Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/1df18e-6c4d-434b-8e31-71eb95f50e5b/1/jmQFxIGfVSOD1A2TOXnH-QjzlyU.roa
File: jmQFxIGfVSOD1A2TOXnH-QjzlyU.roa (raw, json)
Hash identifier: xw1X7V8LufpDQIwZTD9rnjVIC/BGCv27JYtOf1fz6ls=
Subject key identifier: 8E:64:05:C4:81:9F:55:23:83:D4:0D:93:39:79:C7:F9:08:F3:97:25
Certificate issuer: /CN=ff87e0ab032b0c05eb5e74cc2c08698dd324d963
Certificate serial: 0187A865E0E45E5976C0FDAEE8F417B87FAF
Authority key identifier: FF:87:E0:AB:03:2B:0C:05:EB:5E:74:CC:2C:08:69:8D:D3:24:D9:63
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_4fgqwMrDAXrXnTMLAhpjdMk2WM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/33/1df18e-6c4d-434b-8e31-71eb95f50e5b/1/jmQFxIGfVSOD1A2TOXnH-QjzlyU.roa
Signing time: Sat 22 Apr 2023 09:57:41 +0000
ROA not before: Sat 22 Apr 2023 09:57:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 9009
IP address blocks: 109.122.204.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:a8:65:e0:e4:5e:59:76:c0:fd:ae:e8:f4:17:b8:7f:af
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ff87e0ab032b0c05eb5e74cc2c08698dd324d963
Validity
Not Before: Apr 22 09:57:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8e6405c4819f552383d40d933979c7f908f39725
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:50:56:eb:46:2e:64:a4:78:05:f6:50:8b:5d:
96:e6:c7:52:b3:d2:0e:7f:f2:2c:2f:4b:e8:b8:24:
8b:26:ae:81:a5:47:61:b1:7c:8a:47:ca:ea:e5:99:
41:85:46:9d:46:a4:09:99:69:a1:7f:e1:5f:c2:3b:
05:17:e3:d4:81:88:ec:07:ec:62:20:58:2a:e8:8f:
16:ea:e7:7e:e8:37:43:ee:07:d8:81:17:f5:12:06:
d6:5f:1e:ab:93:34:f1:ad:32:1e:2f:e0:6c:8a:46:
70:ab:ce:63:bf:87:70:56:d2:50:64:e4:6f:72:dc:
96:42:0a:12:17:88:c3:63:5e:de:71:f9:02:23:5a:
bc:0f:96:cb:9b:9f:a3:d0:c0:b4:e6:ab:bf:82:ff:
09:1a:06:bc:1d:9b:11:5e:95:93:d9:48:6e:bf:78:
de:eb:12:05:40:5e:02:23:7a:9b:0c:1d:8d:03:26:
3d:8c:2d:69:fc:46:aa:a6:ae:a0:4d:fc:e7:92:aa:
b9:77:57:93:58:a7:4c:3f:88:14:c6:a5:8d:d3:3d:
d4:f5:dd:dc:78:87:74:c8:d2:fd:c2:32:33:41:6b:
e5:20:6e:4b:a0:fc:48:5e:68:9f:bd:fb:37:c6:26:
94:36:2a:f1:c8:ec:d6:10:e7:c8:4c:7a:ed:02:26:
d6:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:64:05:C4:81:9F:55:23:83:D4:0D:93:39:79:C7:F9:08:F3:97:25
X509v3 Authority Key Identifier:
keyid:FF:87:E0:AB:03:2B:0C:05:EB:5E:74:CC:2C:08:69:8D:D3:24:D9:63
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_4fgqwMrDAXrXnTMLAhpjdMk2WM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/1df18e-6c4d-434b-8e31-71eb95f50e5b/1/jmQFxIGfVSOD1A2TOXnH-QjzlyU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/33/1df18e-6c4d-434b-8e31-71eb95f50e5b/1/_4fgqwMrDAXrXnTMLAhpjdMk2WM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.122.204.0/24
Signature Algorithm: sha256WithRSAEncryption
5a:ae:62:88:9c:23:44:87:00:d6:8f:04:7a:e9:6f:eb:df:06:
7a:7e:1d:b6:80:2d:2f:8a:c1:a7:58:34:7a:9f:82:aa:92:2a:
34:7d:fc:a4:03:59:be:34:8e:21:96:f5:2d:c0:06:8a:e9:13:
f0:9e:81:04:0b:cc:72:bb:c1:bc:6e:4c:6a:d4:2d:6c:f3:23:
64:cd:01:d7:33:4e:cb:2d:6e:28:16:06:54:16:97:a8:69:9c:
7a:2a:8c:e3:29:8f:c2:4b:27:bb:19:22:ec:ef:ea:2e:79:f6:
1b:d4:2f:1f:8d:b8:eb:88:98:8f:9c:55:1f:f1:22:ff:54:33:
bf:25:c2:99:11:52:0a:ce:b1:9d:12:72:16:be:74:b9:73:f2:
ad:08:85:08:f6:30:21:7b:2e:80:95:f2:6a:d8:9f:a4:55:13:
dd:b0:29:3c:06:84:65:08:4e:6f:e1:70:2c:a2:a0:e3:60:ae:
4a:26:f2:66:9c:af:d5:9b:e5:15:65:92:1c:d0:de:30:20:81:
4e:fd:ff:6a:79:6f:f9:1b:42:ae:6d:eb:b6:65:ed:20:cb:58:
d0:39:61:50:23:02:07:ef:8d:3c:24:8a:d6:af:29:14:9c:3b:
8b:29:55:38:ec:1f:4d:2b:e6:88:cf:97:d1:2a:40:de:c2:ad:
b9:57:de:22
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYeoZeDkXll2wP2u6PQXuH+vMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZmODdlMGFiMDMyYjBjMDVlYjVlNzRjYzJjMDg2OThkZDMy
NGQ5NjMwHhcNMjMwNDIyMDk1NzQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZTY0MDVjNDgxOWY1NTIzODNkNDBkOTMzOTc5YzdmOTA4ZjM5NzI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg1BW60YuZKR4BfZQi12W5sdSs9IO
f/IsL0vouCSLJq6BpUdhsXyKR8rq5ZlBhUadRqQJmWmhf+FfwjsFF+PUgYjsB+xi
IFgq6I8W6ud+6DdD7gfYgRf1EgbWXx6rkzTxrTIeL+BsikZwq85jv4dwVtJQZORv
ctyWQgoSF4jDY17ecfkCI1q8D5bLm5+j0MC05qu/gv8JGga8HZsRXpWT2Uhuv3je
6xIFQF4CI3qbDB2NAyY9jC1p/Eaqpq6gTfznkqq5d1eTWKdMP4gUxqWN0z3U9d3c
eId0yNL9wjIzQWvlIG5LoPxIXmifvfs3xiaUNirxyOzWEOfITHrtAibWKQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFI5kBcSBn1Ujg9QNkzl5x/kI85clMB8GA1UdIwQY
MBaAFP+H4KsDKwwF6150zCwIaY3TJNljMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvXzRmZ3F3TXJEQVhyWG5UTUxBaHBqZE1rMldNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy8xZGYxOGUtNmM0ZC00MzRiLThlMzEt
NzFlYjk1ZjUwZTViLzEvam1RRnhJR2ZWU09EMUEyVE9YbkgtUWp6bHlVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMy8xZGYxOGUtNmM0ZC00MzRiLThlMzEtNzFlYjk1ZjUwZTVi
LzEvXzRmZ3F3TXJEQVhyWG5UTUxBaHBqZE1rMldNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAbXrMMA0G
CSqGSIb3DQEBCwUAA4IBAQBarmKInCNEhwDWjwR66W/r3wZ6fh22gC0visGnWDR6
n4Kqkio0ffykA1m+NI4hlvUtwAaK6RPwnoEEC8xyu8G8bkxq1C1s8yNkzQHXM07L
LW4oFgZUFpeoaZx6KozjKY/CSye7GSLs7+ouefYb1C8fjbjriJiPnFUf8SL/VDO/
JcKZEVIKzrGdEnIWvnS5c/KtCIUI9jAhey6AlfJq2J+kVRPdsCk8BoRlCE5v4XAs
oqDjYK5KJvJmnK/Vm+UVZZIc0N4wIIFO/f9qeW/5G0Kubeu2Ze0gy1jQOWFQIwIH
7408JIrWrykUnDuLKVU47B9NK+aIz5fRKkDewq25V94i
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:48 2024 by rpki-client on console-fra.rpki-client.org