Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/1df18e-6c4d-434b-8e31-71eb95f50e5b/1/H3qDedqiGrM5-sYaHvyiKGdehqg.roa
File: H3qDedqiGrM5-sYaHvyiKGdehqg.roa (raw, json)
Hash identifier: BfgfoaHAjoeF32eOnih8nUO2pQ+zke7q9PvFvW9u+xM=
Subject key identifier: 1F:7A:83:79:DA:A2:1A:B3:39:FA:C6:1A:1E:FC:A2:28:67:5E:86:A8
Certificate issuer: /CN=ff87e0ab032b0c05eb5e74cc2c08698dd324d963
Certificate serial: 018D37973206F664E21943140283CAF018CA
Authority key identifier: FF:87:E0:AB:03:2B:0C:05:EB:5E:74:CC:2C:08:69:8D:D3:24:D9:63
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_4fgqwMrDAXrXnTMLAhpjdMk2WM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/33/1df18e-6c4d-434b-8e31-71eb95f50e5b/1/H3qDedqiGrM5-sYaHvyiKGdehqg.roa
Signing time: Tue 23 Jan 2024 18:31:12 +0000
ROA not before: Tue 23 Jan 2024 18:31:12 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 32613
IP address blocks: 109.122.194.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:37:97:32:06:f6:64:e2:19:43:14:02:83:ca:f0:18:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ff87e0ab032b0c05eb5e74cc2c08698dd324d963
Validity
Not Before: Jan 23 18:31:12 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1f7a8379daa21ab339fac61a1efca228675e86a8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:6d:56:c4:62:5a:4f:08:f4:2c:a3:1f:02:fc:
ae:af:dd:47:32:23:4f:5f:7a:9c:de:e6:f0:b3:a4:
53:5f:9c:46:1e:ed:ed:0c:77:1a:e2:c3:89:d9:f5:
1b:ee:18:83:a3:6e:85:ce:4b:92:bc:3b:ff:c4:5c:
63:a6:8e:82:36:bc:05:10:84:96:74:7d:8f:20:06:
a2:7a:10:e5:0b:bb:99:6e:62:18:a7:0e:1f:86:78:
bc:fb:2e:3f:c4:cd:15:b9:2d:a7:01:83:af:4a:8f:
23:d8:ce:74:64:2b:75:99:7e:ed:21:08:05:b9:d6:
b3:bd:22:ea:0b:f4:3a:11:a8:27:19:5e:bd:f5:d5:
2d:bb:8c:71:c4:4a:3f:93:1d:1d:a6:bf:3f:0f:7c:
68:de:7f:ce:0e:6d:4b:9d:fe:2e:c5:01:39:d0:e1:
f9:9e:be:88:7b:22:74:49:9b:4d:aa:f7:e2:ab:ff:
b9:5b:da:f5:be:77:9d:93:57:25:11:7b:b9:3c:b5:
25:d0:b5:9e:aa:32:41:f5:dc:4c:5b:1c:23:71:37:
2a:97:c1:9b:b8:78:8d:fc:2e:ef:04:1a:23:fa:a4:
21:7b:99:37:97:38:93:03:ea:2c:eb:c0:9e:93:71:
04:95:f0:b1:2a:eb:27:d3:37:88:41:3d:ed:7f:c0:
dc:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:7A:83:79:DA:A2:1A:B3:39:FA:C6:1A:1E:FC:A2:28:67:5E:86:A8
X509v3 Authority Key Identifier:
keyid:FF:87:E0:AB:03:2B:0C:05:EB:5E:74:CC:2C:08:69:8D:D3:24:D9:63
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_4fgqwMrDAXrXnTMLAhpjdMk2WM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/1df18e-6c4d-434b-8e31-71eb95f50e5b/1/H3qDedqiGrM5-sYaHvyiKGdehqg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/33/1df18e-6c4d-434b-8e31-71eb95f50e5b/1/_4fgqwMrDAXrXnTMLAhpjdMk2WM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.122.194.0/24
Signature Algorithm: sha256WithRSAEncryption
23:11:45:ea:4e:1e:e2:af:d5:d0:31:ad:2e:c5:50:76:aa:2d:
a5:2d:c5:8e:c8:42:44:d7:19:71:ed:1b:e4:6b:05:65:7e:f6:
8f:39:d8:fd:f2:6f:60:e7:cd:e7:50:58:74:82:0c:43:c3:d9:
6a:c9:e6:01:e6:d0:c4:c3:14:5f:8a:4e:f8:40:4e:b9:61:8d:
4c:35:04:5a:17:83:c1:79:14:29:ce:42:2a:cc:34:d8:6d:5f:
1c:61:3d:23:33:b2:2f:53:a1:93:a4:bb:47:b7:cd:b9:40:06:
ed:c5:18:41:50:24:e5:af:ec:15:3d:0f:2a:b2:92:f1:72:4f:
cd:44:d1:c3:d4:8a:63:42:8d:d0:18:89:cf:06:f1:02:9f:1f:
f3:ce:be:30:f5:98:32:e3:f8:f3:f5:56:6f:98:2d:c5:f7:4d:
78:98:b0:4b:38:67:14:1c:52:d4:eb:8e:d3:04:40:42:12:fb:
33:3c:56:9d:1c:e3:93:cd:c8:29:88:4c:7c:da:4c:68:08:1b:
9a:01:76:79:6f:7e:70:24:29:b1:d8:18:25:f1:70:20:3d:61:
77:e1:ea:39:7b:ef:17:dc:4c:bc:c5:32:c5:8b:4f:24:7c:94:
a4:73:d2:06:fb:76:7c:62:bf:b3:8d:31:18:18:91:1e:53:91:
e8:ac:3e:fc
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY03lzIG9mTiGUMUAoPK8BjKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZmODdlMGFiMDMyYjBjMDVlYjVlNzRjYzJjMDg2OThkZDMy
NGQ5NjMwHhcNMjQwMTIzMTgzMTEyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZjdhODM3OWRhYTIxYWIzMzlmYWM2MWExZWZjYTIyODY3NWU4NmE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArm1WxGJaTwj0LKMfAvyur91HMiNP
X3qc3ubws6RTX5xGHu3tDHca4sOJ2fUb7hiDo26FzkuSvDv/xFxjpo6CNrwFEISW
dH2PIAaiehDlC7uZbmIYpw4fhni8+y4/xM0VuS2nAYOvSo8j2M50ZCt1mX7tIQgF
udazvSLqC/Q6EagnGV699dUtu4xxxEo/kx0dpr8/D3xo3n/ODm1Lnf4uxQE50OH5
nr6IeyJ0SZtNqvfiq/+5W9r1vnedk1clEXu5PLUl0LWeqjJB9dxMWxwjcTcql8Gb
uHiN/C7vBBoj+qQhe5k3lziTA+os68Cek3EElfCxKusn0zeIQT3tf8DciQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFB96g3naohqzOfrGGh78oihnXoaoMB8GA1UdIwQY
MBaAFP+H4KsDKwwF6150zCwIaY3TJNljMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvXzRmZ3F3TXJEQVhyWG5UTUxBaHBqZE1rMldNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy8xZGYxOGUtNmM0ZC00MzRiLThlMzEt
NzFlYjk1ZjUwZTViLzEvSDNxRGVkcWlHck01LXNZYUh2eWlLR2RlaHFnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMy8xZGYxOGUtNmM0ZC00MzRiLThlMzEtNzFlYjk1ZjUwZTVi
LzEvXzRmZ3F3TXJEQVhyWG5UTUxBaHBqZE1rMldNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAbXrCMA0G
CSqGSIb3DQEBCwUAA4IBAQAjEUXqTh7ir9XQMa0uxVB2qi2lLcWOyEJE1xlx7Rvk
awVlfvaPOdj98m9g583nUFh0ggxDw9lqyeYB5tDEwxRfik74QE65YY1MNQRaF4PB
eRQpzkIqzDTYbV8cYT0jM7IvU6GTpLtHt825QAbtxRhBUCTlr+wVPQ8qspLxck/N
RNHD1IpjQo3QGInPBvECnx/zzr4w9Zgy4/jz9VZvmC3F9014mLBLOGcUHFLU647T
BEBCEvszPFadHOOTzcgpiEx82kxoCBuaAXZ5b35wJCmx2Bgl8XAgPWF34eo5e+8X
3Ey8xTLFi08kfJSkc9IG+3Z8Yr+zjTEYGJEeU5HorD78
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:48 2024 by rpki-client on console-fra.rpki-client.org