Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/2171be-b083-479b-a580-6a06b7502bd7/1/t61CqesKADIombHJrr77TtmFOyk.roa
File: t61CqesKADIombHJrr77TtmFOyk.roa (raw, json)
Hash identifier: U5Z3aK+UrW36sxEMvP6fRg8w2PHXejoILUxq50HNSKI=
Subject key identifier: B7:AD:42:A9:EB:0A:00:32:28:99:B1:C9:AE:BE:FB:4E:D9:85:3B:29
Certificate issuer: /CN=37ed49efac9795987771acdc77a0e228904277ad
Certificate serial: 018902756DD71CCD755C69FAC45CE5A5319F
Authority key identifier: 37:ED:49:EF:AC:97:95:98:77:71:AC:DC:77:A0:E2:28:90:42:77:AD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/N-1J76yXlZh3cazcd6DiKJBCd60.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2f/2171be-b083-479b-a580-6a06b7502bd7/1/t61CqesKADIombHJrr77TtmFOyk.roa
Signing time: Wed 28 Jun 2023 14:43:17 +0000
ROA not before: Wed 28 Jun 2023 14:43:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 54339
IP address blocks: 109.172.84.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:02:75:6d:d7:1c:cd:75:5c:69:fa:c4:5c:e5:a5:31:9f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=37ed49efac9795987771acdc77a0e228904277ad
Validity
Not Before: Jun 28 14:43:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b7ad42a9eb0a00322899b1c9aebefb4ed9853b29
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:26:6a:5a:a0:94:6d:38:0c:78:67:62:fc:af:
ed:70:b8:c1:3b:46:54:0a:c7:10:bd:cf:1f:9a:2f:
ae:af:f1:a5:48:b6:5b:30:01:86:86:46:76:92:9e:
19:ff:8c:10:72:d1:c6:79:c4:9a:da:e0:d3:c3:ce:
fa:6d:0e:f3:66:52:8c:d7:34:0b:32:a4:87:b6:69:
d5:52:71:69:95:56:f0:9e:69:f4:e5:38:7c:70:87:
39:97:94:f7:52:4c:e5:0c:d5:be:25:97:3f:18:6c:
87:68:c7:d0:27:1b:96:b8:31:2c:bb:c8:d7:23:77:
c9:53:c6:57:7e:c5:65:74:e9:c5:7a:db:2a:f1:75:
9a:0c:b9:75:3c:03:84:35:0a:fd:6a:1c:b1:3b:75:
67:53:c1:6a:83:34:bd:81:9a:6b:94:6c:76:26:96:
9f:9e:ff:df:1f:2a:e6:59:95:8b:91:01:ee:01:71:
14:e0:54:e0:a1:55:14:3f:10:d0:e8:38:56:1a:c7:
d2:9f:f4:34:eb:b3:5a:cd:86:eb:c6:6b:18:b4:fb:
50:c1:10:e5:92:1e:94:b5:ab:ae:ac:cf:2c:a1:9c:
6d:c4:03:4f:d2:c2:15:9f:20:12:6d:42:8d:d5:e6:
63:fe:0b:2a:63:3b:17:0a:14:bf:90:bc:1e:ef:bf:
85:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:AD:42:A9:EB:0A:00:32:28:99:B1:C9:AE:BE:FB:4E:D9:85:3B:29
X509v3 Authority Key Identifier:
keyid:37:ED:49:EF:AC:97:95:98:77:71:AC:DC:77:A0:E2:28:90:42:77:AD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/N-1J76yXlZh3cazcd6DiKJBCd60.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/2171be-b083-479b-a580-6a06b7502bd7/1/t61CqesKADIombHJrr77TtmFOyk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/2171be-b083-479b-a580-6a06b7502bd7/1/N-1J76yXlZh3cazcd6DiKJBCd60.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.172.84.0/22
Signature Algorithm: sha256WithRSAEncryption
2f:f0:d5:00:92:41:16:85:ac:a8:2a:93:99:b1:25:8e:0f:0a:
ce:42:1b:c4:47:88:3a:76:6a:15:02:15:ca:ed:e6:a5:9b:76:
5f:f0:15:11:26:3f:2b:f5:bb:cf:ee:55:eb:3c:e3:f5:3c:64:
cc:a8:5e:10:d1:62:86:f0:e3:70:c0:3f:42:f3:77:a7:9a:e5:
96:96:d8:c9:14:08:27:e3:b7:fa:48:bb:84:b8:04:13:c9:2e:
d5:5e:02:26:11:b9:db:0f:ef:fa:15:08:e0:a7:94:48:1a:4f:
1d:cb:8d:ad:fb:0c:2f:e0:48:3e:91:15:e9:da:d5:de:07:79:
c2:49:98:4d:81:e5:c5:81:f6:7a:29:a5:e6:25:3f:54:ef:d5:
26:66:fb:86:39:2e:8d:ef:c4:bd:06:7b:e0:9f:ab:b1:83:97:
13:0c:35:ce:44:a9:23:dc:de:86:8e:22:ec:4b:f8:66:07:45:
94:53:35:21:43:a5:df:fe:d8:ac:ab:0c:ec:66:fb:2a:90:d1:
75:90:eb:d6:10:59:a3:87:f9:5f:0e:03:3b:b6:5c:cb:89:6b:
9f:56:1d:f0:cb:31:b9:42:ff:8a:af:c5:2c:56:ba:fc:c0:5e:
d1:57:45:4f:9e:68:34:c6:48:60:ff:69:c6:41:2e:a7:7b:23:
d8:3b:a2:f9
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYkCdW3XHM11XGn6xFzlpTGfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM3ZWQ0OWVmYWM5Nzk1OTg3NzcxYWNkYzc3YTBlMjI4OTA0
Mjc3YWQwHhcNMjMwNjI4MTQ0MzE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiN2FkNDJhOWViMGEwMDMyMjg5OWIxYzlhZWJlZmI0ZWQ5ODUzYjI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjyZqWqCUbTgMeGdi/K/tcLjBO0ZU
CscQvc8fmi+ur/GlSLZbMAGGhkZ2kp4Z/4wQctHGecSa2uDTw876bQ7zZlKM1zQL
MqSHtmnVUnFplVbwnmn05Th8cIc5l5T3UkzlDNW+JZc/GGyHaMfQJxuWuDEsu8jX
I3fJU8ZXfsVldOnFetsq8XWaDLl1PAOENQr9ahyxO3VnU8FqgzS9gZprlGx2Jpaf
nv/fHyrmWZWLkQHuAXEU4FTgoVUUPxDQ6DhWGsfSn/Q067NazYbrxmsYtPtQwRDl
kh6UtauurM8soZxtxANP0sIVnyASbUKN1eZj/gsqYzsXChS/kLwe77+FDwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLetQqnrCgAyKJmxya6++07ZhTspMB8GA1UdIwQY
MBaAFDftSe+sl5WYd3Gs3Heg4iiQQnetMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTi0xSjc2eVhsWmgzY2F6Y2Q2RGlLSkJDZDYwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi8yMTcxYmUtYjA4My00NzliLWE1ODAt
NmEwNmI3NTAyYmQ3LzEvdDYxQ3Flc0tBRElvbWJISnJyNzdUdG1GT3lrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZi8yMTcxYmUtYjA4My00NzliLWE1ODAtNmEwNmI3NTAyYmQ3
LzEvTi0xSjc2eVhsWmgzY2F6Y2Q2RGlLSkJDZDYwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCbaxUMA0G
CSqGSIb3DQEBCwUAA4IBAQAv8NUAkkEWhayoKpOZsSWODwrOQhvER4g6dmoVAhXK
7ealm3Zf8BURJj8r9bvP7lXrPOP1PGTMqF4Q0WKG8ONwwD9C83enmuWWltjJFAgn
47f6SLuEuAQTyS7VXgImEbnbD+/6FQjgp5RIGk8dy42t+wwv4Eg+kRXp2tXeB3nC
SZhNgeXFgfZ6KaXmJT9U79UmZvuGOS6N78S9Bnvgn6uxg5cTDDXORKkj3N6GjiLs
S/hmB0WUUzUhQ6Xf/tisqwzsZvsqkNF1kOvWEFmjh/lfDgM7tlzLiWufVh3wyzG5
Qv+Kr8UsVrr8wF7RV0VPnmg0xkhg/2nGQS6neyPYO6L5
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:01:02 2024 by rpki-client on console-ams.rpki-client.org