Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/1df18e-6c4d-434b-8e31-71eb95f50e5b/1/h_FOU3YkGgd9Qm-axJ6RHd-x0II.roa
File: h_FOU3YkGgd9Qm-axJ6RHd-x0II.roa (raw, json)
Hash identifier: VIHjm0n1QfcpDHgSv8D91l2YKI/BMO/yJ/wu0Z3acOk=
Subject key identifier: 87:F1:4E:53:76:24:1A:07:7D:42:6F:9A:C4:9E:91:1D:DF:B1:D0:82
Certificate issuer: /CN=ff87e0ab032b0c05eb5e74cc2c08698dd324d963
Certificate serial: 0187DBD10F41B47318869FD1D2C7F56D2414
Authority key identifier: FF:87:E0:AB:03:2B:0C:05:EB:5E:74:CC:2C:08:69:8D:D3:24:D9:63
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_4fgqwMrDAXrXnTMLAhpjdMk2WM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/33/1df18e-6c4d-434b-8e31-71eb95f50e5b/1/h_FOU3YkGgd9Qm-axJ6RHd-x0II.roa
Signing time: Tue 02 May 2023 09:35:23 +0000
ROA not before: Tue 02 May 2023 09:35:23 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 62240
IP address blocks: 109.122.213.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:db:d1:0f:41:b4:73:18:86:9f:d1:d2:c7:f5:6d:24:14
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ff87e0ab032b0c05eb5e74cc2c08698dd324d963
Validity
Not Before: May 2 09:35:23 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=87f14e5376241a077d426f9ac49e911ddfb1d082
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:83:40:45:d4:d2:69:1b:ff:91:9f:e1:6b:fb:
ad:69:7a:48:e9:88:2c:0a:e8:0f:b2:2f:e6:1c:99:
9d:a3:b8:77:9f:60:9e:d7:fe:4e:d8:15:12:1e:a0:
ed:92:6e:b0:14:37:2f:4e:2c:e5:c4:38:96:aa:d4:
1f:87:e1:97:28:a4:af:fd:17:1b:05:1d:c4:b5:42:
e4:6c:3e:b1:03:c4:c8:18:8e:11:47:51:9f:e4:59:
68:15:b1:1d:1a:a7:9b:1c:56:a4:00:e3:70:ff:72:
d0:11:19:28:97:b4:b3:2e:85:e1:8a:eb:af:29:26:
9c:98:1c:46:72:8b:45:a6:fb:8e:01:19:47:76:10:
3d:e2:3d:e8:18:3c:56:50:de:ef:ca:f7:2b:db:87:
8f:f1:59:d3:72:97:d2:0f:a0:5e:4a:c7:f0:a8:6f:
50:88:2a:54:58:e1:ea:c0:e8:18:7d:ce:e6:dc:a6:
b5:13:63:92:e9:fe:1b:0e:77:47:8d:16:8b:a7:da:
3e:90:3a:5b:1f:e0:a5:9c:4a:e0:33:ea:eb:30:fa:
a7:be:99:ce:77:51:77:68:b5:b9:46:06:f8:fd:98:
0f:0d:3d:2c:7e:1f:53:05:70:ea:b1:50:07:a5:ab:
bf:0c:33:f7:2d:01:71:a1:93:1e:c7:cf:73:d6:fc:
d9:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:F1:4E:53:76:24:1A:07:7D:42:6F:9A:C4:9E:91:1D:DF:B1:D0:82
X509v3 Authority Key Identifier:
keyid:FF:87:E0:AB:03:2B:0C:05:EB:5E:74:CC:2C:08:69:8D:D3:24:D9:63
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_4fgqwMrDAXrXnTMLAhpjdMk2WM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/1df18e-6c4d-434b-8e31-71eb95f50e5b/1/h_FOU3YkGgd9Qm-axJ6RHd-x0II.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/33/1df18e-6c4d-434b-8e31-71eb95f50e5b/1/_4fgqwMrDAXrXnTMLAhpjdMk2WM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.122.213.0/24
Signature Algorithm: sha256WithRSAEncryption
66:c7:94:58:3a:7f:a9:60:4c:d2:12:20:c9:7e:1f:e5:79:a6:
66:90:50:48:ec:bb:48:31:0d:9c:86:02:c3:8f:0f:17:39:dd:
00:9e:c3:ba:0e:60:f8:26:2b:36:fe:74:89:d8:9c:ca:33:f7:
fe:eb:7b:56:2f:24:4b:31:ea:e8:d1:d1:b5:b5:75:2d:df:2c:
2a:07:7d:fd:12:c1:be:1f:ce:1a:f8:8f:4b:69:b3:54:51:2e:
30:6c:a7:43:7b:b7:6f:5b:ee:a3:50:ad:bb:5c:eb:1b:bd:ad:
25:3d:59:13:dc:08:ee:ea:c4:ae:58:cb:20:0a:b9:3a:69:4a:
7d:d0:80:6f:82:c2:51:12:df:61:e5:e3:1a:ca:b3:4b:04:f5:
55:9d:ee:23:02:7c:cc:72:79:0f:c8:fb:f3:7f:b5:70:ad:f0:
f5:f7:17:1b:1e:47:75:73:43:80:cc:c7:12:33:31:d4:c4:4a:
d3:cb:26:bf:2f:6d:68:75:25:f5:24:99:cc:c2:09:61:1d:36:
06:55:98:6f:ef:11:4b:76:1e:0d:a5:02:ec:dd:2c:24:8a:14:
7b:d0:36:84:10:83:2b:ff:93:e6:53:c0:a3:2e:58:6a:d4:ae:
1c:3d:01:c7:26:02:01:34:75:88:15:30:28:62:48:6a:01:94:
f0:59:d2:a6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYfb0Q9BtHMYhp/R0sf1bSQUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZmODdlMGFiMDMyYjBjMDVlYjVlNzRjYzJjMDg2OThkZDMy
NGQ5NjMwHhcNMjMwNTAyMDkzNTIzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4N2YxNGU1Mzc2MjQxYTA3N2Q0MjZmOWFjNDllOTExZGRmYjFkMDgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiYNARdTSaRv/kZ/ha/utaXpI6Ygs
CugPsi/mHJmdo7h3n2Ce1/5O2BUSHqDtkm6wFDcvTizlxDiWqtQfh+GXKKSv/Rcb
BR3EtULkbD6xA8TIGI4RR1Gf5FloFbEdGqebHFakAONw/3LQERkol7SzLoXhiuuv
KSacmBxGcotFpvuOARlHdhA94j3oGDxWUN7vyvcr24eP8VnTcpfSD6BeSsfwqG9Q
iCpUWOHqwOgYfc7m3Ka1E2OS6f4bDndHjRaLp9o+kDpbH+ClnErgM+rrMPqnvpnO
d1F3aLW5Rgb4/ZgPDT0sfh9TBXDqsVAHpau/DDP3LQFxoZMex89z1vzZTQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIfxTlN2JBoHfUJvmsSekR3fsdCCMB8GA1UdIwQY
MBaAFP+H4KsDKwwF6150zCwIaY3TJNljMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvXzRmZ3F3TXJEQVhyWG5UTUxBaHBqZE1rMldNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy8xZGYxOGUtNmM0ZC00MzRiLThlMzEt
NzFlYjk1ZjUwZTViLzEvaF9GT1UzWWtHZ2Q5UW0tYXhKNlJIZC14MElJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMy8xZGYxOGUtNmM0ZC00MzRiLThlMzEtNzFlYjk1ZjUwZTVi
LzEvXzRmZ3F3TXJEQVhyWG5UTUxBaHBqZE1rMldNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAbXrVMA0G
CSqGSIb3DQEBCwUAA4IBAQBmx5RYOn+pYEzSEiDJfh/leaZmkFBI7LtIMQ2chgLD
jw8XOd0AnsO6DmD4Jis2/nSJ2JzKM/f+63tWLyRLMero0dG1tXUt3ywqB339EsG+
H84a+I9LabNUUS4wbKdDe7dvW+6jUK27XOsbva0lPVkT3Aju6sSuWMsgCrk6aUp9
0IBvgsJREt9h5eMayrNLBPVVne4jAnzMcnkPyPvzf7VwrfD19xcbHkd1c0OAzMcS
MzHUxErTyya/L21odSX1JJnMwglhHTYGVZhv7xFLdh4NpQLs3SwkihR70DaEEIMr
/5PmU8CjLlhq1K4cPQHHJgIBNHWIFTAoYkhqAZTwWdKm
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:02:04 2024 by rpki-client on console-ams.rpki-client.org