Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/1df18e-6c4d-434b-8e31-71eb95f50e5b/1/Qbh5CqnB93WUDNR1dQ9KRAb6xKw.roa
File: Qbh5CqnB93WUDNR1dQ9KRAb6xKw.roa (raw, json)
Hash identifier: 22vDcI+rubSCTkOPdUfJWriAE8V8vr8954b0nmqsCqM=
Subject key identifier: 41:B8:79:0A:A9:C1:F7:75:94:0C:D4:75:75:0F:4A:44:06:FA:C4:AC
Certificate issuer: /CN=ff87e0ab032b0c05eb5e74cc2c08698dd324d963
Certificate serial: 018E1A889104F6D2734BF49BDD6820B4434D
Authority key identifier: FF:87:E0:AB:03:2B:0C:05:EB:5E:74:CC:2C:08:69:8D:D3:24:D9:63
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_4fgqwMrDAXrXnTMLAhpjdMk2WM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/33/1df18e-6c4d-434b-8e31-71eb95f50e5b/1/Qbh5CqnB93WUDNR1dQ9KRAb6xKw.roa
Signing time: Thu 07 Mar 2024 20:09:01 +0000
ROA not before: Thu 07 Mar 2024 20:09:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 32613
IP address blocks: 109.122.194.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:1a:88:91:04:f6:d2:73:4b:f4:9b:dd:68:20:b4:43:4d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ff87e0ab032b0c05eb5e74cc2c08698dd324d963
Validity
Not Before: Mar 7 20:09:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=41b8790aa9c1f775940cd475750f4a4406fac4ac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:17:41:15:4a:a5:8c:ea:6e:78:aa:8f:74:42:
f2:a6:ce:35:b4:19:69:3c:a3:2b:9e:e0:47:a9:f5:
d9:6c:6d:f1:be:13:4b:aa:74:9d:d6:dd:84:46:ef:
ef:94:99:02:41:5c:2b:1f:1d:95:c7:e5:fb:e9:c0:
ea:d4:7d:04:6e:3c:a1:83:72:cb:b7:50:ee:89:54:
bb:d2:64:19:b2:9c:da:12:7d:7e:55:b7:b1:fa:9f:
79:7d:48:e9:37:76:f1:25:9a:ae:c5:5f:6d:a4:49:
5e:f0:89:5e:f8:64:42:d8:0b:30:d9:6b:02:68:5a:
fc:a8:92:72:82:e7:5c:90:72:7c:1e:b7:fc:0c:4f:
e2:67:01:76:89:da:5d:60:17:b8:ed:e2:d8:f6:ee:
61:02:2f:44:d3:ff:32:02:c3:f8:6c:64:53:a6:9d:
7e:d4:9b:66:a1:dd:db:5d:8e:87:82:a8:1f:16:9f:
6a:cc:84:3b:34:99:79:34:c2:8c:9b:22:f6:35:80:
96:99:b5:7e:8e:82:91:f9:c4:ad:a5:b4:3f:07:ea:
60:a1:ef:c9:74:54:37:5b:9c:1d:f2:8f:74:68:2b:
ce:88:af:5f:03:ec:2b:59:45:05:24:4f:ed:77:62:
94:7e:e0:6b:44:3a:8b:29:7b:31:6b:54:31:fe:92:
2b:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:B8:79:0A:A9:C1:F7:75:94:0C:D4:75:75:0F:4A:44:06:FA:C4:AC
X509v3 Authority Key Identifier:
keyid:FF:87:E0:AB:03:2B:0C:05:EB:5E:74:CC:2C:08:69:8D:D3:24:D9:63
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_4fgqwMrDAXrXnTMLAhpjdMk2WM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/1df18e-6c4d-434b-8e31-71eb95f50e5b/1/Qbh5CqnB93WUDNR1dQ9KRAb6xKw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/33/1df18e-6c4d-434b-8e31-71eb95f50e5b/1/_4fgqwMrDAXrXnTMLAhpjdMk2WM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.122.194.0/24
Signature Algorithm: sha256WithRSAEncryption
8c:e5:8d:ef:31:e0:66:00:fc:ce:2f:05:4a:08:90:e4:c9:90:
1c:92:7f:34:bb:f3:ed:c7:1e:1f:66:99:e3:3d:d2:6b:a6:1d:
3d:d5:8e:6b:fa:10:fc:73:68:bc:1a:ce:97:8e:d2:12:bd:bb:
29:a5:a3:88:5a:d5:bd:d6:c7:e7:7e:3c:90:e4:f3:56:0e:06:
5c:e7:b5:2c:4b:7b:1e:5a:8b:e3:ed:c1:17:88:9e:55:34:12:
98:f2:ba:3e:bf:9c:88:37:10:c5:44:50:64:39:02:dc:8b:24:
06:16:6c:d5:aa:98:6b:70:28:1d:e9:3c:37:30:3f:56:87:9f:
cf:97:e8:2f:7f:a4:70:61:34:54:01:e4:bc:71:42:3b:83:d9:
12:d2:0e:03:04:77:ac:27:2f:4b:db:e0:b8:63:27:87:b9:b9:
f2:2d:68:29:aa:52:16:36:e6:60:bc:47:35:4d:81:0c:41:64:
2d:a5:89:2b:80:d5:a1:42:7a:0f:39:c9:0a:6a:51:e5:7d:30:
b7:ca:71:bc:ae:0e:20:f2:e5:06:ad:04:59:46:b4:bf:df:66:
25:a6:0b:4d:82:c3:c5:ab:e7:1c:ed:98:30:5f:e6:c9:ed:5b:
5b:c2:33:10:e1:8d:7c:85:fc:0d:3a:bd:8e:b5:71:9b:10:2d:
12:0e:99:c0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY4aiJEE9tJzS/Sb3WggtENNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZmODdlMGFiMDMyYjBjMDVlYjVlNzRjYzJjMDg2OThkZDMy
NGQ5NjMwHhcNMjQwMzA3MjAwOTAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MWI4NzkwYWE5YzFmNzc1OTQwY2Q0NzU3NTBmNGE0NDA2ZmFjNGFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqxdBFUqljOpueKqPdELyps41tBlp
PKMrnuBHqfXZbG3xvhNLqnSd1t2ERu/vlJkCQVwrHx2Vx+X76cDq1H0Ebjyhg3LL
t1DuiVS70mQZspzaEn1+Vbex+p95fUjpN3bxJZquxV9tpEle8Ile+GRC2Asw2WsC
aFr8qJJygudckHJ8Hrf8DE/iZwF2idpdYBe47eLY9u5hAi9E0/8yAsP4bGRTpp1+
1Jtmod3bXY6HgqgfFp9qzIQ7NJl5NMKMmyL2NYCWmbV+joKR+cStpbQ/B+pgoe/J
dFQ3W5wd8o90aCvOiK9fA+wrWUUFJE/td2KUfuBrRDqLKXsxa1Qx/pIrcQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEG4eQqpwfd1lAzUdXUPSkQG+sSsMB8GA1UdIwQY
MBaAFP+H4KsDKwwF6150zCwIaY3TJNljMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvXzRmZ3F3TXJEQVhyWG5UTUxBaHBqZE1rMldNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy8xZGYxOGUtNmM0ZC00MzRiLThlMzEt
NzFlYjk1ZjUwZTViLzEvUWJoNUNxbkI5M1dVRE5SMWRROUtSQWI2eEt3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMy8xZGYxOGUtNmM0ZC00MzRiLThlMzEtNzFlYjk1ZjUwZTVi
LzEvXzRmZ3F3TXJEQVhyWG5UTUxBaHBqZE1rMldNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAbXrCMA0G
CSqGSIb3DQEBCwUAA4IBAQCM5Y3vMeBmAPzOLwVKCJDkyZAckn80u/Ptxx4fZpnj
PdJrph091Y5r+hD8c2i8Gs6XjtISvbsppaOIWtW91sfnfjyQ5PNWDgZc57UsS3se
Wovj7cEXiJ5VNBKY8ro+v5yINxDFRFBkOQLciyQGFmzVqphrcCgd6Tw3MD9Wh5/P
l+gvf6RwYTRUAeS8cUI7g9kS0g4DBHesJy9L2+C4YyeHubnyLWgpqlIWNuZgvEc1
TYEMQWQtpYkrgNWhQnoPOckKalHlfTC3ynG8rg4g8uUGrQRZRrS/32YlpgtNgsPF
q+cc7ZgwX+bJ7VtbwjMQ4Y18hfwNOr2OtXGbEC0SDpnA
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:02:04 2024 by rpki-client on console-ams.rpki-client.org