Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/1df18e-6c4d-434b-8e31-71eb95f50e5b/1/2H1ZsK6DnmpJWqyIJF0DIiPzRZo.roa
File: 2H1ZsK6DnmpJWqyIJF0DIiPzRZo.roa (raw, json)
Hash identifier: HURsoAes2BHMT26yfAfpcpWzwgDUz7mxGjxoQRrPIrQ=
Subject key identifier: D8:7D:59:B0:AE:83:9E:6A:49:5A:AC:88:24:5D:03:22:23:F3:45:9A
Certificate issuer: /CN=ff87e0ab032b0c05eb5e74cc2c08698dd324d963
Certificate serial: 0187DBD10E924E7F67A8FCC409E09C165654
Authority key identifier: FF:87:E0:AB:03:2B:0C:05:EB:5E:74:CC:2C:08:69:8D:D3:24:D9:63
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_4fgqwMrDAXrXnTMLAhpjdMk2WM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/33/1df18e-6c4d-434b-8e31-71eb95f50e5b/1/2H1ZsK6DnmpJWqyIJF0DIiPzRZo.roa
Signing time: Tue 02 May 2023 09:35:23 +0000
ROA not before: Tue 02 May 2023 09:35:23 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 109.122.197.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:db:d1:0e:92:4e:7f:67:a8:fc:c4:09:e0:9c:16:56:54
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ff87e0ab032b0c05eb5e74cc2c08698dd324d963
Validity
Not Before: May 2 09:35:23 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d87d59b0ae839e6a495aac88245d032223f3459a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:8d:c0:2f:7b:60:fb:95:68:83:ec:ea:d8:92:
c0:38:1a:23:57:3d:06:12:94:1b:33:73:a1:e3:f5:
5b:49:c1:ce:d8:34:6b:6c:2a:d2:fb:e3:c9:f3:64:
a5:f7:3e:ba:36:77:4f:67:cb:c9:bb:11:95:cc:26:
4c:15:23:ee:29:99:80:13:98:b2:99:67:52:fe:a6:
d6:13:b8:f2:08:ea:d8:4b:99:2c:c7:50:30:20:63:
ef:c2:15:a4:ef:d4:c3:71:cb:48:2a:c6:76:dd:61:
b5:b4:9b:b1:e5:81:b7:17:f0:a1:ac:30:56:be:b2:
e1:8f:0e:ff:1f:dc:67:61:97:3f:d7:55:45:1c:32:
2a:05:8a:f5:8e:f9:be:f0:a4:05:89:09:91:d6:48:
32:22:d8:10:77:1d:e0:18:3f:03:0e:42:e3:ce:40:
b6:cc:3f:52:56:2c:a2:2d:c4:3b:6c:df:b1:63:45:
f2:85:7e:c2:0f:73:0b:b2:35:46:9d:42:c1:7e:20:
88:f6:60:e2:b1:d4:f6:4d:1c:77:f8:ca:98:f9:b7:
c5:76:0c:8c:bb:49:ec:04:7f:0e:9e:ab:65:64:20:
3f:67:89:5b:9d:b2:42:89:1c:49:04:09:56:35:ff:
b2:10:0d:5e:d1:e6:87:0f:e4:f7:00:09:ba:91:e3:
c8:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:7D:59:B0:AE:83:9E:6A:49:5A:AC:88:24:5D:03:22:23:F3:45:9A
X509v3 Authority Key Identifier:
keyid:FF:87:E0:AB:03:2B:0C:05:EB:5E:74:CC:2C:08:69:8D:D3:24:D9:63
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_4fgqwMrDAXrXnTMLAhpjdMk2WM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/1df18e-6c4d-434b-8e31-71eb95f50e5b/1/2H1ZsK6DnmpJWqyIJF0DIiPzRZo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/33/1df18e-6c4d-434b-8e31-71eb95f50e5b/1/_4fgqwMrDAXrXnTMLAhpjdMk2WM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.122.197.0/24
Signature Algorithm: sha256WithRSAEncryption
0e:5b:70:dc:8c:c3:ae:d1:e9:0e:d5:70:3e:e1:30:3f:62:fe:
92:45:d8:50:cd:7d:77:90:f6:a9:66:2b:d1:3b:fe:d1:40:6c:
20:66:d6:55:ad:79:eb:d8:0d:c2:c2:ae:e2:19:c0:76:dc:01:
b8:50:c6:f3:ff:15:2b:da:3e:21:9a:7e:23:06:bd:48:13:09:
b6:64:ae:73:fb:ec:6b:6d:a5:e2:54:a1:42:18:ef:39:52:45:
66:a5:e3:69:68:d5:5d:d4:8b:83:b0:70:8a:eb:ad:f0:3e:fb:
85:fa:d5:18:d9:ef:1a:a5:de:24:38:1d:d2:90:b5:de:2b:5c:
94:41:dd:8a:51:a5:fd:e3:c9:79:64:0a:8f:ea:45:45:db:fd:
53:9b:eb:fb:cd:45:dd:e1:bc:b7:9f:3d:ba:4e:b0:dc:3c:94:
19:42:c5:e6:53:77:02:f2:a4:26:69:57:3d:f2:3e:ea:a5:4e:
2d:c7:c1:b4:90:56:9a:75:44:3f:54:f9:2c:7a:3d:b9:1d:98:
d4:62:ed:bf:69:7a:69:70:bc:e5:83:4b:a5:87:c8:d5:87:e4:
59:cf:ad:d1:7b:af:fc:50:c5:a7:fe:8f:1f:f5:b7:45:06:d5:
be:b2:f8:51:45:9c:63:5f:84:09:18:c0:5b:bb:40:1e:39:39:
43:f2:1d:2a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYfb0Q6STn9nqPzECeCcFlZUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZmODdlMGFiMDMyYjBjMDVlYjVlNzRjYzJjMDg2OThkZDMy
NGQ5NjMwHhcNMjMwNTAyMDkzNTIzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkODdkNTliMGFlODM5ZTZhNDk1YWFjODgyNDVkMDMyMjIzZjM0NTlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk43AL3tg+5Vog+zq2JLAOBojVz0G
EpQbM3Oh4/VbScHO2DRrbCrS++PJ82Sl9z66NndPZ8vJuxGVzCZMFSPuKZmAE5iy
mWdS/qbWE7jyCOrYS5ksx1AwIGPvwhWk79TDcctIKsZ23WG1tJux5YG3F/ChrDBW
vrLhjw7/H9xnYZc/11VFHDIqBYr1jvm+8KQFiQmR1kgyItgQdx3gGD8DDkLjzkC2
zD9SViyiLcQ7bN+xY0XyhX7CD3MLsjVGnULBfiCI9mDisdT2TRx3+MqY+bfFdgyM
u0nsBH8OnqtlZCA/Z4lbnbJCiRxJBAlWNf+yEA1e0eaHD+T3AAm6kePIwwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNh9WbCug55qSVqsiCRdAyIj80WaMB8GA1UdIwQY
MBaAFP+H4KsDKwwF6150zCwIaY3TJNljMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvXzRmZ3F3TXJEQVhyWG5UTUxBaHBqZE1rMldNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy8xZGYxOGUtNmM0ZC00MzRiLThlMzEt
NzFlYjk1ZjUwZTViLzEvMkgxWnNLNkRubXBKV3F5SUpGMERJaVB6UlpvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMy8xZGYxOGUtNmM0ZC00MzRiLThlMzEtNzFlYjk1ZjUwZTVi
LzEvXzRmZ3F3TXJEQVhyWG5UTUxBaHBqZE1rMldNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAbXrFMA0G
CSqGSIb3DQEBCwUAA4IBAQAOW3DcjMOu0ekO1XA+4TA/Yv6SRdhQzX13kPapZivR
O/7RQGwgZtZVrXnr2A3Cwq7iGcB23AG4UMbz/xUr2j4hmn4jBr1IEwm2ZK5z++xr
baXiVKFCGO85UkVmpeNpaNVd1IuDsHCK663wPvuF+tUY2e8apd4kOB3SkLXeK1yU
Qd2KUaX948l5ZAqP6kVF2/1Tm+v7zUXd4by3nz26TrDcPJQZQsXmU3cC8qQmaVc9
8j7qpU4tx8G0kFaadUQ/VPksej25HZjUYu2/aXppcLzlg0ulh8jVh+RZz63Re6/8
UMWn/o8f9bdFBtW+svhRRZxjX4QJGMBbu0AeOTlD8h0q
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:02:04 2024 by rpki-client on console-ams.rpki-client.org