Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/1df18e-6c4d-434b-8e31-71eb95f50e5b/1/UdlC9jrD2FChKr9OTPf43xhV7AA.roa
File: UdlC9jrD2FChKr9OTPf43xhV7AA.roa (raw, json)
Hash identifier: SGxIlgHVMt1b+w0Sc2ygpUKFYJNdylC5T2rZS6xMQdM=
Subject key identifier: 51:D9:42:F6:3A:C3:D8:50:A1:2A:BF:4E:4C:F7:F8:DF:18:55:EC:00
Certificate issuer: /CN=ff87e0ab032b0c05eb5e74cc2c08698dd324d963
Certificate serial: 018C91F714ECE4310B97DECB52B35DAFE244
Authority key identifier: FF:87:E0:AB:03:2B:0C:05:EB:5E:74:CC:2C:08:69:8D:D3:24:D9:63
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_4fgqwMrDAXrXnTMLAhpjdMk2WM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/33/1df18e-6c4d-434b-8e31-71eb95f50e5b/1/UdlC9jrD2FChKr9OTPf43xhV7AA.roa
Signing time: Fri 22 Dec 2023 14:38:58 +0000
ROA not before: Fri 22 Dec 2023 14:38:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 7354
IP address blocks: 109.122.214.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:91:f7:14:ec:e4:31:0b:97:de:cb:52:b3:5d:af:e2:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ff87e0ab032b0c05eb5e74cc2c08698dd324d963
Validity
Not Before: Dec 22 14:38:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=51d942f63ac3d850a12abf4e4cf7f8df1855ec00
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:d5:bf:b2:bc:c9:a0:22:2d:2d:9b:80:87:cf:
24:8e:7a:4a:6e:11:89:3e:e6:c2:b7:0c:2a:c0:4c:
d2:7d:b7:b9:7b:a2:41:23:0f:80:8a:05:31:a7:b6:
5f:0d:61:46:59:3c:41:99:5b:b3:b2:ff:fa:98:75:
26:a1:9d:f2:5e:a6:48:93:fe:94:6f:5a:c8:c3:58:
f5:18:6d:d6:af:82:24:e4:39:6e:96:50:56:c8:83:
80:ff:f3:11:5d:01:91:3c:e5:c6:3a:7f:c6:fa:96:
ea:f9:1d:98:c9:22:27:ca:e7:c0:49:39:48:f1:cc:
95:15:07:fb:f8:aa:b4:e3:45:b3:2f:f1:43:52:f1:
b1:b2:65:67:6e:91:c1:c9:85:0d:37:4c:6c:e3:57:
fe:7a:f1:35:9b:8e:ff:fe:1d:30:03:a9:d6:ab:6b:
c5:e5:22:8b:68:62:1e:cb:dd:f9:b9:52:99:ce:98:
a7:25:6b:73:b8:b9:59:a7:48:ab:b7:2b:30:38:a7:
06:3b:44:b2:ae:6c:c1:64:d2:2a:43:d2:47:de:15:
60:22:9b:b3:94:36:b9:62:ae:de:ef:66:7f:76:ca:
5f:14:ea:24:f1:2b:97:ce:c5:88:6f:4d:2a:99:15:
41:f9:e4:a8:12:9e:81:d2:06:0f:5d:b0:b6:44:0c:
b9:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:D9:42:F6:3A:C3:D8:50:A1:2A:BF:4E:4C:F7:F8:DF:18:55:EC:00
X509v3 Authority Key Identifier:
keyid:FF:87:E0:AB:03:2B:0C:05:EB:5E:74:CC:2C:08:69:8D:D3:24:D9:63
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_4fgqwMrDAXrXnTMLAhpjdMk2WM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/1df18e-6c4d-434b-8e31-71eb95f50e5b/1/UdlC9jrD2FChKr9OTPf43xhV7AA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/33/1df18e-6c4d-434b-8e31-71eb95f50e5b/1/_4fgqwMrDAXrXnTMLAhpjdMk2WM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.122.214.0/24
Signature Algorithm: sha256WithRSAEncryption
15:9d:ef:aa:57:da:c5:ec:27:2c:07:fc:3e:1c:71:52:19:af:
45:43:a2:ec:64:0b:61:9e:f3:b1:41:bf:16:e9:f6:ec:13:19:
b0:85:8b:70:e4:b5:2c:01:b1:a7:c9:ee:7f:33:53:33:d8:77:
cf:5b:22:32:0d:84:0b:c4:f5:50:17:05:d6:9d:73:3d:f2:cb:
e8:ad:28:c8:07:8e:27:2b:ad:4c:49:0d:44:65:4f:63:97:65:
c9:40:00:3f:8c:10:5b:d3:e3:d2:e3:5e:16:13:97:81:00:e3:
96:58:63:61:f4:7a:eb:2c:c8:72:b9:96:53:85:10:ae:af:67:
64:fc:78:4b:20:76:06:bd:0a:95:08:0d:b8:cc:4a:1c:d3:8e:
c0:4b:a3:cd:ae:05:ac:05:ee:33:10:f3:38:ea:a5:d2:15:ee:
68:0d:a0:07:57:98:37:4f:0f:8a:af:83:70:b8:43:3c:6f:68:
c5:12:42:6a:2c:b8:52:ed:20:cc:a7:e7:09:45:37:20:79:8f:
d8:f5:2b:a9:46:bd:14:87:dd:91:a4:fd:26:48:11:11:5a:e8:
a9:d0:29:84:70:c5:4b:ff:db:a6:dd:3a:4c:b7:6e:80:9b:3e:
5e:67:00:e3:28:8a:a2:32:d9:4f:35:1f:53:bf:83:70:0a:b7:
a5:ca:bd:d0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYyR9xTs5DELl97LUrNdr+JEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZmODdlMGFiMDMyYjBjMDVlYjVlNzRjYzJjMDg2OThkZDMy
NGQ5NjMwHhcNMjMxMjIyMTQzODU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MWQ5NDJmNjNhYzNkODUwYTEyYWJmNGU0Y2Y3ZjhkZjE4NTVlYzAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp9W/srzJoCItLZuAh88kjnpKbhGJ
PubCtwwqwEzSfbe5e6JBIw+AigUxp7ZfDWFGWTxBmVuzsv/6mHUmoZ3yXqZIk/6U
b1rIw1j1GG3Wr4Ik5DlullBWyIOA//MRXQGRPOXGOn/G+pbq+R2YySInyufASTlI
8cyVFQf7+Kq040WzL/FDUvGxsmVnbpHByYUNN0xs41f+evE1m47//h0wA6nWq2vF
5SKLaGIey935uVKZzpinJWtzuLlZp0irtyswOKcGO0SyrmzBZNIqQ9JH3hVgIpuz
lDa5Yq7e72Z/dspfFOok8SuXzsWIb00qmRVB+eSoEp6B0gYPXbC2RAy5nwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFHZQvY6w9hQoSq/Tkz3+N8YVewAMB8GA1UdIwQY
MBaAFP+H4KsDKwwF6150zCwIaY3TJNljMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvXzRmZ3F3TXJEQVhyWG5UTUxBaHBqZE1rMldNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy8xZGYxOGUtNmM0ZC00MzRiLThlMzEt
NzFlYjk1ZjUwZTViLzEvVWRsQzlqckQyRkNoS3I5T1RQZjQzeGhWN0FBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMy8xZGYxOGUtNmM0ZC00MzRiLThlMzEtNzFlYjk1ZjUwZTVi
LzEvXzRmZ3F3TXJEQVhyWG5UTUxBaHBqZE1rMldNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAbXrWMA0G
CSqGSIb3DQEBCwUAA4IBAQAVne+qV9rF7CcsB/w+HHFSGa9FQ6LsZAthnvOxQb8W
6fbsExmwhYtw5LUsAbGnye5/M1Mz2HfPWyIyDYQLxPVQFwXWnXM98svorSjIB44n
K61MSQ1EZU9jl2XJQAA/jBBb0+PS414WE5eBAOOWWGNh9HrrLMhyuZZThRCur2dk
/HhLIHYGvQqVCA24zEoc047AS6PNrgWsBe4zEPM46qXSFe5oDaAHV5g3Tw+Kr4Nw
uEM8b2jFEkJqLLhS7SDMp+cJRTcgeY/Y9SupRr0Uh92RpP0mSBERWuip0CmEcMVL
/9um3TpMt26Amz5eZwDjKIqiMtlPNR9Tv4NwCrelyr3Q
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:48 2024 by rpki-client on console-fra.rpki-client.org