Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/88/abe16b-92cc-48e3-b5b9-86a2f067b4e8/1/KRP7sGgr7-zgBKDLRJcbXfhRgZM.roa
File: KRP7sGgr7-zgBKDLRJcbXfhRgZM.roa (raw, json)
Hash identifier: 423FRbUKE5XLs+kJ7kr3IvTVNUAgSwbBRgfnb9DjXvk=
Subject key identifier: 29:13:FB:B0:68:2B:EF:EC:E0:04:A0:CB:44:97:1B:5D:F8:51:81:93
Certificate issuer: /CN=b404cc0e038eb0e697ec6e7ae49d0286146e0c1a
Certificate serial: 47E102
Authority key identifier: B4:04:CC:0E:03:8E:B0:E6:97:EC:6E:7A:E4:9D:02:86:14:6E:0C:1A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tATMDgOOsOaX7G565J0ChhRuDBo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/88/abe16b-92cc-48e3-b5b9-86a2f067b4e8/1/KRP7sGgr7-zgBKDLRJcbXfhRgZM.roa
Signing time: Tue 19 Apr 2022 00:31:16 +0000
ROA not before: Tue 19 Apr 2022 00:31:16 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 136250
IP address blocks: 104.207.36.0/23 maxlen: 23
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4710658 (0x47e102)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b404cc0e038eb0e697ec6e7ae49d0286146e0c1a
Validity
Not Before: Apr 19 00:31:16 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2913fbb0682befece004a0cb44971b5df8518193
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:3e:5e:bf:14:67:dd:78:28:7f:93:2d:ba:d5:
69:0d:b3:d3:83:ae:3f:01:1d:0d:40:4f:c2:40:5d:
b4:b2:f2:79:2c:ea:8c:48:bb:56:45:60:91:a7:73:
7c:01:80:79:98:c1:38:e4:52:de:b1:e7:b6:cd:da:
1a:a3:1b:8f:30:cc:b4:f9:67:8e:ec:3c:53:3b:57:
06:b2:30:73:8c:a3:3e:5e:0b:5e:41:52:54:5a:96:
fc:af:98:76:bf:57:c1:3a:dd:48:ff:fa:c2:a4:c6:
9e:b8:da:db:6b:54:cf:50:ff:ae:81:67:76:4e:ca:
b8:5d:a1:35:86:35:48:28:de:21:c1:1a:cf:ea:14:
a9:cc:65:2b:25:2a:2d:34:fb:0e:2a:d3:a0:0e:13:
4f:eb:a1:74:9f:31:d6:06:e5:44:9b:8d:c9:c2:dc:
9d:5b:58:84:b5:4d:1a:de:2e:d6:9b:f1:bc:40:83:
fd:14:7b:6a:8b:ba:cd:af:aa:e4:a4:f3:bd:d0:77:
2f:bb:e3:ce:41:2f:82:94:72:30:39:d8:8e:02:9f:
a1:35:6d:2e:39:80:94:ca:a6:49:2d:26:75:81:fc:
e1:4d:eb:d1:2f:1d:f6:f5:4b:9e:eb:72:c1:2a:6e:
f0:d5:d8:e9:3e:9e:85:7b:32:5c:fc:63:4a:26:c8:
15:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:13:FB:B0:68:2B:EF:EC:E0:04:A0:CB:44:97:1B:5D:F8:51:81:93
X509v3 Authority Key Identifier:
keyid:B4:04:CC:0E:03:8E:B0:E6:97:EC:6E:7A:E4:9D:02:86:14:6E:0C:1A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tATMDgOOsOaX7G565J0ChhRuDBo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/88/abe16b-92cc-48e3-b5b9-86a2f067b4e8/1/KRP7sGgr7-zgBKDLRJcbXfhRgZM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/88/abe16b-92cc-48e3-b5b9-86a2f067b4e8/1/tATMDgOOsOaX7G565J0ChhRuDBo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
104.207.36.0/23
Signature Algorithm: sha256WithRSAEncryption
59:46:a4:0a:e2:7e:c5:a6:4f:54:35:e3:be:a2:43:54:f3:53:
fc:38:10:3e:16:1e:6b:be:69:d1:3f:0a:68:35:6d:52:40:d8:
3d:7a:e4:de:81:08:29:1a:76:ec:26:db:85:94:9a:a0:79:0a:
44:9b:40:13:c5:e4:ea:e7:26:86:b9:cf:2f:bd:69:69:df:ba:
89:fe:bf:dc:b3:dc:bb:73:5e:27:7d:b5:f6:52:3e:0e:bd:b5:
3a:08:08:51:d1:8b:68:83:2a:bf:29:f2:d6:10:17:a2:b5:bd:
36:4b:1a:b8:e2:22:bd:65:dd:09:7a:a6:5b:8a:82:f2:a1:ce:
63:e0:56:5c:e1:82:b3:49:74:b9:b4:83:84:99:09:e6:04:ee:
73:13:1a:ea:b7:3c:57:a9:65:fd:d0:c9:a3:5b:a4:27:81:52:
d9:d3:14:a0:50:e9:2d:19:4d:30:fa:b6:4b:97:c7:c2:e4:22:
78:0b:77:40:30:b5:83:87:e7:61:9e:5e:27:e0:37:be:d5:f4:
1c:15:6d:66:4e:f7:cd:0a:4d:4b:b6:34:d7:b4:04:14:4a:25:
8b:cd:8d:65:4c:11:c2:76:7a:e3:8a:2f:f6:4a:0b:0c:e1:e3:
15:72:94:bd:c8:26:9d:c3:bc:7a:72:f0:f3:f9:3b:15:34:41:
f0:5c:c4:f0
-----BEGIN CERTIFICATE-----
MIIE7jCCA9agAwIBAgIDR+ECMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGI0
MDRjYzBlMDM4ZWIwZTY5N2VjNmU3YWU0OWQwMjg2MTQ2ZTBjMWEwHhcNMjIwNDE5
MDAzMTE2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEygyOTEzZmJiMDY4MmJl
ZmVjZTAwNGEwY2I0NDk3MWI1ZGY4NTE4MTkzMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEA3j5evxRn3Xgof5MtutVpDbPTg64/AR0NQE/CQF20svJ5LOqM
SLtWRWCRp3N8AYB5mME45FLesee2zdoaoxuPMMy0+WeO7DxTO1cGsjBzjKM+Xgte
QVJUWpb8r5h2v1fBOt1I//rCpMaeuNrba1TPUP+ugWd2Tsq4XaE1hjVIKN4hwRrP
6hSpzGUrJSotNPsOKtOgDhNP66F0nzHWBuVEm43JwtydW1iEtU0a3i7Wm/G8QIP9
FHtqi7rNr6rkpPO90Hcvu+POQS+ClHIwOdiOAp+hNW0uOYCUyqZJLSZ1gfzhTevR
Lx329Uue63LBKm7w1djpPp6FezJc/GNKJsgVcQIDAQABo4ICCTCCAgUwHQYDVR0O
BBYEFCkT+7BoK+/s4ASgy0SXG134UYGTMB8GA1UdIwQYMBaAFLQEzA4DjrDml+xu
euSdAoYUbgwaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
dEFUTURnT09zT2FYN0c1NjVKMENoaFJ1REJvLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC84OC9hYmUxNmItOTJjYy00OGUzLWI1YjktODZhMmYwNjdiNGU4LzEv
S1JQN3NHZ3I3LXpnQktETFJKY2JYZmhSZ1pNLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OC9h
YmUxNmItOTJjYy00OGUzLWI1YjktODZhMmYwNjdiNGU4LzEvdEFUTURnT09zT2FY
N0c1NjVKMENoaFJ1REJvLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8G
CCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBaM8kMA0GCSqGSIb3DQEBCwUAA4IB
AQBZRqQK4n7Fpk9UNeO+okNU81P8OBA+Fh5rvmnRPwpoNW1SQNg9euTegQgpGnbs
JtuFlJqgeQpEm0ATxeTq5yaGuc8vvWlp37qJ/r/cs9y7c14nfbX2Uj4OvbU6CAhR
0Ytogyq/KfLWEBeitb02Sxq44iK9Zd0JeqZbioLyoc5j4FZc4YKzSXS5tIOEmQnm
BO5zExrqtzxXqWX90MmjW6QngVLZ0xSgUOktGU0w+rZLl8fC5CJ4C3dAMLWDh+dh
nl4n4De+1fQcFW1mTvfNCk1LtjTXtAQUSiWLzY1lTBHCdnrjii/2SgsM4eMVcpS9
yCadw7x6cvDz+TsVNEHwXMTw
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:37:54 2024 by rpki-client on console-fra.rpki-client.org