Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/1df18e-6c4d-434b-8e31-71eb95f50e5b/1/9svrOQWfvGW2eKoW3WUsHE0KZOo.roa
File: 9svrOQWfvGW2eKoW3WUsHE0KZOo.roa (raw, json)
Hash identifier: /kTyo6MY5r2G4JjX5ESmH3Op2+VbE6Xex2IGpDtfHkw=
Subject key identifier: F6:CB:EB:39:05:9F:BC:65:B6:78:AA:16:DD:65:2C:1C:4D:0A:64:EA
Certificate issuer: /CN=ff87e0ab032b0c05eb5e74cc2c08698dd324d963
Certificate serial: 018AEF39A26D406FC1B61FC835B4DF01D30A
Authority key identifier: FF:87:E0:AB:03:2B:0C:05:EB:5E:74:CC:2C:08:69:8D:D3:24:D9:63
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_4fgqwMrDAXrXnTMLAhpjdMk2WM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/33/1df18e-6c4d-434b-8e31-71eb95f50e5b/1/9svrOQWfvGW2eKoW3WUsHE0KZOo.roa
Signing time: Mon 02 Oct 2023 07:10:46 +0000
ROA not before: Mon 02 Oct 2023 07:10:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39368
IP address blocks: 109.122.209.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:ef:39:a2:6d:40:6f:c1:b6:1f:c8:35:b4:df:01:d3:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ff87e0ab032b0c05eb5e74cc2c08698dd324d963
Validity
Not Before: Oct 2 07:10:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f6cbeb39059fbc65b678aa16dd652c1c4d0a64ea
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:a6:bb:cc:bb:1f:45:8d:95:f3:15:d3:eb:cb:
26:e6:89:96:ea:50:f1:3a:cd:cb:4a:4a:1c:a6:62:
ef:38:b4:ba:ec:e2:54:2f:48:6b:0f:cf:4d:7f:4c:
70:53:19:68:3d:4a:d2:6c:d6:15:7d:20:4e:de:3b:
eb:24:68:df:c1:af:3a:4e:72:63:5f:ef:55:c7:a5:
50:67:83:fc:42:d6:4a:c1:ce:33:2d:35:33:0e:e2:
fd:5e:43:f5:f9:54:7a:25:b1:ea:61:cc:cb:9d:ff:
4d:da:fa:36:28:30:a4:61:0f:e6:9f:42:f5:bf:e3:
54:a9:ae:a2:fb:bb:75:4f:4e:82:65:b9:98:96:3c:
6a:0d:04:6b:7e:4d:c2:59:e6:32:71:79:ca:44:f1:
a7:cf:81:7b:3d:68:09:92:84:d0:e7:50:45:e3:8b:
2f:94:3a:17:30:a5:39:cd:34:71:3c:e5:e5:d3:6e:
8c:a9:1c:e1:27:f6:d7:1c:19:f0:2d:84:01:91:41:
6c:3a:8e:d1:98:a5:3c:55:ad:7c:3f:c2:03:9b:2e:
8e:93:5e:80:b7:d9:6d:70:1f:0c:81:df:bf:4a:53:
fc:c9:04:e2:29:33:1f:12:26:86:0b:b1:bf:8d:c7:
24:a2:50:15:12:a2:3f:85:52:20:42:4b:30:a9:6f:
8d:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:CB:EB:39:05:9F:BC:65:B6:78:AA:16:DD:65:2C:1C:4D:0A:64:EA
X509v3 Authority Key Identifier:
keyid:FF:87:E0:AB:03:2B:0C:05:EB:5E:74:CC:2C:08:69:8D:D3:24:D9:63
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_4fgqwMrDAXrXnTMLAhpjdMk2WM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/1df18e-6c4d-434b-8e31-71eb95f50e5b/1/9svrOQWfvGW2eKoW3WUsHE0KZOo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/33/1df18e-6c4d-434b-8e31-71eb95f50e5b/1/_4fgqwMrDAXrXnTMLAhpjdMk2WM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.122.209.0/24
Signature Algorithm: sha256WithRSAEncryption
13:8b:7b:4b:b9:56:07:51:7d:89:ad:ff:48:92:fe:19:12:da:
61:51:59:61:12:85:3d:d8:c0:0d:b1:a7:d4:c2:35:50:f6:b9:
98:6a:55:74:f7:b2:4e:c1:33:8c:51:29:a5:0f:7f:52:96:2d:
55:fd:2c:06:01:a2:96:67:5c:eb:eb:51:51:de:3d:fa:6f:c4:
29:5b:cf:e3:65:94:bf:a1:8f:f8:55:05:ca:a6:6c:a2:a0:00:
25:6a:75:d3:dd:57:1c:4d:a4:42:ba:32:bd:87:84:94:8d:33:
37:10:a7:a1:46:26:56:2b:69:a8:9a:76:bf:e5:8c:2f:c8:99:
73:c1:9e:64:b9:e0:df:36:c5:cf:5e:56:20:82:29:58:63:b4:
aa:fb:bf:fc:59:54:d3:6b:fb:01:8e:2e:57:29:cb:7b:a0:35:
58:87:ea:46:2a:c0:28:9e:5c:9d:4b:c8:70:bf:77:3d:ef:37:
b7:01:25:ca:b6:bb:60:e9:e2:0e:a7:5c:85:76:67:aa:bf:69:
81:1e:1d:82:b3:14:31:51:53:d2:81:04:ef:72:ae:3f:d9:c3:
cf:6e:3b:b6:ec:b8:eb:a2:91:f7:26:c7:33:18:f6:e4:96:91:
a0:8f:16:cb:b2:90:13:ed:0d:5f:1f:01:9e:0e:4e:ab:08:4b:
db:4a:df:e0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYrvOaJtQG/Bth/INbTfAdMKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZmODdlMGFiMDMyYjBjMDVlYjVlNzRjYzJjMDg2OThkZDMy
NGQ5NjMwHhcNMjMxMDAyMDcxMDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNmNiZWIzOTA1OWZiYzY1YjY3OGFhMTZkZDY1MmMxYzRkMGE2NGVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlaa7zLsfRY2V8xXT68sm5omW6lDx
Os3LSkocpmLvOLS67OJUL0hrD89Nf0xwUxloPUrSbNYVfSBO3jvrJGjfwa86TnJj
X+9Vx6VQZ4P8QtZKwc4zLTUzDuL9XkP1+VR6JbHqYczLnf9N2vo2KDCkYQ/mn0L1
v+NUqa6i+7t1T06CZbmYljxqDQRrfk3CWeYycXnKRPGnz4F7PWgJkoTQ51BF44sv
lDoXMKU5zTRxPOXl026MqRzhJ/bXHBnwLYQBkUFsOo7RmKU8Va18P8IDmy6Ok16A
t9ltcB8Mgd+/SlP8yQTiKTMfEiaGC7G/jcckolAVEqI/hVIgQkswqW+NfwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPbL6zkFn7xltniqFt1lLBxNCmTqMB8GA1UdIwQY
MBaAFP+H4KsDKwwF6150zCwIaY3TJNljMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvXzRmZ3F3TXJEQVhyWG5UTUxBaHBqZE1rMldNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy8xZGYxOGUtNmM0ZC00MzRiLThlMzEt
NzFlYjk1ZjUwZTViLzEvOXN2ck9RV2Z2R1cyZUtvVzNXVXNIRTBLWk9vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMy8xZGYxOGUtNmM0ZC00MzRiLThlMzEtNzFlYjk1ZjUwZTVi
LzEvXzRmZ3F3TXJEQVhyWG5UTUxBaHBqZE1rMldNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAbXrRMA0G
CSqGSIb3DQEBCwUAA4IBAQATi3tLuVYHUX2Jrf9Ikv4ZEtphUVlhEoU92MANsafU
wjVQ9rmYalV097JOwTOMUSmlD39Sli1V/SwGAaKWZ1zr61FR3j36b8QpW8/jZZS/
oY/4VQXKpmyioAAlanXT3VccTaRCujK9h4SUjTM3EKehRiZWK2momna/5YwvyJlz
wZ5kueDfNsXPXlYggilYY7Sq+7/8WVTTa/sBji5XKct7oDVYh+pGKsAonlydS8hw
v3c97ze3ASXKtrtg6eIOp1yFdmeqv2mBHh2CsxQxUVPSgQTvcq4/2cPPbju27Ljr
opH3JsczGPbklpGgjxbLspAT7Q1fHwGeDk6rCEvbSt/g
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:48 2024 by rpki-client on console-fra.rpki-client.org