Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/1df18e-6c4d-434b-8e31-71eb95f50e5b/1/UrMwvqej-N1ZHdWqI4U7uLlzTn4.roa
File: UrMwvqej-N1ZHdWqI4U7uLlzTn4.roa (raw, json)
Hash identifier: YoTTn/+uXaEBMD4HPqVj29XmI3TQq4ug97OKigicG3E=
Subject key identifier: 52:B3:30:BE:A7:A3:F8:DD:59:1D:D5:AA:23:85:3B:B8:B9:73:4E:7E
Certificate issuer: /CN=ff87e0ab032b0c05eb5e74cc2c08698dd324d963
Certificate serial: 018CC50143847B5EAFCF894755C9EEE08D7E
Authority key identifier: FF:87:E0:AB:03:2B:0C:05:EB:5E:74:CC:2C:08:69:8D:D3:24:D9:63
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_4fgqwMrDAXrXnTMLAhpjdMk2WM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/33/1df18e-6c4d-434b-8e31-71eb95f50e5b/1/UrMwvqej-N1ZHdWqI4U7uLlzTn4.roa
Signing time: Mon 01 Jan 2024 12:30:43 +0000
ROA not before: Mon 01 Jan 2024 12:30:43 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60781
IP address blocks: 109.122.214.0/24 maxlen: 24
109.122.223.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:01:43:84:7b:5e:af:cf:89:47:55:c9:ee:e0:8d:7e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ff87e0ab032b0c05eb5e74cc2c08698dd324d963
Validity
Not Before: Jan 1 12:30:43 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=52b330bea7a3f8dd591dd5aa23853bb8b9734e7e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f0:4d:b5:93:82:4c:f7:0c:b6:59:bc:cb:52:03:
25:59:72:c2:99:17:98:fb:77:e4:11:cf:20:f9:9c:
3d:9d:7c:85:45:79:71:ae:89:3f:50:3a:46:2b:4e:
b6:e5:2b:0f:59:9a:b1:b1:53:49:db:38:bf:95:72:
5f:1a:bd:61:30:1b:73:a9:0c:29:bb:2c:47:ac:77:
15:e5:ac:75:3d:03:55:54:07:b0:7f:df:ca:4d:9b:
a5:8b:4f:44:6b:64:df:5a:4c:34:ec:03:13:6f:2d:
66:a5:ae:35:30:1d:e5:a4:00:d1:c5:fa:fb:28:ca:
c1:89:45:7e:02:e8:5d:9d:aa:67:4e:fe:f8:4f:cb:
68:5e:90:fd:48:c6:42:f4:83:1f:da:b8:5c:bb:85:
c5:f7:cb:e8:cd:4e:4f:73:67:be:68:30:00:a3:4f:
b5:67:37:c8:56:24:03:ba:7a:7f:02:4b:84:f3:23:
5e:2f:fc:13:db:76:75:5f:4b:0e:bc:df:32:49:37:
25:4e:af:cd:80:ce:67:77:4c:5c:9a:dc:2d:1b:77:
83:ba:7f:e0:30:40:ec:ff:2f:d2:a5:5b:8b:0b:e0:
94:ff:00:8a:89:6e:86:16:af:5b:3a:a9:78:44:bb:
f4:87:ba:28:28:aa:01:98:3e:d6:53:db:59:90:36:
ed:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:B3:30:BE:A7:A3:F8:DD:59:1D:D5:AA:23:85:3B:B8:B9:73:4E:7E
X509v3 Authority Key Identifier:
keyid:FF:87:E0:AB:03:2B:0C:05:EB:5E:74:CC:2C:08:69:8D:D3:24:D9:63
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_4fgqwMrDAXrXnTMLAhpjdMk2WM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/1df18e-6c4d-434b-8e31-71eb95f50e5b/1/UrMwvqej-N1ZHdWqI4U7uLlzTn4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/33/1df18e-6c4d-434b-8e31-71eb95f50e5b/1/_4fgqwMrDAXrXnTMLAhpjdMk2WM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.122.214.0/24
109.122.223.0/24
Signature Algorithm: sha256WithRSAEncryption
07:10:62:a7:ec:1b:40:af:a4:87:44:13:e6:2b:d9:69:1f:6c:
0b:5e:df:58:54:ae:83:15:e1:87:2d:c5:18:5f:88:00:b5:78:
1a:03:dc:d4:a6:41:d8:a9:14:98:74:89:2b:f2:41:cc:e4:44:
d0:ed:0d:ab:37:c8:6b:c8:5b:3a:21:7c:c1:ec:01:0a:54:4a:
62:6b:c7:a6:6c:29:4e:b9:3c:99:36:29:bf:97:b1:47:15:25:
0c:8f:75:23:b8:d3:64:8b:84:6f:e8:90:c8:82:ac:0b:a2:a5:
fd:b9:c4:4d:48:5a:82:04:7d:77:a5:7c:be:00:91:87:d6:ad:
b6:7a:5e:8d:52:ef:d5:80:d2:b8:7b:c6:7e:9c:0a:8a:18:2a:
be:ca:9b:71:41:bb:4b:a2:cb:70:e6:03:59:b1:89:26:c4:9e:
cf:26:19:1b:ad:f4:aa:25:7e:c4:60:43:ae:dc:ae:36:2b:0c:
38:f4:6e:98:c8:d6:87:94:08:87:73:ef:2b:ee:b8:db:6d:76:
72:76:1a:ba:0d:22:be:56:2d:5e:ff:48:0b:01:c6:d8:9e:8c:
03:bf:27:af:79:1e:0e:76:b2:c8:2b:a3:1c:0f:cd:b8:2b:b6:
39:da:f7:d5:01:a3:31:20:d6:bd:36:64:26:bf:73:bf:38:90:
a7:f2:6f:77
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzFAUOEe16vz4lHVcnu4I1+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZmODdlMGFiMDMyYjBjMDVlYjVlNzRjYzJjMDg2OThkZDMy
NGQ5NjMwHhcNMjQwMTAxMTIzMDQzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MmIzMzBiZWE3YTNmOGRkNTkxZGQ1YWEyMzg1M2JiOGI5NzM0ZTdlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8E21k4JM9wy2WbzLUgMlWXLCmReY
+3fkEc8g+Zw9nXyFRXlxrok/UDpGK0625SsPWZqxsVNJ2zi/lXJfGr1hMBtzqQwp
uyxHrHcV5ax1PQNVVAewf9/KTZuli09Ea2TfWkw07AMTby1mpa41MB3lpADRxfr7
KMrBiUV+AuhdnapnTv74T8toXpD9SMZC9IMf2rhcu4XF98vozU5Pc2e+aDAAo0+1
ZzfIViQDunp/AkuE8yNeL/wT23Z1X0sOvN8ySTclTq/NgM5nd0xcmtwtG3eDun/g
MEDs/y/SpVuLC+CU/wCKiW6GFq9bOql4RLv0h7ooKKoBmD7WU9tZkDbtiwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFFKzML6no/jdWR3VqiOFO7i5c05+MB8GA1UdIwQY
MBaAFP+H4KsDKwwF6150zCwIaY3TJNljMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvXzRmZ3F3TXJEQVhyWG5UTUxBaHBqZE1rMldNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy8xZGYxOGUtNmM0ZC00MzRiLThlMzEt
NzFlYjk1ZjUwZTViLzEvVXJNd3ZxZWotTjFaSGRXcUk0VTd1TGx6VG40LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMy8xZGYxOGUtNmM0ZC00MzRiLThlMzEtNzFlYjk1ZjUwZTVi
LzEvXzRmZ3F3TXJEQVhyWG5UTUxBaHBqZE1rMldNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAbXrWAwQA
bXrfMA0GCSqGSIb3DQEBCwUAA4IBAQAHEGKn7BtAr6SHRBPmK9lpH2wLXt9YVK6D
FeGHLcUYX4gAtXgaA9zUpkHYqRSYdIkr8kHM5ETQ7Q2rN8hryFs6IXzB7AEKVEpi
a8embClOuTyZNim/l7FHFSUMj3UjuNNki4Rv6JDIgqwLoqX9ucRNSFqCBH13pXy+
AJGH1q22el6NUu/VgNK4e8Z+nAqKGCq+yptxQbtLostw5gNZsYkmxJ7PJhkbrfSq
JX7EYEOu3K42Kww49G6YyNaHlAiHc+8r7rjbbXZydhq6DSK+Vi1e/0gLAcbYnowD
vyeveR4OdrLIK6McD824K7Y52vfVAaMxINa9NmQmv3O/OJCn8m93
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:02:04 2024 by rpki-client on console-ams.rpki-client.org