Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/2171be-b083-479b-a580-6a06b7502bd7/1/EYqcv1IRDUZy-pW5Kjqr3Kj7zYU.roa
File: EYqcv1IRDUZy-pW5Kjqr3Kj7zYU.roa (raw, json)
Hash identifier: m0e57NxeWPQ3WF8DhsU8lAgEkthu2b0r4Pb/ujKljwE=
Subject key identifier: 11:8A:9C:BF:52:11:0D:46:72:FA:95:B9:2A:3A:AB:DC:A8:FB:CD:85
Certificate issuer: /CN=37ed49efac9795987771acdc77a0e228904277ad
Certificate serial: A407
Authority key identifier: 37:ED:49:EF:AC:97:95:98:77:71:AC:DC:77:A0:E2:28:90:42:77:AD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/N-1J76yXlZh3cazcd6DiKJBCd60.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2f/2171be-b083-479b-a580-6a06b7502bd7/1/EYqcv1IRDUZy-pW5Kjqr3Kj7zYU.roa
Signing time: Tue 08 Feb 2022 15:13:27 +0000
ROA not before: Tue 08 Feb 2022 15:13:27 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 202984
IP address blocks: 109.172.108.0/22 maxlen: 22
109.172.112.0/22 maxlen: 22
109.172.4.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 41991 (0xa407)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=37ed49efac9795987771acdc77a0e228904277ad
Validity
Not Before: Feb 8 15:13:27 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=118a9cbf52110d4672fa95b92a3aabdca8fbcd85
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:02:20:4d:b8:a8:be:a2:a4:01:b3:dd:17:93:
0a:20:2f:0f:c3:39:cd:df:b6:dc:58:89:77:24:fa:
50:0d:5f:36:21:ce:61:62:40:f4:a7:12:71:70:4b:
90:a4:19:d2:6c:6e:26:52:37:ff:cd:4b:56:ce:e7:
53:e7:95:56:19:a2:5f:6c:fc:0b:36:ba:b1:75:f6:
5b:2e:a7:f2:f9:01:37:00:69:9c:05:43:1b:ef:54:
ba:dc:9e:c6:06:18:2f:3e:ba:39:9f:4d:f8:07:10:
a6:9a:5e:cf:fe:0e:17:9f:05:9b:b4:5d:3f:1d:8f:
0d:2e:51:be:6c:e1:41:ce:ff:09:07:fb:3d:7c:72:
81:b9:a3:99:f7:04:f9:91:89:2d:17:92:00:d3:33:
22:99:93:46:b9:46:1d:d5:96:17:d2:9d:81:28:fe:
8e:9c:55:91:b4:88:5e:c8:87:2a:28:46:f1:9c:00:
94:f6:67:87:26:51:1f:eb:0a:e3:c9:5f:7a:ba:d8:
54:9f:82:f5:16:e0:98:e8:5e:56:0e:a1:e4:ef:48:
05:df:0b:d0:47:90:fc:8d:ad:71:5b:dc:e4:6e:8c:
7d:1e:ab:e8:22:7b:ba:5b:42:75:28:19:86:91:e6:
ed:c6:82:21:1c:a0:f4:a2:2c:b3:12:38:d5:47:78:
95:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:8A:9C:BF:52:11:0D:46:72:FA:95:B9:2A:3A:AB:DC:A8:FB:CD:85
X509v3 Authority Key Identifier:
keyid:37:ED:49:EF:AC:97:95:98:77:71:AC:DC:77:A0:E2:28:90:42:77:AD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/N-1J76yXlZh3cazcd6DiKJBCd60.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/2171be-b083-479b-a580-6a06b7502bd7/1/EYqcv1IRDUZy-pW5Kjqr3Kj7zYU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/2171be-b083-479b-a580-6a06b7502bd7/1/N-1J76yXlZh3cazcd6DiKJBCd60.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.172.4.0/22
109.172.108.0-109.172.115.255
Signature Algorithm: sha256WithRSAEncryption
58:40:5a:6c:28:c7:75:da:52:66:c3:7a:84:5f:65:de:75:73:
e7:6a:52:00:b8:10:af:23:c6:d1:9c:da:e8:4f:c7:29:24:56:
da:95:a2:a8:e7:f4:19:c2:6a:fc:af:31:1b:f7:f0:af:a8:b6:
0a:37:e4:b1:09:da:24:c0:7a:f0:6d:37:3f:cf:c0:e6:ce:5e:
54:b4:27:07:ff:0e:c3:e0:54:62:bf:ed:12:3d:fb:91:b0:40:
77:62:ac:cd:00:36:c7:2a:ef:fa:04:38:25:33:b8:57:a3:90:
63:a6:d5:a4:30:84:4f:5f:42:3c:0c:07:d6:8a:2f:94:c4:60:
47:05:d4:95:78:a0:c3:8c:6d:0d:85:5e:e5:8b:c4:d2:19:16:
1a:1d:10:d9:b2:f7:ad:0b:6a:06:68:62:b7:3d:ec:2d:fe:a6:
e0:51:0d:d5:ab:64:33:06:d4:f5:48:6b:c0:e4:ea:e1:7b:0d:
98:7a:9d:86:86:95:6f:2c:ee:34:ac:04:cc:70:d2:cc:8f:0e:
59:e3:a3:2b:b1:fa:0e:ae:34:4b:51:fa:95:a3:f1:e4:b7:2a:
39:d8:0e:89:1d:9c:4a:50:f8:51:21:27:be:0b:60:d2:ca:ce:
41:40:c6:a1:80:1e:78:e2:c1:75:cb:14:8f:f2:2b:6c:82:e4:
94:d8:3d:6f
-----BEGIN CERTIFICATE-----
MIIE/DCCA+SgAwIBAgIDAKQHMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDM3
ZWQ0OWVmYWM5Nzk1OTg3NzcxYWNkYzc3YTBlMjI4OTA0Mjc3YWQwHhcNMjIwMjA4
MTUxMzI3WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEygxMThhOWNiZjUyMTEw
ZDQ2NzJmYTk1YjkyYTNhYWJkY2E4ZmJjZDg1MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEArgIgTbiovqKkAbPdF5MKIC8PwznN37bcWIl3JPpQDV82Ic5h
YkD0pxJxcEuQpBnSbG4mUjf/zUtWzudT55VWGaJfbPwLNrqxdfZbLqfy+QE3AGmc
BUMb71S63J7GBhgvPro5n034BxCmml7P/g4XnwWbtF0/HY8NLlG+bOFBzv8JB/s9
fHKBuaOZ9wT5kYktF5IA0zMimZNGuUYd1ZYX0p2BKP6OnFWRtIheyIcqKEbxnACU
9meHJlEf6wrjyV96uthUn4L1FuCY6F5WDqHk70gF3wvQR5D8ja1xW9zkbox9Hqvo
Inu6W0J1KBmGkebtxoIhHKD0oiyzEjjVR3iVXQIDAQABo4ICFzCCAhMwHQYDVR0O
BBYEFBGKnL9SEQ1GcvqVuSo6q9yo+82FMB8GA1UdIwQYMBaAFDftSe+sl5WYd3Gs
3Heg4iiQQnetMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
Ti0xSjc2eVhsWmgzY2F6Y2Q2RGlLSkJDZDYwLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC8yZi8yMTcxYmUtYjA4My00NzliLWE1ODAtNmEwNmI3NTAyYmQ3LzEv
RVlxY3YxSVJEVVp5LXBXNUtqcXIzS2o3ellVLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi8y
MTcxYmUtYjA4My00NzliLWE1ODAtNmEwNmI3NTAyYmQ3LzEvTi0xSjc2eVhsWmgz
Y2F6Y2Q2RGlLSkJDZDYwLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC0G
CCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQCbawEMAwDBAJtrGwDBAJtrHAwDQYJ
KoZIhvcNAQELBQADggEBAFhAWmwox3XaUmbDeoRfZd51c+dqUgC4EK8jxtGc2uhP
xykkVtqVoqjn9BnCavyvMRv38K+otgo35LEJ2iTAevBtNz/PwObOXlS0Jwf/DsPg
VGK/7RI9+5GwQHdirM0ANscq7/oEOCUzuFejkGOm1aQwhE9fQjwMB9aKL5TEYEcF
1JV4oMOMbQ2FXuWLxNIZFhodENmy960LagZoYrc97C3+puBRDdWrZDMG1PVIa8Dk
6uF7DZh6nYaGlW8s7jSsBMxw0syPDlnjoyux+g6uNEtR+pWj8eS3KjnYDokdnEpQ
+FEhJ74LYNLKzkFAxqGAHnjiwXXLFI/yK2yC5JTYPW8=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:01:02 2024 by rpki-client on console-ams.rpki-client.org