Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/2171be-b083-479b-a580-6a06b7502bd7/1/DaYmgKN3Cmrpg2pYYplN8vfUliI.roa
File: DaYmgKN3Cmrpg2pYYplN8vfUliI.roa (raw, json)
Hash identifier: Kmupr9qGHYLCF2/59ej8p7rPFiPifKjOpNmKRop4bbM=
Subject key identifier: 0D:A6:26:80:A3:77:0A:6A:E9:83:6A:58:62:99:4D:F2:F7:D4:96:22
Certificate issuer: /CN=37ed49efac9795987771acdc77a0e228904277ad
Certificate serial: 0185162FE346145DE2353E4C287085E9CE27
Authority key identifier: 37:ED:49:EF:AC:97:95:98:77:71:AC:DC:77:A0:E2:28:90:42:77:AD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/N-1J76yXlZh3cazcd6DiKJBCd60.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2f/2171be-b083-479b-a580-6a06b7502bd7/1/DaYmgKN3Cmrpg2pYYplN8vfUliI.roa
Signing time: Thu 15 Dec 2022 14:28:35 +0000
ROA not before: Thu 15 Dec 2022 14:28:35 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 207713
IP address blocks: 109.172.44.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:16:2f:e3:46:14:5d:e2:35:3e:4c:28:70:85:e9:ce:27
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=37ed49efac9795987771acdc77a0e228904277ad
Validity
Not Before: Dec 15 14:28:35 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0da62680a3770a6ae9836a5862994df2f7d49622
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:a3:4c:c7:78:1c:2c:12:32:55:be:1a:b2:5d:
10:89:19:ab:3f:d2:f4:cc:a4:7d:9d:92:68:e1:9f:
98:c7:ad:9e:2d:40:4c:53:53:f3:f1:4f:73:d9:02:
b7:4f:fc:f2:8c:eb:a9:ed:74:fd:a0:b2:46:05:e4:
af:a8:52:b8:37:46:a7:0f:da:2b:63:8c:60:1a:2f:
31:30:ad:6a:75:3b:b8:4d:f1:d7:67:fb:ae:c8:bc:
ec:9a:56:ee:e3:2a:3b:70:63:31:c3:ef:11:e7:68:
aa:ff:f0:ec:72:c8:17:fa:b8:f1:26:83:79:d7:9c:
dd:7d:4e:83:c4:78:95:db:7d:35:d4:cf:cf:b9:ac:
37:99:a9:51:dc:7f:0a:c4:b4:ee:ce:b2:61:47:ff:
9d:88:c0:41:1c:35:5b:86:b2:c7:1d:c4:90:21:5c:
45:b6:6f:29:ae:11:cf:07:2f:cf:aa:c7:f9:a0:3b:
5f:43:97:8d:9e:fd:90:33:49:38:7c:04:ec:82:0d:
49:ed:23:9f:a3:1a:ff:35:ec:be:47:11:40:17:eb:
9f:03:dc:20:87:53:f2:8f:50:66:54:b0:37:51:46:
82:b6:83:3c:44:9f:e9:eb:15:13:e5:b5:35:bd:2c:
7b:83:f5:da:66:a9:31:01:df:a9:4d:ad:08:a0:2c:
a6:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:A6:26:80:A3:77:0A:6A:E9:83:6A:58:62:99:4D:F2:F7:D4:96:22
X509v3 Authority Key Identifier:
keyid:37:ED:49:EF:AC:97:95:98:77:71:AC:DC:77:A0:E2:28:90:42:77:AD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/N-1J76yXlZh3cazcd6DiKJBCd60.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/2171be-b083-479b-a580-6a06b7502bd7/1/DaYmgKN3Cmrpg2pYYplN8vfUliI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/2171be-b083-479b-a580-6a06b7502bd7/1/N-1J76yXlZh3cazcd6DiKJBCd60.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.172.44.0/24
Signature Algorithm: sha256WithRSAEncryption
39:4a:5b:20:74:08:eb:94:70:aa:6e:b3:2d:6a:2d:46:ef:2e:
da:11:04:d0:e0:8a:41:52:dd:b4:54:cd:9e:2a:80:0c:4b:55:
42:83:41:06:8b:a0:57:e0:41:b4:7b:55:ba:25:cf:bb:ec:5d:
70:13:8a:af:93:bc:51:47:ab:2e:8e:b8:0d:9c:c7:8f:b7:e6:
2e:2e:84:dd:d7:8c:e8:72:b1:a2:f3:bf:3d:b7:a6:0e:73:5a:
3f:84:23:15:2d:6a:d2:be:84:bc:31:47:fd:9f:f3:51:74:42:
fe:3f:fb:ba:a1:46:2a:4a:07:d2:91:00:0a:8f:82:b0:82:c1:
8c:8a:3c:e9:ea:38:6d:67:91:e8:31:e6:b1:ba:ac:e7:e9:f6:
29:40:f9:47:05:ad:d1:b4:1b:46:a4:d2:56:ab:5e:24:61:8d:
e8:75:9a:94:9b:48:7c:5b:da:65:03:af:d3:cf:f2:5b:b3:44:
89:43:d3:0a:4c:00:9a:34:bd:68:19:34:e3:e8:be:4c:17:0b:
15:25:62:98:f3:f7:9e:05:29:22:db:73:8a:2f:25:38:75:ab:
36:6d:a8:c5:4e:c4:fb:ad:89:f5:74:d5:b9:cd:7d:5c:a2:55:
05:d6:3e:5d:c2:ec:7b:91:f7:ea:70:fd:f0:5f:41:c8:ac:f6:
2f:d6:68:2f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYUWL+NGFF3iNT5MKHCF6c4nMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM3ZWQ0OWVmYWM5Nzk1OTg3NzcxYWNkYzc3YTBlMjI4OTA0
Mjc3YWQwHhcNMjIxMjE1MTQyODM1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZGE2MjY4MGEzNzcwYTZhZTk4MzZhNTg2Mjk5NGRmMmY3ZDQ5NjIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjaNMx3gcLBIyVb4asl0QiRmrP9L0
zKR9nZJo4Z+Yx62eLUBMU1Pz8U9z2QK3T/zyjOup7XT9oLJGBeSvqFK4N0anD9or
Y4xgGi8xMK1qdTu4TfHXZ/uuyLzsmlbu4yo7cGMxw+8R52iq//DscsgX+rjxJoN5
15zdfU6DxHiV23011M/Puaw3malR3H8KxLTuzrJhR/+diMBBHDVbhrLHHcSQIVxF
tm8prhHPBy/Pqsf5oDtfQ5eNnv2QM0k4fATsgg1J7SOfoxr/Ney+RxFAF+ufA9wg
h1Pyj1BmVLA3UUaCtoM8RJ/p6xUT5bU1vSx7g/XaZqkxAd+pTa0IoCym2wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFA2mJoCjdwpq6YNqWGKZTfL31JYiMB8GA1UdIwQY
MBaAFDftSe+sl5WYd3Gs3Heg4iiQQnetMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTi0xSjc2eVhsWmgzY2F6Y2Q2RGlLSkJDZDYwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi8yMTcxYmUtYjA4My00NzliLWE1ODAt
NmEwNmI3NTAyYmQ3LzEvRGFZbWdLTjNDbXJwZzJwWVlwbE44dmZVbGlJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZi8yMTcxYmUtYjA4My00NzliLWE1ODAtNmEwNmI3NTAyYmQ3
LzEvTi0xSjc2eVhsWmgzY2F6Y2Q2RGlLSkJDZDYwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAbawsMA0G
CSqGSIb3DQEBCwUAA4IBAQA5SlsgdAjrlHCqbrMtai1G7y7aEQTQ4IpBUt20VM2e
KoAMS1VCg0EGi6BX4EG0e1W6Jc+77F1wE4qvk7xRR6sujrgNnMePt+YuLoTd14zo
crGi8789t6YOc1o/hCMVLWrSvoS8MUf9n/NRdEL+P/u6oUYqSgfSkQAKj4KwgsGM
ijzp6jhtZ5HoMeaxuqzn6fYpQPlHBa3RtBtGpNJWq14kYY3odZqUm0h8W9plA6/T
z/Jbs0SJQ9MKTACaNL1oGTTj6L5MFwsVJWKY8/eeBSki23OKLyU4das2bajFTsT7
rYn1dNW5zX1colUF1j5dwux7kffqcP3wX0HIrPYv1mgv
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:01:02 2024 by rpki-client on console-ams.rpki-client.org