Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/2171be-b083-479b-a580-6a06b7502bd7/1/x8n-CORp25-TFG9sfO7CGrvCBl0.roa
File: x8n-CORp25-TFG9sfO7CGrvCBl0.roa (raw, json)
Hash identifier: qKUKyzos9IMHzNvtq7Brybx+clEoOehxZYwII7sx4E8=
Subject key identifier: C7:C9:FE:08:E4:69:DB:9F:93:14:6F:6C:7C:EE:C2:1A:BB:C2:06:5D
Certificate issuer: /CN=37ed49efac9795987771acdc77a0e228904277ad
Certificate serial: 63B4F4
Authority key identifier: 37:ED:49:EF:AC:97:95:98:77:71:AC:DC:77:A0:E2:28:90:42:77:AD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/N-1J76yXlZh3cazcd6DiKJBCd60.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2f/2171be-b083-479b-a580-6a06b7502bd7/1/x8n-CORp25-TFG9sfO7CGrvCBl0.roa
Signing time: Sun 20 Mar 2022 19:07:55 +0000
ROA not before: Sun 20 Mar 2022 19:07:55 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 202984
IP address blocks: 109.172.108.0/22 maxlen: 22
109.172.112.0/22 maxlen: 22
109.172.4.0/22 maxlen: 22
178.130.40.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6534388 (0x63b4f4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=37ed49efac9795987771acdc77a0e228904277ad
Validity
Not Before: Mar 20 19:07:55 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c7c9fe08e469db9f93146f6c7ceec21abbc2065d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:a6:7d:1a:8c:2b:75:41:47:65:8b:2e:81:e9:
48:90:78:ad:2a:21:3f:7f:a1:40:e2:65:c2:38:39:
cd:20:66:92:a4:eb:55:77:4e:9c:4d:21:c8:f2:1d:
5a:90:bd:f0:f4:04:a7:29:1d:2f:de:85:f9:4e:45:
79:81:cd:b6:30:08:04:1a:1b:d9:08:a5:a0:37:cb:
d3:dc:bd:64:00:a3:1a:38:98:4c:eb:bc:ce:68:a9:
4f:a8:38:f2:60:17:7b:9f:24:51:25:03:9a:81:4e:
50:d3:a9:33:22:df:0d:25:7f:a1:11:a4:eb:86:e1:
19:11:a8:fd:96:dc:44:08:81:f3:3e:b1:7b:b8:28:
31:78:38:8a:e6:fd:6c:75:c2:56:a7:86:6b:25:95:
74:42:a9:12:3a:7d:5b:04:b7:e4:0a:91:d8:87:4a:
0a:78:d2:d2:51:53:85:2e:9a:3c:52:36:91:db:a5:
86:8f:d8:5e:5e:d6:06:0b:ac:56:27:ec:c4:8a:3a:
a1:c8:af:43:56:cc:38:e9:d2:be:ce:e1:a1:f4:f9:
6e:fe:3c:77:fe:0e:a4:11:57:a2:da:7a:14:a6:4a:
a9:11:50:6a:35:dc:20:a5:68:3a:ed:5e:ce:ef:a7:
a9:c8:c0:2e:37:b6:f2:d9:ac:8a:50:88:00:98:95:
67:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:C9:FE:08:E4:69:DB:9F:93:14:6F:6C:7C:EE:C2:1A:BB:C2:06:5D
X509v3 Authority Key Identifier:
keyid:37:ED:49:EF:AC:97:95:98:77:71:AC:DC:77:A0:E2:28:90:42:77:AD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/N-1J76yXlZh3cazcd6DiKJBCd60.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/2171be-b083-479b-a580-6a06b7502bd7/1/x8n-CORp25-TFG9sfO7CGrvCBl0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/2171be-b083-479b-a580-6a06b7502bd7/1/N-1J76yXlZh3cazcd6DiKJBCd60.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.172.4.0/22
109.172.108.0-109.172.115.255
178.130.40.0/22
Signature Algorithm: sha256WithRSAEncryption
7c:bd:dc:99:e5:6c:96:4c:08:44:6d:ce:ec:55:87:7a:92:b2:
bf:04:a6:4e:52:0f:35:38:1c:d3:64:db:b6:03:2c:76:97:08:
b9:ae:39:ef:48:b9:cf:79:b8:98:04:49:c5:41:09:83:92:a0:
d8:87:a0:46:20:92:57:8f:95:05:f2:92:29:0b:db:89:99:99:
44:2f:40:4d:b6:f2:10:01:de:81:e0:46:2f:18:af:7b:74:fc:
08:43:a9:44:ef:4d:ad:4a:fc:5f:c6:93:e7:e4:02:4a:80:8c:
60:10:3c:2d:68:ce:82:64:da:ed:64:bc:99:ab:7f:5e:b8:39:
f7:03:13:a5:c4:85:ac:cc:a6:cb:91:ca:15:36:ef:15:e7:25:
9b:ff:8c:cf:55:a8:c9:9f:a2:57:41:a1:e4:8b:16:f2:9c:bc:
8d:82:97:17:a8:6d:ed:25:22:f1:e6:5c:ee:cc:a4:2c:0c:a6:
16:00:34:dc:00:4f:9b:cf:6f:41:fe:5f:46:ec:4f:b3:2a:1b:
a6:0e:67:07:83:13:e4:94:10:d2:fb:77:df:d9:23:b8:b9:96:
cc:b9:5f:22:e5:9b:f3:1e:23:e3:1b:4e:9a:23:d0:9b:90:9d:
bc:1b:5a:97:aa:c8:87:c3:ac:c3:90:96:ab:67:13:60:7a:52:
31:7b:d5:2d
-----BEGIN CERTIFICATE-----
MIIFAjCCA+qgAwIBAgIDY7T0MA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDM3
ZWQ0OWVmYWM5Nzk1OTg3NzcxYWNkYzc3YTBlMjI4OTA0Mjc3YWQwHhcNMjIwMzIw
MTkwNzU1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyhjN2M5ZmUwOGU0Njlk
YjlmOTMxNDZmNmM3Y2VlYzIxYWJiYzIwNjVkMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAzaZ9GowrdUFHZYsugelIkHitKiE/f6FA4mXCODnNIGaSpOtV
d06cTSHI8h1akL3w9ASnKR0v3oX5TkV5gc22MAgEGhvZCKWgN8vT3L1kAKMaOJhM
67zOaKlPqDjyYBd7nyRRJQOagU5Q06kzIt8NJX+hEaTrhuEZEaj9ltxECIHzPrF7
uCgxeDiK5v1sdcJWp4ZrJZV0QqkSOn1bBLfkCpHYh0oKeNLSUVOFLpo8UjaR26WG
j9heXtYGC6xWJ+zEijqhyK9DVsw46dK+zuGh9Plu/jx3/g6kEVei2noUpkqpEVBq
NdwgpWg67V7O76epyMAuN7by2ayKUIgAmJVn+wIDAQABo4ICHTCCAhkwHQYDVR0O
BBYEFMfJ/gjkadufkxRvbHzuwhq7wgZdMB8GA1UdIwQYMBaAFDftSe+sl5WYd3Gs
3Heg4iiQQnetMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
Ti0xSjc2eVhsWmgzY2F6Y2Q2RGlLSkJDZDYwLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC8yZi8yMTcxYmUtYjA4My00NzliLWE1ODAtNmEwNmI3NTAyYmQ3LzEv
eDhuLUNPUnAyNS1URkc5c2ZPN0NHcnZDQmwwLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi8y
MTcxYmUtYjA4My00NzliLWE1ODAtNmEwNmI3NTAyYmQ3LzEvTi0xSjc2eVhsWmgz
Y2F6Y2Q2RGlLSkJDZDYwLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDMG
CCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQCbawEMAwDBAJtrGwDBAJtrHADBAKy
gigwDQYJKoZIhvcNAQELBQADggEBAHy93JnlbJZMCERtzuxVh3qSsr8Epk5SDzU4
HNNk27YDLHaXCLmuOe9Iuc95uJgEScVBCYOSoNiHoEYgklePlQXykikL24mZmUQv
QE228hAB3oHgRi8Yr3t0/AhDqUTvTa1K/F/Gk+fkAkqAjGAQPC1ozoJk2u1kvJmr
f164OfcDE6XEhazMpsuRyhU27xXnJZv/jM9VqMmfoldBoeSLFvKcvI2Clxeobe0l
IvHmXO7MpCwMphYANNwAT5vPb0H+X0bsT7MqG6YOZweDE+SUENL7d9/ZI7i5lsy5
XyLlm/MeI+MbTpoj0JuQnbwbWpeqyIfDrMOQlqtnE2B6UjF71S0=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:01:02 2024 by rpki-client on console-ams.rpki-client.org