Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1e/32d85d-a717-4d68-82a6-2f365f22a18c/1/isKhM2DDW3vsXHwfrI18nnWAaIU.roa
File: isKhM2DDW3vsXHwfrI18nnWAaIU.roa (raw, json)
Hash identifier: JTfWM0160TXu233ooP1RqOSufTdH3UonyUSIv9LhXxk=
Subject key identifier: 8A:C2:A1:33:60:C3:5B:7B:EC:5C:7C:1F:AC:8D:7C:9E:75:80:68:85
Certificate issuer: /CN=1a392dfc6ba2d3186d3269c7091b7019815345d3
Certificate serial: 393C9726
Authority key identifier: 1A:39:2D:FC:6B:A2:D3:18:6D:32:69:C7:09:1B:70:19:81:53:45:D3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Gjkt_Gui0xhtMmnHCRtwGYFTRdM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1e/32d85d-a717-4d68-82a6-2f365f22a18c/1/isKhM2DDW3vsXHwfrI18nnWAaIU.roa
Signing time: Tue 05 Jul 2022 08:59:22 +0000
ROA not before: Tue 05 Jul 2022 08:59:22 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 50591
IP address blocks: 109.230.64.0/22 maxlen: 22
109.230.69.0/24 maxlen: 24
109.230.68.0/22 maxlen: 22
109.230.72.0/22 maxlen: 22
109.230.76.0/22 maxlen: 22
109.230.80.0/22 maxlen: 22
109.230.84.0/22 maxlen: 22
109.230.88.0/22 maxlen: 22
109.230.92.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 960272166 (0x393c9726)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1a392dfc6ba2d3186d3269c7091b7019815345d3
Validity
Not Before: Jul 5 08:59:22 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=8ac2a13360c35b7bec5c7c1fac8d7c9e75806885
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:3e:21:07:52:d6:29:57:ac:90:2e:64:67:58:
8c:6b:32:d9:b5:c1:3e:8e:27:1c:f4:96:0a:88:c7:
1e:4f:26:4b:c5:1c:9e:1f:61:c0:0d:52:bd:a7:9a:
9b:1b:af:92:8b:4d:5f:25:99:fb:f2:d8:e8:d4:17:
c7:7f:27:15:d1:63:f1:cb:fa:75:0f:0f:29:ca:ca:
bc:9f:49:dc:cd:2b:3d:87:75:30:f8:49:8c:c8:c4:
b7:91:3e:55:30:5c:f7:be:83:23:70:79:be:47:2e:
d5:87:67:de:87:60:aa:bc:12:46:fa:8d:25:44:f3:
1f:9b:ef:a5:c6:d8:3f:75:ab:52:9d:2d:fb:f1:42:
ed:b1:ae:2f:f6:54:e5:75:96:9f:d3:15:8e:86:09:
94:08:16:89:14:e9:80:42:ff:3f:90:a5:6a:97:c0:
43:fe:ef:ba:ab:01:ad:9a:4a:e9:89:15:e2:f7:34:
b5:c2:4f:8c:0f:b5:ab:b6:aa:9d:6f:fa:e3:dd:77:
56:45:c9:c4:5e:f3:01:76:fb:0e:4b:23:6a:4f:48:
c9:ae:21:d5:eb:1e:70:95:83:f9:a0:67:f7:50:16:
1a:ee:84:47:6f:06:e3:50:4f:f1:da:e5:3d:ec:0e:
46:9c:69:ec:46:ec:50:50:77:1a:cf:61:c4:6b:4d:
38:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:C2:A1:33:60:C3:5B:7B:EC:5C:7C:1F:AC:8D:7C:9E:75:80:68:85
X509v3 Authority Key Identifier:
keyid:1A:39:2D:FC:6B:A2:D3:18:6D:32:69:C7:09:1B:70:19:81:53:45:D3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Gjkt_Gui0xhtMmnHCRtwGYFTRdM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/32d85d-a717-4d68-82a6-2f365f22a18c/1/isKhM2DDW3vsXHwfrI18nnWAaIU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/32d85d-a717-4d68-82a6-2f365f22a18c/1/Gjkt_Gui0xhtMmnHCRtwGYFTRdM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.230.64.0/19
Signature Algorithm: sha256WithRSAEncryption
96:90:2b:5f:2a:24:d1:ee:65:4d:b3:3f:cd:3c:3e:cb:19:a4:
82:be:ff:9a:23:04:5f:0f:f6:7a:ed:df:a4:35:9d:33:f7:b5:
36:6c:a6:89:b9:9f:c3:dc:60:1a:cf:1f:af:1a:8f:05:7f:78:
c2:43:cf:38:2b:13:89:23:cd:57:a8:c1:24:25:6a:ef:bc:07:
ed:56:dc:50:46:72:78:86:00:f6:e1:b4:09:3d:ed:0c:73:25:
b4:08:6e:89:95:bc:bb:48:56:c7:5c:04:7a:e5:1c:28:ef:03:
ad:f6:da:a1:bc:0f:b3:57:82:20:b4:a3:b6:50:eb:b0:44:7c:
59:3b:87:34:28:6d:ab:03:c8:0a:f4:c4:94:7b:b3:aa:94:17:
f7:cb:b7:e4:ca:f9:2e:36:5e:f1:b8:d4:3d:05:d6:2e:0b:7a:
4f:9b:04:e6:06:74:1a:fd:73:62:0f:41:a9:f1:05:88:80:52:
ad:7d:1e:f0:bc:6d:99:66:76:a3:e3:77:d8:e3:36:97:70:71:
1f:5e:80:2c:0f:2d:46:5c:52:e7:28:f9:21:e4:b2:e7:05:41:
c0:02:d1:f7:06:ca:00:3f:eb:ba:a4:bd:d2:7b:5f:22:8c:b3:
1d:fa:ba:e4:9c:c2:6b:a9:5e:ae:d2:fe:44:25:a2:3c:c7:ed:
ef:70:b0:a1
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEOTyXJjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
YTM5MmRmYzZiYTJkMzE4NmQzMjY5YzcwOTFiNzAxOTgxNTM0NWQzMB4XDTIyMDcw
NTA4NTkyMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOGFjMmExMzM2MGMz
NWI3YmVjNWM3YzFmYWM4ZDdjOWU3NTgwNjg4NTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAL4+IQdS1ilXrJAuZGdYjGsy2bXBPo4nHPSWCojHHk8mS8Uc
nh9hwA1SvaeamxuvkotNXyWZ+/LY6NQXx38nFdFj8cv6dQ8PKcrKvJ9J3M0rPYd1
MPhJjMjEt5E+VTBc976DI3B5vkcu1Ydn3odgqrwSRvqNJUTzH5vvpcbYP3WrUp0t
+/FC7bGuL/ZU5XWWn9MVjoYJlAgWiRTpgEL/P5ClapfAQ/7vuqsBrZpK6YkV4vc0
tcJPjA+1q7aqnW/64913VkXJxF7zAXb7Dksjak9Iya4h1esecJWD+aBn91AWGu6E
R28G41BP8drlPewORpxp7EbsUFB3Gs9hxGtNOL8CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSKwqEzYMNbe+xcfB+sjXyedYBohTAfBgNVHSMEGDAWgBQaOS38a6LTGG0y
accJG3AZgVNF0zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0dqa3RfR3VpMHhodE1tbkhDUnR3R1lGVFJkTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMWUvMzJkODVkLWE3MTctNGQ2OC04MmE2LTJmMzY1ZjIyYTE4Yy8x
L2lzS2hNMkREVzN2c1hId2ZySTE4bm5XQWFJVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMWUv
MzJkODVkLWE3MTctNGQ2OC04MmE2LTJmMzY1ZjIyYTE4Yy8xL0dqa3RfR3VpMHho
dE1tbkhDUnR3R1lGVFJkTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBW3mQDANBgkqhkiG9w0BAQsFAAOC
AQEAlpArXyok0e5lTbM/zTw+yxmkgr7/miMEXw/2eu3fpDWdM/e1Nmymibmfw9xg
Gs8frxqPBX94wkPPOCsTiSPNV6jBJCVq77wH7VbcUEZyeIYA9uG0CT3tDHMltAhu
iZW8u0hWx1wEeuUcKO8DrfbaobwPs1eCILSjtlDrsER8WTuHNChtqwPICvTElHuz
qpQX98u35Mr5LjZe8bjUPQXWLgt6T5sE5gZ0Gv1zYg9BqfEFiIBSrX0e8LxtmWZ2
o+N32OM2l3BxH16ALA8tRlxS5yj5IeSy5wVBwALR9wbKAD/ruqS90ntfIoyzHfq6
5JzCa6lertL+RCWiPMft73CwoQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:21:45 2024 by rpki-client on console-fra.rpki-client.org