Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/1df18e-6c4d-434b-8e31-71eb95f50e5b/1/DCFgRFSekeb18gaumI3Ofy5svsI.roa
File: DCFgRFSekeb18gaumI3Ofy5svsI.roa (raw, json)
Hash identifier: 7UFsPaY9tkRVXEdD3TwcMp7LvEzC7FnR4dpc5hsnKfY=
Subject key identifier: 0C:21:60:44:54:9E:91:E6:F5:F2:06:AE:98:8D:CE:7F:2E:6C:BE:C2
Certificate issuer: /CN=ff87e0ab032b0c05eb5e74cc2c08698dd324d963
Certificate serial: 018BD60C0E4E598A8F2EB35436C07C2C1B3C
Authority key identifier: FF:87:E0:AB:03:2B:0C:05:EB:5E:74:CC:2C:08:69:8D:D3:24:D9:63
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_4fgqwMrDAXrXnTMLAhpjdMk2WM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/33/1df18e-6c4d-434b-8e31-71eb95f50e5b/1/DCFgRFSekeb18gaumI3Ofy5svsI.roa
Signing time: Thu 16 Nov 2023 02:53:16 +0000
ROA not before: Thu 16 Nov 2023 02:53:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43260
IP address blocks: 109.122.192.0/24 maxlen: 24
109.122.197.0/24 maxlen: 24
109.122.201.0/24 maxlen: 24
109.122.205.0/24 maxlen: 24
109.122.203.0/24 maxlen: 24
109.122.212.0/24 maxlen: 24
109.122.213.0/24 maxlen: 24
109.122.210.0/24 maxlen: 24
109.122.220.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:d6:0c:0e:4e:59:8a:8f:2e:b3:54:36:c0:7c:2c:1b:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ff87e0ab032b0c05eb5e74cc2c08698dd324d963
Validity
Not Before: Nov 16 02:53:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0c216044549e91e6f5f206ae988dce7f2e6cbec2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:3f:be:81:b2:3c:58:12:7b:df:79:28:21:17:
8c:cb:50:02:14:76:70:da:3c:8c:e1:07:3f:26:27:
25:92:2c:b2:8e:57:dd:c0:14:7b:30:a3:c2:2e:5c:
ff:df:f1:94:f4:63:d5:48:3e:cb:31:da:9e:64:ba:
75:4a:a5:52:61:35:a4:50:c9:ad:d1:51:22:3e:af:
8d:6f:83:b6:11:da:73:7a:14:97:58:54:49:34:61:
a3:c8:81:1b:e0:01:3f:01:f2:3c:9c:d1:fe:87:a8:
f9:ca:19:80:35:5d:31:9f:e9:bd:94:fb:2e:14:d8:
44:88:c9:44:38:e5:1c:78:2b:78:89:1d:7e:52:96:
36:f0:0b:76:23:aa:81:56:b0:f3:46:3e:8b:7b:b4:
b7:72:a8:3f:72:89:da:85:b3:66:fa:53:56:5c:cc:
ae:61:9f:53:b9:0c:80:b2:df:6b:16:84:f7:f7:e7:
e4:4f:8c:77:51:15:c7:2e:ae:df:1f:bb:e0:cb:5e:
ff:d3:c5:de:37:e3:a9:c2:4f:df:88:6b:3c:5e:24:
0b:00:24:de:1e:81:1c:7a:60:dc:14:21:00:3a:24:
f5:bc:29:5a:d4:f0:fe:85:f6:76:b2:79:c3:65:06:
4b:36:fa:f4:11:55:d4:5b:8b:7f:c4:91:0e:4a:57:
fd:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:21:60:44:54:9E:91:E6:F5:F2:06:AE:98:8D:CE:7F:2E:6C:BE:C2
X509v3 Authority Key Identifier:
keyid:FF:87:E0:AB:03:2B:0C:05:EB:5E:74:CC:2C:08:69:8D:D3:24:D9:63
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_4fgqwMrDAXrXnTMLAhpjdMk2WM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/1df18e-6c4d-434b-8e31-71eb95f50e5b/1/DCFgRFSekeb18gaumI3Ofy5svsI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/33/1df18e-6c4d-434b-8e31-71eb95f50e5b/1/_4fgqwMrDAXrXnTMLAhpjdMk2WM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.122.192.0/24
109.122.197.0/24
109.122.201.0/24
109.122.203.0/24
109.122.205.0/24
109.122.210.0/24
109.122.212.0/23
109.122.220.0/24
Signature Algorithm: sha256WithRSAEncryption
33:a3:1d:49:bc:da:af:b3:16:ae:58:cf:82:11:b5:54:5c:29:
ad:6e:4e:66:6e:ac:b9:82:f4:ab:c2:7e:0f:9b:f1:37:7a:6a:
4c:4f:98:fd:6b:82:d3:b0:59:d3:90:9a:e4:b9:2a:fc:64:b5:
83:78:37:34:ef:ad:b0:2a:59:95:bb:fa:ff:1b:b5:e0:0a:46:
84:6f:d8:55:b8:35:e2:02:22:95:1d:ce:cf:20:a3:da:a5:f8:
ff:c3:6d:a6:71:7f:8d:5d:fa:26:ae:30:60:6b:28:3c:fc:fc:
c8:5d:c8:b0:aa:d0:81:80:87:36:a6:80:bc:c1:0d:fd:39:f7:
0f:b8:47:b1:0b:51:c5:dd:a4:6e:fd:50:24:ae:19:97:ed:e0:
fc:c1:eb:48:19:80:1a:06:0c:58:63:61:e0:1b:91:c1:36:39:
2d:83:10:44:a7:42:70:dc:1a:b0:c8:32:29:d7:2a:2c:62:62:
6a:d2:00:74:34:8d:08:f7:95:b4:fc:f8:19:d8:37:fa:0e:ff:
ad:19:ad:02:8d:a2:05:cc:85:a7:c6:22:8b:4c:b3:9f:4f:1a:
d1:2a:83:df:62:1b:90:c0:df:cc:13:92:4b:69:8f:53:06:0a:
14:82:39:e7:70:52:e0:27:36:27:d6:ba:32:cb:aa:92:70:89:
d2:51:29:6e
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAYvWDA5OWYqPLrNUNsB8LBs8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZmODdlMGFiMDMyYjBjMDVlYjVlNzRjYzJjMDg2OThkZDMy
NGQ5NjMwHhcNMjMxMTE2MDI1MzE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYzIxNjA0NDU0OWU5MWU2ZjVmMjA2YWU5ODhkY2U3ZjJlNmNiZWMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiz++gbI8WBJ733koIReMy1ACFHZw
2jyM4Qc/JiclkiyyjlfdwBR7MKPCLlz/3/GU9GPVSD7LMdqeZLp1SqVSYTWkUMmt
0VEiPq+Nb4O2EdpzehSXWFRJNGGjyIEb4AE/AfI8nNH+h6j5yhmANV0xn+m9lPsu
FNhEiMlEOOUceCt4iR1+UpY28At2I6qBVrDzRj6Le7S3cqg/conahbNm+lNWXMyu
YZ9TuQyAst9rFoT39+fkT4x3URXHLq7fH7vgy17/08XeN+Opwk/fiGs8XiQLACTe
HoEcemDcFCEAOiT1vCla1PD+hfZ2snnDZQZLNvr0EVXUW4t/xJEOSlf9EwIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFAwhYERUnpHm9fIGrpiNzn8ubL7CMB8GA1UdIwQY
MBaAFP+H4KsDKwwF6150zCwIaY3TJNljMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvXzRmZ3F3TXJEQVhyWG5UTUxBaHBqZE1rMldNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy8xZGYxOGUtNmM0ZC00MzRiLThlMzEt
NzFlYjk1ZjUwZTViLzEvRENGZ1JGU2VrZWIxOGdhdW1JM09meTVzdnNJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMy8xZGYxOGUtNmM0ZC00MzRiLThlMzEtNzFlYjk1ZjUwZTVi
LzEvXzRmZ3F3TXJEQVhyWG5UTUxBaHBqZE1rMldNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQAbXrAAwQA
bXrFAwQAbXrJAwQAbXrLAwQAbXrNAwQAbXrSAwQBbXrUAwQAbXrcMA0GCSqGSIb3
DQEBCwUAA4IBAQAzox1JvNqvsxauWM+CEbVUXCmtbk5mbqy5gvSrwn4Pm/E3empM
T5j9a4LTsFnTkJrkuSr8ZLWDeDc0762wKlmVu/r/G7XgCkaEb9hVuDXiAiKVHc7P
IKPapfj/w22mcX+NXfomrjBgayg8/PzIXciwqtCBgIc2poC8wQ39OfcPuEexC1HF
3aRu/VAkrhmX7eD8wetIGYAaBgxYY2HgG5HBNjktgxBEp0Jw3BqwyDIp1yosYmJq
0gB0NI0I95W0/PgZ2Df6Dv+tGa0CjaIFzIWnxiKLTLOfTxrRKoPfYhuQwN/ME5JL
aY9TBgoUgjnncFLgJzYn1royy6qScInSUSlu
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:02:04 2024 by rpki-client on console-ams.rpki-client.org