Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/1df18e-6c4d-434b-8e31-71eb95f50e5b/1/IeL5E8qTl99LXCoc9LpWSgCuBw8.roa
File: IeL5E8qTl99LXCoc9LpWSgCuBw8.roa (raw, json)
Hash identifier: nlYfUjQ42BcVNDNspI2tNQmLqsEHRfcd/BKc7D0zlUU=
Subject key identifier: 21:E2:F9:13:CA:93:97:DF:4B:5C:2A:1C:F4:BA:56:4A:00:AE:07:0F
Certificate issuer: /CN=ff87e0ab032b0c05eb5e74cc2c08698dd324d963
Certificate serial: 018BEDC2FFAF32976BD3509253301212DD76
Authority key identifier: FF:87:E0:AB:03:2B:0C:05:EB:5E:74:CC:2C:08:69:8D:D3:24:D9:63
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_4fgqwMrDAXrXnTMLAhpjdMk2WM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/33/1df18e-6c4d-434b-8e31-71eb95f50e5b/1/IeL5E8qTl99LXCoc9LpWSgCuBw8.roa
Signing time: Mon 20 Nov 2023 17:24:21 +0000
ROA not before: Mon 20 Nov 2023 17:24:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60117
IP address blocks: 109.122.196.0/24 maxlen: 24
109.122.194.0/24 maxlen: 24
109.122.203.0/24 maxlen: 24
109.122.211.0/24 maxlen: 24
109.122.212.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:ed:c2:ff:af:32:97:6b:d3:50:92:53:30:12:12:dd:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ff87e0ab032b0c05eb5e74cc2c08698dd324d963
Validity
Not Before: Nov 20 17:24:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=21e2f913ca9397df4b5c2a1cf4ba564a00ae070f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:17:97:6d:9b:c9:d8:21:ab:bd:23:5e:80:85:
97:07:5b:9a:67:15:af:24:2d:a3:62:97:85:36:b5:
b4:fb:d9:0b:f3:cb:f6:95:f9:7a:d7:c6:00:6d:21:
c6:8e:18:9e:5d:30:60:a5:c7:11:22:11:92:8e:41:
e1:88:4f:76:23:00:7c:e3:76:ba:ac:66:c7:e3:84:
30:f1:9e:13:21:37:82:ae:08:f9:ab:76:c3:cc:34:
a7:22:74:93:b7:c7:68:7c:bb:fb:c7:c0:f0:d2:74:
4a:e4:53:18:c0:5b:0a:95:83:a7:69:08:b7:77:ee:
ac:e5:ae:9f:fb:36:00:42:f1:83:df:28:8c:a5:30:
a8:5e:0d:d6:cc:02:db:55:0b:09:e7:0b:23:ff:67:
ab:ec:64:0a:90:5d:96:be:ee:5a:9a:db:ab:f9:80:
04:95:3a:43:5a:b7:ec:10:06:bc:ac:da:b7:19:6f:
18:e2:e9:65:0b:0c:b0:53:cd:77:75:f6:cf:24:e6:
45:74:6f:70:51:39:e5:99:bb:77:e5:f4:99:7f:34:
1c:68:fd:83:b9:5e:b3:cd:81:9c:39:5f:81:fd:43:
34:9f:c7:de:ae:bf:43:80:1e:1b:f9:8d:4a:e0:b7:
5c:69:3b:e4:a6:29:50:c9:5e:aa:d6:91:6e:73:5b:
1c:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:E2:F9:13:CA:93:97:DF:4B:5C:2A:1C:F4:BA:56:4A:00:AE:07:0F
X509v3 Authority Key Identifier:
keyid:FF:87:E0:AB:03:2B:0C:05:EB:5E:74:CC:2C:08:69:8D:D3:24:D9:63
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_4fgqwMrDAXrXnTMLAhpjdMk2WM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/1df18e-6c4d-434b-8e31-71eb95f50e5b/1/IeL5E8qTl99LXCoc9LpWSgCuBw8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/33/1df18e-6c4d-434b-8e31-71eb95f50e5b/1/_4fgqwMrDAXrXnTMLAhpjdMk2WM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.122.194.0/24
109.122.196.0/24
109.122.203.0/24
109.122.211.0-109.122.212.255
Signature Algorithm: sha256WithRSAEncryption
92:f3:ac:2d:7c:64:75:24:f3:ae:69:7b:38:f0:eb:04:99:ab:
89:30:03:26:88:12:7b:78:8f:ae:3b:19:89:6f:c1:b2:2a:4a:
78:5c:a8:7d:45:04:81:5d:a1:67:b9:9f:27:eb:47:ea:c7:50:
36:2b:a5:d8:1e:b5:ee:f5:6a:dd:5d:61:63:7c:20:78:83:20:
00:be:a2:eb:09:95:b8:05:d2:3f:59:05:fb:2f:b6:03:23:24:
04:9b:30:1e:0b:2e:4b:18:c6:f7:f5:18:ec:71:c5:23:d7:61:
bb:2b:a0:81:f1:32:cd:f7:f8:ec:f3:db:c8:4c:d0:e9:00:79:
8b:55:3a:2b:5e:6c:28:57:ec:65:e0:ff:c2:5e:a8:cb:1e:32:
67:e5:ed:80:cb:f2:8d:e2:3c:6e:0c:62:c8:c6:19:9c:c0:f0:
a7:f8:d4:33:5f:d4:70:bc:7a:10:ae:e9:5d:66:a4:f7:c7:e1:
8c:1f:5a:85:54:5f:f8:19:26:46:f5:52:4a:91:cf:c0:38:d7:
89:d3:f4:9a:73:4c:3b:f6:75:de:40:f1:88:8d:8e:9d:6b:31:
ae:ca:b4:bb:90:85:80:5a:53:b8:52:72:80:6a:3f:be:61:6b:
16:18:05:2c:f5:54:87:6e:f0:d5:d1:7e:82:a2:2f:0d:2a:61:
4c:8f:ea:ca
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYvtwv+vMpdr01CSUzASEt12MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZmODdlMGFiMDMyYjBjMDVlYjVlNzRjYzJjMDg2OThkZDMy
NGQ5NjMwHhcNMjMxMTIwMTcyNDIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMWUyZjkxM2NhOTM5N2RmNGI1YzJhMWNmNGJhNTY0YTAwYWUwNzBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnReXbZvJ2CGrvSNegIWXB1uaZxWv
JC2jYpeFNrW0+9kL88v2lfl618YAbSHGjhieXTBgpccRIhGSjkHhiE92IwB843a6
rGbH44Qw8Z4TITeCrgj5q3bDzDSnInSTt8dofLv7x8Dw0nRK5FMYwFsKlYOnaQi3
d+6s5a6f+zYAQvGD3yiMpTCoXg3WzALbVQsJ5wsj/2er7GQKkF2Wvu5amtur+YAE
lTpDWrfsEAa8rNq3GW8Y4ullCwywU813dfbPJOZFdG9wUTnlmbt35fSZfzQcaP2D
uV6zzYGcOV+B/UM0n8ferr9DgB4b+Y1K4LdcaTvkpilQyV6q1pFuc1scNQIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFCHi+RPKk5ffS1wqHPS6VkoArgcPMB8GA1UdIwQY
MBaAFP+H4KsDKwwF6150zCwIaY3TJNljMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvXzRmZ3F3TXJEQVhyWG5UTUxBaHBqZE1rMldNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy8xZGYxOGUtNmM0ZC00MzRiLThlMzEt
NzFlYjk1ZjUwZTViLzEvSWVMNUU4cVRsOTlMWENvYzlMcFdTZ0N1Qnc4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMy8xZGYxOGUtNmM0ZC00MzRiLThlMzEtNzFlYjk1ZjUwZTVi
LzEvXzRmZ3F3TXJEQVhyWG5UTUxBaHBqZE1rMldNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQAbXrCAwQA
bXrEAwQAbXrLMAwDBABtetMDBABtetQwDQYJKoZIhvcNAQELBQADggEBAJLzrC18
ZHUk865pezjw6wSZq4kwAyaIEnt4j647GYlvwbIqSnhcqH1FBIFdoWe5nyfrR+rH
UDYrpdgete71at1dYWN8IHiDIAC+ousJlbgF0j9ZBfsvtgMjJASbMB4LLksYxvf1
GOxxxSPXYbsroIHxMs33+Ozz28hM0OkAeYtVOitebChX7GXg/8JeqMseMmfl7YDL
8o3iPG4MYsjGGZzA8Kf41DNf1HC8ehCu6V1mpPfH4YwfWoVUX/gZJkb1UkqRz8A4
14nT9JpzTDv2dd5A8YiNjp1rMa7KtLuQhYBaU7hScoBqP75haxYYBSz1VIdu8NXR
foKiLw0qYUyP6so=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:02:04 2024 by rpki-client on console-ams.rpki-client.org