Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/1df18e-6c4d-434b-8e31-71eb95f50e5b/1/p2yiSXac32lNzxbsL_YMAEetLH4.roa
File: p2yiSXac32lNzxbsL_YMAEetLH4.roa (raw, json)
Hash identifier: LHzHhYhZ+iOYUUh44G19v4tA39ax91uHWPyi2lsswMA=
Subject key identifier: A7:6C:A2:49:76:9C:DF:69:4D:CF:16:EC:2F:F6:0C:00:47:AD:2C:7E
Certificate issuer: /CN=ff87e0ab032b0c05eb5e74cc2c08698dd324d963
Certificate serial: 018CC50142111A9A4F13E06DA2F918307EA8
Authority key identifier: FF:87:E0:AB:03:2B:0C:05:EB:5E:74:CC:2C:08:69:8D:D3:24:D9:63
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_4fgqwMrDAXrXnTMLAhpjdMk2WM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/33/1df18e-6c4d-434b-8e31-71eb95f50e5b/1/p2yiSXac32lNzxbsL_YMAEetLH4.roa
Signing time: Mon 01 Jan 2024 12:30:43 +0000
ROA not before: Mon 01 Jan 2024 12:30:43 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 44620
IP address blocks: 109.122.196.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:01:42:11:1a:9a:4f:13:e0:6d:a2:f9:18:30:7e:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ff87e0ab032b0c05eb5e74cc2c08698dd324d963
Validity
Not Before: Jan 1 12:30:43 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a76ca249769cdf694dcf16ec2ff60c0047ad2c7e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:25:b7:d7:c5:a3:c7:9f:e1:9e:f9:da:59:23:
ef:98:7e:63:11:2c:29:8a:19:5e:b5:b7:60:40:e5:
99:41:62:b3:8b:c2:78:12:90:ab:99:a0:aa:13:b0:
08:ce:7c:46:a1:f4:28:b0:f2:67:0b:4a:cd:35:50:
2b:e7:bf:86:9a:ab:5f:e9:25:03:61:01:68:bf:ae:
07:63:54:08:b1:d9:4c:a7:60:ed:51:4e:6f:f8:a4:
69:17:42:5d:fb:38:c0:85:01:5c:fe:a9:f2:5c:73:
9a:98:ba:88:50:a4:2c:a5:3f:2d:f1:89:18:65:a8:
1c:23:28:80:84:66:7a:6a:8a:a6:df:d1:9c:95:11:
9f:5c:93:5a:3c:c1:ae:df:ed:fd:8a:98:90:e3:f0:
3c:59:8d:b4:0c:d6:3e:09:26:4f:71:fc:3c:a3:60:
20:aa:5b:45:01:b4:55:3a:bb:69:4c:67:ac:50:50:
64:a4:9f:3d:d7:4d:62:45:3a:2f:1d:46:41:92:f0:
14:26:c5:11:4a:cc:5a:c4:ca:12:ff:4d:48:e4:03:
35:5b:44:6d:22:2f:0c:9e:aa:8f:d7:90:54:33:a3:
08:3c:a0:99:79:f8:b5:fd:8f:75:fd:29:17:95:a7:
d0:06:c9:bc:ac:f4:41:95:5f:07:cd:3e:06:18:fa:
f0:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:6C:A2:49:76:9C:DF:69:4D:CF:16:EC:2F:F6:0C:00:47:AD:2C:7E
X509v3 Authority Key Identifier:
keyid:FF:87:E0:AB:03:2B:0C:05:EB:5E:74:CC:2C:08:69:8D:D3:24:D9:63
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_4fgqwMrDAXrXnTMLAhpjdMk2WM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/1df18e-6c4d-434b-8e31-71eb95f50e5b/1/p2yiSXac32lNzxbsL_YMAEetLH4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/33/1df18e-6c4d-434b-8e31-71eb95f50e5b/1/_4fgqwMrDAXrXnTMLAhpjdMk2WM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.122.196.0/24
Signature Algorithm: sha256WithRSAEncryption
87:60:1f:12:40:44:74:ea:df:8e:19:f4:8d:99:2a:9b:69:dd:
e5:ed:a5:fa:70:85:a4:59:02:51:50:4d:99:b8:ab:3f:fd:42:
e1:24:20:85:2f:85:87:72:01:7b:12:42:23:52:16:e9:cc:c9:
c8:6a:c5:ef:75:99:86:e4:4e:23:69:46:f4:fe:16:66:8f:5d:
da:3e:52:9e:2e:c0:af:d5:5e:bf:53:eb:9a:94:fe:9a:6c:09:
36:43:6e:7a:ca:61:79:96:19:58:fd:64:e2:7e:d7:a3:f9:c4:
df:7c:42:cb:4b:80:6a:f9:6a:0c:10:32:9e:fd:97:21:a5:8f:
0a:88:f0:08:13:a5:01:f5:49:7e:37:d6:17:22:4a:d9:24:35:
c3:0f:7d:69:85:c7:dd:0c:ce:7f:36:4c:fa:09:07:87:6c:0f:
67:5d:3e:db:2c:bb:88:fb:25:90:df:bc:98:8b:de:36:a2:95:
d7:45:e4:c6:79:b0:d3:68:cf:f7:32:a9:f8:11:a4:a0:c0:05:
27:be:99:3a:88:c2:48:68:53:4a:44:5c:b7:99:8f:50:66:ce:
4e:59:f2:f6:11:33:f3:56:c4:94:bc:f3:30:84:43:44:ad:b3:
ad:04:eb:74:06:fa:19:63:9e:46:ff:05:b2:9e:fa:89:57:d2:
5b:13:64:83
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzFAUIRGppPE+BtovkYMH6oMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZmODdlMGFiMDMyYjBjMDVlYjVlNzRjYzJjMDg2OThkZDMy
NGQ5NjMwHhcNMjQwMTAxMTIzMDQzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNzZjYTI0OTc2OWNkZjY5NGRjZjE2ZWMyZmY2MGMwMDQ3YWQyYzdlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhyW318Wjx5/hnvnaWSPvmH5jESwp
ihletbdgQOWZQWKzi8J4EpCrmaCqE7AIznxGofQosPJnC0rNNVAr57+Gmqtf6SUD
YQFov64HY1QIsdlMp2DtUU5v+KRpF0Jd+zjAhQFc/qnyXHOamLqIUKQspT8t8YkY
ZagcIyiAhGZ6aoqm39GclRGfXJNaPMGu3+39ipiQ4/A8WY20DNY+CSZPcfw8o2Ag
qltFAbRVOrtpTGesUFBkpJ89101iRTovHUZBkvAUJsURSsxaxMoS/01I5AM1W0Rt
Ii8MnqqP15BUM6MIPKCZefi1/Y91/SkXlafQBsm8rPRBlV8HzT4GGPrwhQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKdsokl2nN9pTc8W7C/2DABHrSx+MB8GA1UdIwQY
MBaAFP+H4KsDKwwF6150zCwIaY3TJNljMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvXzRmZ3F3TXJEQVhyWG5UTUxBaHBqZE1rMldNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy8xZGYxOGUtNmM0ZC00MzRiLThlMzEt
NzFlYjk1ZjUwZTViLzEvcDJ5aVNYYWMzMmxOenhic0xfWU1BRWV0TEg0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMy8xZGYxOGUtNmM0ZC00MzRiLThlMzEtNzFlYjk1ZjUwZTVi
LzEvXzRmZ3F3TXJEQVhyWG5UTUxBaHBqZE1rMldNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAbXrEMA0G
CSqGSIb3DQEBCwUAA4IBAQCHYB8SQER06t+OGfSNmSqbad3l7aX6cIWkWQJRUE2Z
uKs//ULhJCCFL4WHcgF7EkIjUhbpzMnIasXvdZmG5E4jaUb0/hZmj13aPlKeLsCv
1V6/U+ualP6abAk2Q256ymF5lhlY/WTiftej+cTffELLS4Bq+WoMEDKe/ZchpY8K
iPAIE6UB9Ul+N9YXIkrZJDXDD31phcfdDM5/Nkz6CQeHbA9nXT7bLLuI+yWQ37yY
i942opXXReTGebDTaM/3Mqn4EaSgwAUnvpk6iMJIaFNKRFy3mY9QZs5OWfL2ETPz
VsSUvPMwhENErbOtBOt0BvoZY55G/wWynvqJV9JbE2SD
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:48 2024 by rpki-client on console-fra.rpki-client.org