Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/1df18e-6c4d-434b-8e31-71eb95f50e5b/1/0eEuJ327z_JOBLTq2dWv111Pj1A.roa
File: 0eEuJ327z_JOBLTq2dWv111Pj1A.roa (raw, json)
Hash identifier: wvxXWXnx92DkBb1fLWomJI3TZOkuCE2kXpP+Ve3tOwI=
Subject key identifier: D1:E1:2E:27:7D:BB:CF:F2:4E:04:B4:EA:D9:D5:AF:D7:5D:4F:8F:50
Certificate issuer: /CN=ff87e0ab032b0c05eb5e74cc2c08698dd324d963
Certificate serial: 018BD60C0DBF8314CDED0011C12F6940372C
Authority key identifier: FF:87:E0:AB:03:2B:0C:05:EB:5E:74:CC:2C:08:69:8D:D3:24:D9:63
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_4fgqwMrDAXrXnTMLAhpjdMk2WM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/33/1df18e-6c4d-434b-8e31-71eb95f50e5b/1/0eEuJ327z_JOBLTq2dWv111Pj1A.roa
Signing time: Thu 16 Nov 2023 02:53:15 +0000
ROA not before: Thu 16 Nov 2023 02:53:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 32613
IP address blocks: 109.122.194.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:d6:0c:0d:bf:83:14:cd:ed:00:11:c1:2f:69:40:37:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ff87e0ab032b0c05eb5e74cc2c08698dd324d963
Validity
Not Before: Nov 16 02:53:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d1e12e277dbbcff24e04b4ead9d5afd75d4f8f50
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:6f:fe:55:49:e1:c3:55:4c:70:fa:b5:90:3f:
75:cc:6f:e6:38:b3:ad:23:f9:fb:bb:00:bd:16:8f:
6d:11:8f:90:51:de:7e:19:e5:0d:3a:b7:77:01:89:
33:97:6d:a5:2c:93:08:d0:05:ec:b3:9e:1a:5d:bc:
e3:a8:77:0f:90:ee:2f:f0:ff:8b:52:28:56:23:c8:
18:60:6d:c1:56:6a:5e:d7:68:7a:25:e6:a1:ee:c7:
1a:a4:54:09:5d:0f:59:24:9b:e7:d9:32:c1:49:cc:
43:b5:11:37:52:69:35:86:3e:b0:8b:f6:18:f1:3a:
83:1d:db:ed:a4:96:75:13:11:a4:9a:c8:ab:b8:98:
ba:8f:aa:e3:f9:7f:8e:4a:3a:71:5e:7a:a5:7e:32:
97:5e:e0:23:66:67:1a:fb:30:ba:a4:40:13:42:91:
23:b1:7f:70:fd:9a:50:0d:da:cb:f0:d5:07:20:d0:
52:63:45:5a:97:3f:da:39:d6:b2:0c:58:12:56:24:
88:b2:f7:b7:70:be:cf:84:56:24:7e:f1:fd:ab:01:
54:4e:f8:8b:65:41:b1:bf:9d:76:98:1c:e8:dd:d7:
b8:0e:41:e9:53:04:75:bf:01:d7:65:0f:4d:54:fe:
18:fe:e9:45:b5:e9:d4:ec:8e:b1:26:c5:cc:26:65:
7a:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:E1:2E:27:7D:BB:CF:F2:4E:04:B4:EA:D9:D5:AF:D7:5D:4F:8F:50
X509v3 Authority Key Identifier:
keyid:FF:87:E0:AB:03:2B:0C:05:EB:5E:74:CC:2C:08:69:8D:D3:24:D9:63
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_4fgqwMrDAXrXnTMLAhpjdMk2WM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/1df18e-6c4d-434b-8e31-71eb95f50e5b/1/0eEuJ327z_JOBLTq2dWv111Pj1A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/33/1df18e-6c4d-434b-8e31-71eb95f50e5b/1/_4fgqwMrDAXrXnTMLAhpjdMk2WM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.122.194.0/24
Signature Algorithm: sha256WithRSAEncryption
44:34:d9:57:ae:e7:e1:ba:e4:78:69:e1:79:60:13:82:4c:2f:
02:ff:02:11:65:94:b8:e9:f0:be:e4:16:eb:c2:f3:63:0b:d6:
46:5e:ea:65:7e:68:78:c3:4b:80:d4:c5:4d:a7:6e:49:ec:31:
7c:5d:91:f5:26:83:72:25:f1:c5:c7:8b:f8:5a:43:32:21:06:
7d:28:31:c3:9e:03:bd:fb:5a:af:22:cb:a8:ca:9a:86:f7:73:
45:e9:8f:b6:89:d4:80:9b:87:0a:f8:7d:6b:33:52:18:d6:32:
e4:83:1b:89:48:4c:f5:e3:e7:c7:da:17:65:90:b1:3a:48:ac:
8e:0a:35:77:b7:16:c8:78:fc:58:59:8c:02:78:49:df:8c:e3:
d4:ec:bc:4e:e7:10:bb:00:54:0e:4d:4d:cd:9b:f0:9f:af:1b:
95:e4:07:49:47:3f:86:5f:89:68:ef:29:04:77:0a:59:3a:79:
29:12:8b:65:35:7e:ab:97:a3:b0:e4:4c:3a:f5:f7:06:40:cd:
35:93:38:86:f8:9e:60:dc:17:3f:8b:8b:a9:75:5f:52:6d:e3:
06:20:e6:c2:49:01:4f:0c:4e:b7:f5:a4:bb:34:ed:f7:83:d2:
65:34:1a:38:fd:ce:0f:b6:e4:4c:ac:61:0c:03:e5:8a:d4:6f:
73:aa:61:37
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYvWDA2/gxTN7QARwS9pQDcsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZmODdlMGFiMDMyYjBjMDVlYjVlNzRjYzJjMDg2OThkZDMy
NGQ5NjMwHhcNMjMxMTE2MDI1MzE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMWUxMmUyNzdkYmJjZmYyNGUwNGI0ZWFkOWQ1YWZkNzVkNGY4ZjUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq2/+VUnhw1VMcPq1kD91zG/mOLOt
I/n7uwC9Fo9tEY+QUd5+GeUNOrd3AYkzl22lLJMI0AXss54aXbzjqHcPkO4v8P+L
UihWI8gYYG3BVmpe12h6Jeah7scapFQJXQ9ZJJvn2TLBScxDtRE3Umk1hj6wi/YY
8TqDHdvtpJZ1ExGkmsiruJi6j6rj+X+OSjpxXnqlfjKXXuAjZmca+zC6pEATQpEj
sX9w/ZpQDdrL8NUHINBSY0Valz/aOdayDFgSViSIsve3cL7PhFYkfvH9qwFUTviL
ZUGxv512mBzo3de4DkHpUwR1vwHXZQ9NVP4Y/ulFtenU7I6xJsXMJmV6FQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNHhLid9u8/yTgS06tnVr9ddT49QMB8GA1UdIwQY
MBaAFP+H4KsDKwwF6150zCwIaY3TJNljMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvXzRmZ3F3TXJEQVhyWG5UTUxBaHBqZE1rMldNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy8xZGYxOGUtNmM0ZC00MzRiLThlMzEt
NzFlYjk1ZjUwZTViLzEvMGVFdUozMjd6X0pPQkxUcTJkV3YxMTFQajFBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMy8xZGYxOGUtNmM0ZC00MzRiLThlMzEtNzFlYjk1ZjUwZTVi
LzEvXzRmZ3F3TXJEQVhyWG5UTUxBaHBqZE1rMldNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAbXrCMA0G
CSqGSIb3DQEBCwUAA4IBAQBENNlXrufhuuR4aeF5YBOCTC8C/wIRZZS46fC+5Bbr
wvNjC9ZGXuplfmh4w0uA1MVNp25J7DF8XZH1JoNyJfHFx4v4WkMyIQZ9KDHDngO9
+1qvIsuoypqG93NF6Y+2idSAm4cK+H1rM1IY1jLkgxuJSEz14+fH2hdlkLE6SKyO
CjV3txbIePxYWYwCeEnfjOPU7LxO5xC7AFQOTU3Nm/CfrxuV5AdJRz+GX4lo7ykE
dwpZOnkpEotlNX6rl6Ow5Ew69fcGQM01kziG+J5g3Bc/i4updV9SbeMGIObCSQFP
DE639aS7NO33g9JlNBo4/c4PtuRMrGEMA+WK1G9zqmE3
-----END CERTIFICATE-----
Generated at Fri Dec 15 07:36:30 2023 by rpki-client on console-ams.rpki-client.org