Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/89/1decb3-1593-45db-af56-0cc4c0000858/1/0wzHC2E5d8l-E73qM_wZpvOE63w.roa
File: 0wzHC2E5d8l-E73qM_wZpvOE63w.roa (raw, json)
Hash identifier: 3ofPdUTANfxhYzrxhhOaQVIf212sQzGHgn/+nR+FLBU=
Subject key identifier: D3:0C:C7:0B:61:39:77:C9:7E:13:BD:EA:33:FC:19:A6:F3:84:EB:7C
Certificate issuer: /CN=a811a2c9fc8de9679bb158581b10ceaee91ff791
Certificate serial: 01856CE62C077341E8DF10944654DF7A6A4E
Authority key identifier: A8:11:A2:C9:FC:8D:E9:67:9B:B1:58:58:1B:10:CE:AE:E9:1F:F7:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qBGiyfyN6WebsVhYGxDOrukf95E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/89/1decb3-1593-45db-af56-0cc4c0000858/1/0wzHC2E5d8l-E73qM_wZpvOE63w.roa
Signing time: Sun 01 Jan 2023 10:35:01 +0000
ROA not before: Sun 01 Jan 2023 10:35:01 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207287
IP address blocks: 109.197.35.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:e6:2c:07:73:41:e8:df:10:94:46:54:df:7a:6a:4e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a811a2c9fc8de9679bb158581b10ceaee91ff791
Validity
Not Before: Jan 1 10:35:01 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d30cc70b613977c97e13bdea33fc19a6f384eb7c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:c6:b8:d2:08:f1:25:a7:7a:f4:77:12:29:1a:
97:23:8c:3a:96:5a:8a:5d:9e:8e:6a:2b:b1:63:91:
1f:b5:eb:e5:e2:0f:6e:b6:36:5a:b9:a3:1a:c5:2a:
45:51:a0:99:42:32:08:46:fd:ac:b4:67:9c:84:81:
dc:d6:17:d4:00:ee:30:1f:aa:d8:4d:a8:a0:60:69:
35:2e:a9:2a:84:59:b9:14:51:68:31:0d:4d:56:2d:
86:64:35:62:da:2b:0d:85:56:2a:5b:6d:16:de:dc:
ac:6e:ab:82:6c:ef:78:f5:00:23:0f:d5:de:61:72:
ec:26:69:54:b6:fd:c5:17:ea:96:da:45:92:d4:46:
f3:9e:05:6e:41:03:89:34:6a:59:89:5d:b4:bf:36:
7c:82:e5:af:e3:d9:63:64:09:57:66:0e:40:c1:c3:
9d:96:3b:af:5f:fa:44:71:97:9f:27:fc:66:2b:f3:
a3:69:16:e9:a8:1b:4d:a7:ad:bb:69:f8:c2:ac:a5:
1a:23:1d:59:14:1e:1a:4c:db:93:7f:97:ff:2d:3e:
ea:d7:4a:6c:27:4f:75:0c:65:e0:b4:86:83:5e:83:
e2:55:58:65:40:db:9f:16:6c:d1:5f:61:d3:6b:72:
34:77:32:2c:13:f3:f9:58:6a:6b:e1:9a:3e:d8:2c:
bc:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:0C:C7:0B:61:39:77:C9:7E:13:BD:EA:33:FC:19:A6:F3:84:EB:7C
X509v3 Authority Key Identifier:
keyid:A8:11:A2:C9:FC:8D:E9:67:9B:B1:58:58:1B:10:CE:AE:E9:1F:F7:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qBGiyfyN6WebsVhYGxDOrukf95E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/89/1decb3-1593-45db-af56-0cc4c0000858/1/0wzHC2E5d8l-E73qM_wZpvOE63w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/89/1decb3-1593-45db-af56-0cc4c0000858/1/qBGiyfyN6WebsVhYGxDOrukf95E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.197.35.0/24
Signature Algorithm: sha256WithRSAEncryption
aa:6f:01:8e:cf:e1:0a:52:e1:ff:d2:53:66:3f:12:08:39:ff:
71:23:22:2c:a0:f2:9c:d8:c8:b7:e7:ff:aa:19:d8:ff:4e:50:
5a:7f:d4:e7:43:eb:32:1d:d6:c7:0b:41:e4:17:d8:b0:cf:14:
97:3c:71:30:75:46:f3:70:7a:74:58:8b:88:a3:b9:fc:7a:53:
25:21:a3:41:2c:eb:37:f3:32:52:2d:81:56:f1:99:5a:ab:4c:
c3:2a:49:d1:41:16:10:66:b3:85:4f:96:b3:df:3e:a1:67:de:
b0:35:c5:b4:b7:d6:4a:f6:03:a9:10:94:e8:3e:11:80:8d:58:
6c:45:61:82:ff:b7:96:ca:12:78:1b:3e:91:f4:67:92:d7:cb:
fb:e9:f7:bd:b1:88:d6:ee:fa:98:93:de:92:37:f3:29:72:be:
9f:a0:92:f2:6c:66:16:ff:98:07:0d:91:8d:cd:c5:2c:df:15:
6f:3c:0e:7a:ce:e2:41:99:bf:fa:15:4d:bd:6d:c6:9c:ba:8f:
97:08:7d:bc:e1:08:ad:8d:3e:47:d1:98:e1:97:e4:62:2b:41:
ba:9b:1b:fd:50:df:84:c4:e0:c0:2c:1d:a5:8c:27:6c:cd:04:
ae:29:4b:05:cd:6f:5a:cb:0f:b6:75:08:e6:7b:46:ff:9d:bd:
ec:28:0c:8a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVs5iwHc0Ho3xCURlTfempOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE4MTFhMmM5ZmM4ZGU5Njc5YmIxNTg1ODFiMTBjZWFlZTkx
ZmY3OTEwHhcNMjMwMTAxMTAzNTAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMzBjYzcwYjYxMzk3N2M5N2UxM2JkZWEzM2ZjMTlhNmYzODRlYjdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr8a40gjxJad69HcSKRqXI4w6llqK
XZ6OaiuxY5Eftevl4g9utjZauaMaxSpFUaCZQjIIRv2stGechIHc1hfUAO4wH6rY
TaigYGk1LqkqhFm5FFFoMQ1NVi2GZDVi2isNhVYqW20W3tysbquCbO949QAjD9Xe
YXLsJmlUtv3FF+qW2kWS1EbzngVuQQOJNGpZiV20vzZ8guWv49ljZAlXZg5AwcOd
ljuvX/pEcZefJ/xmK/OjaRbpqBtNp627afjCrKUaIx1ZFB4aTNuTf5f/LT7q10ps
J091DGXgtIaDXoPiVVhlQNufFmzRX2HTa3I0dzIsE/P5WGpr4Zo+2Cy8gwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNMMxwthOXfJfhO96jP8GabzhOt8MB8GA1UdIwQY
MBaAFKgRosn8jelnm7FYWBsQzq7pH/eRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcUJHaXlmeU42V2Vic1ZoWUd4RE9ydWtmOTVFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OS8xZGVjYjMtMTU5My00NWRiLWFmNTYt
MGNjNGMwMDAwODU4LzEvMHd6SEMyRTVkOGwtRTczcU1fd1pwdk9FNjN3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OS8xZGVjYjMtMTU5My00NWRiLWFmNTYtMGNjNGMwMDAwODU4
LzEvcUJHaXlmeU42V2Vic1ZoWUd4RE9ydWtmOTVFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAbcUjMA0G
CSqGSIb3DQEBCwUAA4IBAQCqbwGOz+EKUuH/0lNmPxIIOf9xIyIsoPKc2Mi35/+q
Gdj/TlBaf9TnQ+syHdbHC0HkF9iwzxSXPHEwdUbzcHp0WIuIo7n8elMlIaNBLOs3
8zJSLYFW8Zlaq0zDKknRQRYQZrOFT5az3z6hZ96wNcW0t9ZK9gOpEJToPhGAjVhs
RWGC/7eWyhJ4Gz6R9GeS18v76fe9sYjW7vqYk96SN/Mpcr6foJLybGYW/5gHDZGN
zcUs3xVvPA56zuJBmb/6FU29bcacuo+XCH284QitjT5H0Zjhl+RiK0G6mxv9UN+E
xODALB2ljCdszQSuKUsFzW9ayw+2dQjme0b/nb3sKAyK
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:21:59 2024 by rpki-client on console-ams.rpki-client.org