Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/1df18e-6c4d-434b-8e31-71eb95f50e5b/1/aixE_cdtEgjPTrLJC5vgL0IjLKI.roa
File: aixE_cdtEgjPTrLJC5vgL0IjLKI.roa (raw, json)
Hash identifier: H31IWp8MEJeJ6B+3LlkRWZM1Vf6T79azdrhfur5j3CY=
Subject key identifier: 6A:2C:44:FD:C7:6D:12:08:CF:4E:B2:C9:0B:9B:E0:2F:42:23:2C:A2
Certificate issuer: /CN=ff87e0ab032b0c05eb5e74cc2c08698dd324d963
Certificate serial: 0187A865E2EA4B02E8913EF07016D7BC98F7
Authority key identifier: FF:87:E0:AB:03:2B:0C:05:EB:5E:74:CC:2C:08:69:8D:D3:24:D9:63
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_4fgqwMrDAXrXnTMLAhpjdMk2WM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/33/1df18e-6c4d-434b-8e31-71eb95f50e5b/1/aixE_cdtEgjPTrLJC5vgL0IjLKI.roa
Signing time: Sat 22 Apr 2023 09:57:42 +0000
ROA not before: Sat 22 Apr 2023 09:57:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 32613
IP address blocks: 109.122.194.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:a8:65:e2:ea:4b:02:e8:91:3e:f0:70:16:d7:bc:98:f7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ff87e0ab032b0c05eb5e74cc2c08698dd324d963
Validity
Not Before: Apr 22 09:57:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6a2c44fdc76d1208cf4eb2c90b9be02f42232ca2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:bf:e8:bf:06:6a:73:db:2b:3c:af:24:a9:ba:
c1:30:49:04:6e:bf:0a:6e:a2:41:93:9c:6d:ae:dd:
31:61:9d:42:d5:58:cb:c7:41:02:73:c8:3d:4c:51:
18:43:a9:0b:56:9e:c4:f2:03:db:9b:55:4e:1c:e6:
ce:cd:d8:b2:6b:4e:6f:b0:1e:e5:30:22:ea:17:33:
6c:a5:2f:96:e4:b2:a9:d4:b0:61:56:22:3e:ba:23:
9c:11:2e:17:9f:e3:54:07:08:b5:b2:16:3d:2b:c6:
f9:9b:f0:6e:a1:7d:2c:3f:3f:c6:b4:9a:a5:35:07:
9e:59:38:b2:4b:2d:bc:4f:6b:03:cb:6e:f8:da:80:
21:9d:e2:3c:55:7d:50:e4:42:31:a1:11:ad:f5:b5:
d2:c1:a8:82:c4:3d:95:6e:13:f2:01:4a:12:3f:bd:
eb:74:cc:99:46:75:4d:89:df:3d:35:60:27:82:a5:
43:36:18:33:99:14:37:a6:37:64:79:16:3a:de:7b:
63:9b:35:3e:cb:28:ea:6e:df:02:6c:a3:6b:df:34:
9d:c1:99:bc:7e:bc:7a:43:4c:92:32:d1:1c:96:55:
d4:53:9b:a7:32:66:10:c1:d5:22:e0:ff:ff:bc:be:
98:d9:2d:4b:39:a9:b2:1b:ed:4c:5c:68:4d:77:f6:
58:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:2C:44:FD:C7:6D:12:08:CF:4E:B2:C9:0B:9B:E0:2F:42:23:2C:A2
X509v3 Authority Key Identifier:
keyid:FF:87:E0:AB:03:2B:0C:05:EB:5E:74:CC:2C:08:69:8D:D3:24:D9:63
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_4fgqwMrDAXrXnTMLAhpjdMk2WM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/1df18e-6c4d-434b-8e31-71eb95f50e5b/1/aixE_cdtEgjPTrLJC5vgL0IjLKI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/33/1df18e-6c4d-434b-8e31-71eb95f50e5b/1/_4fgqwMrDAXrXnTMLAhpjdMk2WM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.122.194.0/24
Signature Algorithm: sha256WithRSAEncryption
7a:a6:fc:c9:6a:67:a9:b0:cc:90:09:76:86:81:f4:80:d1:35:
82:e5:1e:d3:6c:0e:be:20:94:12:6c:f9:75:eb:01:ee:5b:94:
0d:4e:26:4d:21:c2:d8:aa:ad:e4:d6:a8:99:d5:90:fb:ad:ad:
4e:63:e4:24:6c:35:dd:cc:2e:44:71:22:d1:88:d0:e5:ba:cd:
4d:85:03:94:29:6f:4e:43:04:68:2e:49:70:35:5f:c8:12:f9:
61:54:e0:ab:7a:b1:26:4b:5b:b0:d0:c0:ce:37:e0:b8:62:80:
80:d8:5d:8a:f5:0e:db:62:bb:10:cb:2b:88:c6:1c:ed:15:93:
4f:72:4b:49:26:25:e5:11:48:53:9a:f9:9f:15:21:f9:79:6d:
a1:b5:c7:ec:0f:8f:ac:12:d1:3e:16:ae:a6:2f:b4:26:d9:ee:
15:95:f8:80:ba:91:29:9d:60:4a:c4:da:cc:c1:66:f5:2b:66:
3a:c6:97:5f:f1:6c:93:2b:e6:5c:b3:fe:02:d5:4e:44:4e:d8:
9e:52:9e:1f:ce:3b:61:01:4d:da:f4:78:77:cf:3a:b9:73:b9:
e0:a1:c3:99:cb:ce:ea:c1:60:12:7d:6e:a0:8c:ef:b3:ee:fa:
30:65:12:7c:ba:f5:74:70:f9:e5:b5:db:3b:4c:7a:41:98:7f:
4c:df:10:69
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYeoZeLqSwLokT7wcBbXvJj3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZmODdlMGFiMDMyYjBjMDVlYjVlNzRjYzJjMDg2OThkZDMy
NGQ5NjMwHhcNMjMwNDIyMDk1NzQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YTJjNDRmZGM3NmQxMjA4Y2Y0ZWIyYzkwYjliZTAyZjQyMjMyY2EyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjr/ovwZqc9srPK8kqbrBMEkEbr8K
bqJBk5xtrt0xYZ1C1VjLx0ECc8g9TFEYQ6kLVp7E8gPbm1VOHObOzdiya05vsB7l
MCLqFzNspS+W5LKp1LBhViI+uiOcES4Xn+NUBwi1shY9K8b5m/BuoX0sPz/GtJql
NQeeWTiySy28T2sDy2742oAhneI8VX1Q5EIxoRGt9bXSwaiCxD2VbhPyAUoSP73r
dMyZRnVNid89NWAngqVDNhgzmRQ3pjdkeRY63ntjmzU+yyjqbt8CbKNr3zSdwZm8
frx6Q0ySMtEcllXUU5unMmYQwdUi4P//vL6Y2S1LOamyG+1MXGhNd/ZYzQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGosRP3HbRIIz06yyQub4C9CIyyiMB8GA1UdIwQY
MBaAFP+H4KsDKwwF6150zCwIaY3TJNljMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvXzRmZ3F3TXJEQVhyWG5UTUxBaHBqZE1rMldNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy8xZGYxOGUtNmM0ZC00MzRiLThlMzEt
NzFlYjk1ZjUwZTViLzEvYWl4RV9jZHRFZ2pQVHJMSkM1dmdMMElqTEtJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMy8xZGYxOGUtNmM0ZC00MzRiLThlMzEtNzFlYjk1ZjUwZTVi
LzEvXzRmZ3F3TXJEQVhyWG5UTUxBaHBqZE1rMldNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAbXrCMA0G
CSqGSIb3DQEBCwUAA4IBAQB6pvzJamepsMyQCXaGgfSA0TWC5R7TbA6+IJQSbPl1
6wHuW5QNTiZNIcLYqq3k1qiZ1ZD7ra1OY+QkbDXdzC5EcSLRiNDlus1NhQOUKW9O
QwRoLklwNV/IEvlhVOCrerEmS1uw0MDON+C4YoCA2F2K9Q7bYrsQyyuIxhztFZNP
cktJJiXlEUhTmvmfFSH5eW2htcfsD4+sEtE+Fq6mL7Qm2e4VlfiAupEpnWBKxNrM
wWb1K2Y6xpdf8WyTK+Zcs/4C1U5ETtieUp4fzjthAU3a9Hh3zzq5c7ngocOZy87q
wWASfW6gjO+z7vowZRJ8uvV0cPnltds7THpBmH9M3xBp
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:02:04 2024 by rpki-client on console-ams.rpki-client.org