Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/1df18e-6c4d-434b-8e31-71eb95f50e5b/1/58DIbYvXXp7nVDylIB_cEPRPRDw.roa
File: 58DIbYvXXp7nVDylIB_cEPRPRDw.roa (raw, json)
Hash identifier: /ix72Gr51gXbuH/B2osr6hRBSIt9xg6tBWNZJajuRAk=
Subject key identifier: E7:C0:C8:6D:8B:D7:5E:9E:E7:54:3C:A5:20:1F:DC:10:F4:4F:44:3C
Certificate issuer: /CN=ff87e0ab032b0c05eb5e74cc2c08698dd324d963
Certificate serial: 018CC50142D47D01A663F389250DBC618077
Authority key identifier: FF:87:E0:AB:03:2B:0C:05:EB:5E:74:CC:2C:08:69:8D:D3:24:D9:63
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_4fgqwMrDAXrXnTMLAhpjdMk2WM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/33/1df18e-6c4d-434b-8e31-71eb95f50e5b/1/58DIbYvXXp7nVDylIB_cEPRPRDw.roa
Signing time: Mon 01 Jan 2024 12:30:43 +0000
ROA not before: Mon 01 Jan 2024 12:30:43 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49981
IP address blocks: 109.122.208.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:01:42:d4:7d:01:a6:63:f3:89:25:0d:bc:61:80:77
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ff87e0ab032b0c05eb5e74cc2c08698dd324d963
Validity
Not Before: Jan 1 12:30:43 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e7c0c86d8bd75e9ee7543ca5201fdc10f44f443c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:5a:ca:63:33:5c:44:81:46:56:66:d5:ac:92:
99:43:2a:8d:e2:e5:db:2a:f5:33:52:31:c2:46:e8:
81:57:cd:fc:d0:ca:22:69:31:2c:f8:39:61:e0:ac:
82:65:89:e7:6a:48:4f:71:84:4a:9b:1e:39:12:0c:
79:57:4e:58:3e:41:94:d1:70:95:d5:91:48:50:bb:
71:4a:a9:b3:bd:9c:7e:22:de:11:5a:23:38:73:33:
e6:76:aa:38:b4:e1:16:d1:79:4c:d4:c9:2c:13:ed:
0d:79:7d:bd:aa:80:85:67:ec:c4:8d:d8:ce:8c:8b:
cf:5e:f6:d5:27:bd:08:55:02:b9:32:0c:ed:8e:bb:
7b:c3:2d:48:10:3b:b4:b0:51:58:a7:34:72:f5:57:
3c:40:42:0d:b4:86:3d:74:37:41:77:fc:dc:36:bb:
5f:ba:45:7a:42:40:69:02:03:db:3e:e0:27:b0:79:
65:d1:30:62:8e:1e:b6:ef:c6:e1:f2:ce:88:df:86:
47:2c:41:0d:d8:c1:cf:46:dc:c4:d9:71:db:54:8f:
91:8a:a9:05:0c:d5:25:fb:38:f0:e9:af:96:15:04:
9f:05:43:ef:0c:ba:0c:2f:05:61:07:ef:4b:3f:c1:
2b:74:62:8a:19:1f:d3:cc:b3:db:28:a4:76:29:1e:
fb:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:C0:C8:6D:8B:D7:5E:9E:E7:54:3C:A5:20:1F:DC:10:F4:4F:44:3C
X509v3 Authority Key Identifier:
keyid:FF:87:E0:AB:03:2B:0C:05:EB:5E:74:CC:2C:08:69:8D:D3:24:D9:63
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_4fgqwMrDAXrXnTMLAhpjdMk2WM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/1df18e-6c4d-434b-8e31-71eb95f50e5b/1/58DIbYvXXp7nVDylIB_cEPRPRDw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/33/1df18e-6c4d-434b-8e31-71eb95f50e5b/1/_4fgqwMrDAXrXnTMLAhpjdMk2WM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.122.208.0/24
Signature Algorithm: sha256WithRSAEncryption
83:9b:d6:6d:fb:03:67:b1:6d:42:4e:8a:31:0c:c8:d6:a5:cd:
15:26:6b:1e:81:22:98:da:8c:3b:6f:0b:67:31:46:7e:a8:d1:
a7:71:e4:2d:e1:33:93:32:4f:a7:f9:ba:71:5e:a8:80:3d:2e:
d2:ea:f5:4a:61:f7:1f:a3:0f:ef:99:1d:cb:d4:e2:c2:a9:47:
93:35:4c:65:85:ff:da:99:76:ce:25:d6:a4:6a:28:7d:cf:0c:
05:19:be:22:34:49:bc:c7:82:99:4d:c7:07:cf:92:25:5a:94:
61:4e:ee:01:ea:3e:f9:f3:75:cb:87:0f:98:03:6a:d5:ef:3a:
6d:2c:86:aa:61:36:9a:96:65:42:20:8e:77:56:09:dc:a0:a9:
16:21:d4:f8:16:de:e5:84:ec:4d:d9:41:86:8c:0f:84:c0:f5:
d8:d8:54:1b:56:50:69:16:f9:cc:88:81:cb:ed:d2:f4:64:df:
84:79:29:c5:08:ba:64:a7:d8:fe:b3:ca:4f:32:ad:dc:dc:3c:
5b:ef:ab:6e:49:61:80:3a:51:29:be:c0:74:f4:7f:12:63:22:
19:28:87:ad:46:23:e6:91:a1:50:9c:f8:01:c3:21:29:aa:8e:
24:a3:dc:71:07:11:e8:81:ca:b6:5b:2d:e9:81:c8:34:24:e0:
29:89:a6:dd
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzFAULUfQGmY/OJJQ28YYB3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZmODdlMGFiMDMyYjBjMDVlYjVlNzRjYzJjMDg2OThkZDMy
NGQ5NjMwHhcNMjQwMTAxMTIzMDQzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlN2MwYzg2ZDhiZDc1ZTllZTc1NDNjYTUyMDFmZGMxMGY0NGY0NDNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv1rKYzNcRIFGVmbVrJKZQyqN4uXb
KvUzUjHCRuiBV8380MoiaTEs+Dlh4KyCZYnnakhPcYRKmx45Egx5V05YPkGU0XCV
1ZFIULtxSqmzvZx+It4RWiM4czPmdqo4tOEW0XlM1MksE+0NeX29qoCFZ+zEjdjO
jIvPXvbVJ70IVQK5Mgztjrt7wy1IEDu0sFFYpzRy9Vc8QEINtIY9dDdBd/zcNrtf
ukV6QkBpAgPbPuAnsHll0TBijh6278bh8s6I34ZHLEEN2MHPRtzE2XHbVI+RiqkF
DNUl+zjw6a+WFQSfBUPvDLoMLwVhB+9LP8ErdGKKGR/TzLPbKKR2KR77GQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOfAyG2L116e51Q8pSAf3BD0T0Q8MB8GA1UdIwQY
MBaAFP+H4KsDKwwF6150zCwIaY3TJNljMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvXzRmZ3F3TXJEQVhyWG5UTUxBaHBqZE1rMldNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy8xZGYxOGUtNmM0ZC00MzRiLThlMzEt
NzFlYjk1ZjUwZTViLzEvNThESWJZdlhYcDduVkR5bElCX2NFUFJQUkR3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMy8xZGYxOGUtNmM0ZC00MzRiLThlMzEtNzFlYjk1ZjUwZTVi
LzEvXzRmZ3F3TXJEQVhyWG5UTUxBaHBqZE1rMldNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAbXrQMA0G
CSqGSIb3DQEBCwUAA4IBAQCDm9Zt+wNnsW1CTooxDMjWpc0VJmsegSKY2ow7bwtn
MUZ+qNGnceQt4TOTMk+n+bpxXqiAPS7S6vVKYfcfow/vmR3L1OLCqUeTNUxlhf/a
mXbOJdakaih9zwwFGb4iNEm8x4KZTccHz5IlWpRhTu4B6j7583XLhw+YA2rV7zpt
LIaqYTaalmVCII53VgncoKkWIdT4Ft7lhOxN2UGGjA+EwPXY2FQbVlBpFvnMiIHL
7dL0ZN+EeSnFCLpkp9j+s8pPMq3c3Dxb76tuSWGAOlEpvsB09H8SYyIZKIetRiPm
kaFQnPgBwyEpqo4ko9xxBxHogcq2Wy3pgcg0JOApiabd
-----END CERTIFICATE-----
Generated at Mon Jan 15 20:07:25 2024 by rpki-client on console-fra.rpki-client.org