Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/2171be-b083-479b-a580-6a06b7502bd7/1/eopvadXxmyOv5ToofVldMvvDIkA.roa
File: eopvadXxmyOv5ToofVldMvvDIkA.roa (raw, json)
Hash identifier: O+QjE+I1Z66lZ4JrGixt409sk1Njvp89hZ9poUjTQrs=
Subject key identifier: 7A:8A:6F:69:D5:F1:9B:23:AF:E5:3A:28:7D:59:5D:32:FB:C3:22:40
Certificate issuer: /CN=37ed49efac9795987771acdc77a0e228904277ad
Certificate serial: 01889595F16D8869800F28231FBE7F1AD467
Authority key identifier: 37:ED:49:EF:AC:97:95:98:77:71:AC:DC:77:A0:E2:28:90:42:77:AD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/N-1J76yXlZh3cazcd6DiKJBCd60.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2f/2171be-b083-479b-a580-6a06b7502bd7/1/eopvadXxmyOv5ToofVldMvvDIkA.roa
Signing time: Wed 07 Jun 2023 11:20:11 +0000
ROA not before: Wed 07 Jun 2023 11:20:11 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 9123
IP address blocks: 109.172.82.0/24 maxlen: 24
109.172.83.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:95:95:f1:6d:88:69:80:0f:28:23:1f:be:7f:1a:d4:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=37ed49efac9795987771acdc77a0e228904277ad
Validity
Not Before: Jun 7 11:20:11 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7a8a6f69d5f19b23afe53a287d595d32fbc32240
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:68:0f:70:23:d0:f1:b5:ed:18:96:b3:1b:ca:
44:87:5b:ed:c1:6c:cd:d5:21:4f:c7:7c:aa:f5:76:
f4:b1:71:8f:89:9e:65:6f:c1:d3:30:55:ae:72:82:
7f:42:4b:b1:9c:0a:b5:f8:49:06:2b:c8:cf:90:9f:
1e:4a:bc:a8:95:34:3e:f2:d8:60:8a:82:3e:e7:cf:
0b:32:71:ae:42:b5:a7:ef:5f:6d:37:da:57:b9:3a:
1e:ef:b2:3e:71:a5:84:d0:31:ef:b3:94:15:5f:4d:
16:43:88:3b:0a:1e:1b:08:0e:66:0a:fb:8e:a4:03:
d3:71:1a:70:10:3b:b2:13:1a:a5:10:1a:a1:bd:09:
83:ab:6c:1c:63:7b:d0:b2:0c:c1:45:1f:31:ca:18:
39:6e:ea:86:02:b5:21:89:f2:55:d3:9e:6f:8d:04:
b6:4e:60:ca:2d:6e:80:cf:d6:19:d0:6e:a8:61:1c:
d2:35:c7:87:c9:fd:06:3b:78:a0:a3:4d:76:06:66:
70:b3:ef:cf:b3:eb:b6:59:94:d9:ce:cd:0a:33:62:
6d:76:3f:78:93:a7:22:80:a6:ad:f6:e5:b5:c2:f5:
a8:67:e1:27:48:2c:1d:06:0e:3c:f1:97:6b:6c:7f:
5c:41:5f:8d:e3:a0:23:b6:83:9c:a5:3a:04:97:bf:
a9:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:8A:6F:69:D5:F1:9B:23:AF:E5:3A:28:7D:59:5D:32:FB:C3:22:40
X509v3 Authority Key Identifier:
keyid:37:ED:49:EF:AC:97:95:98:77:71:AC:DC:77:A0:E2:28:90:42:77:AD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/N-1J76yXlZh3cazcd6DiKJBCd60.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/2171be-b083-479b-a580-6a06b7502bd7/1/eopvadXxmyOv5ToofVldMvvDIkA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/2171be-b083-479b-a580-6a06b7502bd7/1/N-1J76yXlZh3cazcd6DiKJBCd60.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.172.82.0/23
Signature Algorithm: sha256WithRSAEncryption
41:db:2f:b4:9e:0e:58:0c:b2:33:fe:84:32:ff:42:ea:bb:a9:
11:0f:6f:09:01:d9:19:4e:c4:01:ad:06:a5:c2:b7:91:56:ee:
67:42:ca:66:c3:81:e4:8b:7a:03:59:d8:9a:b5:be:3c:fb:8a:
96:5e:83:1b:aa:77:3d:40:ec:5a:31:15:1b:a5:54:7e:a6:81:
8a:b7:03:9b:ef:47:74:6a:33:d6:42:3a:40:bf:0a:f3:58:bb:
b5:c1:24:c3:cf:44:70:e1:a1:1d:f1:33:3b:f9:a0:b6:ee:e6:
46:43:a2:08:67:b7:ab:8f:07:39:a7:0e:f9:86:74:81:63:4e:
12:56:9f:0e:63:83:ea:17:21:45:c0:2a:f0:b5:87:79:e1:c0:
85:fb:14:e6:06:eb:a7:23:ae:93:32:b4:c3:5d:c6:3d:34:73:
16:86:ba:07:12:b9:b5:da:18:60:81:4b:52:dc:b0:ef:bf:59:
59:5b:6d:b3:42:00:0e:bb:5b:a0:5a:8b:a9:c8:eb:68:ad:8a:
48:b2:d1:dd:08:cc:e4:23:65:3c:e2:86:63:a3:e4:81:db:5e:
13:41:dd:a3:f4:cd:1d:87:96:0c:65:e1:01:66:ad:cc:cb:a2:
b7:7d:62:44:a0:aa:2c:b8:c6:61:0a:22:ba:9e:f3:9f:92:78:
c9:94:cd:5d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYiVlfFtiGmADygjH75/GtRnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM3ZWQ0OWVmYWM5Nzk1OTg3NzcxYWNkYzc3YTBlMjI4OTA0
Mjc3YWQwHhcNMjMwNjA3MTEyMDExWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YThhNmY2OWQ1ZjE5YjIzYWZlNTNhMjg3ZDU5NWQzMmZiYzMyMjQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy2gPcCPQ8bXtGJazG8pEh1vtwWzN
1SFPx3yq9Xb0sXGPiZ5lb8HTMFWucoJ/QkuxnAq1+EkGK8jPkJ8eSryolTQ+8thg
ioI+588LMnGuQrWn719tN9pXuToe77I+caWE0DHvs5QVX00WQ4g7Ch4bCA5mCvuO
pAPTcRpwEDuyExqlEBqhvQmDq2wcY3vQsgzBRR8xyhg5buqGArUhifJV055vjQS2
TmDKLW6Az9YZ0G6oYRzSNceHyf0GO3igo012BmZws+/Ps+u2WZTZzs0KM2Jtdj94
k6cigKat9uW1wvWoZ+EnSCwdBg488ZdrbH9cQV+N46AjtoOcpToEl7+pDQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHqKb2nV8Zsjr+U6KH1ZXTL7wyJAMB8GA1UdIwQY
MBaAFDftSe+sl5WYd3Gs3Heg4iiQQnetMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTi0xSjc2eVhsWmgzY2F6Y2Q2RGlLSkJDZDYwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi8yMTcxYmUtYjA4My00NzliLWE1ODAt
NmEwNmI3NTAyYmQ3LzEvZW9wdmFkWHhteU92NVRvb2ZWbGRNdnZESWtBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZi8yMTcxYmUtYjA4My00NzliLWE1ODAtNmEwNmI3NTAyYmQ3
LzEvTi0xSjc2eVhsWmgzY2F6Y2Q2RGlLSkJDZDYwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBbaxSMA0G
CSqGSIb3DQEBCwUAA4IBAQBB2y+0ng5YDLIz/oQy/0Lqu6kRD28JAdkZTsQBrQal
wreRVu5nQspmw4Hki3oDWdiatb48+4qWXoMbqnc9QOxaMRUbpVR+poGKtwOb70d0
ajPWQjpAvwrzWLu1wSTDz0Rw4aEd8TM7+aC27uZGQ6IIZ7erjwc5pw75hnSBY04S
Vp8OY4PqFyFFwCrwtYd54cCF+xTmBuunI66TMrTDXcY9NHMWhroHErm12hhggUtS
3LDvv1lZW22zQgAOu1ugWoupyOtorYpIstHdCMzkI2U84oZjo+SB214TQd2j9M0d
h5YMZeEBZq3My6K3fWJEoKosuMZhCiK6nvOfknjJlM1d
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:01:02 2024 by rpki-client on console-ams.rpki-client.org