Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/1df18e-6c4d-434b-8e31-71eb95f50e5b/1/TW4iSwrIhEgs5LIPm0ovSX4jJbc.roa
File: TW4iSwrIhEgs5LIPm0ovSX4jJbc.roa (raw, json)
Hash identifier: gfENa0uEqD27/C7g0IIR9oUyshTiKCA0z+7/bf8gECk=
Subject key identifier: 4D:6E:22:4B:0A:C8:84:48:2C:E4:B2:0F:9B:4A:2F:49:7E:23:25:B7
Certificate issuer: /CN=ff87e0ab032b0c05eb5e74cc2c08698dd324d963
Certificate serial: 018E1A88901C8A8AF4BCA78E1AE9DC3F2C48
Authority key identifier: FF:87:E0:AB:03:2B:0C:05:EB:5E:74:CC:2C:08:69:8D:D3:24:D9:63
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_4fgqwMrDAXrXnTMLAhpjdMk2WM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/33/1df18e-6c4d-434b-8e31-71eb95f50e5b/1/TW4iSwrIhEgs5LIPm0ovSX4jJbc.roa
Signing time: Thu 07 Mar 2024 20:09:01 +0000
ROA not before: Thu 07 Mar 2024 20:09:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 7354
IP address blocks: 109.122.214.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:1a:88:90:1c:8a:8a:f4:bc:a7:8e:1a:e9:dc:3f:2c:48
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ff87e0ab032b0c05eb5e74cc2c08698dd324d963
Validity
Not Before: Mar 7 20:09:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4d6e224b0ac884482ce4b20f9b4a2f497e2325b7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:cb:31:af:2d:ca:2c:ab:3f:99:ee:bd:a4:fe:
46:8e:18:f3:b8:af:20:25:55:c2:f2:d8:84:88:84:
ac:18:b7:3e:2c:d3:b1:7f:bb:6b:d7:38:18:d0:fa:
43:1d:4c:1d:af:b2:86:e6:d0:bd:4e:bf:fb:8a:27:
55:c5:79:7e:fb:f0:9e:5e:03:1b:0f:dd:69:48:eb:
5b:33:33:6a:4d:f8:39:8b:0b:46:03:23:ce:ab:56:
9d:0f:61:3a:21:ed:b7:5a:f4:7b:51:ac:46:96:e0:
72:29:fb:f9:81:bc:27:30:83:8e:8b:6d:12:e5:36:
d6:6f:02:c4:33:35:41:d2:ec:dd:17:d2:61:c0:01:
4d:73:34:b6:49:2a:ea:d0:6e:4d:1d:73:19:f9:22:
ce:69:3d:c1:aa:5a:04:85:9e:59:04:fa:77:ee:55:
97:c3:a7:04:36:4c:b6:08:6a:33:4e:2b:a2:e7:bb:
da:8e:88:5a:d6:0d:de:c8:8d:04:de:7d:05:4c:39:
f1:cf:ca:9d:1a:16:d2:36:35:b5:ae:01:ca:a0:ee:
50:d5:dc:97:6c:d9:f1:ee:82:a2:b2:9c:9e:1c:b8:
93:85:9e:93:91:76:86:f0:87:2e:2a:5c:92:bb:43:
48:4f:e4:70:be:1e:7a:e3:66:a6:6f:0b:17:a4:2b:
0b:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:6E:22:4B:0A:C8:84:48:2C:E4:B2:0F:9B:4A:2F:49:7E:23:25:B7
X509v3 Authority Key Identifier:
keyid:FF:87:E0:AB:03:2B:0C:05:EB:5E:74:CC:2C:08:69:8D:D3:24:D9:63
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_4fgqwMrDAXrXnTMLAhpjdMk2WM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/1df18e-6c4d-434b-8e31-71eb95f50e5b/1/TW4iSwrIhEgs5LIPm0ovSX4jJbc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/33/1df18e-6c4d-434b-8e31-71eb95f50e5b/1/_4fgqwMrDAXrXnTMLAhpjdMk2WM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.122.214.0/24
Signature Algorithm: sha256WithRSAEncryption
20:61:6a:46:8a:6b:e0:d5:d8:a8:ee:c7:d5:4f:86:be:1d:27:
6e:85:56:21:25:14:77:22:37:c1:5b:0c:b4:14:66:16:bb:4a:
0d:dc:8b:d8:2a:d2:7a:7f:00:a7:76:37:37:c1:86:28:24:a3:
41:45:c7:ce:17:46:cb:48:e1:d2:4d:94:65:e0:98:fc:eb:df:
3f:ad:79:ed:76:e7:57:bc:b5:27:9c:5e:6c:29:9a:0a:ad:f2:
39:87:72:42:a7:99:0d:d3:fe:66:de:02:04:93:db:e7:1d:23:
e3:c8:20:62:f2:54:a1:39:6d:d8:a4:08:af:3a:5e:e7:a0:9f:
8d:0d:ba:99:04:52:2c:dd:21:7e:83:47:e6:b6:c2:dd:a6:30:
a0:74:f2:04:db:5b:68:5c:e9:d2:82:73:30:8b:95:0d:2a:12:
12:71:81:eb:16:93:f8:4c:e6:f9:c9:c3:30:4e:f8:98:39:d6:
56:62:02:79:60:ae:4f:06:06:c7:1e:58:fb:44:f5:fe:63:ec:
c6:35:5d:0a:84:3b:d0:ef:80:45:69:9b:d7:b5:cd:7d:a2:06:
71:4e:6c:ce:19:41:2d:96:00:0b:11:a7:9e:2a:93:44:66:78:
60:c9:73:37:52:24:d8:db:e1:1b:7d:7c:99:70:8b:21:ec:ab:
d7:5f:cc:3c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY4aiJAcior0vKeOGuncPyxIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZmODdlMGFiMDMyYjBjMDVlYjVlNzRjYzJjMDg2OThkZDMy
NGQ5NjMwHhcNMjQwMzA3MjAwOTAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZDZlMjI0YjBhYzg4NDQ4MmNlNGIyMGY5YjRhMmY0OTdlMjMyNWI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvcsxry3KLKs/me69pP5GjhjzuK8g
JVXC8tiEiISsGLc+LNOxf7tr1zgY0PpDHUwdr7KG5tC9Tr/7iidVxXl++/CeXgMb
D91pSOtbMzNqTfg5iwtGAyPOq1adD2E6Ie23WvR7UaxGluByKfv5gbwnMIOOi20S
5TbWbwLEMzVB0uzdF9JhwAFNczS2SSrq0G5NHXMZ+SLOaT3BqloEhZ5ZBPp37lWX
w6cENky2CGozTiui57vajoha1g3eyI0E3n0FTDnxz8qdGhbSNjW1rgHKoO5Q1dyX
bNnx7oKispyeHLiThZ6TkXaG8IcuKlySu0NIT+Rwvh5642ambwsXpCsLlQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFE1uIksKyIRILOSyD5tKL0l+IyW3MB8GA1UdIwQY
MBaAFP+H4KsDKwwF6150zCwIaY3TJNljMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvXzRmZ3F3TXJEQVhyWG5UTUxBaHBqZE1rMldNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy8xZGYxOGUtNmM0ZC00MzRiLThlMzEt
NzFlYjk1ZjUwZTViLzEvVFc0aVN3ckloRWdzNUxJUG0wb3ZTWDRqSmJjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMy8xZGYxOGUtNmM0ZC00MzRiLThlMzEtNzFlYjk1ZjUwZTVi
LzEvXzRmZ3F3TXJEQVhyWG5UTUxBaHBqZE1rMldNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAbXrWMA0G
CSqGSIb3DQEBCwUAA4IBAQAgYWpGimvg1dio7sfVT4a+HSduhVYhJRR3IjfBWwy0
FGYWu0oN3IvYKtJ6fwCndjc3wYYoJKNBRcfOF0bLSOHSTZRl4Jj8698/rXntdudX
vLUnnF5sKZoKrfI5h3JCp5kN0/5m3gIEk9vnHSPjyCBi8lShOW3YpAivOl7noJ+N
DbqZBFIs3SF+g0fmtsLdpjCgdPIE21toXOnSgnMwi5UNKhIScYHrFpP4TOb5ycMw
TviYOdZWYgJ5YK5PBgbHHlj7RPX+Y+zGNV0KhDvQ74BFaZvXtc19ogZxTmzOGUEt
lgALEaeeKpNEZnhgyXM3UiTY2+EbfXyZcIsh7KvXX8w8
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:48 2024 by rpki-client on console-fra.rpki-client.org