Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/1df18e-6c4d-434b-8e31-71eb95f50e5b/1/FEKRWtwllL1kXK11FTvtc-YENsM.roa
File: FEKRWtwllL1kXK11FTvtc-YENsM.roa (raw, json)
Hash identifier: EUBMgHJZSb4BwiSOGt/aPoLuw7Lw9YMoqz0y+jk15sM=
Subject key identifier: 14:42:91:5A:DC:25:94:BD:64:5C:AD:75:15:3B:ED:73:E6:04:36:C3
Certificate issuer: /CN=ff87e0ab032b0c05eb5e74cc2c08698dd324d963
Certificate serial: 018E1A8893C6B02F073A77AD458D903FD7D3
Authority key identifier: FF:87:E0:AB:03:2B:0C:05:EB:5E:74:CC:2C:08:69:8D:D3:24:D9:63
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_4fgqwMrDAXrXnTMLAhpjdMk2WM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/33/1df18e-6c4d-434b-8e31-71eb95f50e5b/1/FEKRWtwllL1kXK11FTvtc-YENsM.roa
Signing time: Thu 07 Mar 2024 20:09:02 +0000
ROA not before: Thu 07 Mar 2024 20:09:02 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 210030
IP address blocks: 109.122.198.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:1a:88:93:c6:b0:2f:07:3a:77:ad:45:8d:90:3f:d7:d3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ff87e0ab032b0c05eb5e74cc2c08698dd324d963
Validity
Not Before: Mar 7 20:09:02 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1442915adc2594bd645cad75153bed73e60436c3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:ff:0a:2a:ee:95:f5:f6:8f:4d:4e:fb:d8:12:
fa:8b:73:3e:55:21:e1:c0:5e:c4:3f:31:d0:7a:e5:
b7:a1:c2:c5:09:ca:76:31:44:b9:c8:40:6f:eb:ea:
6e:1c:61:70:fa:10:b7:09:ed:e4:d5:fa:9d:17:b6:
73:43:76:d9:82:ce:ed:79:79:3f:c0:01:59:b8:99:
61:51:66:8d:aa:37:8d:6e:1e:ec:89:cb:3d:52:9e:
b8:b5:b2:76:2a:e6:d2:b6:9a:82:f7:7c:2d:7a:d1:
20:21:fc:97:91:b0:52:3e:ab:be:0e:98:dd:c5:7d:
97:18:89:53:ce:74:bd:27:6a:4a:13:6c:7e:32:0c:
d1:8f:6d:3d:79:03:2b:d5:f7:20:3c:97:d6:79:d6:
84:b4:ab:4d:cf:e6:97:b2:67:1d:49:16:f9:c2:3d:
45:2c:a6:ec:ae:e0:d7:ed:d0:ea:62:a3:6a:b1:cc:
b4:3c:6c:b1:88:73:f5:ea:f9:45:c1:06:50:80:42:
26:96:a6:ec:90:8a:22:95:90:36:b1:ec:a0:eb:b5:
e2:d9:78:73:0a:d0:f3:81:61:34:34:22:6f:12:69:
db:1d:55:ff:c0:a6:9d:7c:f1:3d:93:75:f9:fb:42:
63:41:d9:9f:6c:35:c5:7d:6b:bc:ad:6b:f7:05:95:
a4:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:42:91:5A:DC:25:94:BD:64:5C:AD:75:15:3B:ED:73:E6:04:36:C3
X509v3 Authority Key Identifier:
keyid:FF:87:E0:AB:03:2B:0C:05:EB:5E:74:CC:2C:08:69:8D:D3:24:D9:63
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_4fgqwMrDAXrXnTMLAhpjdMk2WM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/1df18e-6c4d-434b-8e31-71eb95f50e5b/1/FEKRWtwllL1kXK11FTvtc-YENsM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/33/1df18e-6c4d-434b-8e31-71eb95f50e5b/1/_4fgqwMrDAXrXnTMLAhpjdMk2WM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.122.198.0/24
Signature Algorithm: sha256WithRSAEncryption
06:53:ae:88:43:a5:23:c6:cb:a3:78:49:0d:93:4b:73:6a:8a:
ad:b2:2d:4e:f6:ba:ea:80:c4:14:ad:c3:47:b1:41:8d:70:b1:
ce:f9:15:94:60:26:34:bf:2c:54:d5:8c:e8:f7:b4:d9:a0:09:
62:25:c1:d6:6d:4c:bc:1e:07:c3:e2:57:81:30:75:c3:6d:0d:
a6:4c:63:f3:3f:cc:9c:f7:c9:32:27:4e:6b:00:83:aa:21:eb:
b6:bf:bc:ce:f5:b9:9b:26:8d:04:a1:a2:e7:95:d8:18:a6:27:
77:41:43:93:a8:ff:35:59:d8:f8:cf:09:d2:37:1c:3c:86:23:
e1:ba:39:2a:6e:d1:09:8e:ff:e3:fb:b0:e5:5b:ce:99:ec:e8:
ad:c9:ab:9d:f2:a8:4f:6a:26:a2:b3:79:14:76:bd:f7:02:11:
c0:6c:a3:96:e1:e6:aa:cc:14:ba:c0:81:80:4e:c1:06:43:8c:
a5:c2:99:6b:7a:ba:ca:65:51:16:af:34:9a:dd:86:d2:a2:49:
f9:68:9b:71:af:d1:aa:8b:af:30:ef:06:25:39:f9:51:9c:f4:
29:c9:15:c3:d8:1c:1e:17:0c:c7:39:ae:50:31:70:79:d8:87:
51:1a:f9:96:ca:f5:9c:5e:29:2b:96:dd:5b:43:85:ba:90:09:
dc:b9:8e:35
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY4aiJPGsC8HOnetRY2QP9fTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZmODdlMGFiMDMyYjBjMDVlYjVlNzRjYzJjMDg2OThkZDMy
NGQ5NjMwHhcNMjQwMzA3MjAwOTAyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNDQyOTE1YWRjMjU5NGJkNjQ1Y2FkNzUxNTNiZWQ3M2U2MDQzNmMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhf8KKu6V9faPTU772BL6i3M+VSHh
wF7EPzHQeuW3ocLFCcp2MUS5yEBv6+puHGFw+hC3Ce3k1fqdF7ZzQ3bZgs7teXk/
wAFZuJlhUWaNqjeNbh7sics9Up64tbJ2KubStpqC93wtetEgIfyXkbBSPqu+Dpjd
xX2XGIlTznS9J2pKE2x+MgzRj209eQMr1fcgPJfWedaEtKtNz+aXsmcdSRb5wj1F
LKbsruDX7dDqYqNqscy0PGyxiHP16vlFwQZQgEImlqbskIoilZA2seyg67Xi2Xhz
CtDzgWE0NCJvEmnbHVX/wKadfPE9k3X5+0JjQdmfbDXFfWu8rWv3BZWkgQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBRCkVrcJZS9ZFytdRU77XPmBDbDMB8GA1UdIwQY
MBaAFP+H4KsDKwwF6150zCwIaY3TJNljMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvXzRmZ3F3TXJEQVhyWG5UTUxBaHBqZE1rMldNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy8xZGYxOGUtNmM0ZC00MzRiLThlMzEt
NzFlYjk1ZjUwZTViLzEvRkVLUld0d2xsTDFrWEsxMUZUdnRjLVlFTnNNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMy8xZGYxOGUtNmM0ZC00MzRiLThlMzEtNzFlYjk1ZjUwZTVi
LzEvXzRmZ3F3TXJEQVhyWG5UTUxBaHBqZE1rMldNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAbXrGMA0G
CSqGSIb3DQEBCwUAA4IBAQAGU66IQ6UjxsujeEkNk0tzaoqtsi1O9rrqgMQUrcNH
sUGNcLHO+RWUYCY0vyxU1Yzo97TZoAliJcHWbUy8HgfD4leBMHXDbQ2mTGPzP8yc
98kyJ05rAIOqIeu2v7zO9bmbJo0EoaLnldgYpid3QUOTqP81Wdj4zwnSNxw8hiPh
ujkqbtEJjv/j+7DlW86Z7Oityaud8qhPaiais3kUdr33AhHAbKOW4eaqzBS6wIGA
TsEGQ4ylwplrerrKZVEWrzSa3YbSokn5aJtxr9Gqi68w7wYlOflRnPQpyRXD2Bwe
FwzHOa5QMXB52IdRGvmWyvWcXikrlt1bQ4W6kAncuY41
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:48 2024 by rpki-client on console-fra.rpki-client.org