Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/1df18e-6c4d-434b-8e31-71eb95f50e5b/1/61Qv7W2tqjalXH4Eby0Sc3NPs7w.roa
File: 61Qv7W2tqjalXH4Eby0Sc3NPs7w.roa (raw, json)
Hash identifier: 0/G+WJXLcWv93eZvWkyjvwD4sNNZSnoEefbWnzhUpi4=
Subject key identifier: EB:54:2F:ED:6D:AD:AA:36:A5:5C:7E:04:6F:2D:12:73:73:4F:B3:BC
Certificate issuer: /CN=ff87e0ab032b0c05eb5e74cc2c08698dd324d963
Certificate serial: 018D3797329EE22264D30F07F967953DFD31
Authority key identifier: FF:87:E0:AB:03:2B:0C:05:EB:5E:74:CC:2C:08:69:8D:D3:24:D9:63
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_4fgqwMrDAXrXnTMLAhpjdMk2WM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/33/1df18e-6c4d-434b-8e31-71eb95f50e5b/1/61Qv7W2tqjalXH4Eby0Sc3NPs7w.roa
Signing time: Tue 23 Jan 2024 18:31:12 +0000
ROA not before: Tue 23 Jan 2024 18:31:12 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 44620
IP address blocks: 109.122.196.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:37:97:32:9e:e2:22:64:d3:0f:07:f9:67:95:3d:fd:31
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ff87e0ab032b0c05eb5e74cc2c08698dd324d963
Validity
Not Before: Jan 23 18:31:12 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=eb542fed6dadaa36a55c7e046f2d1273734fb3bc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:7e:a5:66:8c:69:71:f3:08:cf:2d:57:61:cf:
db:34:1f:82:1a:ee:b3:9f:ed:3f:4d:ad:37:07:b3:
24:c4:83:43:15:4d:4f:9d:5e:3e:d5:12:df:35:e3:
78:af:b4:91:1f:e6:b8:87:f9:34:bd:aa:93:fb:5c:
18:10:dc:f3:e4:44:52:e5:58:56:fc:b5:8d:97:12:
41:99:b9:64:f4:88:b9:e7:e7:53:a9:09:96:74:f5:
3c:92:64:18:22:d9:8f:74:18:84:2b:ee:58:77:96:
7c:c5:6d:38:ed:9f:6f:c1:9e:d3:81:4a:91:0d:2e:
02:69:43:8e:82:6d:55:1c:af:cd:6e:18:d5:56:5a:
34:e2:7b:1a:41:e4:ac:52:5d:2f:5c:2c:8e:b6:cf:
74:80:20:72:f1:47:8c:c8:56:c8:49:d8:dd:de:ae:
58:c6:35:4c:37:b8:f1:7c:6f:ce:62:57:82:75:76:
ad:c9:60:aa:a2:75:38:76:af:b6:a4:e0:37:a1:9f:
bd:e2:b1:80:40:a7:94:e6:7c:30:79:50:09:44:92:
fd:da:ee:6b:76:67:d6:08:9c:7c:b2:67:97:a3:0c:
ee:16:f5:9b:36:aa:21:f6:92:51:9c:16:f4:bd:1c:
19:87:7a:9a:92:c7:57:52:cc:3d:5c:eb:47:e0:3a:
c6:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:54:2F:ED:6D:AD:AA:36:A5:5C:7E:04:6F:2D:12:73:73:4F:B3:BC
X509v3 Authority Key Identifier:
keyid:FF:87:E0:AB:03:2B:0C:05:EB:5E:74:CC:2C:08:69:8D:D3:24:D9:63
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_4fgqwMrDAXrXnTMLAhpjdMk2WM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/1df18e-6c4d-434b-8e31-71eb95f50e5b/1/61Qv7W2tqjalXH4Eby0Sc3NPs7w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/33/1df18e-6c4d-434b-8e31-71eb95f50e5b/1/_4fgqwMrDAXrXnTMLAhpjdMk2WM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.122.196.0/24
Signature Algorithm: sha256WithRSAEncryption
9b:fe:3d:5d:82:cb:bd:1c:4d:8c:c3:1c:7d:16:d4:0a:73:73:
6c:7e:98:3b:83:4a:15:9d:aa:22:1f:f6:15:0c:88:3f:09:6a:
ea:62:b3:af:c2:d9:8d:ea:6d:65:58:a7:a3:64:97:d0:a6:71:
5d:f0:5f:2b:f3:01:90:39:06:30:77:39:60:01:5a:9d:05:e8:
c0:2b:2b:b9:ea:44:f3:71:06:59:3e:77:4a:ea:30:a8:47:0f:
89:c5:c1:5d:00:06:3a:e7:ef:a8:3f:eb:d9:06:fd:91:30:c6:
fd:20:38:5b:12:0e:d2:07:f4:ee:59:26:2a:87:83:51:90:d2:
44:5c:b7:ce:88:2b:be:47:85:65:fb:f9:0c:37:2b:fe:8a:e0:
96:2b:9e:1e:13:d3:a5:58:3f:f2:5f:96:07:73:d6:ab:ce:05:
ec:19:10:65:f5:a7:b4:40:cd:8e:e3:0a:07:f1:a1:a7:56:7e:
d8:58:3e:65:a7:27:8d:49:6f:dd:94:b1:b9:4b:fa:51:51:34:
45:f0:34:88:35:a4:3b:d7:7f:ac:4e:e0:63:c2:d1:77:3c:74:
1e:f2:d7:62:09:8b:66:63:52:b6:15:cf:38:4c:24:50:fb:a6:
6e:14:41:31:11:1d:a8:8a:e7:5c:4c:a9:f4:f8:2d:6a:10:88:
d8:b7:03:54
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY03lzKe4iJk0w8H+WeVPf0xMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZmODdlMGFiMDMyYjBjMDVlYjVlNzRjYzJjMDg2OThkZDMy
NGQ5NjMwHhcNMjQwMTIzMTgzMTEyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYjU0MmZlZDZkYWRhYTM2YTU1YzdlMDQ2ZjJkMTI3MzczNGZiM2JjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgn6lZoxpcfMIzy1XYc/bNB+CGu6z
n+0/Ta03B7MkxINDFU1PnV4+1RLfNeN4r7SRH+a4h/k0vaqT+1wYENzz5ERS5VhW
/LWNlxJBmblk9Ii55+dTqQmWdPU8kmQYItmPdBiEK+5Yd5Z8xW047Z9vwZ7TgUqR
DS4CaUOOgm1VHK/NbhjVVlo04nsaQeSsUl0vXCyOts90gCBy8UeMyFbISdjd3q5Y
xjVMN7jxfG/OYleCdXatyWCqonU4dq+2pOA3oZ+94rGAQKeU5nwweVAJRJL92u5r
dmfWCJx8smeXowzuFvWbNqoh9pJRnBb0vRwZh3qaksdXUsw9XOtH4DrGswIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOtUL+1trao2pVx+BG8tEnNzT7O8MB8GA1UdIwQY
MBaAFP+H4KsDKwwF6150zCwIaY3TJNljMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvXzRmZ3F3TXJEQVhyWG5UTUxBaHBqZE1rMldNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy8xZGYxOGUtNmM0ZC00MzRiLThlMzEt
NzFlYjk1ZjUwZTViLzEvNjFRdjdXMnRxamFsWEg0RWJ5MFNjM05Qczd3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMy8xZGYxOGUtNmM0ZC00MzRiLThlMzEtNzFlYjk1ZjUwZTVi
LzEvXzRmZ3F3TXJEQVhyWG5UTUxBaHBqZE1rMldNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAbXrEMA0G
CSqGSIb3DQEBCwUAA4IBAQCb/j1dgsu9HE2Mwxx9FtQKc3Nsfpg7g0oVnaoiH/YV
DIg/CWrqYrOvwtmN6m1lWKejZJfQpnFd8F8r8wGQOQYwdzlgAVqdBejAKyu56kTz
cQZZPndK6jCoRw+JxcFdAAY65++oP+vZBv2RMMb9IDhbEg7SB/TuWSYqh4NRkNJE
XLfOiCu+R4Vl+/kMNyv+iuCWK54eE9OlWD/yX5YHc9arzgXsGRBl9ae0QM2O4woH
8aGnVn7YWD5lpyeNSW/dlLG5S/pRUTRF8DSINaQ713+sTuBjwtF3PHQe8tdiCYtm
Y1K2Fc84TCRQ+6ZuFEExER2oiudcTKn0+C1qEIjYtwNU
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:48 2024 by rpki-client on console-fra.rpki-client.org