Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/1df18e-6c4d-434b-8e31-71eb95f50e5b/1/Dtwqqi4ylakx4BD254-plRbQT2Y.roa
File: Dtwqqi4ylakx4BD254-plRbQT2Y.roa (raw, json)
Hash identifier: neA7o+t4rnwKvNIP6iVcofCiV+vnys4TrhpnVIaHUbs=
Subject key identifier: 0E:DC:2A:AA:2E:32:95:A9:31:E0:10:F6:E7:8F:A9:95:16:D0:4F:66
Certificate issuer: /CN=ff87e0ab032b0c05eb5e74cc2c08698dd324d963
Certificate serial: 0187A865E862E444B8DADA582F422703C70F
Authority key identifier: FF:87:E0:AB:03:2B:0C:05:EB:5E:74:CC:2C:08:69:8D:D3:24:D9:63
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_4fgqwMrDAXrXnTMLAhpjdMk2WM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/33/1df18e-6c4d-434b-8e31-71eb95f50e5b/1/Dtwqqi4ylakx4BD254-plRbQT2Y.roa
Signing time: Sat 22 Apr 2023 09:57:43 +0000
ROA not before: Sat 22 Apr 2023 09:57:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 63023
IP address blocks: 109.122.195.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:a8:65:e8:62:e4:44:b8:da:da:58:2f:42:27:03:c7:0f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ff87e0ab032b0c05eb5e74cc2c08698dd324d963
Validity
Not Before: Apr 22 09:57:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0edc2aaa2e3295a931e010f6e78fa99516d04f66
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:4e:e1:37:dd:f1:f6:d9:2c:bb:d8:ba:75:ac:
a4:eb:fc:98:bc:97:2d:9d:8d:42:75:71:2c:3d:01:
1e:05:29:95:a3:37:3a:8f:83:f2:aa:39:05:8d:b9:
06:bc:9d:fa:2c:b5:66:d2:0e:a5:7a:27:40:e5:7c:
c1:9c:21:97:db:70:2b:cc:79:a9:6b:ec:07:95:66:
60:94:51:93:05:16:31:7f:4e:ba:f9:d4:a6:00:7d:
91:db:aa:20:82:c7:26:73:7d:b7:29:29:b8:7e:81:
14:e6:9e:11:19:13:5c:74:69:d6:5f:21:12:fe:b3:
77:cc:9a:cb:13:11:d7:0d:79:c6:8f:1f:85:14:89:
6c:a1:2c:6f:21:6e:72:41:d4:db:88:7a:dd:aa:8a:
c3:a9:68:df:9e:f8:a0:16:48:c7:01:9f:c2:f3:76:
b5:c4:c2:c5:03:3e:42:9f:8b:c1:f8:d2:8a:50:c8:
2f:46:56:f7:d0:e4:c7:f8:17:09:13:65:74:d6:1e:
f3:d1:c4:87:41:f5:52:32:fa:c6:91:8c:0f:2c:a0:
7f:09:8e:e0:c2:5d:47:f1:f1:ff:55:12:f1:19:f7:
d1:61:5c:da:d6:37:06:f7:54:94:f4:a7:55:f9:f1:
52:64:39:fe:0f:6a:6e:f5:92:42:54:ac:89:96:a9:
69:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:DC:2A:AA:2E:32:95:A9:31:E0:10:F6:E7:8F:A9:95:16:D0:4F:66
X509v3 Authority Key Identifier:
keyid:FF:87:E0:AB:03:2B:0C:05:EB:5E:74:CC:2C:08:69:8D:D3:24:D9:63
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_4fgqwMrDAXrXnTMLAhpjdMk2WM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/1df18e-6c4d-434b-8e31-71eb95f50e5b/1/Dtwqqi4ylakx4BD254-plRbQT2Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/33/1df18e-6c4d-434b-8e31-71eb95f50e5b/1/_4fgqwMrDAXrXnTMLAhpjdMk2WM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.122.195.0/24
Signature Algorithm: sha256WithRSAEncryption
5c:a3:67:a1:75:3e:3f:e9:dd:3c:f7:e4:5c:7f:59:95:de:b6:
54:e6:13:fc:90:38:be:d7:02:c5:58:4a:02:59:2b:a4:9a:47:
fb:d1:72:ad:8a:d5:4c:f2:18:29:fd:af:14:7f:63:ac:0e:0d:
b9:c7:36:02:7a:a9:62:7b:f1:c1:b9:33:5c:f3:29:e2:cd:6a:
13:f9:ff:7f:ad:f6:a5:76:6b:53:ed:b3:ea:4d:31:95:f5:da:
63:5b:9a:32:3b:80:1d:70:fe:59:b1:9a:ba:08:6e:4d:06:f4:
6b:3b:d2:29:ab:70:b2:6e:72:19:0f:17:88:c4:8c:d2:b8:38:
5b:2d:32:a1:ef:e5:51:37:94:26:f2:23:8f:71:2f:24:1b:35:
db:72:21:74:1a:2b:1d:d9:fd:e4:a7:6e:31:0b:92:a0:04:58:
3d:07:6c:0f:7c:96:ab:e0:e6:48:6e:20:50:d4:12:a6:df:5b:
32:3e:8e:20:75:71:27:4d:19:d8:4a:7a:c9:94:2f:44:9a:8c:
4b:20:1c:38:80:e9:b1:92:dc:82:9a:da:43:85:56:49:49:5a:
11:7c:4b:45:f6:ad:7e:92:59:14:b2:7c:f2:00:53:07:32:ca:
75:01:66:4c:aa:d0:84:d3:3c:39:d0:d2:99:4e:0b:9d:76:97:
3f:76:54:8c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYeoZehi5ES42tpYL0InA8cPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZmODdlMGFiMDMyYjBjMDVlYjVlNzRjYzJjMDg2OThkZDMy
NGQ5NjMwHhcNMjMwNDIyMDk1NzQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZWRjMmFhYTJlMzI5NWE5MzFlMDEwZjZlNzhmYTk5NTE2ZDA0ZjY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq07hN93x9tksu9i6dayk6/yYvJct
nY1CdXEsPQEeBSmVozc6j4PyqjkFjbkGvJ36LLVm0g6leidA5XzBnCGX23ArzHmp
a+wHlWZglFGTBRYxf066+dSmAH2R26oggscmc323KSm4foEU5p4RGRNcdGnWXyES
/rN3zJrLExHXDXnGjx+FFIlsoSxvIW5yQdTbiHrdqorDqWjfnvigFkjHAZ/C83a1
xMLFAz5Cn4vB+NKKUMgvRlb30OTH+BcJE2V01h7z0cSHQfVSMvrGkYwPLKB/CY7g
wl1H8fH/VRLxGffRYVza1jcG91SU9KdV+fFSZDn+D2pu9ZJCVKyJlqlpfQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFA7cKqouMpWpMeAQ9uePqZUW0E9mMB8GA1UdIwQY
MBaAFP+H4KsDKwwF6150zCwIaY3TJNljMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvXzRmZ3F3TXJEQVhyWG5UTUxBaHBqZE1rMldNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy8xZGYxOGUtNmM0ZC00MzRiLThlMzEt
NzFlYjk1ZjUwZTViLzEvRHR3cXFpNHlsYWt4NEJEMjU0LXBsUmJRVDJZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMy8xZGYxOGUtNmM0ZC00MzRiLThlMzEtNzFlYjk1ZjUwZTVi
LzEvXzRmZ3F3TXJEQVhyWG5UTUxBaHBqZE1rMldNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAbXrDMA0G
CSqGSIb3DQEBCwUAA4IBAQBco2ehdT4/6d089+Rcf1mV3rZU5hP8kDi+1wLFWEoC
WSukmkf70XKtitVM8hgp/a8Uf2OsDg25xzYCeqlie/HBuTNc8ynizWoT+f9/rfal
dmtT7bPqTTGV9dpjW5oyO4AdcP5ZsZq6CG5NBvRrO9Ipq3CybnIZDxeIxIzSuDhb
LTKh7+VRN5Qm8iOPcS8kGzXbciF0Gisd2f3kp24xC5KgBFg9B2wPfJar4OZIbiBQ
1BKm31syPo4gdXEnTRnYSnrJlC9EmoxLIBw4gOmxktyCmtpDhVZJSVoRfEtF9q1+
klkUsnzyAFMHMsp1AWZMqtCE0zw50NKZTguddpc/dlSM
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:02:04 2024 by rpki-client on console-ams.rpki-client.org