Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/88/abe16b-92cc-48e3-b5b9-86a2f067b4e8/1/fQH3CyhOL8v-ClGHWyLxlD8UJMs.roa
File: fQH3CyhOL8v-ClGHWyLxlD8UJMs.roa (raw, json)
Hash identifier: WjMLorCCFo6i/eiaf4KTW4egrHjUxeW7Vt9fT0HKlXo=
Subject key identifier: 7D:01:F7:0B:28:4E:2F:CB:FE:0A:51:87:5B:22:F1:94:3F:14:24:CB
Certificate issuer: /CN=b404cc0e038eb0e697ec6e7ae49d0286146e0c1a
Certificate serial: AF0CDD
Authority key identifier: B4:04:CC:0E:03:8E:B0:E6:97:EC:6E:7A:E4:9D:02:86:14:6E:0C:1A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tATMDgOOsOaX7G565J0ChhRuDBo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/88/abe16b-92cc-48e3-b5b9-86a2f067b4e8/1/fQH3CyhOL8v-ClGHWyLxlD8UJMs.roa
Signing time: Sun 29 May 2022 08:33:13 +0000
ROA not before: Sun 29 May 2022 08:33:13 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 136250
IP address blocks: 104.207.36.0/23 maxlen: 23
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 11472093 (0xaf0cdd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b404cc0e038eb0e697ec6e7ae49d0286146e0c1a
Validity
Not Before: May 29 08:33:13 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=7d01f70b284e2fcbfe0a51875b22f1943f1424cb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:27:af:73:08:26:ab:a3:aa:d1:29:ad:54:f7:
95:76:40:b8:36:6d:28:ca:6f:88:bf:b3:9b:c0:be:
06:a3:bd:d5:31:bf:1a:c8:ef:d4:8b:63:72:46:3c:
5d:28:6e:3a:67:5c:f1:9b:c5:ca:c9:c2:1f:13:a8:
44:89:9e:76:2b:7c:15:94:87:f5:10:6b:3e:22:8b:
2e:6d:a8:9e:3d:8b:60:0c:a9:1f:29:d6:e6:5f:af:
10:9a:e1:ce:f8:c9:9c:0b:18:aa:7b:af:41:af:c0:
06:26:a8:bb:c9:7e:02:e6:e5:e7:76:5f:b9:1c:0a:
06:78:b8:a5:0f:87:7e:d5:92:ab:4a:be:38:51:e9:
19:1a:cb:06:2a:d8:66:a8:25:8e:40:00:b8:32:ca:
4c:dd:f1:01:21:3b:7c:2b:de:f8:84:76:36:ef:17:
54:2a:ac:59:59:70:13:89:1f:95:09:e0:ad:42:d1:
07:f3:41:39:a9:57:d2:b0:bd:3b:45:86:4d:37:a7:
e1:a1:32:03:b1:05:a7:ba:1d:d3:54:11:6b:1a:44:
3d:c4:0d:0f:1c:72:9d:b2:b5:05:d9:f6:d4:ce:d3:
0c:03:71:d3:ad:e1:82:fc:ef:81:87:44:64:71:7a:
5c:70:df:4f:65:78:f4:be:5d:7e:e6:68:57:8f:5a:
c8:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:01:F7:0B:28:4E:2F:CB:FE:0A:51:87:5B:22:F1:94:3F:14:24:CB
X509v3 Authority Key Identifier:
keyid:B4:04:CC:0E:03:8E:B0:E6:97:EC:6E:7A:E4:9D:02:86:14:6E:0C:1A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tATMDgOOsOaX7G565J0ChhRuDBo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/88/abe16b-92cc-48e3-b5b9-86a2f067b4e8/1/fQH3CyhOL8v-ClGHWyLxlD8UJMs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/88/abe16b-92cc-48e3-b5b9-86a2f067b4e8/1/tATMDgOOsOaX7G565J0ChhRuDBo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
104.207.36.0/23
Signature Algorithm: sha256WithRSAEncryption
ab:d6:28:6b:85:df:0a:47:4e:c2:b6:9a:eb:46:2e:be:09:0f:
ff:be:fe:ba:fa:51:5d:e3:a4:19:da:84:6c:ec:ee:cf:c2:bd:
50:ec:30:17:eb:5e:40:09:fc:dc:76:eb:b4:ea:af:94:4e:34:
44:17:a0:e7:f4:b6:90:bd:a9:10:53:93:aa:2b:f9:65:64:98:
8a:1d:70:4f:8a:8f:fd:ba:d8:37:87:28:ff:7d:a0:de:81:2a:
79:73:84:73:44:97:cf:dc:d6:a3:6e:32:59:67:34:a1:4d:c5:
e9:04:cd:51:60:94:78:2c:3a:18:b9:29:a7:2f:15:47:28:c0:
04:a3:ff:08:44:0b:72:6f:97:57:19:f1:1a:55:8c:d8:f7:30:
cc:9e:99:78:75:49:47:73:6a:24:e8:36:5e:7f:32:35:d0:e3:
a9:65:c4:e6:ed:ff:64:94:3a:03:96:e0:80:37:8e:39:39:9e:
27:ba:a5:63:91:8b:23:6e:b2:e6:cd:64:f3:99:6b:94:83:b2:
37:f7:90:82:84:55:c0:8c:b9:77:2d:ef:61:aa:3d:f2:10:69:
fa:cc:78:cf:a8:7b:f7:aa:46:2f:08:ee:74:b7:f4:9b:6b:5b:
07:83:6d:09:47:40:94:d1:48:aa:42:a9:50:59:2d:f4:76:a0:
d0:b0:e2:02
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAK8M3TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
NDA0Y2MwZTAzOGViMGU2OTdlYzZlN2FlNDlkMDI4NjE0NmUwYzFhMB4XDTIyMDUy
OTA4MzMxM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoN2QwMWY3MGIyODRl
MmZjYmZlMGE1MTg3NWIyMmYxOTQzZjE0MjRjYjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOEnr3MIJqujqtEprVT3lXZAuDZtKMpviL+zm8C+BqO91TG/
Gsjv1ItjckY8XShuOmdc8ZvFysnCHxOoRImedit8FZSH9RBrPiKLLm2onj2LYAyp
HynW5l+vEJrhzvjJnAsYqnuvQa/ABiaou8l+Aubl53ZfuRwKBni4pQ+HftWSq0q+
OFHpGRrLBirYZqgljkAAuDLKTN3xASE7fCve+IR2Nu8XVCqsWVlwE4kflQngrULR
B/NBOalX0rC9O0WGTTen4aEyA7EFp7od01QRaxpEPcQNDxxynbK1Bdn21M7TDANx
063hgvzvgYdEZHF6XHDfT2V49L5dfuZoV49ayMsCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBR9AfcLKE4vy/4KUYdbIvGUPxQkyzAfBgNVHSMEGDAWgBS0BMwOA46w5pfs
bnrknQKGFG4MGjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3RBVE1EZ09Pc09hWDdHNTY1SjBDaGhSdURCby5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvODgvYWJlMTZiLTkyY2MtNDhlMy1iNWI5LTg2YTJmMDY3YjRlOC8x
L2ZRSDNDeWhPTDh2LUNsR0hXeUx4bEQ4VUpNcy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODgv
YWJlMTZiLTkyY2MtNDhlMy1iNWI5LTg2YTJmMDY3YjRlOC8xL3RBVE1EZ09Pc09h
WDdHNTY1SjBDaGhSdURCby5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAWjPJDANBgkqhkiG9w0BAQsFAAOC
AQEAq9Yoa4XfCkdOwraa60YuvgkP/77+uvpRXeOkGdqEbOzuz8K9UOwwF+teQAn8
3HbrtOqvlE40RBeg5/S2kL2pEFOTqiv5ZWSYih1wT4qP/brYN4co/32g3oEqeXOE
c0SXz9zWo24yWWc0oU3F6QTNUWCUeCw6GLkppy8VRyjABKP/CEQLcm+XVxnxGlWM
2PcwzJ6ZeHVJR3NqJOg2Xn8yNdDjqWXE5u3/ZJQ6A5bggDeOOTmeJ7qlY5GLI26y
5s1k85lrlIOyN/eQgoRVwIy5dy3vYao98hBp+sx4z6h796pGLwjudLf0m2tbB4Nt
CUdAlNFIqkKpUFkt9Hag0LDiAg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:21:55 2024 by rpki-client on console-ams.rpki-client.org