Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3f/f57ca3-4ff1-4064-9df7-3da05388e9ae/1/av24ZJH2snQ_kDRIahCTidoiJro.roa
File: av24ZJH2snQ_kDRIahCTidoiJro.roa (raw, json)
Hash identifier: BENoxim2wrUSsOQZVTlOcG2PkhzyWWq8KLJnhwGRRkY=
Subject key identifier: 6A:FD:B8:64:91:F6:B2:74:3F:90:34:48:6A:10:93:89:DA:22:26:BA
Certificate issuer: /CN=07266adfb18b189f3dc4d3be6dc596254be5c9b1
Certificate serial: 01856E542B8B3312C014E2BC56336AF9857C
Authority key identifier: 07:26:6A:DF:B1:8B:18:9F:3D:C4:D3:BE:6D:C5:96:25:4B:E5:C9:B1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ByZq37GLGJ89xNO-bcWWJUvlybE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3f/f57ca3-4ff1-4064-9df7-3da05388e9ae/1/av24ZJH2snQ_kDRIahCTidoiJro.roa
Signing time: Sun 01 Jan 2023 17:14:47 +0000
ROA not before: Sun 01 Jan 2023 17:14:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204106
IP address blocks: 109.74.72.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:54:2b:8b:33:12:c0:14:e2:bc:56:33:6a:f9:85:7c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=07266adfb18b189f3dc4d3be6dc596254be5c9b1
Validity
Not Before: Jan 1 17:14:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6afdb86491f6b2743f9034486a109389da2226ba
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:9e:df:d5:f2:63:15:89:2a:c1:2f:7c:b7:59:
a6:8b:75:e2:e0:dd:d8:15:a0:4f:16:5b:2e:23:7b:
18:90:c9:08:ff:f8:d2:55:1e:ba:b3:f5:e0:85:34:
f6:34:75:69:10:6d:61:46:5a:48:73:3b:33:27:91:
ed:0c:45:6e:42:2b:1b:08:1b:5c:d1:47:f4:ab:cb:
a8:45:c4:ef:f5:d9:1d:57:1a:15:cb:c9:1b:c9:bd:
60:ad:26:f8:b4:81:82:70:24:37:32:64:c7:cd:7c:
c7:cb:46:87:9b:87:fb:6c:da:c2:40:7a:e3:d1:bc:
a4:8d:bb:da:9f:85:85:b2:e5:bc:4f:4d:e9:9b:41:
80:b2:67:e5:45:26:f5:0b:98:09:24:3d:28:1e:86:
b7:a8:7b:0f:81:61:2e:d9:c6:77:a8:bd:57:0a:a3:
77:51:59:68:58:43:95:4b:b1:6d:cc:de:f2:e7:d8:
50:18:37:54:a2:70:d1:17:f2:48:1e:6f:92:64:af:
d4:19:91:d9:e7:50:03:0c:19:96:81:6f:51:67:35:
91:88:38:7e:91:94:47:9e:4f:70:03:06:51:0c:94:
ea:9a:54:98:32:fe:d1:ba:dc:74:b4:9d:0f:17:15:
71:51:40:e5:f5:cf:f3:8c:d3:3b:de:a4:a4:3a:c9:
79:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:FD:B8:64:91:F6:B2:74:3F:90:34:48:6A:10:93:89:DA:22:26:BA
X509v3 Authority Key Identifier:
keyid:07:26:6A:DF:B1:8B:18:9F:3D:C4:D3:BE:6D:C5:96:25:4B:E5:C9:B1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ByZq37GLGJ89xNO-bcWWJUvlybE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/f57ca3-4ff1-4064-9df7-3da05388e9ae/1/av24ZJH2snQ_kDRIahCTidoiJro.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/f57ca3-4ff1-4064-9df7-3da05388e9ae/1/ByZq37GLGJ89xNO-bcWWJUvlybE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.74.72.0/24
Signature Algorithm: sha256WithRSAEncryption
98:dd:c3:f4:d8:8a:2a:5c:0e:95:f7:db:8f:74:61:9f:c8:ce:
10:a8:a3:3f:56:45:e4:5e:c4:78:52:04:1a:60:ba:96:a5:ca:
ed:4b:fd:87:8f:9d:17:16:d8:88:c6:31:86:22:3a:63:6a:e0:
9b:d6:84:d5:4c:5e:11:59:78:fc:39:fe:06:41:fa:2b:a6:b6:
e6:87:d5:96:c6:34:1b:e7:10:7a:cc:e4:55:78:c4:d2:50:54:
8d:f9:7b:a8:1d:21:33:c3:28:02:b5:de:4c:22:58:d2:c1:13:
db:5a:66:0c:b9:0f:8d:ac:82:9b:1b:e5:0d:85:66:00:62:62:
72:b5:60:16:bd:63:4e:01:30:e9:46:6f:56:20:bc:78:af:24:
d0:82:f2:87:79:f8:0c:83:6e:96:00:cf:92:83:44:c7:bd:0d:
ca:39:b1:99:35:19:6d:56:f7:a0:8d:31:77:80:f3:b7:1c:50:
db:1b:75:75:e7:c8:a7:ad:25:16:e6:a4:1f:99:d8:48:b5:9d:
4b:e0:46:07:12:ec:f4:d8:c1:70:dc:9b:d0:46:7b:22:0f:a2:
36:58:c8:0e:9f:e7:03:83:61:fa:63:9d:5f:47:e2:21:2b:55:
04:3d:d8:17:3c:2a:97:86:c8:69:28:68:2c:e8:59:6e:b1:3f:
c8:09:16:8c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVuVCuLMxLAFOK8VjNq+YV8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA3MjY2YWRmYjE4YjE4OWYzZGM0ZDNiZTZkYzU5NjI1NGJl
NWM5YjEwHhcNMjMwMTAxMTcxNDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YWZkYjg2NDkxZjZiMjc0M2Y5MDM0NDg2YTEwOTM4OWRhMjIyNmJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArp7f1fJjFYkqwS98t1mmi3Xi4N3Y
FaBPFlsuI3sYkMkI//jSVR66s/XghTT2NHVpEG1hRlpIczszJ5HtDEVuQisbCBtc
0Uf0q8uoRcTv9dkdVxoVy8kbyb1grSb4tIGCcCQ3MmTHzXzHy0aHm4f7bNrCQHrj
0bykjbvan4WFsuW8T03pm0GAsmflRSb1C5gJJD0oHoa3qHsPgWEu2cZ3qL1XCqN3
UVloWEOVS7FtzN7y59hQGDdUonDRF/JIHm+SZK/UGZHZ51ADDBmWgW9RZzWRiDh+
kZRHnk9wAwZRDJTqmlSYMv7Rutx0tJ0PFxVxUUDl9c/zjNM73qSkOsl5RQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGr9uGSR9rJ0P5A0SGoQk4naIia6MB8GA1UdIwQY
MBaAFAcmat+xixifPcTTvm3FliVL5cmxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQnlacTM3R0xHSjg5eE5PLWJjV1dKVXZseWJFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZi9mNTdjYTMtNGZmMS00MDY0LTlkZjct
M2RhMDUzODhlOWFlLzEvYXYyNFpKSDJzblFfa0RSSWFoQ1RpZG9pSnJvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZi9mNTdjYTMtNGZmMS00MDY0LTlkZjctM2RhMDUzODhlOWFl
LzEvQnlacTM3R0xHSjg5eE5PLWJjV1dKVXZseWJFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAbUpIMA0G
CSqGSIb3DQEBCwUAA4IBAQCY3cP02IoqXA6V99uPdGGfyM4QqKM/VkXkXsR4UgQa
YLqWpcrtS/2Hj50XFtiIxjGGIjpjauCb1oTVTF4RWXj8Of4GQforprbmh9WWxjQb
5xB6zORVeMTSUFSN+XuoHSEzwygCtd5MIljSwRPbWmYMuQ+NrIKbG+UNhWYAYmJy
tWAWvWNOATDpRm9WILx4ryTQgvKHefgMg26WAM+Sg0THvQ3KObGZNRltVvegjTF3
gPO3HFDbG3V158inrSUW5qQfmdhItZ1L4EYHEuz02MFw3JvQRnsiD6I2WMgOn+cD
g2H6Y51fR+IhK1UEPdgXPCqXhshpKGgs6FlusT/ICRaM
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:26:40 2024 by rpki-client on console-fra.rpki-client.org