Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/1df18e-6c4d-434b-8e31-71eb95f50e5b/1/6qmFCTDxEa1ea40GX4q7W9qFmM4.roa
File: 6qmFCTDxEa1ea40GX4q7W9qFmM4.roa (raw, json)
Hash identifier: jkAYzaCThLrbc93tzbumyb/+BxJSCCzimG8RdsnAEMg=
Subject key identifier: EA:A9:85:09:30:F1:11:AD:5E:6B:8D:06:5F:8A:BB:5B:DA:85:98:CE
Certificate issuer: /CN=ff87e0ab032b0c05eb5e74cc2c08698dd324d963
Certificate serial: 018CA77CBA917E5ADC92DC4B3D46FCB31338
Authority key identifier: FF:87:E0:AB:03:2B:0C:05:EB:5E:74:CC:2C:08:69:8D:D3:24:D9:63
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_4fgqwMrDAXrXnTMLAhpjdMk2WM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/33/1df18e-6c4d-434b-8e31-71eb95f50e5b/1/6qmFCTDxEa1ea40GX4q7W9qFmM4.roa
Signing time: Tue 26 Dec 2023 18:56:58 +0000
ROA not before: Tue 26 Dec 2023 18:56:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 198652
IP address blocks: 109.122.203.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:a7:7c:ba:91:7e:5a:dc:92:dc:4b:3d:46:fc:b3:13:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ff87e0ab032b0c05eb5e74cc2c08698dd324d963
Validity
Not Before: Dec 26 18:56:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=eaa9850930f111ad5e6b8d065f8abb5bda8598ce
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:2c:44:25:2f:1c:36:01:f1:e9:ab:94:b7:10:
fc:cf:44:0d:fa:d0:75:71:f3:7e:6e:05:64:87:79:
07:37:43:63:17:36:6f:f8:e1:45:5d:db:e0:39:f3:
79:62:5c:3c:e8:0d:55:f7:f1:c1:2a:5b:c9:0f:0e:
8c:5e:1e:99:b5:91:20:39:6f:0e:aa:0e:05:b0:f2:
21:e5:0e:91:6f:47:ea:95:0c:d6:9f:35:46:25:a1:
61:46:de:18:91:24:65:d5:b1:80:60:57:46:28:95:
87:46:e4:7f:c5:ec:07:7c:04:17:f1:ba:1e:01:c0:
5e:ea:86:51:29:4d:b4:0c:29:ad:d7:5b:1e:02:03:
79:45:45:da:11:34:42:87:af:36:f0:0b:9a:bb:18:
6c:60:89:67:b2:9d:47:4d:fe:08:70:28:5b:07:b1:
eb:ed:b1:c9:8c:6b:5d:d0:36:9d:d0:0e:08:64:98:
ad:dc:5f:cb:ec:ad:3a:47:86:fd:32:fa:4a:0a:83:
af:fd:4c:81:3f:bb:8d:da:e5:53:b6:d0:92:91:0f:
89:5c:de:5f:33:1b:21:40:cf:ad:ae:33:5a:0e:ed:
3b:ce:e0:60:4f:48:e0:02:e1:ac:f9:df:0b:28:2f:
aa:69:da:81:36:39:14:9b:ab:3c:1a:7b:c8:3d:9f:
7e:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EA:A9:85:09:30:F1:11:AD:5E:6B:8D:06:5F:8A:BB:5B:DA:85:98:CE
X509v3 Authority Key Identifier:
keyid:FF:87:E0:AB:03:2B:0C:05:EB:5E:74:CC:2C:08:69:8D:D3:24:D9:63
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_4fgqwMrDAXrXnTMLAhpjdMk2WM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/1df18e-6c4d-434b-8e31-71eb95f50e5b/1/6qmFCTDxEa1ea40GX4q7W9qFmM4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/33/1df18e-6c4d-434b-8e31-71eb95f50e5b/1/_4fgqwMrDAXrXnTMLAhpjdMk2WM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.122.203.0/24
Signature Algorithm: sha256WithRSAEncryption
1e:be:da:63:1a:51:43:08:e7:57:d4:75:6d:39:07:1d:8c:9c:
c2:30:af:97:6c:e3:6c:f5:e2:a2:5d:98:e3:ae:82:ba:4e:c6:
77:c3:72:5c:0d:24:d6:05:1b:cf:ea:b2:0e:65:a5:4b:1c:67:
44:30:f5:bd:7d:dc:38:a0:04:6d:46:07:19:88:e3:b1:62:36:
12:ea:e0:9d:44:9d:c5:f0:95:7b:0a:b6:c6:15:ec:70:25:d3:
b5:8e:73:11:60:96:b4:9d:6f:93:f1:e3:11:b1:98:a7:45:ba:
36:0c:5b:8f:f6:9a:a5:03:d0:19:c9:26:45:2d:cd:b9:d5:0e:
46:0a:e7:7f:01:5c:8b:35:39:76:82:d3:92:4a:c4:07:ad:99:
96:5f:c5:33:c5:b1:ff:0f:fb:f5:17:b0:ea:75:b5:fa:a8:62:
1a:ae:dd:df:33:95:bb:31:3b:95:56:95:44:6c:9d:65:5e:a8:
10:07:76:4c:04:74:b5:dd:66:b3:c8:01:61:1b:c6:9c:c0:90:
9b:87:6f:5f:1c:e4:13:b7:3e:9a:af:47:3f:88:68:f1:d6:91:
2a:00:93:9d:c0:5a:b4:19:95:59:0a:e4:af:9a:cd:67:40:d7:
69:ee:73:2d:df:f7:df:58:15:63:51:34:14:9e:30:1c:b9:63:
0d:ea:7e:c8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYynfLqRflrcktxLPUb8sxM4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZmODdlMGFiMDMyYjBjMDVlYjVlNzRjYzJjMDg2OThkZDMy
NGQ5NjMwHhcNMjMxMjI2MTg1NjU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYWE5ODUwOTMwZjExMWFkNWU2YjhkMDY1ZjhhYmI1YmRhODU5OGNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnyxEJS8cNgHx6auUtxD8z0QN+tB1
cfN+bgVkh3kHN0NjFzZv+OFFXdvgOfN5Ylw86A1V9/HBKlvJDw6MXh6ZtZEgOW8O
qg4FsPIh5Q6Rb0fqlQzWnzVGJaFhRt4YkSRl1bGAYFdGKJWHRuR/xewHfAQX8boe
AcBe6oZRKU20DCmt11seAgN5RUXaETRCh6828AuauxhsYIlnsp1HTf4IcChbB7Hr
7bHJjGtd0Dad0A4IZJit3F/L7K06R4b9MvpKCoOv/UyBP7uN2uVTttCSkQ+JXN5f
MxshQM+trjNaDu07zuBgT0jgAuGs+d8LKC+qadqBNjkUm6s8GnvIPZ9+1wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOqphQkw8RGtXmuNBl+Ku1vahZjOMB8GA1UdIwQY
MBaAFP+H4KsDKwwF6150zCwIaY3TJNljMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvXzRmZ3F3TXJEQVhyWG5UTUxBaHBqZE1rMldNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy8xZGYxOGUtNmM0ZC00MzRiLThlMzEt
NzFlYjk1ZjUwZTViLzEvNnFtRkNURHhFYTFlYTQwR1g0cTdXOXFGbU00LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMy8xZGYxOGUtNmM0ZC00MzRiLThlMzEtNzFlYjk1ZjUwZTVi
LzEvXzRmZ3F3TXJEQVhyWG5UTUxBaHBqZE1rMldNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAbXrLMA0G
CSqGSIb3DQEBCwUAA4IBAQAevtpjGlFDCOdX1HVtOQcdjJzCMK+XbONs9eKiXZjj
roK6TsZ3w3JcDSTWBRvP6rIOZaVLHGdEMPW9fdw4oARtRgcZiOOxYjYS6uCdRJ3F
8JV7CrbGFexwJdO1jnMRYJa0nW+T8eMRsZinRbo2DFuP9pqlA9AZySZFLc251Q5G
Cud/AVyLNTl2gtOSSsQHrZmWX8UzxbH/D/v1F7DqdbX6qGIart3fM5W7MTuVVpVE
bJ1lXqgQB3ZMBHS13WazyAFhG8acwJCbh29fHOQTtz6ar0c/iGjx1pEqAJOdwFq0
GZVZCuSvms1nQNdp7nMt3/ffWBVjUTQUnjAcuWMN6n7I
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:48 2024 by rpki-client on console-fra.rpki-client.org