Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/1df18e-6c4d-434b-8e31-71eb95f50e5b/1/lSCWrgzjj4Iglqwfx1uqOtNCv6o.roa
File: lSCWrgzjj4Iglqwfx1uqOtNCv6o.roa (raw, json)
Hash identifier: ipZld4QQteb3/eHblWGvSbfcVs5Puw84UPLjoXG07Sw=
Subject key identifier: 95:20:96:AE:0C:E3:8F:82:20:96:AC:1F:C7:5B:AA:3A:D3:42:BF:AA
Certificate issuer: /CN=ff87e0ab032b0c05eb5e74cc2c08698dd324d963
Certificate serial: 018D37973269F77A4D8E8F2E6DF6D3C26936
Authority key identifier: FF:87:E0:AB:03:2B:0C:05:EB:5E:74:CC:2C:08:69:8D:D3:24:D9:63
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_4fgqwMrDAXrXnTMLAhpjdMk2WM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/33/1df18e-6c4d-434b-8e31-71eb95f50e5b/1/lSCWrgzjj4Iglqwfx1uqOtNCv6o.roa
Signing time: Tue 23 Jan 2024 18:31:12 +0000
ROA not before: Tue 23 Jan 2024 18:31:12 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39368
IP address blocks: 109.122.199.0/24 maxlen: 24
109.122.209.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:37:97:32:69:f7:7a:4d:8e:8f:2e:6d:f6:d3:c2:69:36
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ff87e0ab032b0c05eb5e74cc2c08698dd324d963
Validity
Not Before: Jan 23 18:31:12 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=952096ae0ce38f822096ac1fc75baa3ad342bfaa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:ad:35:ba:e0:31:e1:12:5e:12:5e:c8:f3:3c:
1a:2a:73:ca:6a:f7:63:f3:f6:0b:1d:b4:85:e6:43:
a4:03:7a:1f:58:87:aa:ad:b1:21:f3:7f:f4:f4:20:
40:6c:c2:25:3b:a1:ac:30:ea:7b:0e:4c:4e:3f:3f:
77:2d:c5:87:ae:cc:8d:32:50:dd:52:6f:db:5e:95:
e4:c1:22:2b:22:6d:ca:f6:cb:30:4c:41:0a:79:f7:
d4:05:33:21:8c:de:01:84:c2:ca:5f:9f:d1:1d:5d:
66:d3:f2:3f:d2:e0:e6:02:b6:00:56:98:67:c6:cc:
ae:ce:aa:b3:4c:c2:1b:a3:d9:88:38:91:78:5e:5e:
26:29:a4:b2:58:51:0f:ee:53:74:5c:e2:e3:61:50:
ce:65:58:94:28:ab:6a:0c:3c:da:46:56:c8:58:f9:
c0:da:70:21:7c:b6:fa:69:cf:0d:ff:4b:83:54:a6:
f6:4b:5a:b9:3c:41:41:57:3d:5b:de:73:c9:56:34:
9a:0d:35:e2:44:a9:b6:10:87:1a:24:f5:d6:bb:64:
07:6f:da:75:64:f2:81:7c:91:12:51:6e:26:88:e8:
2c:d2:b4:5d:90:d3:1d:e4:ab:97:65:2d:50:b0:98:
61:f6:05:28:71:19:4a:86:0c:e1:1f:7e:c2:a8:44:
71:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:20:96:AE:0C:E3:8F:82:20:96:AC:1F:C7:5B:AA:3A:D3:42:BF:AA
X509v3 Authority Key Identifier:
keyid:FF:87:E0:AB:03:2B:0C:05:EB:5E:74:CC:2C:08:69:8D:D3:24:D9:63
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_4fgqwMrDAXrXnTMLAhpjdMk2WM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/1df18e-6c4d-434b-8e31-71eb95f50e5b/1/lSCWrgzjj4Iglqwfx1uqOtNCv6o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/33/1df18e-6c4d-434b-8e31-71eb95f50e5b/1/_4fgqwMrDAXrXnTMLAhpjdMk2WM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.122.199.0/24
109.122.209.0/24
Signature Algorithm: sha256WithRSAEncryption
44:2c:77:13:e3:33:a0:a3:e8:8e:f1:db:ff:55:bc:1c:39:88:
2c:91:8b:30:6c:98:06:a6:0c:b2:f2:07:7d:59:b3:2b:33:eb:
9c:f1:83:4f:32:53:b8:82:e9:0e:08:a4:6e:ea:7e:71:a0:73:
24:c9:71:1a:3e:80:c6:97:26:e1:17:84:64:77:fd:ed:29:f4:
34:df:26:18:d5:20:8c:f4:1e:27:ee:a9:b6:17:33:c5:39:72:
f5:6f:71:44:cc:bf:23:7b:8f:8f:e9:ec:e3:7a:e9:15:90:90:
10:81:c8:7a:40:b3:62:88:e8:54:ae:a5:6e:66:0c:ab:95:ef:
99:0d:f6:73:b3:95:91:9b:69:07:7a:0f:f2:e2:49:aa:8c:67:
cb:0d:d1:20:a2:b6:97:0c:fb:c9:21:c5:3b:b3:16:d5:88:21:
ad:71:bb:fd:36:3f:10:12:29:12:a0:95:53:30:47:cd:90:8e:
3f:71:05:86:1e:8b:ef:e5:80:88:5d:15:2b:51:d5:90:74:f1:
97:e4:cf:4e:a0:8e:b0:6c:95:61:f2:b4:01:69:f7:4d:33:0b:
71:fa:9d:38:a1:c1:6b:a4:3c:f2:e2:51:81:0f:c6:e6:18:2d:
f6:e9:b4:f9:d8:fd:55:a7:ce:e7:77:72:58:a2:e2:d8:bf:f9:
b5:62:56:ba
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY03lzJp93pNjo8ubfbTwmk2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZmODdlMGFiMDMyYjBjMDVlYjVlNzRjYzJjMDg2OThkZDMy
NGQ5NjMwHhcNMjQwMTIzMTgzMTEyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NTIwOTZhZTBjZTM4ZjgyMjA5NmFjMWZjNzViYWEzYWQzNDJiZmFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAga01uuAx4RJeEl7I8zwaKnPKavdj
8/YLHbSF5kOkA3ofWIeqrbEh83/09CBAbMIlO6GsMOp7DkxOPz93LcWHrsyNMlDd
Um/bXpXkwSIrIm3K9sswTEEKeffUBTMhjN4BhMLKX5/RHV1m0/I/0uDmArYAVphn
xsyuzqqzTMIbo9mIOJF4Xl4mKaSyWFEP7lN0XOLjYVDOZViUKKtqDDzaRlbIWPnA
2nAhfLb6ac8N/0uDVKb2S1q5PEFBVz1b3nPJVjSaDTXiRKm2EIcaJPXWu2QHb9p1
ZPKBfJESUW4miOgs0rRdkNMd5KuXZS1QsJhh9gUocRlKhgzhH37CqERx2QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJUglq4M44+CIJasH8dbqjrTQr+qMB8GA1UdIwQY
MBaAFP+H4KsDKwwF6150zCwIaY3TJNljMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvXzRmZ3F3TXJEQVhyWG5UTUxBaHBqZE1rMldNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy8xZGYxOGUtNmM0ZC00MzRiLThlMzEt
NzFlYjk1ZjUwZTViLzEvbFNDV3JnempqNElnbHF3ZngxdXFPdE5DdjZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMy8xZGYxOGUtNmM0ZC00MzRiLThlMzEtNzFlYjk1ZjUwZTVi
LzEvXzRmZ3F3TXJEQVhyWG5UTUxBaHBqZE1rMldNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAbXrHAwQA
bXrRMA0GCSqGSIb3DQEBCwUAA4IBAQBELHcT4zOgo+iO8dv/VbwcOYgskYswbJgG
pgyy8gd9WbMrM+uc8YNPMlO4gukOCKRu6n5xoHMkyXEaPoDGlybhF4Rkd/3tKfQ0
3yYY1SCM9B4n7qm2FzPFOXL1b3FEzL8je4+P6ezjeukVkJAQgch6QLNiiOhUrqVu
Zgyrle+ZDfZzs5WRm2kHeg/y4kmqjGfLDdEgoraXDPvJIcU7sxbViCGtcbv9Nj8Q
EikSoJVTMEfNkI4/cQWGHovv5YCIXRUrUdWQdPGX5M9OoI6wbJVh8rQBafdNMwtx
+p04ocFrpDzy4lGBD8bmGC326bT52P1Vp87nd3JYouLYv/m1Yla6
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:48 2024 by rpki-client on console-fra.rpki-client.org