Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/1df18e-6c4d-434b-8e31-71eb95f50e5b/1/OQ3lPQGH-RaBAoFiVdQ1lRDQVEU.roa
File: OQ3lPQGH-RaBAoFiVdQ1lRDQVEU.roa (raw, json)
Hash identifier: BaJqEotGlf4kCxX+KPVhbd7JOTe4glkkyAsKyRTEpaA=
Subject key identifier: 39:0D:E5:3D:01:87:F9:16:81:02:81:62:55:D4:35:95:10:D0:54:45
Certificate issuer: /CN=ff87e0ab032b0c05eb5e74cc2c08698dd324d963
Certificate serial: 0187A866CA48B6996782C97AF346D891782A
Authority key identifier: FF:87:E0:AB:03:2B:0C:05:EB:5E:74:CC:2C:08:69:8D:D3:24:D9:63
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_4fgqwMrDAXrXnTMLAhpjdMk2WM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/33/1df18e-6c4d-434b-8e31-71eb95f50e5b/1/OQ3lPQGH-RaBAoFiVdQ1lRDQVEU.roa
Signing time: Sat 22 Apr 2023 09:58:41 +0000
ROA not before: Sat 22 Apr 2023 09:58:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 109.122.213.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:a8:66:ca:48:b6:99:67:82:c9:7a:f3:46:d8:91:78:2a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ff87e0ab032b0c05eb5e74cc2c08698dd324d963
Validity
Not Before: Apr 22 09:58:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=390de53d0187f9168102816255d4359510d05445
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:e2:72:bc:e9:bd:ef:c9:18:be:93:ee:34:f1:
e9:e8:96:31:df:3d:84:89:0f:68:11:85:15:a6:5c:
a0:ac:ba:6a:85:e6:bf:6a:ba:b2:1d:7e:d1:c7:00:
c0:96:63:06:03:df:36:6a:32:2f:c2:17:3c:48:6d:
7f:52:bd:07:06:9c:bf:61:82:70:3c:95:6d:51:0d:
36:23:5c:bc:59:8d:f7:f7:55:46:9e:7a:64:08:fd:
7d:33:cf:94:77:70:29:e4:00:a9:06:bc:df:7b:88:
e4:37:f9:be:ce:6c:91:64:52:4d:0a:f7:3f:dd:08:
a3:4d:25:fd:f7:72:37:f0:f6:d7:fb:e3:d5:fa:17:
de:1e:3f:c0:42:fd:50:00:61:19:f7:56:6a:49:33:
2b:a2:da:08:0a:65:bc:35:96:d6:1d:05:aa:17:d5:
fd:4e:c9:a1:e8:d7:f4:f2:5b:f5:e9:4c:a1:25:e4:
c4:7e:ea:e5:b4:72:67:bd:cc:23:3f:73:1a:68:73:
9d:e7:83:22:06:07:9d:62:18:5e:0d:70:7e:76:1a:
71:0b:3c:d1:76:c1:7e:8a:16:fd:f3:2c:f9:31:25:
60:3a:6e:15:8c:48:ed:7b:33:df:5f:24:59:99:0a:
16:91:c0:6c:85:16:21:a1:38:3d:91:6a:92:b0:80:
58:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:0D:E5:3D:01:87:F9:16:81:02:81:62:55:D4:35:95:10:D0:54:45
X509v3 Authority Key Identifier:
keyid:FF:87:E0:AB:03:2B:0C:05:EB:5E:74:CC:2C:08:69:8D:D3:24:D9:63
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_4fgqwMrDAXrXnTMLAhpjdMk2WM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/1df18e-6c4d-434b-8e31-71eb95f50e5b/1/OQ3lPQGH-RaBAoFiVdQ1lRDQVEU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/33/1df18e-6c4d-434b-8e31-71eb95f50e5b/1/_4fgqwMrDAXrXnTMLAhpjdMk2WM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.122.213.0/24
Signature Algorithm: sha256WithRSAEncryption
13:9f:51:7e:dd:55:75:86:6d:15:94:eb:cc:29:d5:d4:e9:03:
a0:ee:d5:f9:f4:72:c6:16:54:75:96:d3:5a:26:fb:f2:85:a5:
e0:cf:c6:a2:ed:da:30:f0:8c:9b:2e:3e:ce:30:a0:35:cd:6e:
e8:5b:d5:4a:85:57:81:a3:98:fc:7b:05:31:e4:da:24:4c:a4:
19:e1:f4:f7:50:b0:b6:9b:f1:bc:5e:a2:0c:0a:00:c0:e5:52:
df:df:13:1a:27:2a:2b:9a:46:d0:4d:2d:26:44:3d:6c:2f:34:
84:b4:e8:c0:a2:e5:1b:86:88:89:53:92:d8:04:f6:b9:5f:ca:
8a:00:2f:31:b5:81:70:ab:c0:3f:3b:a9:2b:0b:f3:13:7f:1b:
e8:b0:75:c3:1f:0e:c0:ad:15:d9:9d:b3:27:83:e9:31:e4:69:
dc:be:b7:df:b2:d6:88:18:25:6d:48:ed:07:2a:01:e2:5a:65:
cb:59:80:0f:2b:bc:f9:a2:2b:c3:2e:bc:9e:97:06:7f:76:1a:
7b:7f:bd:45:fb:7d:62:f3:d7:76:80:0e:ea:56:07:06:5e:d5:
45:2f:64:e2:19:2d:68:32:24:6e:d4:17:2a:5d:45:a9:65:27:
f1:e4:f1:00:cc:40:c7:09:32:32:fc:04:7c:ee:65:31:36:27:
35:90:68:4a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYeoZspItplngsl680bYkXgqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZmODdlMGFiMDMyYjBjMDVlYjVlNzRjYzJjMDg2OThkZDMy
NGQ5NjMwHhcNMjMwNDIyMDk1ODQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOTBkZTUzZDAxODdmOTE2ODEwMjgxNjI1NWQ0MzU5NTEwZDA1NDQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAquJyvOm978kYvpPuNPHp6JYx3z2E
iQ9oEYUVplygrLpqhea/arqyHX7RxwDAlmMGA982ajIvwhc8SG1/Ur0HBpy/YYJw
PJVtUQ02I1y8WY3391VGnnpkCP19M8+Ud3Ap5ACpBrzfe4jkN/m+zmyRZFJNCvc/
3QijTSX993I38PbX++PV+hfeHj/AQv1QAGEZ91ZqSTMrotoICmW8NZbWHQWqF9X9
Tsmh6Nf08lv16UyhJeTEfurltHJnvcwjP3MaaHOd54MiBgedYhheDXB+dhpxCzzR
dsF+ihb98yz5MSVgOm4VjEjtezPfXyRZmQoWkcBshRYhoTg9kWqSsIBYqwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDkN5T0Bh/kWgQKBYlXUNZUQ0FRFMB8GA1UdIwQY
MBaAFP+H4KsDKwwF6150zCwIaY3TJNljMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvXzRmZ3F3TXJEQVhyWG5UTUxBaHBqZE1rMldNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy8xZGYxOGUtNmM0ZC00MzRiLThlMzEt
NzFlYjk1ZjUwZTViLzEvT1EzbFBRR0gtUmFCQW9GaVZkUTFsUkRRVkVVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMy8xZGYxOGUtNmM0ZC00MzRiLThlMzEtNzFlYjk1ZjUwZTVi
LzEvXzRmZ3F3TXJEQVhyWG5UTUxBaHBqZE1rMldNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAbXrVMA0G
CSqGSIb3DQEBCwUAA4IBAQATn1F+3VV1hm0VlOvMKdXU6QOg7tX59HLGFlR1ltNa
JvvyhaXgz8ai7dow8IybLj7OMKA1zW7oW9VKhVeBo5j8ewUx5NokTKQZ4fT3ULC2
m/G8XqIMCgDA5VLf3xMaJyormkbQTS0mRD1sLzSEtOjAouUbhoiJU5LYBPa5X8qK
AC8xtYFwq8A/O6krC/MTfxvosHXDHw7ArRXZnbMng+kx5GncvrffstaIGCVtSO0H
KgHiWmXLWYAPK7z5oivDLryelwZ/dhp7f71F+31i89d2gA7qVgcGXtVFL2TiGS1o
MiRu1BcqXUWpZSfx5PEAzEDHCTIy/AR87mUxNic1kGhK
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:02:04 2024 by rpki-client on console-ams.rpki-client.org