Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/1df18e-6c4d-434b-8e31-71eb95f50e5b/1/u2VNGBC6Hl4CJ536eWCPu311ghk.roa
File: u2VNGBC6Hl4CJ536eWCPu311ghk.roa (raw, json)
Hash identifier: hViViGB0MVRJEIEQRL1TwiVso1bcjK1KqL/Th4WNptY=
Subject key identifier: BB:65:4D:18:10:BA:1E:5E:02:27:9D:FA:79:60:8F:BB:7D:75:82:19
Certificate issuer: /CN=ff87e0ab032b0c05eb5e74cc2c08698dd324d963
Certificate serial: 018B9BDB8339D07234D87BE75A2B50252AE2
Authority key identifier: FF:87:E0:AB:03:2B:0C:05:EB:5E:74:CC:2C:08:69:8D:D3:24:D9:63
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_4fgqwMrDAXrXnTMLAhpjdMk2WM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/33/1df18e-6c4d-434b-8e31-71eb95f50e5b/1/u2VNGBC6Hl4CJ536eWCPu311ghk.roa
Signing time: Sat 04 Nov 2023 19:42:16 +0000
ROA not before: Sat 04 Nov 2023 19:42:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 213200
IP address blocks: 109.122.195.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:9b:db:83:39:d0:72:34:d8:7b:e7:5a:2b:50:25:2a:e2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ff87e0ab032b0c05eb5e74cc2c08698dd324d963
Validity
Not Before: Nov 4 19:42:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bb654d1810ba1e5e02279dfa79608fbb7d758219
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:55:a9:e5:82:aa:e4:d6:54:65:36:56:ab:06:
12:9a:d4:8b:54:04:8a:10:2f:58:ef:f8:6a:e7:eb:
07:43:e9:00:3f:ca:b9:9c:5f:11:97:69:0d:2b:e0:
5c:45:3c:eb:ba:24:ea:4e:98:58:51:d0:9d:42:f9:
f7:4f:0d:6e:a1:65:72:98:00:d4:15:3f:06:ce:52:
f4:ef:b2:b7:c2:c3:f2:fb:3b:09:6b:7e:77:7c:bd:
84:10:22:85:f9:dd:c6:dd:6f:0e:99:56:b2:16:15:
6d:4d:55:01:2d:96:7b:ee:8b:2d:97:d6:b3:77:6a:
b0:c3:68:7d:92:22:43:59:65:ab:98:b6:39:3d:eb:
4a:ec:1c:36:46:36:bb:2d:23:34:5d:49:5e:44:db:
5a:f3:f7:42:5b:c6:50:9b:8c:ba:c1:5d:ff:b7:a6:
7a:a4:0c:3b:9b:5a:4b:c3:38:8f:16:01:d5:44:6e:
e4:71:ba:14:26:47:29:d1:29:e0:d5:6a:15:8e:fb:
4a:40:35:ac:2f:1a:0f:92:8a:d5:31:d7:f8:4a:bb:
aa:01:4c:84:aa:8e:de:1b:4b:30:c7:f5:f4:c1:fa:
88:b8:a6:af:af:3d:3f:b6:81:5d:27:94:31:94:42:
c5:c2:c2:71:8c:e7:cc:68:9d:42:2d:10:5b:54:97:
e0:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:65:4D:18:10:BA:1E:5E:02:27:9D:FA:79:60:8F:BB:7D:75:82:19
X509v3 Authority Key Identifier:
keyid:FF:87:E0:AB:03:2B:0C:05:EB:5E:74:CC:2C:08:69:8D:D3:24:D9:63
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_4fgqwMrDAXrXnTMLAhpjdMk2WM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/1df18e-6c4d-434b-8e31-71eb95f50e5b/1/u2VNGBC6Hl4CJ536eWCPu311ghk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/33/1df18e-6c4d-434b-8e31-71eb95f50e5b/1/_4fgqwMrDAXrXnTMLAhpjdMk2WM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.122.195.0/24
Signature Algorithm: sha256WithRSAEncryption
42:4d:2e:1b:93:f9:b2:20:b2:0d:ed:68:24:56:84:20:f3:f1:
3a:7f:ac:10:60:85:8d:13:77:7b:2f:5d:a8:63:4d:00:85:54:
cb:b8:a2:91:30:74:9c:8e:ba:66:0f:7b:48:16:5a:ed:b2:ef:
59:3b:53:a2:21:a5:83:c6:fb:b7:3a:63:e4:48:80:a8:9b:ce:
f3:68:ec:83:23:12:0e:05:1c:35:35:00:18:1e:2a:1c:18:15:
52:a4:7d:02:ec:7e:d4:60:d1:4b:3c:b7:b7:7c:5e:67:32:66:
76:91:18:6a:3d:c1:38:17:8e:4f:6b:fa:8a:1e:80:36:24:c6:
fc:66:2e:3e:24:87:95:fd:29:ad:fe:fb:44:b4:b4:a6:48:82:
4d:0d:f4:15:48:7c:30:38:5c:9a:93:3f:90:3d:20:c0:e7:9b:
f4:37:63:06:0e:88:bb:92:ee:a4:ef:26:dd:90:a0:1c:fc:2e:
70:57:b7:b1:18:6c:f2:d9:61:16:e1:38:77:9c:2b:cf:e3:35:
d5:89:9d:0d:72:2a:7d:fd:85:2f:7f:bb:d5:c2:df:dd:f3:25:
00:fd:25:27:7a:48:04:93:72:d5:f5:cb:80:f8:e4:5d:2c:39:
02:49:a7:03:1b:73:42:24:c3:f4:d4:68:98:a0:c5:1c:ca:8c:
87:8a:3f:0f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYub24M50HI02HvnWitQJSriMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZmODdlMGFiMDMyYjBjMDVlYjVlNzRjYzJjMDg2OThkZDMy
NGQ5NjMwHhcNMjMxMTA0MTk0MjE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYjY1NGQxODEwYmExZTVlMDIyNzlkZmE3OTYwOGZiYjdkNzU4MjE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5VWp5YKq5NZUZTZWqwYSmtSLVASK
EC9Y7/hq5+sHQ+kAP8q5nF8Rl2kNK+BcRTzruiTqTphYUdCdQvn3Tw1uoWVymADU
FT8GzlL077K3wsPy+zsJa353fL2EECKF+d3G3W8OmVayFhVtTVUBLZZ77ostl9az
d2qww2h9kiJDWWWrmLY5PetK7Bw2Rja7LSM0XUleRNta8/dCW8ZQm4y6wV3/t6Z6
pAw7m1pLwziPFgHVRG7kcboUJkcp0Sng1WoVjvtKQDWsLxoPkorVMdf4SruqAUyE
qo7eG0swx/X0wfqIuKavrz0/toFdJ5QxlELFwsJxjOfMaJ1CLRBbVJfgMQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLtlTRgQuh5eAied+nlgj7t9dYIZMB8GA1UdIwQY
MBaAFP+H4KsDKwwF6150zCwIaY3TJNljMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvXzRmZ3F3TXJEQVhyWG5UTUxBaHBqZE1rMldNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy8xZGYxOGUtNmM0ZC00MzRiLThlMzEt
NzFlYjk1ZjUwZTViLzEvdTJWTkdCQzZIbDRDSjUzNmVXQ1B1MzExZ2hrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMy8xZGYxOGUtNmM0ZC00MzRiLThlMzEtNzFlYjk1ZjUwZTVi
LzEvXzRmZ3F3TXJEQVhyWG5UTUxBaHBqZE1rMldNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAbXrDMA0G
CSqGSIb3DQEBCwUAA4IBAQBCTS4bk/myILIN7WgkVoQg8/E6f6wQYIWNE3d7L12o
Y00AhVTLuKKRMHScjrpmD3tIFlrtsu9ZO1OiIaWDxvu3OmPkSICom87zaOyDIxIO
BRw1NQAYHiocGBVSpH0C7H7UYNFLPLe3fF5nMmZ2kRhqPcE4F45Pa/qKHoA2JMb8
Zi4+JIeV/Smt/vtEtLSmSIJNDfQVSHwwOFyakz+QPSDA55v0N2MGDoi7ku6k7ybd
kKAc/C5wV7exGGzy2WEW4Th3nCvP4zXViZ0Ncip9/YUvf7vVwt/d8yUA/SUnekgE
k3LV9cuA+ORdLDkCSacDG3NCJMP01GiYoMUcyoyHij8P
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:48 2024 by rpki-client on console-fra.rpki-client.org