Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/1df18e-6c4d-434b-8e31-71eb95f50e5b/1/j0dEFtgcXIo4EARLnxToR0HJrb4.roa
File: j0dEFtgcXIo4EARLnxToR0HJrb4.roa (raw, json)
Hash identifier: PGt0DmbE3U/VXSMp7a9vfvX4wCq8lh7WgXWgCSqe4us=
Subject key identifier: 8F:47:44:16:D8:1C:5C:8A:38:10:04:4B:9F:14:E8:47:41:C9:AD:BE
Certificate issuer: /CN=ff87e0ab032b0c05eb5e74cc2c08698dd324d963
Certificate serial: 018CD5BA57D5ECE82DEAD1939536CCA3DB1B
Authority key identifier: FF:87:E0:AB:03:2B:0C:05:EB:5E:74:CC:2C:08:69:8D:D3:24:D9:63
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_4fgqwMrDAXrXnTMLAhpjdMk2WM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/33/1df18e-6c4d-434b-8e31-71eb95f50e5b/1/j0dEFtgcXIo4EARLnxToR0HJrb4.roa
Signing time: Thu 04 Jan 2024 18:26:48 +0000
ROA not before: Thu 04 Jan 2024 18:26:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 30277
IP address blocks: 109.122.197.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:d5:ba:57:d5:ec:e8:2d:ea:d1:93:95:36:cc:a3:db:1b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ff87e0ab032b0c05eb5e74cc2c08698dd324d963
Validity
Not Before: Jan 4 18:26:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8f474416d81c5c8a3810044b9f14e84741c9adbe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:ef:bf:55:c7:ac:6e:0b:62:e6:03:63:a4:94:
6d:98:2e:98:05:fc:7c:24:74:9d:ac:7b:ae:72:c7:
91:60:20:75:ad:62:a5:af:54:5a:32:b8:a3:bc:16:
d0:40:0d:a0:cf:c5:9a:7a:fc:c8:75:5e:2e:a8:cd:
2f:a8:29:6f:6a:33:ee:6e:4a:05:a3:6a:8d:ca:12:
5f:d5:58:9f:f6:fd:5a:4a:c8:03:d7:d4:7d:5e:4a:
a9:66:a3:10:dd:aa:d0:1d:6b:5f:9c:e8:e5:58:b6:
fd:37:aa:a9:db:28:73:fa:bd:35:6f:8c:78:68:81:
58:1d:14:3f:98:ff:4c:22:93:fd:58:aa:1b:63:f5:
1a:86:45:7d:88:d0:0e:33:f0:2d:47:55:80:19:10:
f3:7c:b6:9b:7d:21:b6:4d:3c:36:76:96:c1:5e:e2:
37:db:7d:8e:bf:2b:3d:6d:48:0f:a1:c2:b4:e0:13:
bd:dd:e7:27:0b:87:30:03:28:1e:9b:a6:18:f8:5e:
84:7a:be:80:55:9a:3e:e4:75:ca:6b:14:2f:c2:27:
fa:79:0e:ea:32:a3:d2:81:15:ce:cb:ef:a5:e1:75:
e1:ee:68:8a:3f:84:92:50:94:24:51:72:44:4c:d5:
68:6e:2e:e7:f6:22:0a:95:6a:63:8b:04:34:9e:e8:
c8:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:47:44:16:D8:1C:5C:8A:38:10:04:4B:9F:14:E8:47:41:C9:AD:BE
X509v3 Authority Key Identifier:
keyid:FF:87:E0:AB:03:2B:0C:05:EB:5E:74:CC:2C:08:69:8D:D3:24:D9:63
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_4fgqwMrDAXrXnTMLAhpjdMk2WM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/1df18e-6c4d-434b-8e31-71eb95f50e5b/1/j0dEFtgcXIo4EARLnxToR0HJrb4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/33/1df18e-6c4d-434b-8e31-71eb95f50e5b/1/_4fgqwMrDAXrXnTMLAhpjdMk2WM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.122.197.0/24
Signature Algorithm: sha256WithRSAEncryption
14:e8:b5:1f:29:4d:af:e2:3a:5f:d6:03:06:e4:ca:9e:ac:fd:
31:e8:a4:b3:b6:5e:06:82:bc:43:88:04:44:4f:38:a2:d0:be:
86:e5:f9:42:2b:a2:61:c6:cd:f2:8e:8c:60:d9:d5:3f:72:f4:
82:47:d4:97:ca:b2:a7:81:6e:48:94:e0:c0:fc:d5:4e:a9:98:
74:00:5c:4b:32:9c:18:68:e5:9a:a3:ab:35:12:2f:2c:bd:b1:
37:cc:1a:d4:b6:f4:f2:c8:de:0f:df:75:d5:59:7e:d0:89:b0:
3a:09:e2:cf:7b:69:6d:b4:89:4d:b9:5f:73:59:84:c7:d4:7f:
f6:f3:da:55:46:d8:43:08:e4:1d:30:34:a8:56:72:dc:33:07:
15:8b:23:9b:e3:fb:db:62:79:a7:80:09:f8:39:2c:f6:9a:e3:
cc:04:8b:9f:03:b1:a6:8f:62:90:b5:7c:54:67:d4:0d:fe:a8:
28:a3:c6:a4:70:87:dd:59:98:d9:82:f1:65:99:cd:e4:6e:cf:
06:45:88:65:a4:0d:72:ab:0a:0f:79:b4:45:49:3b:67:38:7a:
d8:8f:3a:f6:e6:bc:86:af:ea:02:97:82:5d:41:59:a4:2d:95:
7f:fb:9d:f2:a9:36:8d:c7:00:42:19:d8:18:20:19:31:02:e0:
e1:b8:83:16
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzVulfV7Ogt6tGTlTbMo9sbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZmODdlMGFiMDMyYjBjMDVlYjVlNzRjYzJjMDg2OThkZDMy
NGQ5NjMwHhcNMjQwMTA0MTgyNjQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZjQ3NDQxNmQ4MWM1YzhhMzgxMDA0NGI5ZjE0ZTg0NzQxYzlhZGJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtO+/Vcesbgti5gNjpJRtmC6YBfx8
JHSdrHuucseRYCB1rWKlr1RaMrijvBbQQA2gz8WaevzIdV4uqM0vqClvajPubkoF
o2qNyhJf1Vif9v1aSsgD19R9XkqpZqMQ3arQHWtfnOjlWLb9N6qp2yhz+r01b4x4
aIFYHRQ/mP9MIpP9WKobY/UahkV9iNAOM/AtR1WAGRDzfLabfSG2TTw2dpbBXuI3
232Ovys9bUgPocK04BO93ecnC4cwAygem6YY+F6Eer6AVZo+5HXKaxQvwif6eQ7q
MqPSgRXOy++l4XXh7miKP4SSUJQkUXJETNVobi7n9iIKlWpjiwQ0nujIFwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFI9HRBbYHFyKOBAES58U6EdBya2+MB8GA1UdIwQY
MBaAFP+H4KsDKwwF6150zCwIaY3TJNljMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvXzRmZ3F3TXJEQVhyWG5UTUxBaHBqZE1rMldNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy8xZGYxOGUtNmM0ZC00MzRiLThlMzEt
NzFlYjk1ZjUwZTViLzEvajBkRUZ0Z2NYSW80RUFSTG54VG9SMEhKcmI0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMy8xZGYxOGUtNmM0ZC00MzRiLThlMzEtNzFlYjk1ZjUwZTVi
LzEvXzRmZ3F3TXJEQVhyWG5UTUxBaHBqZE1rMldNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAbXrFMA0G
CSqGSIb3DQEBCwUAA4IBAQAU6LUfKU2v4jpf1gMG5MqerP0x6KSztl4GgrxDiARE
Tzii0L6G5flCK6Jhxs3yjoxg2dU/cvSCR9SXyrKngW5IlODA/NVOqZh0AFxLMpwY
aOWao6s1Ei8svbE3zBrUtvTyyN4P33XVWX7QibA6CeLPe2lttIlNuV9zWYTH1H/2
89pVRthDCOQdMDSoVnLcMwcViyOb4/vbYnmngAn4OSz2muPMBIufA7Gmj2KQtXxU
Z9QN/qgoo8akcIfdWZjZgvFlmc3kbs8GRYhlpA1yqwoPebRFSTtnOHrYjzr25ryG
r+oCl4JdQVmkLZV/+53yqTaNxwBCGdgYIBkxAuDhuIMW
-----END CERTIFICATE-----
Generated at Mon Jan 15 20:13:15 2024 by rpki-client on console-ams.rpki-client.org