Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/1df18e-6c4d-434b-8e31-71eb95f50e5b/1/SF8fCmEuiNvUo83KL8I1fZAu8Ig.roa
File: SF8fCmEuiNvUo83KL8I1fZAu8Ig.roa (raw, json)
Hash identifier: wQChaFPGUu08Qi5S9vdw+sUFej1idGjnjQw0Li/UHmA=
Subject key identifier: 48:5F:1F:0A:61:2E:88:DB:D4:A3:CD:CA:2F:C2:35:7D:90:2E:F0:88
Certificate issuer: /CN=ff87e0ab032b0c05eb5e74cc2c08698dd324d963
Certificate serial: 018B434C2C7DCE398C2E071198EDEEDF73C8
Authority key identifier: FF:87:E0:AB:03:2B:0C:05:EB:5E:74:CC:2C:08:69:8D:D3:24:D9:63
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_4fgqwMrDAXrXnTMLAhpjdMk2WM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/33/1df18e-6c4d-434b-8e31-71eb95f50e5b/1/SF8fCmEuiNvUo83KL8I1fZAu8Ig.roa
Signing time: Wed 18 Oct 2023 14:59:07 +0000
ROA not before: Wed 18 Oct 2023 14:59:07 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49981
IP address blocks: 109.122.208.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:43:4c:2c:7d:ce:39:8c:2e:07:11:98:ed:ee:df:73:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ff87e0ab032b0c05eb5e74cc2c08698dd324d963
Validity
Not Before: Oct 18 14:59:07 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=485f1f0a612e88dbd4a3cdca2fc2357d902ef088
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:99:b5:4b:36:4c:98:73:55:aa:8e:d7:67:6d:
e9:4b:92:2f:66:08:81:63:9a:e5:0b:79:03:33:f1:
75:79:67:f1:c9:3c:20:be:b8:76:ba:16:12:60:0e:
33:2c:b8:b0:8a:2b:bc:b8:be:8e:5d:ce:6e:fd:e3:
3f:ac:e8:bd:80:0a:17:5f:9e:e1:6e:46:14:2f:28:
d9:d3:cf:39:8d:1a:9a:f0:6e:3d:13:4d:4b:0f:d1:
ed:28:a9:43:43:b1:08:86:22:0e:b4:1e:7d:f2:00:
b7:b6:aa:91:65:c8:96:df:b3:01:d8:46:1c:43:06:
4b:21:7f:b7:4f:47:00:2c:81:9e:f0:a3:76:b1:41:
2a:2f:e0:a6:83:51:52:10:c8:b9:e7:2c:f4:c2:b1:
1d:29:f0:d8:0b:49:ba:72:e2:3b:d1:ae:3d:c8:58:
70:be:96:da:f9:ac:d0:14:59:31:c1:08:04:66:28:
e9:2d:a2:8a:c5:cc:c7:19:e7:7c:51:df:ed:9e:a2:
53:ec:63:cb:b5:8e:8b:22:aa:25:e9:74:04:7a:ed:
3f:ef:f6:d3:5c:04:ea:91:cc:95:e5:73:23:8d:fd:
52:25:eb:f7:91:fd:4b:3d:07:0b:67:20:e8:bf:05:
f9:fe:f1:fa:95:97:c0:9f:2c:ca:72:ed:2f:eb:63:
ea:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:5F:1F:0A:61:2E:88:DB:D4:A3:CD:CA:2F:C2:35:7D:90:2E:F0:88
X509v3 Authority Key Identifier:
keyid:FF:87:E0:AB:03:2B:0C:05:EB:5E:74:CC:2C:08:69:8D:D3:24:D9:63
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_4fgqwMrDAXrXnTMLAhpjdMk2WM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/1df18e-6c4d-434b-8e31-71eb95f50e5b/1/SF8fCmEuiNvUo83KL8I1fZAu8Ig.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/33/1df18e-6c4d-434b-8e31-71eb95f50e5b/1/_4fgqwMrDAXrXnTMLAhpjdMk2WM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.122.208.0/24
Signature Algorithm: sha256WithRSAEncryption
3c:c1:91:73:ce:95:92:59:49:9a:6a:b8:94:56:ab:75:47:9c:
5b:1b:39:84:9e:d4:9b:0c:5d:80:ea:0d:d6:e4:d5:65:10:cf:
4d:66:c6:c1:9f:48:f4:6c:dd:b4:95:07:aa:69:f2:40:b7:87:
06:ca:0c:38:01:0d:f3:c5:6a:9f:f4:5e:97:a5:0e:7a:7e:a1:
2c:94:38:b5:4b:8b:0b:8e:a3:06:87:9c:c3:1f:ad:07:59:4b:
21:7b:59:7f:c9:d3:c4:53:2e:38:ed:43:3d:46:9f:53:33:06:
33:92:50:71:85:1e:29:42:9b:80:aa:12:c8:93:36:6a:d1:11:
a0:bd:61:3b:d1:05:3c:6c:32:c9:fe:cc:14:d2:e8:93:d6:74:
5c:db:94:01:4b:d4:34:c3:e9:f8:ab:22:4c:52:37:d4:6c:14:
f1:54:a7:7b:c5:66:b5:f5:a0:e7:12:be:15:1b:94:83:d1:5b:
cd:62:40:15:69:1d:4e:73:e4:53:dd:0e:b3:62:c5:f8:87:b4:
33:c9:87:a8:d3:c4:bb:92:36:e8:46:29:74:47:24:6c:41:60:
1b:d9:ec:a7:e5:c4:c9:f2:4b:52:68:36:c0:a9:94:65:97:7e:
3f:34:15:98:15:30:4f:d2:d9:86:f8:39:21:ed:0d:24:52:c0:
6c:82:46:63
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYtDTCx9zjmMLgcRmO3u33PIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZmODdlMGFiMDMyYjBjMDVlYjVlNzRjYzJjMDg2OThkZDMy
NGQ5NjMwHhcNMjMxMDE4MTQ1OTA3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ODVmMWYwYTYxMmU4OGRiZDRhM2NkY2EyZmMyMzU3ZDkwMmVmMDg4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlpm1SzZMmHNVqo7XZ23pS5IvZgiB
Y5rlC3kDM/F1eWfxyTwgvrh2uhYSYA4zLLiwiiu8uL6OXc5u/eM/rOi9gAoXX57h
bkYULyjZ0885jRqa8G49E01LD9HtKKlDQ7EIhiIOtB598gC3tqqRZciW37MB2EYc
QwZLIX+3T0cALIGe8KN2sUEqL+Cmg1FSEMi55yz0wrEdKfDYC0m6cuI70a49yFhw
vpba+azQFFkxwQgEZijpLaKKxczHGed8Ud/tnqJT7GPLtY6LIqol6XQEeu0/7/bT
XATqkcyV5XMjjf1SJev3kf1LPQcLZyDovwX5/vH6lZfAnyzKcu0v62Pq5wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEhfHwphLojb1KPNyi/CNX2QLvCIMB8GA1UdIwQY
MBaAFP+H4KsDKwwF6150zCwIaY3TJNljMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvXzRmZ3F3TXJEQVhyWG5UTUxBaHBqZE1rMldNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy8xZGYxOGUtNmM0ZC00MzRiLThlMzEt
NzFlYjk1ZjUwZTViLzEvU0Y4ZkNtRXVpTnZVbzgzS0w4STFmWkF1OElnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMy8xZGYxOGUtNmM0ZC00MzRiLThlMzEtNzFlYjk1ZjUwZTVi
LzEvXzRmZ3F3TXJEQVhyWG5UTUxBaHBqZE1rMldNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAbXrQMA0G
CSqGSIb3DQEBCwUAA4IBAQA8wZFzzpWSWUmaariUVqt1R5xbGzmEntSbDF2A6g3W
5NVlEM9NZsbBn0j0bN20lQeqafJAt4cGygw4AQ3zxWqf9F6XpQ56fqEslDi1S4sL
jqMGh5zDH60HWUshe1l/ydPEUy447UM9Rp9TMwYzklBxhR4pQpuAqhLIkzZq0RGg
vWE70QU8bDLJ/swU0uiT1nRc25QBS9Q0w+n4qyJMUjfUbBTxVKd7xWa19aDnEr4V
G5SD0VvNYkAVaR1Oc+RT3Q6zYsX4h7QzyYeo08S7kjboRil0RyRsQWAb2eyn5cTJ
8ktSaDbAqZRll34/NBWYFTBP0tmG+Dkh7Q0kUsBsgkZj
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:48 2024 by rpki-client on console-fra.rpki-client.org