Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/1df18e-6c4d-434b-8e31-71eb95f50e5b/1/thkFEJfCH2DJEs3z2QuThHqOM-s.roa
File: thkFEJfCH2DJEs3z2QuThHqOM-s.roa (raw, json)
Hash identifier: CIsgsmHeeutacdM47bq0AZxii+PXzDj4LkbxUZW2xuI=
Subject key identifier: B6:19:05:10:97:C2:1F:60:C9:12:CD:F3:D9:0B:93:84:7A:8E:33:EB
Certificate issuer: /CN=ff87e0ab032b0c05eb5e74cc2c08698dd324d963
Certificate serial: 018CC501407F352F2154B576E30E8068F362
Authority key identifier: FF:87:E0:AB:03:2B:0C:05:EB:5E:74:CC:2C:08:69:8D:D3:24:D9:63
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_4fgqwMrDAXrXnTMLAhpjdMk2WM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/33/1df18e-6c4d-434b-8e31-71eb95f50e5b/1/thkFEJfCH2DJEs3z2QuThHqOM-s.roa
Signing time: Mon 01 Jan 2024 12:30:42 +0000
ROA not before: Mon 01 Jan 2024 12:30:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 9050
IP address blocks: 109.122.221.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:01:40:7f:35:2f:21:54:b5:76:e3:0e:80:68:f3:62
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ff87e0ab032b0c05eb5e74cc2c08698dd324d963
Validity
Not Before: Jan 1 12:30:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b619051097c21f60c912cdf3d90b93847a8e33eb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:db:99:1a:50:7b:98:d7:b7:01:a7:fb:bf:0d:
80:5a:ca:4d:14:a3:5c:1c:02:70:23:7f:69:84:37:
96:6f:c0:5b:5b:6a:11:dd:2a:c0:94:ca:ff:9f:fd:
62:28:85:8a:59:c1:ed:c7:a8:bc:f2:c6:ab:eb:c0:
0d:a5:58:e9:f2:e6:83:07:36:c1:2c:72:3a:dc:93:
1a:36:62:81:90:ad:78:93:16:24:2c:be:64:d4:56:
ab:43:e4:37:3d:f9:03:30:0b:55:00:54:67:33:4c:
89:1a:f3:d4:2c:16:4f:14:21:a9:45:0f:f3:c3:47:
6a:e3:95:7b:e4:19:db:20:52:52:ef:90:d6:cb:7d:
b6:23:0a:58:9f:61:f6:d8:ef:97:30:9d:36:1e:b9:
cc:01:71:b8:d8:67:e2:d5:55:21:92:f9:de:08:0e:
db:b2:99:04:83:71:d6:d6:2a:2b:28:db:f5:93:65:
2c:ba:a6:cc:26:46:47:b6:e2:c0:2b:24:99:f1:73:
b4:a8:06:05:81:ff:dc:a8:1a:e9:b6:ea:b6:54:59:
0d:64:89:5b:c6:e7:29:2f:1e:df:07:5b:db:e0:61:
7d:5e:a6:d9:ff:31:13:40:74:ea:80:4d:e5:99:71:
8e:29:61:8a:7f:7b:fb:b8:f8:72:de:ef:bc:24:a0:
82:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:19:05:10:97:C2:1F:60:C9:12:CD:F3:D9:0B:93:84:7A:8E:33:EB
X509v3 Authority Key Identifier:
keyid:FF:87:E0:AB:03:2B:0C:05:EB:5E:74:CC:2C:08:69:8D:D3:24:D9:63
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_4fgqwMrDAXrXnTMLAhpjdMk2WM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/1df18e-6c4d-434b-8e31-71eb95f50e5b/1/thkFEJfCH2DJEs3z2QuThHqOM-s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/33/1df18e-6c4d-434b-8e31-71eb95f50e5b/1/_4fgqwMrDAXrXnTMLAhpjdMk2WM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.122.221.0/24
Signature Algorithm: sha256WithRSAEncryption
0f:f8:2a:6d:c3:58:ca:9e:06:5b:05:69:06:98:c1:0f:f4:af:
39:44:3c:29:24:80:28:c6:88:d8:87:d6:9a:ab:69:0f:95:9a:
25:12:00:3c:32:5e:14:d0:be:35:26:84:50:15:c4:fa:5d:2b:
93:1c:25:0c:49:5b:12:6d:56:59:bb:95:a4:60:8a:74:81:f0:
45:88:45:27:38:43:e1:9e:03:e4:d4:4d:a5:88:01:3b:9e:8e:
f3:04:ad:d4:9a:27:11:14:44:f9:4e:1e:41:17:f1:67:d6:48:
f7:86:9b:80:a7:1d:de:cf:ab:91:54:1a:18:34:f5:ed:f8:74:
6f:37:e7:86:0e:b4:76:93:32:e1:31:40:cc:8a:15:e9:e9:21:
74:80:2b:e9:c3:61:ec:69:0e:ef:e2:f2:bb:22:09:0d:fe:6a:
12:cd:28:b3:27:ee:11:b3:b4:ae:09:21:ae:0c:d2:c6:11:9a:
4c:7c:ca:92:0c:27:c7:53:f7:23:fc:8d:22:43:eb:83:b4:ac:
2e:ba:ae:2a:e9:0b:42:a6:8a:d4:81:05:e5:b4:02:96:53:97:
4d:65:98:be:b5:b8:cc:b0:b8:fa:35:ea:d3:22:17:67:81:79:
d8:04:4b:30:15:35:10:ef:17:06:3e:de:b3:a7:4c:da:3f:5f:
4a:07:51:c6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzFAUB/NS8hVLV24w6AaPNiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZmODdlMGFiMDMyYjBjMDVlYjVlNzRjYzJjMDg2OThkZDMy
NGQ5NjMwHhcNMjQwMTAxMTIzMDQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNjE5MDUxMDk3YzIxZjYwYzkxMmNkZjNkOTBiOTM4NDdhOGUzM2ViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiNuZGlB7mNe3Aaf7vw2AWspNFKNc
HAJwI39phDeWb8BbW2oR3SrAlMr/n/1iKIWKWcHtx6i88sar68ANpVjp8uaDBzbB
LHI63JMaNmKBkK14kxYkLL5k1FarQ+Q3PfkDMAtVAFRnM0yJGvPULBZPFCGpRQ/z
w0dq45V75BnbIFJS75DWy322IwpYn2H22O+XMJ02HrnMAXG42Gfi1VUhkvneCA7b
spkEg3HW1iorKNv1k2UsuqbMJkZHtuLAKySZ8XO0qAYFgf/cqBrptuq2VFkNZIlb
xucpLx7fB1vb4GF9XqbZ/zETQHTqgE3lmXGOKWGKf3v7uPhy3u+8JKCCEwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLYZBRCXwh9gyRLN89kLk4R6jjPrMB8GA1UdIwQY
MBaAFP+H4KsDKwwF6150zCwIaY3TJNljMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvXzRmZ3F3TXJEQVhyWG5UTUxBaHBqZE1rMldNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy8xZGYxOGUtNmM0ZC00MzRiLThlMzEt
NzFlYjk1ZjUwZTViLzEvdGhrRkVKZkNIMkRKRXMzejJRdVRoSHFPTS1zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMy8xZGYxOGUtNmM0ZC00MzRiLThlMzEtNzFlYjk1ZjUwZTVi
LzEvXzRmZ3F3TXJEQVhyWG5UTUxBaHBqZE1rMldNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAbXrdMA0G
CSqGSIb3DQEBCwUAA4IBAQAP+Cptw1jKngZbBWkGmMEP9K85RDwpJIAoxojYh9aa
q2kPlZolEgA8Ml4U0L41JoRQFcT6XSuTHCUMSVsSbVZZu5WkYIp0gfBFiEUnOEPh
ngPk1E2liAE7no7zBK3UmicRFET5Th5BF/Fn1kj3hpuApx3ez6uRVBoYNPXt+HRv
N+eGDrR2kzLhMUDMihXp6SF0gCvpw2HsaQ7v4vK7IgkN/moSzSizJ+4Rs7SuCSGu
DNLGEZpMfMqSDCfHU/cj/I0iQ+uDtKwuuq4q6QtCporUgQXltAKWU5dNZZi+tbjM
sLj6NerTIhdngXnYBEswFTUQ7xcGPt6zp0zaP19KB1HG
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:02:04 2024 by rpki-client on console-ams.rpki-client.org