Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/A43wavnH-2eMu_CrCtht5YxPSLM.roa
File: A43wavnH-2eMu_CrCtht5YxPSLM.roa (raw, json)
Hash identifier: obTtcobKpwqq6YkEZ/DXQrNMysi61no0BQQdvxBpd3E=
Subject key identifier: 03:8D:F0:6A:F9:C7:FB:67:8C:BB:F0:AB:0A:D8:6D:E5:8C:4F:48:B3
Certificate issuer: /CN=c35eac64ea4802e6824686f7c0d201f2c85cb2aa
Certificate serial: 11CEAC50
Authority key identifier: C3:5E:AC:64:EA:48:02:E6:82:46:86:F7:C0:D2:01:F2:C8:5C:B2:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w16sZOpIAuaCRob3wNIB8shcsqo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/A43wavnH-2eMu_CrCtht5YxPSLM.roa
Signing time: Sat 01 Jan 2022 15:05:44 +0000
ROA not before: Sat 01 Jan 2022 15:05:44 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 212588
IP address blocks: 109.160.93.0/24 maxlen: 24
2a01:8740:5::/48 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 298757200 (0x11ceac50)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c35eac64ea4802e6824686f7c0d201f2c85cb2aa
Validity
Not Before: Jan 1 15:05:44 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=038df06af9c7fb678cbbf0ab0ad86de58c4f48b3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:65:2e:89:aa:93:09:17:31:85:17:f2:74:e5:
75:3e:fc:80:ae:d9:60:2e:45:49:9a:2f:c3:f3:e7:
b0:25:be:a7:72:41:2f:39:48:19:42:77:b1:e5:7c:
f8:f5:be:8e:9b:04:e0:9e:e8:26:21:a1:e5:6f:31:
a2:47:f3:36:8e:1c:ea:23:9f:e4:9f:46:24:28:8c:
0a:98:33:85:cf:15:8c:45:34:4d:b0:0d:2c:4c:98:
01:0b:59:88:53:4f:6e:b7:12:83:7b:92:a8:42:f9:
66:ac:2d:c3:49:94:c4:93:4c:87:e3:e1:e7:c3:a5:
ab:c1:1f:00:63:7b:ef:1d:e3:24:8c:bb:aa:65:1f:
ec:47:70:53:f0:ee:42:1d:b7:4c:56:6e:71:f3:84:
c7:c2:64:2e:ab:74:ea:14:ae:d9:02:f8:75:00:25:
30:07:dc:57:47:17:22:5a:04:9a:d7:7c:93:6a:23:
f2:2c:96:af:0c:97:e1:c0:d0:b0:b2:db:e0:af:44:
23:cb:89:0b:3f:f2:e8:18:c4:cb:2b:00:94:74:a3:
9c:08:a3:ee:ed:c0:be:de:22:5e:77:67:e0:64:1a:
2e:ce:8b:99:f7:04:18:5e:7d:c5:7a:f1:3f:8e:86:
93:5e:16:8b:e6:48:dc:a6:1c:f5:00:30:a6:d5:7b:
78:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:8D:F0:6A:F9:C7:FB:67:8C:BB:F0:AB:0A:D8:6D:E5:8C:4F:48:B3
X509v3 Authority Key Identifier:
keyid:C3:5E:AC:64:EA:48:02:E6:82:46:86:F7:C0:D2:01:F2:C8:5C:B2:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w16sZOpIAuaCRob3wNIB8shcsqo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/A43wavnH-2eMu_CrCtht5YxPSLM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/w16sZOpIAuaCRob3wNIB8shcsqo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.160.93.0/24
IPv6:
2a01:8740:5::/48
Signature Algorithm: sha256WithRSAEncryption
57:7a:4d:2d:b3:56:fc:1e:be:36:f7:55:44:71:76:fe:47:ec:
08:80:ed:3a:8b:f2:33:d3:2b:11:db:8f:0f:af:d2:97:42:ce:
28:bb:83:75:6c:f9:cb:03:96:d2:5f:a3:fc:64:7c:29:f1:4b:
e9:60:86:15:6a:77:5e:d0:df:4c:e2:b7:32:17:a2:24:8c:7c:
fe:51:c6:ba:5e:1b:e4:12:f9:22:65:bf:ca:a8:2b:67:e5:38:
14:c8:40:c2:e1:2c:26:56:44:56:30:6e:68:22:e2:80:a3:a3:
0d:de:7e:df:08:e7:51:f7:26:13:ea:ad:7a:0f:81:1c:4a:60:
c5:2c:3d:0d:2e:31:f3:94:19:51:46:27:a7:27:3c:e6:04:46:
23:06:84:ec:fc:ee:6a:5d:0e:c5:fa:e9:25:f9:f2:6e:4a:62:
4b:2e:83:98:bb:60:4d:7d:6a:de:08:d2:1f:2e:e3:54:e4:da:
d9:1d:84:8f:4e:7a:b3:9f:04:2b:d2:25:76:cf:66:23:1a:79:
56:44:c5:5f:82:3c:bf:ac:ab:ac:0b:e6:16:74:47:76:c9:5b:
24:37:e5:8d:1a:6f:a8:08:f0:04:f4:f5:d5:cf:7f:04:b3:c4:
e8:24:01:05:57:98:23:f7:0b:f0:a1:d8:1f:a1:6d:83:b0:ac:
f8:6e:a3:2b
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIEEc6sUDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
MzVlYWM2NGVhNDgwMmU2ODI0Njg2ZjdjMGQyMDFmMmM4NWNiMmFhMB4XDTIyMDEw
MTE1MDU0NFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMDM4ZGYwNmFmOWM3
ZmI2NzhjYmJmMGFiMGFkODZkZTU4YzRmNDhiMzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMFlLomqkwkXMYUX8nTldT78gK7ZYC5FSZovw/PnsCW+p3JB
LzlIGUJ3seV8+PW+jpsE4J7oJiGh5W8xokfzNo4c6iOf5J9GJCiMCpgzhc8VjEU0
TbANLEyYAQtZiFNPbrcSg3uSqEL5Zqwtw0mUxJNMh+Ph58Olq8EfAGN77x3jJIy7
qmUf7EdwU/DuQh23TFZucfOEx8JkLqt06hSu2QL4dQAlMAfcV0cXIloEmtd8k2oj
8iyWrwyX4cDQsLLb4K9EI8uJCz/y6BjEyysAlHSjnAij7u3Avt4iXndn4GQaLs6L
mfcEGF59xXrxP46Gk14Wi+ZI3KYc9QAwptV7ePcCAwEAAaOCAhowggIWMB0GA1Ud
DgQWBBQDjfBq+cf7Z4y78KsK2G3ljE9IszAfBgNVHSMEGDAWgBTDXqxk6kgC5oJG
hvfA0gHyyFyyqjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3cxNnNaT3BJQXVhQ1JvYjN3TklCOHNoY3Nxby5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDMvY2NkZDhiLTc3MjAtNGRlMC04YzQzLWRhY2I1ZjM1NmVhMy8x
L0E0M3dhdm5ILTJlTXVfQ3JDdGh0NVl4UFNMTS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDMv
Y2NkZDhiLTc3MjAtNGRlMC04YzQzLWRhY2I1ZjM1NmVhMy8xL3cxNnNaT3BJQXVh
Q1JvYjN3TklCOHNoY3Nxby5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAw
BggrBgEFBQcBBwEB/wQhMB8wDAQCAAEwBgMEAG2gXTAPBAIAAjAJAwcAKgGHQAAF
MA0GCSqGSIb3DQEBCwUAA4IBAQBXek0ts1b8Hr4291VEcXb+R+wIgO06i/Iz0ysR
248Pr9KXQs4ou4N1bPnLA5bSX6P8ZHwp8UvpYIYVande0N9M4rcyF6IkjHz+Uca6
XhvkEvkiZb/KqCtn5TgUyEDC4SwmVkRWMG5oIuKAo6MN3n7fCOdR9yYT6q16D4Ec
SmDFLD0NLjHzlBlRRienJzzmBEYjBoTs/O5qXQ7F+ukl+fJuSmJLLoOYu2BNfWre
CNIfLuNU5NrZHYSPTnqznwQr0iV2z2YjGnlWRMVfgjy/rKusC+YWdEd2yVskN+WN
Gm+oCPAE9PXVz38Es8ToJAEFV5gj9wvwodgfoW2DsKz4bqMr
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:46:12 2024 by rpki-client on console-ams.rpki-client.org