Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/88/abe16b-92cc-48e3-b5b9-86a2f067b4e8/1/w6oYUCXgKMgGS6vfpGo3F1IGIxc.roa
File: w6oYUCXgKMgGS6vfpGo3F1IGIxc.roa (raw, json)
Hash identifier: HUImDAwUxQgeWcTZq9qTuecZHUlINOFC9LeyNnFIj1g=
Subject key identifier: C3:AA:18:50:25:E0:28:C8:06:4B:AB:DF:A4:6A:37:17:52:06:23:17
Certificate issuer: /CN=b404cc0e038eb0e697ec6e7ae49d0286146e0c1a
Certificate serial: 313051
Authority key identifier: B4:04:CC:0E:03:8E:B0:E6:97:EC:6E:7A:E4:9D:02:86:14:6E:0C:1A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tATMDgOOsOaX7G565J0ChhRuDBo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/88/abe16b-92cc-48e3-b5b9-86a2f067b4e8/1/w6oYUCXgKMgGS6vfpGo3F1IGIxc.roa
Signing time: Mon 11 Apr 2022 06:46:29 +0000
ROA not before: Mon 11 Apr 2022 06:46:29 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 136038
IP address blocks: 104.207.35.0/24 maxlen: 24
104.207.34.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3223633 (0x313051)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b404cc0e038eb0e697ec6e7ae49d0286146e0c1a
Validity
Not Before: Apr 11 06:46:29 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c3aa185025e028c8064babdfa46a371752062317
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:6f:04:45:31:1c:69:34:5c:3e:44:5d:b7:6e:
1a:d4:cb:34:4e:e4:c4:ca:d4:62:b5:93:67:f8:36:
e1:f5:cc:57:07:b4:4e:22:f6:d6:86:63:6f:10:e7:
15:50:ae:41:27:9c:65:3b:c3:6c:4e:17:95:3e:f8:
32:13:f8:83:cb:e7:5c:63:cd:7f:2d:92:00:c1:63:
83:55:e1:82:9d:7d:eb:6d:db:c4:2f:2e:97:a1:e2:
7f:a6:77:21:25:b8:45:3c:99:f9:c7:a9:99:fa:4a:
31:a4:12:97:2d:9a:06:da:13:54:3d:73:a3:ec:61:
7e:e5:37:7c:98:20:d5:95:e5:d6:4b:5a:af:2a:8a:
87:49:fb:5d:6d:87:95:fd:f2:bc:67:d1:53:9e:8b:
a2:26:85:35:86:0d:49:66:a7:ce:76:1b:75:7b:91:
d7:76:d6:ed:a6:54:4a:db:2c:74:18:62:2c:1b:18:
8d:a7:21:13:3a:ce:96:41:72:35:db:54:b5:1d:cf:
5b:a6:f3:17:90:c3:02:1b:62:58:f1:d4:60:0e:6f:
4b:31:c0:31:42:54:98:b1:4e:4e:81:57:8c:2f:53:
fc:0b:92:91:b6:ee:bb:78:bb:35:aa:3a:97:d2:91:
19:56:7d:44:67:c8:c9:d0:4b:c9:a4:38:52:20:fa:
3d:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C3:AA:18:50:25:E0:28:C8:06:4B:AB:DF:A4:6A:37:17:52:06:23:17
X509v3 Authority Key Identifier:
keyid:B4:04:CC:0E:03:8E:B0:E6:97:EC:6E:7A:E4:9D:02:86:14:6E:0C:1A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tATMDgOOsOaX7G565J0ChhRuDBo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/88/abe16b-92cc-48e3-b5b9-86a2f067b4e8/1/w6oYUCXgKMgGS6vfpGo3F1IGIxc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/88/abe16b-92cc-48e3-b5b9-86a2f067b4e8/1/tATMDgOOsOaX7G565J0ChhRuDBo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
104.207.34.0/23
Signature Algorithm: sha256WithRSAEncryption
8d:7b:88:d5:32:a6:49:c7:c8:74:51:15:f9:b0:fd:9f:b5:60:
7b:ce:02:6d:0a:81:fe:25:ab:a1:6a:fe:66:32:00:ef:55:0e:
b1:36:9a:f6:cd:7a:bd:7f:d8:9f:b5:46:46:64:13:08:34:40:
d8:4d:cb:f9:c7:86:d6:3a:78:a6:d0:f4:11:e3:b9:80:40:8c:
9c:3e:7b:94:4e:67:c8:aa:55:1b:43:65:e2:c3:6e:13:01:c7:
f3:c2:e2:33:54:b0:19:d4:d8:6c:c7:0c:42:9d:87:18:12:25:
f2:50:76:11:27:7b:86:4e:57:ae:10:17:8b:34:8d:fa:a4:97:
0a:24:bd:23:73:df:fb:69:b7:2d:27:6d:de:53:93:a3:de:4a:
bb:20:f9:fe:73:11:f4:79:1e:eb:ac:2c:b6:2a:27:88:55:fa:
b4:d3:29:d7:34:49:6d:ae:fc:89:cd:1b:c1:cd:a7:da:c2:01:
b5:25:de:2f:e4:5a:c8:3f:24:cf:9a:a4:b4:71:50:fa:f3:1c:
1e:b9:b7:b7:a9:21:c7:0a:9e:1e:35:ee:77:61:3e:2a:c5:29:
02:52:3c:93:db:c3:6b:d6:dd:9c:f2:7a:db:df:5d:9d:75:fd:
e1:7d:b1:67:aa:05:e4:bd:38:91:f7:c3:f3:06:5d:9d:04:90:
80:b7:7b:25
-----BEGIN CERTIFICATE-----
MIIE7jCCA9agAwIBAgIDMTBRMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGI0
MDRjYzBlMDM4ZWIwZTY5N2VjNmU3YWU0OWQwMjg2MTQ2ZTBjMWEwHhcNMjIwNDEx
MDY0NjI5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyhjM2FhMTg1MDI1ZTAy
OGM4MDY0YmFiZGZhNDZhMzcxNzUyMDYyMzE3MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAqG8ERTEcaTRcPkRdt24a1Ms0TuTEytRitZNn+Dbh9cxXB7RO
IvbWhmNvEOcVUK5BJ5xlO8NsTheVPvgyE/iDy+dcY81/LZIAwWODVeGCnX3rbdvE
Ly6XoeJ/pnchJbhFPJn5x6mZ+koxpBKXLZoG2hNUPXOj7GF+5Td8mCDVleXWS1qv
KoqHSftdbYeV/fK8Z9FTnouiJoU1hg1JZqfOdht1e5HXdtbtplRK2yx0GGIsGxiN
pyETOs6WQXI121S1Hc9bpvMXkMMCG2JY8dRgDm9LMcAxQlSYsU5OgVeML1P8C5KR
tu67eLs1qjqX0pEZVn1EZ8jJ0EvJpDhSIPo9UwIDAQABo4ICCTCCAgUwHQYDVR0O
BBYEFMOqGFAl4CjIBkur36RqNxdSBiMXMB8GA1UdIwQYMBaAFLQEzA4DjrDml+xu
euSdAoYUbgwaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
dEFUTURnT09zT2FYN0c1NjVKMENoaFJ1REJvLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC84OC9hYmUxNmItOTJjYy00OGUzLWI1YjktODZhMmYwNjdiNGU4LzEv
dzZvWVVDWGdLTWdHUzZ2ZnBHbzNGMUlHSXhjLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OC9h
YmUxNmItOTJjYy00OGUzLWI1YjktODZhMmYwNjdiNGU4LzEvdEFUTURnT09zT2FY
N0c1NjVKMENoaFJ1REJvLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8G
CCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBaM8iMA0GCSqGSIb3DQEBCwUAA4IB
AQCNe4jVMqZJx8h0URX5sP2ftWB7zgJtCoH+Jauhav5mMgDvVQ6xNpr2zXq9f9if
tUZGZBMINEDYTcv5x4bWOnim0PQR47mAQIycPnuUTmfIqlUbQ2Xiw24TAcfzwuIz
VLAZ1NhsxwxCnYcYEiXyUHYRJ3uGTleuEBeLNI36pJcKJL0jc9/7abctJ23eU5Oj
3kq7IPn+cxH0eR7rrCy2KieIVfq00ynXNEltrvyJzRvBzafawgG1Jd4v5FrIPyTP
mqS0cVD68xweube3qSHHCp4eNe53YT4qxSkCUjyT28Nr1t2c8nrb312ddf3hfbFn
qgXkvTiR98PzBl2dBJCAt3sl
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:21:55 2024 by rpki-client on console-ams.rpki-client.org