Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/1df18e-6c4d-434b-8e31-71eb95f50e5b/1/NNyse1eJR8KndEMf2hWhvOWTnUA.roa
File: NNyse1eJR8KndEMf2hWhvOWTnUA.roa (raw, json)
Hash identifier: PnKGXxqaXuz91OVwkW59MWxz+DNGBIG01nl7s7CicNw=
Subject key identifier: 34:DC:AC:7B:57:89:47:C2:A7:74:43:1F:DA:15:A1:BC:E5:93:9D:40
Certificate issuer: /CN=ff87e0ab032b0c05eb5e74cc2c08698dd324d963
Certificate serial: 0187A8689FD4F612D87F81136E5353F3E0E4
Authority key identifier: FF:87:E0:AB:03:2B:0C:05:EB:5E:74:CC:2C:08:69:8D:D3:24:D9:63
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_4fgqwMrDAXrXnTMLAhpjdMk2WM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/33/1df18e-6c4d-434b-8e31-71eb95f50e5b/1/NNyse1eJR8KndEMf2hWhvOWTnUA.roa
Signing time: Sat 22 Apr 2023 10:00:41 +0000
ROA not before: Sat 22 Apr 2023 10:00:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 210703
IP address blocks: 109.122.218.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:a8:68:9f:d4:f6:12:d8:7f:81:13:6e:53:53:f3:e0:e4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ff87e0ab032b0c05eb5e74cc2c08698dd324d963
Validity
Not Before: Apr 22 10:00:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=34dcac7b578947c2a774431fda15a1bce5939d40
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:af:f9:1a:85:ca:18:3a:da:85:2e:59:57:f9:
f9:f6:9d:1c:73:4e:c5:97:cb:30:94:ab:ac:88:82:
b0:c6:b1:f8:9f:f9:06:bf:6b:0d:db:d1:95:30:d4:
68:4b:0a:fe:be:a8:08:5b:67:69:24:b2:2c:c7:89:
ba:eb:ac:6c:92:30:6a:56:d1:bc:44:2b:9d:2a:04:
2e:fe:54:73:6b:7e:67:17:cd:79:f6:80:c1:54:70:
28:6f:15:63:d1:ab:f9:e8:ab:4f:bc:0e:93:77:38:
7d:fb:56:0e:d9:68:c3:b8:2f:35:da:fe:ed:6b:52:
a1:0c:59:5b:ca:f5:4f:eb:8f:8f:f8:27:1d:69:85:
d3:03:2f:f2:67:37:d5:75:7c:42:c9:d1:f0:9a:4a:
1e:04:c4:9c:fc:60:48:bb:48:3f:99:8f:12:55:01:
b2:97:30:59:07:d7:75:79:e2:00:48:a9:4a:d6:35:
54:67:99:4d:59:47:3d:c3:36:62:c6:7f:14:e0:b0:
de:8b:c0:69:ba:d4:ad:79:34:9c:94:4f:7d:ba:09:
e0:28:fd:08:c8:2d:d6:bf:39:34:d6:74:b4:7f:da:
2a:cc:e1:3d:33:53:93:6d:98:3f:f0:2a:1d:8f:77:
5f:eb:b6:f1:b2:92:b8:49:10:cf:64:ca:60:ef:2d:
2a:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:DC:AC:7B:57:89:47:C2:A7:74:43:1F:DA:15:A1:BC:E5:93:9D:40
X509v3 Authority Key Identifier:
keyid:FF:87:E0:AB:03:2B:0C:05:EB:5E:74:CC:2C:08:69:8D:D3:24:D9:63
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_4fgqwMrDAXrXnTMLAhpjdMk2WM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/1df18e-6c4d-434b-8e31-71eb95f50e5b/1/NNyse1eJR8KndEMf2hWhvOWTnUA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/33/1df18e-6c4d-434b-8e31-71eb95f50e5b/1/_4fgqwMrDAXrXnTMLAhpjdMk2WM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.122.218.0/24
Signature Algorithm: sha256WithRSAEncryption
11:66:9c:98:5a:dd:c9:d3:60:b0:4a:d3:2a:47:49:29:40:0f:
e6:0a:1f:82:5d:3d:b1:47:1e:44:90:c5:46:6a:2d:d3:70:ca:
38:a0:5a:1f:ba:50:a8:ef:20:7b:e9:cf:db:6a:3c:b7:0f:be:
40:29:bf:a0:30:a5:bf:ba:66:c1:58:c4:0a:da:a2:1c:56:3b:
a2:52:f4:17:32:1e:5f:4f:96:f2:c2:e6:4c:cb:be:95:7c:1c:
ab:65:a2:36:95:bc:9f:36:4f:07:e6:87:b4:f3:8e:9a:4d:d2:
ae:d8:93:44:4b:c3:82:b6:3a:6a:9f:58:92:92:cc:12:9d:ce:
c6:30:b9:21:76:7e:98:40:00:2d:e7:f0:cf:23:55:d8:ff:77:
a6:13:ae:1c:c4:17:ca:00:cc:f6:4f:3c:77:7a:77:6c:4e:bf:
fa:0f:8b:de:b7:15:9c:27:a8:ee:46:fc:07:ca:68:ce:da:ed:
5f:2e:16:f5:83:65:a6:82:2e:17:50:73:3b:0d:74:0d:86:06:
1b:b5:66:32:42:c8:f2:0e:ec:29:5e:78:fe:04:24:e8:94:03:
da:90:25:a9:76:a9:f2:92:2d:44:55:98:41:f6:00:fc:d3:62:
00:4c:b3:51:bc:34:7c:ef:bf:a6:9e:6f:a7:7c:22:14:3f:81:
ff:49:1a:53
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYeoaJ/U9hLYf4ETblNT8+DkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZmODdlMGFiMDMyYjBjMDVlYjVlNzRjYzJjMDg2OThkZDMy
NGQ5NjMwHhcNMjMwNDIyMTAwMDQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNGRjYWM3YjU3ODk0N2MyYTc3NDQzMWZkYTE1YTFiY2U1OTM5ZDQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqa/5GoXKGDrahS5ZV/n59p0cc07F
l8swlKusiIKwxrH4n/kGv2sN29GVMNRoSwr+vqgIW2dpJLIsx4m666xskjBqVtG8
RCudKgQu/lRza35nF8159oDBVHAobxVj0av56KtPvA6Tdzh9+1YO2WjDuC812v7t
a1KhDFlbyvVP64+P+CcdaYXTAy/yZzfVdXxCydHwmkoeBMSc/GBIu0g/mY8SVQGy
lzBZB9d1eeIASKlK1jVUZ5lNWUc9wzZixn8U4LDei8BputSteTSclE99ugngKP0I
yC3Wvzk01nS0f9oqzOE9M1OTbZg/8Codj3df67bxspK4SRDPZMpg7y0qnwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDTcrHtXiUfCp3RDH9oVobzlk51AMB8GA1UdIwQY
MBaAFP+H4KsDKwwF6150zCwIaY3TJNljMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvXzRmZ3F3TXJEQVhyWG5UTUxBaHBqZE1rMldNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy8xZGYxOGUtNmM0ZC00MzRiLThlMzEt
NzFlYjk1ZjUwZTViLzEvTk55c2UxZUpSOEtuZEVNZjJoV2h2T1dUblVBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMy8xZGYxOGUtNmM0ZC00MzRiLThlMzEtNzFlYjk1ZjUwZTVi
LzEvXzRmZ3F3TXJEQVhyWG5UTUxBaHBqZE1rMldNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAbXraMA0G
CSqGSIb3DQEBCwUAA4IBAQARZpyYWt3J02CwStMqR0kpQA/mCh+CXT2xRx5EkMVG
ai3TcMo4oFofulCo7yB76c/bajy3D75AKb+gMKW/umbBWMQK2qIcVjuiUvQXMh5f
T5bywuZMy76VfByrZaI2lbyfNk8H5oe0846aTdKu2JNES8OCtjpqn1iSkswSnc7G
MLkhdn6YQAAt5/DPI1XY/3emE64cxBfKAMz2Tzx3endsTr/6D4vetxWcJ6juRvwH
ymjO2u1fLhb1g2Wmgi4XUHM7DXQNhgYbtWYyQsjyDuwpXnj+BCTolAPakCWpdqny
ki1EVZhB9gD802IATLNRvDR877+mnm+nfCIUP4H/SRpT
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:48 2024 by rpki-client on console-fra.rpki-client.org