Ljiw3aSC69ntlAa6mI+rh/YevVBECAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRpZRR1WEwDUjIfqANdCSBw3km0SDAfBgNVHSMEGDAWgBR7q2wR1BFi2wMG
hY+D5eZRIRMqazAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2U2dHNFZFFSWXRzREJvV1BnLVhtVVNFVEttcy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzkvZDMzNGFkLTUyNDAtNGRhYS1hMDUwLTlmNWJmNzM2NzIwZS8x
L2FXVVVkVmhNQTFJeUg2Z0RYUWtnY041SnRFZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzkv
ZDMzNGFkLTUyNDAtNGRhYS1hMDUwLTlmNWJmNzM2NzIwZS8xL2U2dHNFZFFSWXRz
REJvV1BnLVhtVVNFVEttcy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAGuWsDANBgkqhkiG9w0BAQsFAAOC
AQEApnlaKLDYbzSI4Olha+csiO0Wxbv1JwyslMsWtYRWmOFeOUfzM8jurQun9iTD
GLmwwkFcVnvk3qL3ogNZSayvrnwdaSUiCj/S0pU/cv3lKrRn5sgKDRybuqnsTbuy
bKzPVYpym0ZmjTA2ZfI0p+yjuvrSLrd/MH4Ne5lVb7naUUy+XgsNCMF6UK2kvLEB
Aw1kqQA8mU2V9vSlcofpAMGNpZ1NajaqpbLAEBUtAWUDp2Ai+7/JgUOqC7nBHD20
FQYywCTZA96RWNiKXaYFXTX8vvkzE66IilSCtXai2Xkr0KoQlSmaq0l/c7F5L/7g
6K9mX486oiL2mJwRpt66Ru/7wQ==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:44 2023 by rpki-client on console-fra.rpki-client.org