Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/1df18e-6c4d-434b-8e31-71eb95f50e5b/1/PkEAUTUIf-Igz_YQhepAlpZ9Z68.roa
File: PkEAUTUIf-Igz_YQhepAlpZ9Z68.roa (raw, json)
Hash identifier: o/qI15CHrRLTK9ptOzeVgehDFCnGkQEFe/m9LrmY6mQ=
Subject key identifier: 3E:41:00:51:35:08:7F:E2:20:CF:F6:10:85:EA:40:96:96:7D:67:AF
Certificate issuer: /CN=ff87e0ab032b0c05eb5e74cc2c08698dd324d963
Certificate serial: 0187A865E7564742686C28C3FF399D1051BD
Authority key identifier: FF:87:E0:AB:03:2B:0C:05:EB:5E:74:CC:2C:08:69:8D:D3:24:D9:63
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_4fgqwMrDAXrXnTMLAhpjdMk2WM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/33/1df18e-6c4d-434b-8e31-71eb95f50e5b/1/PkEAUTUIf-Igz_YQhepAlpZ9Z68.roa
Signing time: Sat 22 Apr 2023 09:57:43 +0000
ROA not before: Sat 22 Apr 2023 09:57:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61317
IP address blocks: 109.122.203.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:a8:65:e7:56:47:42:68:6c:28:c3:ff:39:9d:10:51:bd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ff87e0ab032b0c05eb5e74cc2c08698dd324d963
Validity
Not Before: Apr 22 09:57:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3e41005135087fe220cff61085ea4096967d67af
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:11:64:91:1c:57:7e:30:68:09:11:3a:ae:8f:
a0:9f:47:31:0f:b9:e6:06:39:c1:b0:34:cd:bb:34:
a5:b3:52:74:4a:d7:32:77:fa:f2:43:d8:de:d9:9f:
b3:57:89:45:6f:34:47:30:df:0f:de:07:28:8a:54:
d3:7a:22:27:39:d3:15:4c:5c:c9:12:d4:5e:57:2c:
ad:28:8d:14:25:a6:14:de:2c:9e:5a:1f:a1:ab:a3:
66:fa:0c:eb:3e:d4:37:7d:5f:69:1d:12:ea:61:6a:
01:68:0e:e1:df:44:db:91:3c:83:ff:f5:03:59:53:
35:f4:36:17:97:7f:fd:01:d2:ea:70:f1:c2:73:e6:
b4:b6:5d:70:f1:19:06:09:52:32:f5:36:59:92:5a:
b2:1f:dd:a7:09:54:f9:7c:62:6a:ee:2d:02:51:21:
0a:b6:3d:1d:c5:ce:b6:b1:73:4e:13:53:fc:c6:ce:
79:66:55:56:8d:c5:be:88:39:04:2a:11:19:9e:ad:
8f:4a:3f:0d:1b:3a:e9:1a:10:be:f2:a4:e4:bd:8f:
bd:32:31:5a:af:52:e9:22:3b:68:eb:fe:7b:24:45:
ee:04:3a:05:d0:9c:31:f6:c6:30:c3:ea:f5:35:9e:
6d:de:43:b0:d7:97:e9:c9:88:e7:7e:8d:22:0a:52:
f1:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:41:00:51:35:08:7F:E2:20:CF:F6:10:85:EA:40:96:96:7D:67:AF
X509v3 Authority Key Identifier:
keyid:FF:87:E0:AB:03:2B:0C:05:EB:5E:74:CC:2C:08:69:8D:D3:24:D9:63
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_4fgqwMrDAXrXnTMLAhpjdMk2WM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/1df18e-6c4d-434b-8e31-71eb95f50e5b/1/PkEAUTUIf-Igz_YQhepAlpZ9Z68.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/33/1df18e-6c4d-434b-8e31-71eb95f50e5b/1/_4fgqwMrDAXrXnTMLAhpjdMk2WM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.122.203.0/24
Signature Algorithm: sha256WithRSAEncryption
7a:d9:57:c5:8d:2f:bb:65:a9:35:4d:2b:eb:f7:5d:f4:f1:81:
fa:ef:d2:02:8d:29:24:e7:eb:48:8d:98:19:cc:87:e4:4b:99:
76:17:81:0d:83:2a:aa:6c:a2:1c:08:55:db:58:e3:c5:fd:c3:
e9:4e:c1:1f:0d:d2:a3:d8:31:23:b4:08:18:61:91:fa:1a:12:
55:5a:a7:23:ad:01:44:ef:2c:52:04:96:da:82:6d:0b:a5:df:
58:cd:c0:71:6f:12:2f:b3:63:5c:b8:76:45:ad:80:68:1e:89:
21:66:33:da:38:b7:43:09:40:44:32:b3:ad:78:c3:8b:39:49:
7f:84:2e:e1:f3:e7:d7:13:b9:2d:c0:9d:a7:80:62:84:7d:e7:
12:3e:4d:29:67:f8:e6:dc:45:fb:22:9b:3a:c1:fa:62:ca:8a:
d5:d9:2e:e5:87:e5:02:44:fa:e1:c0:c0:6c:fa:4c:2e:34:b6:
a5:bc:71:9d:ee:2f:24:c3:1e:f5:0a:e1:a6:4a:1c:b1:67:fa:
8f:53:0c:ac:28:ef:82:37:d3:28:86:cd:06:58:8b:10:1b:5f:
6f:ad:08:3e:68:4c:bf:c1:08:1b:57:a9:6a:26:f6:eb:a6:fe:
de:aa:7d:f1:f3:43:c9:f0:c5:7c:08:55:16:45:d6:73:4a:cd:
dc:bd:8e:01
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYeoZedWR0JobCjD/zmdEFG9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZmODdlMGFiMDMyYjBjMDVlYjVlNzRjYzJjMDg2OThkZDMy
NGQ5NjMwHhcNMjMwNDIyMDk1NzQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZTQxMDA1MTM1MDg3ZmUyMjBjZmY2MTA4NWVhNDA5Njk2N2Q2N2FmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmBFkkRxXfjBoCRE6ro+gn0cxD7nm
BjnBsDTNuzSls1J0Stcyd/ryQ9je2Z+zV4lFbzRHMN8P3gcoilTTeiInOdMVTFzJ
EtReVyytKI0UJaYU3iyeWh+hq6Nm+gzrPtQ3fV9pHRLqYWoBaA7h30TbkTyD//UD
WVM19DYXl3/9AdLqcPHCc+a0tl1w8RkGCVIy9TZZklqyH92nCVT5fGJq7i0CUSEK
tj0dxc62sXNOE1P8xs55ZlVWjcW+iDkEKhEZnq2PSj8NGzrpGhC+8qTkvY+9MjFa
r1LpIjto6/57JEXuBDoF0Jwx9sYww+r1NZ5t3kOw15fpyYjnfo0iClLx8wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFD5BAFE1CH/iIM/2EIXqQJaWfWevMB8GA1UdIwQY
MBaAFP+H4KsDKwwF6150zCwIaY3TJNljMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvXzRmZ3F3TXJEQVhyWG5UTUxBaHBqZE1rMldNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy8xZGYxOGUtNmM0ZC00MzRiLThlMzEt
NzFlYjk1ZjUwZTViLzEvUGtFQVVUVUlmLUlnel9ZUWhlcEFscFo5WjY4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMy8xZGYxOGUtNmM0ZC00MzRiLThlMzEtNzFlYjk1ZjUwZTVi
LzEvXzRmZ3F3TXJEQVhyWG5UTUxBaHBqZE1rMldNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAbXrLMA0G
CSqGSIb3DQEBCwUAA4IBAQB62VfFjS+7Zak1TSvr91308YH679ICjSkk5+tIjZgZ
zIfkS5l2F4ENgyqqbKIcCFXbWOPF/cPpTsEfDdKj2DEjtAgYYZH6GhJVWqcjrQFE
7yxSBJbagm0Lpd9YzcBxbxIvs2NcuHZFrYBoHokhZjPaOLdDCUBEMrOteMOLOUl/
hC7h8+fXE7ktwJ2ngGKEfecSPk0pZ/jm3EX7Ips6wfpiyorV2S7lh+UCRPrhwMBs
+kwuNLalvHGd7i8kwx71CuGmShyxZ/qPUwysKO+CN9Mohs0GWIsQG19vrQg+aEy/
wQgbV6lqJvbrpv7eqn3x80PJ8MV8CFUWRdZzSs3cvY4B
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:29:59 2025 by rpki-client