Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/1df18e-6c4d-434b-8e31-71eb95f50e5b/1/ACbj0tYH5NqBRgmPXq5_S18daSI.roa
File: ACbj0tYH5NqBRgmPXq5_S18daSI.roa (raw, json)
Hash identifier: x58cd6KE2Q6VcVHNdQYB6Lf8/5XJw3YqprzJidro7wg=
Subject key identifier: 00:26:E3:D2:D6:07:E4:DA:81:46:09:8F:5E:AE:7F:4B:5F:1D:69:22
Certificate issuer: /CN=ff87e0ab032b0c05eb5e74cc2c08698dd324d963
Certificate serial: 0187A865E21DACEBB62D3FBA6DFF586D2FF6
Authority key identifier: FF:87:E0:AB:03:2B:0C:05:EB:5E:74:CC:2C:08:69:8D:D3:24:D9:63
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_4fgqwMrDAXrXnTMLAhpjdMk2WM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/33/1df18e-6c4d-434b-8e31-71eb95f50e5b/1/ACbj0tYH5NqBRgmPXq5_S18daSI.roa
Signing time: Sat 22 Apr 2023 09:57:41 +0000
ROA not before: Sat 22 Apr 2023 09:57:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 26548
IP address blocks: 109.122.195.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:a8:65:e2:1d:ac:eb:b6:2d:3f:ba:6d:ff:58:6d:2f:f6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ff87e0ab032b0c05eb5e74cc2c08698dd324d963
Validity
Not Before: Apr 22 09:57:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0026e3d2d607e4da8146098f5eae7f4b5f1d6922
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:7d:2b:4d:05:70:25:3f:fe:10:29:a0:0c:e3:
76:86:e6:5c:68:d9:c7:67:9f:ff:d6:0d:6c:27:15:
75:7e:0a:97:2c:21:74:70:6e:7a:02:49:c8:ef:84:
56:20:46:86:15:60:22:45:dd:bf:76:35:52:d8:64:
70:75:1f:a6:3b:63:47:b1:1f:46:a2:a7:11:a8:88:
85:11:0b:21:7f:7b:71:2f:f6:b3:fa:e4:c0:7a:38:
44:ba:62:dc:06:6e:dc:ba:4e:0e:95:62:8a:50:1b:
be:5e:79:98:58:89:9b:9e:23:fd:e8:83:47:26:a6:
a0:2b:69:d2:07:ab:e4:9c:d4:8e:99:75:3c:82:b8:
d6:92:ff:a7:a6:92:51:09:9a:4c:00:e9:0e:a3:c7:
5f:fa:fe:60:d6:47:09:3a:75:97:86:ef:40:8e:08:
12:1d:c0:ea:81:11:92:87:6d:48:58:b4:21:88:14:
c5:f1:e2:26:38:b1:c1:32:33:21:bf:1e:f1:78:8f:
a3:e3:c9:20:de:55:5d:26:4b:a6:19:04:a3:2d:7d:
b7:5a:19:ff:8b:aa:05:46:c5:e9:3a:73:f5:98:f2:
57:54:13:32:46:38:39:35:d5:e2:7d:c0:45:07:75:
96:61:23:0c:48:f2:f7:64:2b:d9:01:88:20:57:8d:
95:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:26:E3:D2:D6:07:E4:DA:81:46:09:8F:5E:AE:7F:4B:5F:1D:69:22
X509v3 Authority Key Identifier:
keyid:FF:87:E0:AB:03:2B:0C:05:EB:5E:74:CC:2C:08:69:8D:D3:24:D9:63
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_4fgqwMrDAXrXnTMLAhpjdMk2WM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/1df18e-6c4d-434b-8e31-71eb95f50e5b/1/ACbj0tYH5NqBRgmPXq5_S18daSI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/33/1df18e-6c4d-434b-8e31-71eb95f50e5b/1/_4fgqwMrDAXrXnTMLAhpjdMk2WM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.122.195.0/24
Signature Algorithm: sha256WithRSAEncryption
4a:bc:f7:af:a3:d7:d1:f3:c4:d2:ce:f5:cf:f0:09:aa:cb:d6:
98:1b:d2:32:f1:05:ad:c3:8c:28:e5:6e:a6:bd:f2:d2:6c:62:
62:27:76:6c:2c:d1:af:66:5d:1b:50:3e:f7:b6:3d:80:36:07:
9e:74:10:43:40:97:e5:8e:c5:f6:be:f7:df:b3:53:9a:4f:0e:
3c:34:d5:31:bf:b8:17:37:4e:50:0d:e4:95:30:c3:50:1a:2d:
22:02:7f:6b:22:d8:7c:f8:33:7a:a5:ff:be:11:cd:f7:8a:5b:
b7:6e:09:ad:df:75:dc:e4:97:ad:55:3b:0f:c6:5a:60:5a:d4:
6b:5a:ec:ac:8c:0a:b0:2f:65:96:d5:cd:e1:3b:de:11:98:6d:
bc:3d:f7:67:28:67:3a:af:68:f3:fe:3b:f7:08:58:4b:1e:62:
64:46:fe:23:da:12:78:5c:d9:1a:e2:35:2c:5a:d2:c5:bc:d3:
a4:58:c7:51:f2:bd:72:4e:35:24:73:1f:51:d4:69:28:ae:36:
6e:d3:0b:ec:58:e8:63:43:cd:0a:1c:eb:0d:46:2c:fe:36:e2:
88:e1:5e:9f:29:0b:70:3c:a5:3a:bf:21:a9:1d:42:fb:48:ed:
a6:2c:be:6d:7f:ad:00:fd:9e:ec:36:12:b2:e4:a4:72:68:cd:
ae:a9:b4:74
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYeoZeIdrOu2LT+6bf9YbS/2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZmODdlMGFiMDMyYjBjMDVlYjVlNzRjYzJjMDg2OThkZDMy
NGQ5NjMwHhcNMjMwNDIyMDk1NzQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMDI2ZTNkMmQ2MDdlNGRhODE0NjA5OGY1ZWFlN2Y0YjVmMWQ2OTIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsn0rTQVwJT/+ECmgDON2huZcaNnH
Z5//1g1sJxV1fgqXLCF0cG56AknI74RWIEaGFWAiRd2/djVS2GRwdR+mO2NHsR9G
oqcRqIiFEQshf3txL/az+uTAejhEumLcBm7cuk4OlWKKUBu+XnmYWImbniP96INH
JqagK2nSB6vknNSOmXU8grjWkv+nppJRCZpMAOkOo8df+v5g1kcJOnWXhu9AjggS
HcDqgRGSh21IWLQhiBTF8eImOLHBMjMhvx7xeI+j48kg3lVdJkumGQSjLX23Whn/
i6oFRsXpOnP1mPJXVBMyRjg5NdXifcBFB3WWYSMMSPL3ZCvZAYggV42V4QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAAm49LWB+TagUYJj16uf0tfHWkiMB8GA1UdIwQY
MBaAFP+H4KsDKwwF6150zCwIaY3TJNljMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvXzRmZ3F3TXJEQVhyWG5UTUxBaHBqZE1rMldNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy8xZGYxOGUtNmM0ZC00MzRiLThlMzEt
NzFlYjk1ZjUwZTViLzEvQUNiajB0WUg1TnFCUmdtUFhxNV9TMThkYVNJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMy8xZGYxOGUtNmM0ZC00MzRiLThlMzEtNzFlYjk1ZjUwZTVi
LzEvXzRmZ3F3TXJEQVhyWG5UTUxBaHBqZE1rMldNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAbXrDMA0G
CSqGSIb3DQEBCwUAA4IBAQBKvPevo9fR88TSzvXP8Amqy9aYG9Iy8QWtw4wo5W6m
vfLSbGJiJ3ZsLNGvZl0bUD73tj2ANgeedBBDQJfljsX2vvffs1OaTw48NNUxv7gX
N05QDeSVMMNQGi0iAn9rIth8+DN6pf++Ec33ilu3bgmt33Xc5JetVTsPxlpgWtRr
WuysjAqwL2WW1c3hO94RmG28PfdnKGc6r2jz/jv3CFhLHmJkRv4j2hJ4XNka4jUs
WtLFvNOkWMdR8r1yTjUkcx9R1GkorjZu0wvsWOhjQ80KHOsNRiz+NuKI4V6fKQtw
PKU6vyGpHUL7SO2mLL5tf60A/Z7sNhKy5KRyaM2uqbR0
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:02:04 2024 by rpki-client on console-ams.rpki-client.org