Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/1df18e-6c4d-434b-8e31-71eb95f50e5b/1/5nFfDGeGmzFw7iVc3-tcsGb4yUk.roa
File: 5nFfDGeGmzFw7iVc3-tcsGb4yUk.roa (raw, json)
Hash identifier: 5/RqR2eX6V7MUA9l0D/u6Sf2mFN9aeXF2lz4XsnloLk=
Subject key identifier: E6:71:5F:0C:67:86:9B:31:70:EE:25:5C:DF:EB:5C:B0:66:F8:C9:49
Certificate issuer: /CN=ff87e0ab032b0c05eb5e74cc2c08698dd324d963
Certificate serial: 018C91F7186ABF722151D74F82101F2A7965
Authority key identifier: FF:87:E0:AB:03:2B:0C:05:EB:5E:74:CC:2C:08:69:8D:D3:24:D9:63
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_4fgqwMrDAXrXnTMLAhpjdMk2WM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/33/1df18e-6c4d-434b-8e31-71eb95f50e5b/1/5nFfDGeGmzFw7iVc3-tcsGb4yUk.roa
Signing time: Fri 22 Dec 2023 14:38:59 +0000
ROA not before: Fri 22 Dec 2023 14:38:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 132335
IP address blocks: 109.122.200.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:91:f7:18:6a:bf:72:21:51:d7:4f:82:10:1f:2a:79:65
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ff87e0ab032b0c05eb5e74cc2c08698dd324d963
Validity
Not Before: Dec 22 14:38:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e6715f0c67869b3170ee255cdfeb5cb066f8c949
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:02:01:b3:b2:06:32:ce:78:27:67:d6:be:9e:
58:87:3c:07:80:89:73:12:b9:ec:be:c0:5f:6b:52:
be:a6:f4:ef:94:fd:97:ee:a9:c6:4e:f5:cd:87:81:
37:31:06:b9:91:aa:7f:3e:08:a8:d1:89:d7:a5:a5:
fe:ab:b3:02:df:4c:a8:3c:2e:39:2e:6e:6c:61:6f:
49:24:c2:76:4a:36:d2:20:fa:0b:df:6c:8e:c8:44:
c0:68:47:75:51:50:5e:d8:2c:69:85:0a:05:01:2b:
ac:4e:5a:bc:78:0c:ec:ae:40:d3:2b:16:90:9f:87:
6d:f5:a5:3c:e2:5a:ad:2a:7b:0c:de:bd:a8:62:2c:
97:6a:ea:8c:9e:ab:7f:55:d0:95:f0:54:80:39:f2:
33:f0:fc:d9:50:5f:62:fe:a7:fb:81:5e:a5:52:03:
06:3c:43:6a:22:66:d3:0f:59:f2:08:5c:00:3d:b6:
66:27:d3:3e:da:8a:39:39:de:7d:6b:06:6b:5d:f8:
c1:48:cf:dc:1d:04:70:5d:de:15:45:7c:81:de:36:
14:bb:18:a0:56:76:43:d1:3b:e7:a5:a4:b2:d4:67:
9a:00:ce:d6:a8:b6:b8:a1:4d:23:b2:01:92:14:12:
35:4a:b7:10:bf:36:16:61:37:76:a9:b9:eb:94:fd:
9c:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:71:5F:0C:67:86:9B:31:70:EE:25:5C:DF:EB:5C:B0:66:F8:C9:49
X509v3 Authority Key Identifier:
keyid:FF:87:E0:AB:03:2B:0C:05:EB:5E:74:CC:2C:08:69:8D:D3:24:D9:63
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_4fgqwMrDAXrXnTMLAhpjdMk2WM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/1df18e-6c4d-434b-8e31-71eb95f50e5b/1/5nFfDGeGmzFw7iVc3-tcsGb4yUk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/33/1df18e-6c4d-434b-8e31-71eb95f50e5b/1/_4fgqwMrDAXrXnTMLAhpjdMk2WM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.122.200.0/24
Signature Algorithm: sha256WithRSAEncryption
00:5b:21:8e:b1:eb:d7:5a:30:af:2d:dd:1e:29:88:01:0f:14:
fd:da:c0:68:65:ad:54:ac:63:d1:20:71:51:60:6f:f7:bc:8d:
cc:c0:dd:a0:2a:dd:bd:29:0e:47:e7:d6:45:17:7a:94:28:d5:
b0:4f:5d:74:17:1f:2d:e2:e7:6f:b9:ca:24:3c:d7:ee:fa:ee:
f6:0b:67:e7:54:62:2b:21:3f:73:bf:d3:8b:e3:ce:7f:cd:08:
e3:9f:a3:0d:59:ce:4a:bf:bd:bc:54:a6:4d:43:58:ef:4c:2c:
8f:62:ec:97:cf:dc:16:7f:b8:f9:6b:9f:6b:88:52:8a:86:dc:
2c:e9:1a:ed:c2:e5:13:86:d5:b8:69:72:44:a0:16:42:4c:93:
da:25:67:fe:d8:76:73:94:fa:85:18:db:50:18:82:80:2b:f1:
9c:4c:e3:d9:d4:27:63:e9:30:ea:42:90:84:ee:3c:d9:10:30:
9a:28:6e:9d:05:a0:69:a8:49:08:7d:e8:6c:45:60:40:07:77:
77:8e:93:f3:49:c3:1d:37:97:78:65:ac:d6:be:65:28:ca:22:
37:96:47:98:05:22:e1:c0:13:97:23:6e:b9:87:51:1c:99:0e:
36:31:94:2c:48:2b:06:e1:ab:2a:6f:59:6f:12:d2:f0:94:12:
a9:06:c2:bc
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYyR9xhqv3IhUddPghAfKnllMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZmODdlMGFiMDMyYjBjMDVlYjVlNzRjYzJjMDg2OThkZDMy
NGQ5NjMwHhcNMjMxMjIyMTQzODU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNjcxNWYwYzY3ODY5YjMxNzBlZTI1NWNkZmViNWNiMDY2ZjhjOTQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkAIBs7IGMs54J2fWvp5YhzwHgIlz
ErnsvsBfa1K+pvTvlP2X7qnGTvXNh4E3MQa5kap/Pgio0YnXpaX+q7MC30yoPC45
Lm5sYW9JJMJ2SjbSIPoL32yOyETAaEd1UVBe2CxphQoFASusTlq8eAzsrkDTKxaQ
n4dt9aU84lqtKnsM3r2oYiyXauqMnqt/VdCV8FSAOfIz8PzZUF9i/qf7gV6lUgMG
PENqImbTD1nyCFwAPbZmJ9M+2oo5Od59awZrXfjBSM/cHQRwXd4VRXyB3jYUuxig
VnZD0TvnpaSy1GeaAM7WqLa4oU0jsgGSFBI1SrcQvzYWYTd2qbnrlP2c0wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOZxXwxnhpsxcO4lXN/rXLBm+MlJMB8GA1UdIwQY
MBaAFP+H4KsDKwwF6150zCwIaY3TJNljMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvXzRmZ3F3TXJEQVhyWG5UTUxBaHBqZE1rMldNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy8xZGYxOGUtNmM0ZC00MzRiLThlMzEt
NzFlYjk1ZjUwZTViLzEvNW5GZkRHZUdtekZ3N2lWYzMtdGNzR2I0eVVrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMy8xZGYxOGUtNmM0ZC00MzRiLThlMzEtNzFlYjk1ZjUwZTVi
LzEvXzRmZ3F3TXJEQVhyWG5UTUxBaHBqZE1rMldNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAbXrIMA0G
CSqGSIb3DQEBCwUAA4IBAQAAWyGOsevXWjCvLd0eKYgBDxT92sBoZa1UrGPRIHFR
YG/3vI3MwN2gKt29KQ5H59ZFF3qUKNWwT110Fx8t4udvucokPNfu+u72C2fnVGIr
IT9zv9OL485/zQjjn6MNWc5Kv728VKZNQ1jvTCyPYuyXz9wWf7j5a59riFKKhtws
6RrtwuUThtW4aXJEoBZCTJPaJWf+2HZzlPqFGNtQGIKAK/GcTOPZ1Cdj6TDqQpCE
7jzZEDCaKG6dBaBpqEkIfehsRWBAB3d3jpPzScMdN5d4ZazWvmUoyiI3lkeYBSLh
wBOXI265h1EcmQ42MZQsSCsG4asqb1lvEtLwlBKpBsK8
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:02:04 2024 by rpki-client on console-ams.rpki-client.org