Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/1df18e-6c4d-434b-8e31-71eb95f50e5b/1/JaP0uSjesHP9Cxzk9GPkHFwxt9A.roa
File: JaP0uSjesHP9Cxzk9GPkHFwxt9A.roa (raw, json)
Hash identifier: mQzD9n7ECOC7oMomejcNirv/WHPmake4yOC8V8xTcLE=
Subject key identifier: 25:A3:F4:B9:28:DE:B0:73:FD:0B:1C:E4:F4:63:E4:1C:5C:31:B7:D0
Certificate issuer: /CN=ff87e0ab032b0c05eb5e74cc2c08698dd324d963
Certificate serial: 018B434D27928AB6078D141E9DA646D4F374
Authority key identifier: FF:87:E0:AB:03:2B:0C:05:EB:5E:74:CC:2C:08:69:8D:D3:24:D9:63
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_4fgqwMrDAXrXnTMLAhpjdMk2WM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/33/1df18e-6c4d-434b-8e31-71eb95f50e5b/1/JaP0uSjesHP9Cxzk9GPkHFwxt9A.roa
Signing time: Wed 18 Oct 2023 15:00:11 +0000
ROA not before: Wed 18 Oct 2023 15:00:11 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 400402
IP address blocks: 109.122.195.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:43:4d:27:92:8a:b6:07:8d:14:1e:9d:a6:46:d4:f3:74
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ff87e0ab032b0c05eb5e74cc2c08698dd324d963
Validity
Not Before: Oct 18 15:00:11 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=25a3f4b928deb073fd0b1ce4f463e41c5c31b7d0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:ac:4c:48:16:a5:72:a3:9e:5b:d0:30:62:1d:
60:90:c4:78:62:0d:fb:8c:12:51:a0:90:47:a9:39:
a4:73:4f:37:de:8e:6f:db:28:a1:84:2a:14:3d:bd:
13:aa:68:35:52:0e:1b:6a:03:6c:de:48:54:4e:72:
f7:13:98:d0:8e:81:e5:fe:8b:34:00:37:1e:dd:74:
c8:92:64:2c:b2:f5:2b:95:b0:7a:f2:5f:d0:82:5c:
c5:af:8d:cf:aa:e6:e1:d6:fb:d6:bf:f8:c1:04:da:
4c:f1:47:6a:71:18:ba:c0:6d:c7:3b:ef:a0:8c:29:
dd:31:61:16:c2:1f:92:37:11:ac:35:33:20:66:cb:
af:07:67:b7:49:90:5c:97:41:97:a4:6d:60:12:31:
43:f0:53:3e:88:40:31:24:a6:e3:24:df:41:8c:f7:
b8:bf:2b:d7:ee:78:6d:2b:7c:d3:9a:39:77:2f:72:
74:fc:b9:fa:41:db:87:72:6e:c2:e1:e6:b0:9b:97:
28:29:fc:64:0b:bd:48:a4:32:ce:c4:a8:d1:a5:1c:
af:bd:cb:56:b5:02:16:f4:31:9e:95:85:6b:87:ec:
0a:b5:a4:9d:e4:94:df:1e:5f:6d:f9:4b:52:18:b6:
2e:51:93:7e:49:9f:7f:d1:85:3c:9c:84:c5:49:51:
e8:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:A3:F4:B9:28:DE:B0:73:FD:0B:1C:E4:F4:63:E4:1C:5C:31:B7:D0
X509v3 Authority Key Identifier:
keyid:FF:87:E0:AB:03:2B:0C:05:EB:5E:74:CC:2C:08:69:8D:D3:24:D9:63
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_4fgqwMrDAXrXnTMLAhpjdMk2WM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/1df18e-6c4d-434b-8e31-71eb95f50e5b/1/JaP0uSjesHP9Cxzk9GPkHFwxt9A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/33/1df18e-6c4d-434b-8e31-71eb95f50e5b/1/_4fgqwMrDAXrXnTMLAhpjdMk2WM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.122.195.0/24
Signature Algorithm: sha256WithRSAEncryption
6f:00:5c:04:2a:0c:e4:f2:7e:5f:13:73:55:d0:b6:dc:85:e0:
98:f9:70:31:97:69:8c:30:3f:b5:e7:67:b6:01:3a:aa:b5:e9:
6d:b5:e5:1c:ea:99:c4:80:2b:c9:eb:69:66:0f:72:f1:cc:8a:
e0:7b:45:6c:d9:ab:f5:e4:2a:13:ae:58:49:7a:8f:25:14:c4:
4a:18:d2:d9:d6:94:65:ee:fa:d6:8a:f0:d2:08:13:06:c7:88:
84:c9:5a:28:63:80:ac:ce:f5:93:50:82:7d:51:e3:77:24:5a:
3d:84:10:5a:3a:81:66:8a:01:7d:22:f1:b3:05:9e:7d:d9:46:
48:46:3f:ec:40:2a:f7:ff:b1:7b:44:ba:f4:20:e2:3d:8d:00:
6d:89:6b:d2:b8:ae:e2:a8:f5:05:19:cc:58:8a:91:b4:20:61:
4f:69:d6:d8:b6:8d:56:77:39:86:ab:04:57:84:3e:18:ca:13:
ff:1b:0d:a7:8a:ec:9e:ab:e8:52:61:76:cc:dd:5e:35:83:b6:
68:ae:8f:a5:ee:45:5c:72:a3:d2:2c:8f:02:ba:4e:0f:88:0e:
87:ab:ae:33:95:bd:98:d5:73:ff:52:6a:dc:e2:cf:66:ba:0d:
cf:b7:9e:a5:5a:01:b4:d8:53:e6:02:3d:5d:b1:ec:bc:14:3f:
78:c1:e6:19
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYtDTSeSirYHjRQenaZG1PN0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZmODdlMGFiMDMyYjBjMDVlYjVlNzRjYzJjMDg2OThkZDMy
NGQ5NjMwHhcNMjMxMDE4MTUwMDExWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNWEzZjRiOTI4ZGViMDczZmQwYjFjZTRmNDYzZTQxYzVjMzFiN2QwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiaxMSBalcqOeW9AwYh1gkMR4Yg37
jBJRoJBHqTmkc0833o5v2yihhCoUPb0Tqmg1Ug4bagNs3khUTnL3E5jQjoHl/os0
ADce3XTIkmQssvUrlbB68l/QglzFr43Pqubh1vvWv/jBBNpM8UdqcRi6wG3HO++g
jCndMWEWwh+SNxGsNTMgZsuvB2e3SZBcl0GXpG1gEjFD8FM+iEAxJKbjJN9BjPe4
vyvX7nhtK3zTmjl3L3J0/Ln6QduHcm7C4eawm5coKfxkC71IpDLOxKjRpRyvvctW
tQIW9DGelYVrh+wKtaSd5JTfHl9t+UtSGLYuUZN+SZ9/0YU8nITFSVHoiwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCWj9Lko3rBz/Qsc5PRj5BxcMbfQMB8GA1UdIwQY
MBaAFP+H4KsDKwwF6150zCwIaY3TJNljMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvXzRmZ3F3TXJEQVhyWG5UTUxBaHBqZE1rMldNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy8xZGYxOGUtNmM0ZC00MzRiLThlMzEt
NzFlYjk1ZjUwZTViLzEvSmFQMHVTamVzSFA5Q3h6azlHUGtIRnd4dDlBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMy8xZGYxOGUtNmM0ZC00MzRiLThlMzEtNzFlYjk1ZjUwZTVi
LzEvXzRmZ3F3TXJEQVhyWG5UTUxBaHBqZE1rMldNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAbXrDMA0G
CSqGSIb3DQEBCwUAA4IBAQBvAFwEKgzk8n5fE3NV0LbcheCY+XAxl2mMMD+152e2
ATqqteltteUc6pnEgCvJ62lmD3LxzIrge0Vs2av15CoTrlhJeo8lFMRKGNLZ1pRl
7vrWivDSCBMGx4iEyVooY4CszvWTUIJ9UeN3JFo9hBBaOoFmigF9IvGzBZ592UZI
Rj/sQCr3/7F7RLr0IOI9jQBtiWvSuK7iqPUFGcxYipG0IGFPadbYto1WdzmGqwRX
hD4YyhP/Gw2niuyeq+hSYXbM3V41g7Zoro+l7kVccqPSLI8Cuk4PiA6Hq64zlb2Y
1XP/Umrc4s9mug3Pt56lWgG02FPmAj1dsey8FD94weYZ
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:48 2024 by rpki-client on console-fra.rpki-client.org