Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/23/95eebb-0a9d-4f71-b3f9-5649e1b192bb/1/9MSOSd9z1T2o-7Zyes3uwFGcNrY.roa
File: 9MSOSd9z1T2o-7Zyes3uwFGcNrY.roa (raw, json)
Hash identifier: mygXHidcQYFzPEsw+t9UpSdOrjGK0OPJJiLQMkxmCKU=
Subject key identifier: F4:C4:8E:49:DF:73:D5:3D:A8:FB:B6:72:7A:CD:EE:C0:51:9C:36:B6
Certificate issuer: /CN=fbf62f7606273f41a6ccc8e2956076f3c0a1eb54
Certificate serial: 0B9688F1
Authority key identifier: FB:F6:2F:76:06:27:3F:41:A6:CC:C8:E2:95:60:76:F3:C0:A1:EB:54
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-_YvdgYnP0GmzMjilWB288Ch61Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/23/95eebb-0a9d-4f71-b3f9-5649e1b192bb/1/9MSOSd9z1T2o-7Zyes3uwFGcNrY.roa
Signing time: Fri 07 Jan 2022 13:27:36 +0000
ROA not before: Fri 07 Jan 2022 13:27:36 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 208485
IP address blocks: 109.104.152.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 194414833 (0xb9688f1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fbf62f7606273f41a6ccc8e2956076f3c0a1eb54
Validity
Not Before: Jan 7 13:27:36 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f4c48e49df73d53da8fbb6727acdeec0519c36b6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:85:d2:37:b8:98:41:fd:45:68:c0:fd:0a:54:
c9:e2:ee:7e:bb:6e:14:26:63:5c:3b:bc:a4:5b:69:
e2:86:8a:aa:36:25:8c:03:ec:d5:e0:e4:6a:8d:0f:
69:93:2b:9d:2b:3b:37:e4:6d:85:91:2d:cb:9e:e8:
06:d2:3b:61:27:50:68:be:53:3b:c3:5c:f0:ac:f6:
b0:8c:5d:f6:aa:e7:31:94:26:85:fe:0d:07:61:4e:
37:14:ca:ad:ab:2f:58:c1:6a:2d:47:14:e6:68:13:
2f:aa:ff:f1:cd:04:b7:1b:9e:15:dc:96:ac:a0:c6:
ae:2a:b0:ed:30:8f:c6:ad:c7:5c:27:f3:74:8d:81:
57:7f:ba:8b:17:7b:9a:8b:02:04:c7:b8:2a:09:80:
6f:35:ea:13:43:ad:be:02:7c:ab:d1:a0:2d:09:44:
3e:90:da:d5:a3:de:59:36:56:d0:bb:ef:ff:3a:96:
89:70:1d:0a:b9:bc:e1:84:b6:7b:8b:72:e6:3d:7b:
dc:97:53:53:bc:2c:97:bd:a9:09:21:3b:a5:c9:08:
ea:2d:ba:13:e8:38:ed:71:ec:d1:05:2b:0d:37:db:
e1:d8:6e:c3:4b:19:4a:a1:16:05:18:b8:81:09:36:
b1:8b:0f:de:67:dd:87:d7:24:e8:91:ce:eb:36:88:
24:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:C4:8E:49:DF:73:D5:3D:A8:FB:B6:72:7A:CD:EE:C0:51:9C:36:B6
X509v3 Authority Key Identifier:
keyid:FB:F6:2F:76:06:27:3F:41:A6:CC:C8:E2:95:60:76:F3:C0:A1:EB:54
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-_YvdgYnP0GmzMjilWB288Ch61Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/23/95eebb-0a9d-4f71-b3f9-5649e1b192bb/1/9MSOSd9z1T2o-7Zyes3uwFGcNrY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/23/95eebb-0a9d-4f71-b3f9-5649e1b192bb/1/1-_YvdgYnP0GmzMjilWB288Ch61Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.104.152.0/24
Signature Algorithm: sha256WithRSAEncryption
1d:71:d6:b7:44:97:b0:f7:09:25:39:0c:91:e3:52:d9:21:37:
d3:bc:fc:00:64:c6:a0:bb:50:38:02:bb:32:a2:f7:9b:50:d1:
66:22:61:2b:57:3d:98:1a:f0:b8:ea:b0:3d:d9:18:d2:e7:a0:
78:6c:c2:a7:07:8d:88:8e:a8:5d:30:bd:ab:8f:38:c1:ee:0a:
00:d8:d5:24:58:8f:aa:91:c8:c5:ce:27:d7:b7:79:a8:63:1e:
2c:4d:84:be:2d:3a:80:cc:e1:c9:7a:d8:74:99:41:63:e9:04:
0b:09:93:93:60:59:ac:72:67:58:d7:a7:97:e3:b9:68:dc:f8:
01:37:b6:9c:7c:08:ec:0c:6a:d6:8f:43:cb:db:78:7e:61:84:
3b:91:3e:ed:69:1f:ca:cb:98:e7:33:af:ac:9a:66:48:65:77:
5c:c5:06:28:07:bc:4a:3b:07:9f:4a:61:c2:4d:81:e1:3f:29:
94:48:04:41:b5:8e:5d:ee:4a:ff:97:2c:05:b1:6f:87:3f:3b:
2a:7c:29:f4:93:c2:ec:55:81:29:6a:7e:41:76:bb:16:ec:85:
ac:bc:f5:35:cf:98:9c:2d:a9:d3:08:37:ee:36:5a:26:ba:3c:
ab:de:aa:80:18:f6:ca:05:bb:79:3e:00:0d:bf:ce:44:75:63:
ca:f4:1c:95
-----BEGIN CERTIFICATE-----
MIIE8TCCA9mgAwIBAgIEC5aI8TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
YmY2MmY3NjA2MjczZjQxYTZjY2M4ZTI5NTYwNzZmM2MwYTFlYjU0MB4XDTIyMDEw
NzEzMjczNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZjRjNDhlNDlkZjcz
ZDUzZGE4ZmJiNjcyN2FjZGVlYzA1MTljMzZiNjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALqF0je4mEH9RWjA/QpUyeLufrtuFCZjXDu8pFtp4oaKqjYl
jAPs1eDkao0PaZMrnSs7N+RthZEty57oBtI7YSdQaL5TO8Nc8Kz2sIxd9qrnMZQm
hf4NB2FONxTKrasvWMFqLUcU5mgTL6r/8c0EtxueFdyWrKDGriqw7TCPxq3HXCfz
dI2BV3+6ixd7mosCBMe4KgmAbzXqE0OtvgJ8q9GgLQlEPpDa1aPeWTZW0Lvv/zqW
iXAdCrm84YS2e4ty5j173JdTU7wsl72pCSE7pckI6i26E+g47XHs0QUrDTfb4dhu
w0sZSqEWBRi4gQk2sYsP3mfdh9ck6JHO6zaIJDUCAwEAAaOCAgswggIHMB0GA1Ud
DgQWBBT0xI5J33PVPaj7tnJ6ze7AUZw2tjAfBgNVHSMEGDAWgBT79i92Bic/QabM
yOKVYHbzwKHrVDAOBgNVHQ8BAf8EBAMCB4AwZQYIKwYBBQUHAQEEWTBXMFUGCCsG
AQUFBzAChklyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzEtX1l2ZGdZblAwR216TWppbFdCMjg4Q2g2MVEuY2VyMIGNBggrBgEFBQcBCwSB
gDB+MHwGCCsGAQUFBzALhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS9ERUZBVUxULzIzLzk1ZWViYi0wYTlkLTRmNzEtYjNmOS01NjQ5ZTFiMTkyYmIv
MS85TVNPU2Q5ejFUMm8tN1p5ZXMzdXdGR2NOclkucm9hMIGCBgNVHR8EezB5MHeg
daBzhnFyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzIz
Lzk1ZWViYi0wYTlkLTRmNzEtYjNmOS01NjQ5ZTFiMTkyYmIvMS8xLV9ZdmRnWW5Q
MEdtek1qaWxXQjI4OENoNjFRLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4C
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAbWiYMA0GCSqGSIb3DQEBCwUA
A4IBAQAdcda3RJew9wklOQyR41LZITfTvPwAZMagu1A4ArsyovebUNFmImErVz2Y
GvC46rA92RjS56B4bMKnB42IjqhdML2rjzjB7goA2NUkWI+qkcjFzifXt3moYx4s
TYS+LTqAzOHJeth0mUFj6QQLCZOTYFmscmdY16eX47lo3PgBN7acfAjsDGrWj0PL
23h+YYQ7kT7taR/Ky5jnM6+smmZIZXdcxQYoB7xKOwefSmHCTYHhPymUSARBtY5d
7kr/lywFsW+HPzsqfCn0k8LsVYEpan5BdrsW7IWsvPU1z5icLanTCDfuNlomujyr
3qqAGPbKBbt5PgANv85EdWPK9ByV
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:13:27 2025 by rpki-client