Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/1df18e-6c4d-434b-8e31-71eb95f50e5b/1/ERMUFPQmj1G6ulLo7kmJAWes5IA.roa
File: ERMUFPQmj1G6ulLo7kmJAWes5IA.roa (raw, json)
Hash identifier: MfeLL2NxCiJhxyW0E8gHiNsX+oDGtiSDB1nGXI7bx2Y=
Subject key identifier: 11:13:14:14:F4:26:8F:51:BA:BA:52:E8:EE:49:89:01:67:AC:E4:80
Certificate issuer: /CN=ff87e0ab032b0c05eb5e74cc2c08698dd324d963
Certificate serial: 0187A865EB0E190E9C38F0AC2228695D82D6
Authority key identifier: FF:87:E0:AB:03:2B:0C:05:EB:5E:74:CC:2C:08:69:8D:D3:24:D9:63
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_4fgqwMrDAXrXnTMLAhpjdMk2WM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/33/1df18e-6c4d-434b-8e31-71eb95f50e5b/1/ERMUFPQmj1G6ulLo7kmJAWes5IA.roa
Signing time: Sat 22 Apr 2023 09:57:44 +0000
ROA not before: Sat 22 Apr 2023 09:57:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207459
IP address blocks: 109.122.200.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:a8:65:eb:0e:19:0e:9c:38:f0:ac:22:28:69:5d:82:d6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ff87e0ab032b0c05eb5e74cc2c08698dd324d963
Validity
Not Before: Apr 22 09:57:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=11131414f4268f51baba52e8ee49890167ace480
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:6b:20:11:a6:a3:26:46:c3:4f:44:59:6e:79:
33:e7:0a:fd:78:43:00:05:3e:69:b0:3b:63:1a:9e:
f0:d8:28:d0:df:c9:e1:a1:3d:b0:e5:ea:6a:50:e1:
c2:e7:6f:99:a6:39:02:b1:a0:2f:e4:5b:a9:d7:66:
25:2a:5e:30:4a:e4:a7:73:b8:3b:48:05:71:0f:4e:
ae:1a:05:d4:5a:98:b6:37:de:17:a1:fb:5c:d4:3a:
55:f1:e7:0e:87:89:05:ed:28:86:e6:a3:38:a3:32:
a1:62:26:92:c4:d6:3f:8d:15:f4:ae:3f:97:f4:9e:
47:7a:56:9c:3c:da:38:70:da:af:cd:b0:11:e7:c0:
02:cd:67:d6:eb:cf:e5:6d:65:e6:58:88:f0:d2:ed:
da:3a:b9:ec:3b:20:37:d9:89:3e:8a:67:88:6c:50:
92:4e:40:92:29:90:2a:56:de:95:89:39:1d:e7:34:
6a:82:54:1c:06:50:cc:ef:9e:fd:e9:69:70:28:e4:
16:75:08:fe:31:a9:a0:40:67:a4:50:02:55:b8:7d:
6a:01:0d:5f:3f:d2:c0:8a:1e:4a:7e:95:7d:2d:e7:
28:1b:46:d3:9b:36:ae:57:87:33:d8:26:21:b9:16:
7e:7b:26:a8:b8:c2:7f:85:bb:19:9f:76:7a:3f:49:
2a:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:13:14:14:F4:26:8F:51:BA:BA:52:E8:EE:49:89:01:67:AC:E4:80
X509v3 Authority Key Identifier:
keyid:FF:87:E0:AB:03:2B:0C:05:EB:5E:74:CC:2C:08:69:8D:D3:24:D9:63
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_4fgqwMrDAXrXnTMLAhpjdMk2WM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/1df18e-6c4d-434b-8e31-71eb95f50e5b/1/ERMUFPQmj1G6ulLo7kmJAWes5IA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/33/1df18e-6c4d-434b-8e31-71eb95f50e5b/1/_4fgqwMrDAXrXnTMLAhpjdMk2WM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.122.200.0/24
Signature Algorithm: sha256WithRSAEncryption
78:25:60:9a:65:29:5c:14:a6:bd:98:ed:ef:c4:c1:d8:68:d4:
55:b0:6a:aa:58:25:55:ac:09:96:d1:c4:e0:7f:b8:fd:ee:d3:
c9:24:3e:9f:78:28:e3:c7:d5:82:ae:bf:50:80:40:e4:97:00:
02:4e:3c:2c:7b:20:30:96:31:6d:9e:b9:61:41:b3:4a:16:a9:
34:34:7e:eb:e1:eb:3d:21:35:89:cb:f5:1d:e0:f9:8d:92:34:
0f:91:91:15:ce:48:c4:d2:9d:83:11:30:e8:ff:46:07:29:81:
e9:1e:22:fc:fa:25:41:e2:d4:e8:f3:90:a7:93:93:7d:ba:73:
0c:77:1f:93:f6:18:e2:b2:71:29:4d:8b:5d:b7:df:0f:3c:12:
da:79:8c:45:85:d4:cf:0a:db:13:8b:dc:ab:4f:d7:38:d3:a9:
dd:e3:5c:bd:57:54:7e:ac:36:51:cd:f8:3a:16:53:5a:cf:c7:
eb:98:c5:61:32:45:3f:f9:72:97:2e:fd:58:44:db:34:cf:4d:
cf:f9:3a:4e:91:d7:70:2d:7f:9d:8f:62:21:66:c9:88:3d:39:
54:c0:36:40:ac:5a:36:65:4c:62:a4:63:2c:ce:3e:d9:81:fa:
62:1d:58:74:03:b5:81:38:33:38:a6:95:ce:d5:9c:07:ef:0e:
bd:a5:50:87
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYeoZesOGQ6cOPCsIihpXYLWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZmODdlMGFiMDMyYjBjMDVlYjVlNzRjYzJjMDg2OThkZDMy
NGQ5NjMwHhcNMjMwNDIyMDk1NzQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMTEzMTQxNGY0MjY4ZjUxYmFiYTUyZThlZTQ5ODkwMTY3YWNlNDgwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzWsgEaajJkbDT0RZbnkz5wr9eEMA
BT5psDtjGp7w2CjQ38nhoT2w5epqUOHC52+ZpjkCsaAv5Fup12YlKl4wSuSnc7g7
SAVxD06uGgXUWpi2N94Xoftc1DpV8ecOh4kF7SiG5qM4ozKhYiaSxNY/jRX0rj+X
9J5HelacPNo4cNqvzbAR58ACzWfW68/lbWXmWIjw0u3aOrnsOyA32Yk+imeIbFCS
TkCSKZAqVt6ViTkd5zRqglQcBlDM75796WlwKOQWdQj+MamgQGekUAJVuH1qAQ1f
P9LAih5KfpV9LecoG0bTmzauV4cz2CYhuRZ+eyaouMJ/hbsZn3Z6P0kqCwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBETFBT0Jo9RurpS6O5JiQFnrOSAMB8GA1UdIwQY
MBaAFP+H4KsDKwwF6150zCwIaY3TJNljMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvXzRmZ3F3TXJEQVhyWG5UTUxBaHBqZE1rMldNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy8xZGYxOGUtNmM0ZC00MzRiLThlMzEt
NzFlYjk1ZjUwZTViLzEvRVJNVUZQUW1qMUc2dWxMbzdrbUpBV2VzNUlBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMy8xZGYxOGUtNmM0ZC00MzRiLThlMzEtNzFlYjk1ZjUwZTVi
LzEvXzRmZ3F3TXJEQVhyWG5UTUxBaHBqZE1rMldNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAbXrIMA0G
CSqGSIb3DQEBCwUAA4IBAQB4JWCaZSlcFKa9mO3vxMHYaNRVsGqqWCVVrAmW0cTg
f7j97tPJJD6feCjjx9WCrr9QgEDklwACTjwseyAwljFtnrlhQbNKFqk0NH7r4es9
ITWJy/Ud4PmNkjQPkZEVzkjE0p2DETDo/0YHKYHpHiL8+iVB4tTo85Cnk5N9unMM
dx+T9hjisnEpTYtdt98PPBLaeYxFhdTPCtsTi9yrT9c406nd41y9V1R+rDZRzfg6
FlNaz8frmMVhMkU/+XKXLv1YRNs0z03P+TpOkddwLX+dj2IhZsmIPTlUwDZArFo2
ZUxipGMszj7ZgfpiHVh0A7WBODM4ppXO1ZwH7w69pVCH
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:48 2024 by rpki-client on console-fra.rpki-client.org