Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/1df18e-6c4d-434b-8e31-71eb95f50e5b/1/ArUyZcYiKpeCvQEm1OpWBoQ87RE.roa
File: ArUyZcYiKpeCvQEm1OpWBoQ87RE.roa (raw, json)
Hash identifier: YDSP+yb6FcfsdKyp3w6qwrwe7TPqNdwdls4unuRzVRE=
Subject key identifier: 02:B5:32:65:C6:22:2A:97:82:BD:01:26:D4:EA:56:06:84:3C:ED:11
Certificate issuer: /CN=ff87e0ab032b0c05eb5e74cc2c08698dd324d963
Certificate serial: 01887EA88081A02A4D873B2EDB4CBC23207E
Authority key identifier: FF:87:E0:AB:03:2B:0C:05:EB:5E:74:CC:2C:08:69:8D:D3:24:D9:63
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_4fgqwMrDAXrXnTMLAhpjdMk2WM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/33/1df18e-6c4d-434b-8e31-71eb95f50e5b/1/ArUyZcYiKpeCvQEm1OpWBoQ87RE.roa
Signing time: Sat 03 Jun 2023 00:29:12 +0000
ROA not before: Sat 03 Jun 2023 00:29:12 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 109.122.215.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:7e:a8:80:81:a0:2a:4d:87:3b:2e:db:4c:bc:23:20:7e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ff87e0ab032b0c05eb5e74cc2c08698dd324d963
Validity
Not Before: Jun 3 00:29:12 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=02b53265c6222a9782bd0126d4ea5606843ced11
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f0:18:24:f6:79:84:c0:01:00:74:f1:d3:e0:25:
83:d6:b5:8c:33:42:8a:00:31:81:3a:50:0f:7b:c0:
59:3d:4e:d5:71:ba:f3:73:b4:31:54:f0:1e:86:a4:
60:78:8f:cb:fd:83:07:be:dd:23:61:66:56:05:6b:
71:10:95:54:12:01:7e:a1:1a:56:9d:38:5c:73:23:
7a:af:40:46:68:b2:6b:e2:75:8f:24:0d:fd:76:2f:
c1:70:4a:55:b1:88:14:4d:7a:01:bd:e8:46:c9:f0:
ee:04:cb:3c:4b:0b:c6:23:9c:9c:7e:06:8b:b6:9d:
3a:60:fe:7c:c2:fb:4a:8c:09:eb:cf:7e:fa:29:7a:
58:04:11:12:ab:67:aa:34:8a:ed:c1:f6:d1:a8:65:
b1:6b:51:3c:3a:f7:a3:a7:11:74:17:bf:05:92:e0:
8d:d1:26:47:77:9c:50:e7:6a:e4:2f:03:4d:39:13:
a2:35:86:0c:b8:b6:dd:c7:56:59:a1:2c:c2:6d:b8:
86:c0:50:47:fd:ff:2e:ee:e9:89:94:86:23:87:51:
4d:71:f4:af:d6:14:5d:5d:0c:90:62:a1:ae:0c:81:
78:a9:cb:55:27:8b:5e:f1:55:30:90:88:f0:74:eb:
f6:b8:de:c4:31:9b:48:dc:6d:8d:d9:2d:da:3e:9a:
56:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:B5:32:65:C6:22:2A:97:82:BD:01:26:D4:EA:56:06:84:3C:ED:11
X509v3 Authority Key Identifier:
keyid:FF:87:E0:AB:03:2B:0C:05:EB:5E:74:CC:2C:08:69:8D:D3:24:D9:63
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_4fgqwMrDAXrXnTMLAhpjdMk2WM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/1df18e-6c4d-434b-8e31-71eb95f50e5b/1/ArUyZcYiKpeCvQEm1OpWBoQ87RE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/33/1df18e-6c4d-434b-8e31-71eb95f50e5b/1/_4fgqwMrDAXrXnTMLAhpjdMk2WM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.122.215.0/24
Signature Algorithm: sha256WithRSAEncryption
24:6f:7e:2b:6e:3e:cd:af:c9:a1:92:06:09:3d:31:44:3b:94:
1b:ae:a6:5a:77:d5:9a:52:19:99:f4:10:ff:4e:c4:7d:46:98:
a0:93:69:d7:b5:f0:bd:08:87:50:ce:f4:5d:f1:e9:d4:de:77:
bf:ba:06:1e:99:d1:23:fa:4a:b7:0b:ec:05:3f:40:03:d8:e0:
17:c7:25:8b:02:12:8f:b3:13:76:ae:31:5e:5a:be:71:ec:e6:
10:9d:9c:b8:d5:d7:b2:72:52:51:16:d7:89:38:a7:83:ed:3e:
bf:81:96:a1:a0:a3:c2:1a:9c:5e:ac:db:a7:42:b0:f9:6a:09:
3b:2e:71:41:5c:37:65:fa:1c:a6:38:b2:2d:41:8d:fc:7e:b4:
8a:ac:ac:0f:67:d9:57:43:5d:c8:a0:e2:5e:15:b1:34:7d:a0:
91:45:b2:b9:5f:76:57:3d:28:1a:44:03:c1:82:56:75:da:0a:
ec:d9:d8:aa:4f:b0:3a:c3:aa:ad:c6:26:db:a8:2f:4f:76:dc:
36:f7:1c:8a:93:d6:4f:a5:73:05:a1:f9:0b:39:ef:99:d6:77:
a0:10:26:4a:2e:5e:fa:77:87:c6:72:ca:9f:01:81:15:08:d1:
48:5f:fe:ae:75:6e:63:39:d2:76:78:22:a2:4b:5c:50:5a:5a:
0b:3b:a7:d4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYh+qICBoCpNhzsu20y8IyB+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZmODdlMGFiMDMyYjBjMDVlYjVlNzRjYzJjMDg2OThkZDMy
NGQ5NjMwHhcNMjMwNjAzMDAyOTEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMmI1MzI2NWM2MjIyYTk3ODJiZDAxMjZkNGVhNTYwNjg0M2NlZDExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8Bgk9nmEwAEAdPHT4CWD1rWMM0KK
ADGBOlAPe8BZPU7Vcbrzc7QxVPAehqRgeI/L/YMHvt0jYWZWBWtxEJVUEgF+oRpW
nThccyN6r0BGaLJr4nWPJA39di/BcEpVsYgUTXoBvehGyfDuBMs8SwvGI5ycfgaL
tp06YP58wvtKjAnrz376KXpYBBESq2eqNIrtwfbRqGWxa1E8OvejpxF0F78FkuCN
0SZHd5xQ52rkLwNNOROiNYYMuLbdx1ZZoSzCbbiGwFBH/f8u7umJlIYjh1FNcfSv
1hRdXQyQYqGuDIF4qctVJ4te8VUwkIjwdOv2uN7EMZtI3G2N2S3aPppWjQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAK1MmXGIiqXgr0BJtTqVgaEPO0RMB8GA1UdIwQY
MBaAFP+H4KsDKwwF6150zCwIaY3TJNljMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvXzRmZ3F3TXJEQVhyWG5UTUxBaHBqZE1rMldNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy8xZGYxOGUtNmM0ZC00MzRiLThlMzEt
NzFlYjk1ZjUwZTViLzEvQXJVeVpjWWlLcGVDdlFFbTFPcFdCb1E4N1JFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMy8xZGYxOGUtNmM0ZC00MzRiLThlMzEtNzFlYjk1ZjUwZTVi
LzEvXzRmZ3F3TXJEQVhyWG5UTUxBaHBqZE1rMldNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAbXrXMA0G
CSqGSIb3DQEBCwUAA4IBAQAkb34rbj7Nr8mhkgYJPTFEO5QbrqZad9WaUhmZ9BD/
TsR9Rpigk2nXtfC9CIdQzvRd8enU3ne/ugYemdEj+kq3C+wFP0AD2OAXxyWLAhKP
sxN2rjFeWr5x7OYQnZy41deyclJRFteJOKeD7T6/gZahoKPCGpxerNunQrD5agk7
LnFBXDdl+hymOLItQY38frSKrKwPZ9lXQ13IoOJeFbE0faCRRbK5X3ZXPSgaRAPB
glZ12grs2diqT7A6w6qtxibbqC9Pdtw29xyKk9ZPpXMFofkLOe+Z1negECZKLl76
d4fGcsqfAYEVCNFIX/6udW5jOdJ2eCKiS1xQWloLO6fU
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:51:22 2025 by rpki-client