Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/2171be-b083-479b-a580-6a06b7502bd7/1/DZWYAj5Slc7eS51odNbAQtHmsQ8.roa
File: DZWYAj5Slc7eS51odNbAQtHmsQ8.roa (raw, json)
Hash identifier: xk1uv/4Xidk9qU8W0DlS6g5f6hkTXxmI2+T0NHE3wUA=
Subject key identifier: 0D:95:98:02:3E:52:95:CE:DE:4B:9D:68:74:D6:C0:42:D1:E6:B1:0F
Certificate issuer: /CN=37ed49efac9795987771acdc77a0e228904277ad
Certificate serial: 01852A77F0ABB187DF31CAE0EBC0602094AE
Authority key identifier: 37:ED:49:EF:AC:97:95:98:77:71:AC:DC:77:A0:E2:28:90:42:77:AD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/N-1J76yXlZh3cazcd6DiKJBCd60.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2f/2171be-b083-479b-a580-6a06b7502bd7/1/DZWYAj5Slc7eS51odNbAQtHmsQ8.roa
Signing time: Mon 19 Dec 2022 12:59:41 +0000
ROA not before: Mon 19 Dec 2022 12:59:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 207967
IP address blocks: 109.172.45.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:2a:77:f0:ab:b1:87:df:31:ca:e0:eb:c0:60:20:94:ae
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=37ed49efac9795987771acdc77a0e228904277ad
Validity
Not Before: Dec 19 12:59:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0d9598023e5295cede4b9d6874d6c042d1e6b10f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:cc:7d:96:83:d5:0e:4d:05:28:43:92:bd:15:
f3:45:76:72:0b:7c:c1:75:d7:08:5a:44:e2:22:de:
32:4b:47:b6:1d:3c:1a:b6:d1:01:3a:b3:85:43:34:
8a:5d:e1:bf:07:7e:e6:34:16:8c:69:ec:14:d4:1a:
b4:b6:d6:9e:47:ed:07:6e:39:df:5b:21:ad:82:e9:
86:26:d9:07:7f:11:3f:a0:09:77:b7:e1:38:3d:10:
ee:a9:22:36:ad:90:16:44:b4:16:df:25:db:34:07:
68:bf:4e:98:e2:57:9e:e2:9f:4e:08:84:50:08:a1:
2d:1f:f0:4d:d1:21:79:7c:98:c3:e2:83:bd:fd:e2:
75:ff:ef:b6:49:e2:72:80:6f:04:b4:33:b2:b6:98:
4a:aa:ad:61:58:d7:1a:23:05:20:7e:e3:23:c1:f5:
0b:db:fe:20:45:fa:48:4a:84:66:c4:77:17:f0:cb:
da:34:9a:92:a2:40:a2:d8:6d:7d:35:4b:d5:9f:58:
ef:37:a2:3f:e5:6e:ea:21:0d:9f:7a:93:74:25:56:
da:45:dc:6f:ad:e4:6f:ed:74:25:c2:64:b5:79:9f:
49:d9:2f:85:cc:32:16:6c:9b:70:94:e2:ea:5f:60:
01:f0:ab:03:27:4c:09:c5:ad:bd:98:2a:cd:e7:74:
4d:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:95:98:02:3E:52:95:CE:DE:4B:9D:68:74:D6:C0:42:D1:E6:B1:0F
X509v3 Authority Key Identifier:
keyid:37:ED:49:EF:AC:97:95:98:77:71:AC:DC:77:A0:E2:28:90:42:77:AD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/N-1J76yXlZh3cazcd6DiKJBCd60.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/2171be-b083-479b-a580-6a06b7502bd7/1/DZWYAj5Slc7eS51odNbAQtHmsQ8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/2171be-b083-479b-a580-6a06b7502bd7/1/N-1J76yXlZh3cazcd6DiKJBCd60.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.172.45.0/24
Signature Algorithm: sha256WithRSAEncryption
34:23:b6:d8:dd:be:1a:b3:ac:0e:f1:ca:f5:61:cd:3b:1a:77:
64:cc:2b:fe:8d:96:63:55:28:72:3f:b0:89:46:cf:e3:dd:56:
65:b6:9f:94:ff:65:0c:8a:ce:89:8d:50:d2:58:f2:ae:dc:f6:
ff:74:b2:0c:fb:c5:d9:cf:fe:13:13:3c:67:5d:d0:ff:d7:fb:
76:a1:af:d2:3d:70:73:1f:61:37:f0:a3:91:aa:e0:fe:8a:9f:
ba:5c:82:96:92:79:bb:0b:ce:6d:75:d1:84:70:c4:ba:1c:89:
be:cb:6a:83:eb:2b:dd:18:48:73:c6:48:04:2a:ab:89:c8:83:
c0:c3:4e:b9:19:8c:ec:87:09:61:cd:b2:35:8a:2f:cb:be:c9:
55:e6:8e:26:17:d7:4a:3b:dd:b3:ac:0c:02:92:e0:e0:64:67:
6f:45:55:ef:72:bd:73:f5:26:cd:cd:e3:b2:20:0d:4d:ff:de:
0e:82:65:43:4e:ba:c0:ea:c3:6d:65:29:5c:e0:be:e5:65:c2:
f4:d0:c7:a2:de:b6:41:aa:17:5d:1b:54:22:7b:0e:3f:67:55:
66:a8:54:6b:84:c3:9d:c6:ac:f9:12:8c:ec:19:c7:29:3a:c9:
79:43:15:bc:6a:49:59:5e:3e:92:84:f1:8f:92:8b:2d:ee:ee:
b9:0b:7d:d3
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYUqd/CrsYffMcrg68BgIJSuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM3ZWQ0OWVmYWM5Nzk1OTg3NzcxYWNkYzc3YTBlMjI4OTA0
Mjc3YWQwHhcNMjIxMjE5MTI1OTQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZDk1OTgwMjNlNTI5NWNlZGU0YjlkNjg3NGQ2YzA0MmQxZTZiMTBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA18x9loPVDk0FKEOSvRXzRXZyC3zB
ddcIWkTiIt4yS0e2HTwattEBOrOFQzSKXeG/B37mNBaMaewU1Bq0ttaeR+0Hbjnf
WyGtgumGJtkHfxE/oAl3t+E4PRDuqSI2rZAWRLQW3yXbNAdov06Y4lee4p9OCIRQ
CKEtH/BN0SF5fJjD4oO9/eJ1/++2SeJygG8EtDOytphKqq1hWNcaIwUgfuMjwfUL
2/4gRfpISoRmxHcX8MvaNJqSokCi2G19NUvVn1jvN6I/5W7qIQ2fepN0JVbaRdxv
reRv7XQlwmS1eZ9J2S+FzDIWbJtwlOLqX2AB8KsDJ0wJxa29mCrN53RNtQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFA2VmAI+UpXO3kudaHTWwELR5rEPMB8GA1UdIwQY
MBaAFDftSe+sl5WYd3Gs3Heg4iiQQnetMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTi0xSjc2eVhsWmgzY2F6Y2Q2RGlLSkJDZDYwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi8yMTcxYmUtYjA4My00NzliLWE1ODAt
NmEwNmI3NTAyYmQ3LzEvRFpXWUFqNVNsYzdlUzUxb2ROYkFRdEhtc1E4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZi8yMTcxYmUtYjA4My00NzliLWE1ODAtNmEwNmI3NTAyYmQ3
LzEvTi0xSjc2eVhsWmgzY2F6Y2Q2RGlLSkJDZDYwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAbawtMA0G
CSqGSIb3DQEBCwUAA4IBAQA0I7bY3b4as6wO8cr1Yc07GndkzCv+jZZjVShyP7CJ
Rs/j3VZltp+U/2UMis6JjVDSWPKu3Pb/dLIM+8XZz/4TEzxnXdD/1/t2oa/SPXBz
H2E38KORquD+ip+6XIKWknm7C85tddGEcMS6HIm+y2qD6yvdGEhzxkgEKquJyIPA
w065GYzshwlhzbI1ii/LvslV5o4mF9dKO92zrAwCkuDgZGdvRVXvcr1z9SbNzeOy
IA1N/94OgmVDTrrA6sNtZSlc4L7lZcL00Mei3rZBqhddG1Qiew4/Z1VmqFRrhMOd
xqz5EozsGccpOsl5QxW8aklZXj6ShPGPkost7u65C33T
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:09 2024 by rpki-client on console-fra.rpki-client.org