Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1e/32d85d-a717-4d68-82a6-2f365f22a18c/1/J-WFxuH5-z40vNqCrXZT0SShKuY.roa
File: J-WFxuH5-z40vNqCrXZT0SShKuY.roa (raw, json)
Hash identifier: P4WGXYSl/OenSGYKT/kfSgrjvABNLp5xnlXv0tjqWUM=
Subject key identifier: 27:E5:85:C6:E1:F9:FB:3E:34:BC:DA:82:AD:76:53:D1:24:A1:2A:E6
Certificate issuer: /CN=1a392dfc6ba2d3186d3269c7091b7019815345d3
Certificate serial: 0188B96154BE5F55D6962BE27A2B041659AC
Authority key identifier: 1A:39:2D:FC:6B:A2:D3:18:6D:32:69:C7:09:1B:70:19:81:53:45:D3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Gjkt_Gui0xhtMmnHCRtwGYFTRdM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1e/32d85d-a717-4d68-82a6-2f365f22a18c/1/J-WFxuH5-z40vNqCrXZT0SShKuY.roa
Signing time: Wed 14 Jun 2023 10:09:03 +0000
ROA not before: Wed 14 Jun 2023 10:09:03 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 206065
IP address blocks: 109.230.80.0/20 maxlen: 20
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:b9:61:54:be:5f:55:d6:96:2b:e2:7a:2b:04:16:59:ac
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1a392dfc6ba2d3186d3269c7091b7019815345d3
Validity
Not Before: Jun 14 10:09:03 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=27e585c6e1f9fb3e34bcda82ad7653d124a12ae6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:d3:db:8d:4e:9e:60:66:9d:05:e9:a6:e8:40:
08:71:3f:1b:6c:ff:7d:ba:b4:47:46:00:85:75:de:
27:4e:38:0c:4f:55:c6:c4:7e:14:e8:72:24:9e:79:
ce:e3:70:51:d0:51:91:a4:fe:3d:5f:48:38:8e:b3:
83:de:5b:01:83:91:58:f0:18:1e:3e:c8:6f:28:21:
a1:39:53:08:0e:00:51:04:b9:09:43:97:b6:9c:67:
11:24:d6:5d:43:0e:18:9f:2a:18:8f:fe:0d:d5:da:
5a:23:58:45:1c:15:02:53:cf:6b:a9:5f:d2:6c:87:
13:76:46:ac:2d:a3:34:8c:43:87:d2:43:83:e8:4e:
49:b6:3f:76:ee:92:f0:89:c4:5f:0c:08:20:44:4c:
9c:f7:b1:df:0d:52:e7:91:c1:b6:21:ad:5a:3c:a6:
b5:ad:4c:20:ff:1e:b7:7c:40:42:3c:16:50:27:61:
25:c3:c9:a7:57:54:5c:79:ad:fc:ba:3c:eb:96:31:
40:35:29:19:fe:a3:5e:4e:a0:6d:81:14:5a:fb:33:
b5:a9:da:3d:64:3b:93:5d:b5:a1:74:5e:ea:d3:40:
e7:89:59:74:10:d1:cd:8d:86:d5:5d:21:67:85:a8:
4a:9a:25:7f:0a:09:50:2d:24:96:63:f1:83:b8:2d:
27:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
27:E5:85:C6:E1:F9:FB:3E:34:BC:DA:82:AD:76:53:D1:24:A1:2A:E6
X509v3 Authority Key Identifier:
keyid:1A:39:2D:FC:6B:A2:D3:18:6D:32:69:C7:09:1B:70:19:81:53:45:D3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Gjkt_Gui0xhtMmnHCRtwGYFTRdM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/32d85d-a717-4d68-82a6-2f365f22a18c/1/J-WFxuH5-z40vNqCrXZT0SShKuY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/32d85d-a717-4d68-82a6-2f365f22a18c/1/Gjkt_Gui0xhtMmnHCRtwGYFTRdM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.230.80.0/20
Signature Algorithm: sha256WithRSAEncryption
02:60:32:04:f2:01:9a:5f:a0:5e:c6:f9:96:f7:a4:66:06:89:
1e:30:d4:89:dc:94:03:64:8e:f0:a0:a8:d6:83:50:25:30:e4:
cc:48:b5:29:59:b4:02:69:d1:82:30:22:0c:a8:b9:44:3a:a7:
d5:e8:85:92:f4:c5:13:01:65:bf:86:a2:6c:90:5c:26:aa:c8:
da:50:b4:be:de:72:cd:a4:7b:e8:50:0c:3d:99:28:ab:1d:3c:
9d:cc:e2:da:1a:c8:b0:1c:36:c0:5e:67:6d:8e:e8:64:68:7b:
2f:2c:03:b2:40:7f:eb:03:40:2f:e8:82:ce:75:b1:9e:71:ad:
3e:36:04:ae:45:d5:40:24:5a:15:df:dc:3e:08:a7:26:04:e6:
16:1e:5f:a1:22:a9:c1:28:f2:47:dd:2c:6f:76:25:60:94:93:
33:66:cb:24:3a:fc:69:4a:34:e7:f5:2d:db:70:94:a4:56:ec:
3e:36:24:f2:8a:05:54:ec:28:9a:26:92:bc:a4:0b:31:e6:4d:
ae:59:31:ce:47:52:d0:93:5c:17:34:86:6f:c9:88:04:1c:64:
ca:3a:cb:66:49:9f:81:c7:24:94:8a:4a:77:76:c9:d3:28:30:
63:45:cd:94:4b:3c:a5:b2:dd:24:b3:7c:b1:75:c5:61:2a:f8:
2a:0c:1d:4b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYi5YVS+X1XWlivieisEFlmsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFhMzkyZGZjNmJhMmQzMTg2ZDMyNjljNzA5MWI3MDE5ODE1
MzQ1ZDMwHhcNMjMwNjE0MTAwOTAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyN2U1ODVjNmUxZjlmYjNlMzRiY2RhODJhZDc2NTNkMTI0YTEyYWU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhtPbjU6eYGadBemm6EAIcT8bbP99
urRHRgCFdd4nTjgMT1XGxH4U6HIknnnO43BR0FGRpP49X0g4jrOD3lsBg5FY8Bge
PshvKCGhOVMIDgBRBLkJQ5e2nGcRJNZdQw4YnyoYj/4N1dpaI1hFHBUCU89rqV/S
bIcTdkasLaM0jEOH0kOD6E5Jtj927pLwicRfDAggREyc97HfDVLnkcG2Ia1aPKa1
rUwg/x63fEBCPBZQJ2Elw8mnV1Rcea38ujzrljFANSkZ/qNeTqBtgRRa+zO1qdo9
ZDuTXbWhdF7q00DniVl0ENHNjYbVXSFnhahKmiV/CglQLSSWY/GDuC0nUwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCflhcbh+fs+NLzagq12U9EkoSrmMB8GA1UdIwQY
MBaAFBo5LfxrotMYbTJpxwkbcBmBU0XTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR2prdF9HdWkweGh0TW1uSENSdHdHWUZUUmRNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZS8zMmQ4NWQtYTcxNy00ZDY4LTgyYTYt
MmYzNjVmMjJhMThjLzEvSi1XRnh1SDUtejQwdk5xQ3JYWlQwU1NoS3VZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZS8zMmQ4NWQtYTcxNy00ZDY4LTgyYTYtMmYzNjVmMjJhMThj
LzEvR2prdF9HdWkweGh0TW1uSENSdHdHWUZUUmRNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEbeZQMA0G
CSqGSIb3DQEBCwUAA4IBAQACYDIE8gGaX6BexvmW96RmBokeMNSJ3JQDZI7woKjW
g1AlMOTMSLUpWbQCadGCMCIMqLlEOqfV6IWS9MUTAWW/hqJskFwmqsjaULS+3nLN
pHvoUAw9mSirHTydzOLaGsiwHDbAXmdtjuhkaHsvLAOyQH/rA0Av6ILOdbGeca0+
NgSuRdVAJFoV39w+CKcmBOYWHl+hIqnBKPJH3SxvdiVglJMzZsskOvxpSjTn9S3b
cJSkVuw+NiTyigVU7CiaJpK8pAsx5k2uWTHOR1LQk1wXNIZvyYgEHGTKOstmSZ+B
xySUikp3dsnTKDBjRc2USzylst0ks3yxdcVhKvgqDB1L
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:57:24 2025 by rpki-client