Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/1df18e-6c4d-434b-8e31-71eb95f50e5b/1/Dj096DGx8FrCrXfqlav3JaYeNSg.roa
File: Dj096DGx8FrCrXfqlav3JaYeNSg.roa (raw, json)
Hash identifier: hc4tetUmqxLKwvHmGmrsXoEFg/vrbGJ5XqtsnAgijAM=
Subject key identifier: 0E:3D:3D:E8:31:B1:F0:5A:C2:AD:77:EA:95:AB:F7:25:A6:1E:35:28
Certificate issuer: /CN=ff87e0ab032b0c05eb5e74cc2c08698dd324d963
Certificate serial: 0187A865E7EDD0FB31343C9BB03DD5C73A0C
Authority key identifier: FF:87:E0:AB:03:2B:0C:05:EB:5E:74:CC:2C:08:69:8D:D3:24:D9:63
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_4fgqwMrDAXrXnTMLAhpjdMk2WM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/33/1df18e-6c4d-434b-8e31-71eb95f50e5b/1/Dj096DGx8FrCrXfqlav3JaYeNSg.roa
Signing time: Sat 22 Apr 2023 09:57:43 +0000
ROA not before: Sat 22 Apr 2023 09:57:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 62068
IP address blocks: 109.122.201.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:a8:65:e7:ed:d0:fb:31:34:3c:9b:b0:3d:d5:c7:3a:0c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ff87e0ab032b0c05eb5e74cc2c08698dd324d963
Validity
Not Before: Apr 22 09:57:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0e3d3de831b1f05ac2ad77ea95abf725a61e3528
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:cf:6b:d0:62:54:d7:0e:a4:9f:94:12:47:fd:
f5:d5:e9:78:0d:c9:2d:4d:fe:6a:a7:12:f7:d1:72:
d0:c3:e2:72:7b:de:4a:2c:b6:86:35:47:01:50:ca:
ad:5f:40:ab:77:a8:2c:01:aa:f4:e6:d0:0f:33:b3:
5b:54:73:0f:ab:ca:b3:0b:b6:35:1b:e1:a9:3b:70:
f5:00:57:d6:c7:81:ca:54:16:ac:81:dc:e6:19:8b:
c4:d1:e0:18:cb:89:9e:b0:3b:d4:c3:4e:d3:5a:dd:
f1:e5:81:a5:ed:89:3e:c9:4f:ab:7b:de:5b:7e:55:
aa:93:ba:08:d1:62:ac:26:99:9c:9c:52:22:94:68:
70:ff:ab:50:ad:8c:05:4e:e7:06:07:62:70:f4:68:
86:a1:3b:91:9c:84:ab:bf:c3:73:51:f8:77:05:dd:
00:db:39:36:49:29:d1:40:58:70:e5:54:f0:44:88:
05:66:0c:f8:f9:42:fb:e3:d5:55:fb:d8:d2:27:0e:
7e:a2:19:75:51:b3:75:61:72:d8:7c:ef:83:40:2f:
af:0c:02:4d:7d:42:b7:85:35:1c:10:c8:63:29:05:
c1:17:7d:d6:81:0f:0a:06:b3:2c:50:7a:7f:ac:10:
05:28:38:cf:1e:a2:d7:5e:91:d1:df:db:63:db:cd:
6a:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:3D:3D:E8:31:B1:F0:5A:C2:AD:77:EA:95:AB:F7:25:A6:1E:35:28
X509v3 Authority Key Identifier:
keyid:FF:87:E0:AB:03:2B:0C:05:EB:5E:74:CC:2C:08:69:8D:D3:24:D9:63
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_4fgqwMrDAXrXnTMLAhpjdMk2WM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/1df18e-6c4d-434b-8e31-71eb95f50e5b/1/Dj096DGx8FrCrXfqlav3JaYeNSg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/33/1df18e-6c4d-434b-8e31-71eb95f50e5b/1/_4fgqwMrDAXrXnTMLAhpjdMk2WM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.122.201.0/24
Signature Algorithm: sha256WithRSAEncryption
36:1c:13:d7:01:22:44:18:a7:ff:85:9c:39:a5:fc:dc:ad:bd:
f9:e0:e8:fd:51:42:56:f0:56:85:37:39:42:e4:05:b5:41:ab:
a1:85:93:26:3e:64:68:90:ee:fa:10:06:01:3f:66:a5:3d:14:
29:98:13:c1:fb:b5:5f:cc:8d:c5:fe:e6:c6:9d:f7:5e:09:d2:
d9:88:31:ce:a5:a5:1b:1a:b5:70:39:e0:5a:56:04:b6:0c:7e:
c4:56:78:1f:31:bd:e8:47:05:24:37:10:f9:39:62:7d:07:d2:
c2:4e:88:4f:ad:7a:9c:84:0a:83:d2:2e:e3:c5:21:d9:b9:aa:
e7:a1:62:d7:ac:62:54:7a:02:b2:ce:45:93:0d:6d:90:36:95:
36:cd:25:a3:ed:30:e6:2f:12:94:29:6c:56:d4:42:61:9e:e8:
c4:e3:8c:83:d4:77:96:6e:2a:a4:2c:ce:0a:59:a7:4a:7e:71:
64:01:3d:70:6a:de:2d:a5:76:68:a0:a2:0a:01:4a:8b:3b:5d:
40:70:4c:b7:72:b4:3f:ba:44:1a:33:17:d6:9e:e6:cc:e2:b1:
b4:77:ea:80:06:fe:64:a4:c8:7b:f8:80:dc:b3:bf:b7:fc:67:
98:50:29:d2:6b:29:f9:f1:ef:67:bf:a1:1e:3e:e7:a4:cd:c3:
94:92:e1:6c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYeoZeft0PsxNDybsD3VxzoMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZmODdlMGFiMDMyYjBjMDVlYjVlNzRjYzJjMDg2OThkZDMy
NGQ5NjMwHhcNMjMwNDIyMDk1NzQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZTNkM2RlODMxYjFmMDVhYzJhZDc3ZWE5NWFiZjcyNWE2MWUzNTI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAts9r0GJU1w6kn5QSR/311el4Dckt
Tf5qpxL30XLQw+Jye95KLLaGNUcBUMqtX0Crd6gsAar05tAPM7NbVHMPq8qzC7Y1
G+GpO3D1AFfWx4HKVBasgdzmGYvE0eAYy4mesDvUw07TWt3x5YGl7Yk+yU+re95b
flWqk7oI0WKsJpmcnFIilGhw/6tQrYwFTucGB2Jw9GiGoTuRnISrv8NzUfh3Bd0A
2zk2SSnRQFhw5VTwRIgFZgz4+UL749VV+9jSJw5+ohl1UbN1YXLYfO+DQC+vDAJN
fUK3hTUcEMhjKQXBF33WgQ8KBrMsUHp/rBAFKDjPHqLXXpHR39tj281qMQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFA49PegxsfBawq136pWr9yWmHjUoMB8GA1UdIwQY
MBaAFP+H4KsDKwwF6150zCwIaY3TJNljMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvXzRmZ3F3TXJEQVhyWG5UTUxBaHBqZE1rMldNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy8xZGYxOGUtNmM0ZC00MzRiLThlMzEt
NzFlYjk1ZjUwZTViLzEvRGowOTZER3g4RnJDclhmcWxhdjNKYVllTlNnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMy8xZGYxOGUtNmM0ZC00MzRiLThlMzEtNzFlYjk1ZjUwZTVi
LzEvXzRmZ3F3TXJEQVhyWG5UTUxBaHBqZE1rMldNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAbXrJMA0G
CSqGSIb3DQEBCwUAA4IBAQA2HBPXASJEGKf/hZw5pfzcrb354Oj9UUJW8FaFNzlC
5AW1QauhhZMmPmRokO76EAYBP2alPRQpmBPB+7VfzI3F/ubGnfdeCdLZiDHOpaUb
GrVwOeBaVgS2DH7EVngfMb3oRwUkNxD5OWJ9B9LCTohPrXqchAqD0i7jxSHZuarn
oWLXrGJUegKyzkWTDW2QNpU2zSWj7TDmLxKUKWxW1EJhnujE44yD1HeWbiqkLM4K
WadKfnFkAT1wat4tpXZooKIKAUqLO11AcEy3crQ/ukQaMxfWnubM4rG0d+qABv5k
pMh7+IDcs7+3/GeYUCnSayn58e9nv6EePuekzcOUkuFs
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:48 2024 by rpki-client on console-fra.rpki-client.org