Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/1df18e-6c4d-434b-8e31-71eb95f50e5b/1/ubTnsy3lxDIjQeAuXrBvVwWx6Ms.roa
File: ubTnsy3lxDIjQeAuXrBvVwWx6Ms.roa (raw, json)
Hash identifier: EaAlFxBODWgII0gk9ItD0Ix8932QABu+b3Zpt16rPj8=
Subject key identifier: B9:B4:E7:B3:2D:E5:C4:32:23:41:E0:2E:5E:B0:6F:57:05:B1:E8:CB
Certificate issuer: /CN=ff87e0ab032b0c05eb5e74cc2c08698dd324d963
Certificate serial: 018C91F717A546CA0F83F85F5E98B9C803AC
Authority key identifier: FF:87:E0:AB:03:2B:0C:05:EB:5E:74:CC:2C:08:69:8D:D3:24:D9:63
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_4fgqwMrDAXrXnTMLAhpjdMk2WM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/33/1df18e-6c4d-434b-8e31-71eb95f50e5b/1/ubTnsy3lxDIjQeAuXrBvVwWx6Ms.roa
Signing time: Fri 22 Dec 2023 14:38:58 +0000
ROA not before: Fri 22 Dec 2023 14:38:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49981
IP address blocks: 109.122.208.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:91:f7:17:a5:46:ca:0f:83:f8:5f:5e:98:b9:c8:03:ac
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ff87e0ab032b0c05eb5e74cc2c08698dd324d963
Validity
Not Before: Dec 22 14:38:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b9b4e7b32de5c4322341e02e5eb06f5705b1e8cb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:68:a6:2c:89:12:42:a7:12:cf:77:83:58:ee:
c0:87:8b:55:95:ea:46:6b:73:cd:15:54:93:81:78:
92:a7:9d:93:91:54:4d:51:ce:e9:f7:14:46:a3:5b:
9f:23:75:6b:cb:d1:fc:0e:4b:5a:9a:dc:89:3e:1f:
87:3b:c9:2e:03:f1:20:e7:2d:14:45:ee:b6:0c:06:
76:69:80:c3:dc:e4:d1:11:1e:ba:06:5c:7e:11:cb:
3f:94:21:53:89:41:e8:3c:f4:28:81:5b:32:de:c6:
a6:2f:1e:42:ff:29:53:75:84:45:02:e5:b1:3d:41:
8e:55:41:f7:3e:d6:f0:84:3b:fa:74:dd:5e:33:9f:
1f:de:a1:3c:a5:66:d4:99:cf:3d:fc:18:13:ae:7b:
ce:e5:58:25:b4:2d:87:96:62:63:15:ad:d0:7a:4c:
0b:62:c1:64:c8:74:37:83:da:b5:17:a4:fe:4b:11:
ee:5b:69:b6:ad:12:0d:b0:85:de:97:b3:1a:c1:eb:
d9:8c:72:61:95:47:8d:26:98:ab:f9:f2:95:7a:d2:
1c:95:63:5a:1a:40:92:83:4e:06:7f:f6:b6:ac:5a:
51:3b:e6:02:60:3b:6e:f9:c6:4e:14:83:1e:8e:24:
78:ea:9f:a6:03:7d:0c:e5:b0:62:d4:1c:bf:dc:e5:
ca:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:B4:E7:B3:2D:E5:C4:32:23:41:E0:2E:5E:B0:6F:57:05:B1:E8:CB
X509v3 Authority Key Identifier:
keyid:FF:87:E0:AB:03:2B:0C:05:EB:5E:74:CC:2C:08:69:8D:D3:24:D9:63
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_4fgqwMrDAXrXnTMLAhpjdMk2WM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/1df18e-6c4d-434b-8e31-71eb95f50e5b/1/ubTnsy3lxDIjQeAuXrBvVwWx6Ms.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/33/1df18e-6c4d-434b-8e31-71eb95f50e5b/1/_4fgqwMrDAXrXnTMLAhpjdMk2WM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.122.208.0/24
Signature Algorithm: sha256WithRSAEncryption
59:25:1a:bf:71:bd:62:20:f9:27:da:e9:79:a9:2f:d0:5b:a4:
22:49:0a:15:1d:9b:64:d6:77:20:2d:86:7a:03:15:f2:b3:8f:
08:e0:34:d9:af:0e:f4:18:7a:80:3d:7c:69:64:fa:f6:58:1d:
bd:7b:86:4b:90:48:38:7b:1d:b7:a5:a5:81:83:de:ee:2e:84:
31:89:5b:c5:89:7c:a3:84:62:4d:4b:dd:ed:e7:18:f6:39:66:
99:7f:89:76:77:2f:35:56:9b:52:2d:42:5c:3d:4d:88:23:45:
86:80:da:3d:06:9d:f6:d1:a0:57:c4:25:d8:0d:7a:49:0b:18:
f9:84:0b:b0:97:35:66:b1:e4:ba:e6:86:f4:38:22:e7:df:1b:
b9:ab:e8:fc:2d:ec:a4:dc:d7:c1:14:83:36:48:58:c7:91:98:
64:8d:66:b4:75:86:b6:e1:04:5b:17:f7:0d:61:dd:6b:75:7e:
1f:b9:8c:fd:16:d0:53:90:eb:c7:b7:23:3e:15:ab:44:5d:50:
cd:68:b2:f1:89:ef:d2:ab:38:8f:b5:bb:e5:c0:8f:4f:5b:59:
fd:92:ff:85:d8:dc:b4:63:4b:dd:b9:92:2c:ee:8c:dd:00:8d:
2f:a0:a8:14:43:84:eb:2d:14:dd:bf:1f:ef:9d:cd:9d:b1:cf:
3b:c0:7b:d5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYyR9xelRsoPg/hfXpi5yAOsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZmODdlMGFiMDMyYjBjMDVlYjVlNzRjYzJjMDg2OThkZDMy
NGQ5NjMwHhcNMjMxMjIyMTQzODU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOWI0ZTdiMzJkZTVjNDMyMjM0MWUwMmU1ZWIwNmY1NzA1YjFlOGNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjGimLIkSQqcSz3eDWO7Ah4tVlepG
a3PNFVSTgXiSp52TkVRNUc7p9xRGo1ufI3Vry9H8DktamtyJPh+HO8kuA/Eg5y0U
Re62DAZ2aYDD3OTRER66Blx+Ecs/lCFTiUHoPPQogVsy3samLx5C/ylTdYRFAuWx
PUGOVUH3PtbwhDv6dN1eM58f3qE8pWbUmc89/BgTrnvO5VgltC2HlmJjFa3QekwL
YsFkyHQ3g9q1F6T+SxHuW2m2rRINsIXel7MawevZjHJhlUeNJpir+fKVetIclWNa
GkCSg04Gf/a2rFpRO+YCYDtu+cZOFIMejiR46p+mA30M5bBi1By/3OXK9QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLm057Mt5cQyI0HgLl6wb1cFsejLMB8GA1UdIwQY
MBaAFP+H4KsDKwwF6150zCwIaY3TJNljMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvXzRmZ3F3TXJEQVhyWG5UTUxBaHBqZE1rMldNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy8xZGYxOGUtNmM0ZC00MzRiLThlMzEt
NzFlYjk1ZjUwZTViLzEvdWJUbnN5M2x4RElqUWVBdVhyQnZWd1d4Nk1zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMy8xZGYxOGUtNmM0ZC00MzRiLThlMzEtNzFlYjk1ZjUwZTVi
LzEvXzRmZ3F3TXJEQVhyWG5UTUxBaHBqZE1rMldNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAbXrQMA0G
CSqGSIb3DQEBCwUAA4IBAQBZJRq/cb1iIPkn2ul5qS/QW6QiSQoVHZtk1ncgLYZ6
AxXys48I4DTZrw70GHqAPXxpZPr2WB29e4ZLkEg4ex23paWBg97uLoQxiVvFiXyj
hGJNS93t5xj2OWaZf4l2dy81VptSLUJcPU2II0WGgNo9Bp320aBXxCXYDXpJCxj5
hAuwlzVmseS65ob0OCLn3xu5q+j8Leyk3NfBFIM2SFjHkZhkjWa0dYa24QRbF/cN
Yd1rdX4fuYz9FtBTkOvHtyM+FatEXVDNaLLxie/SqziPtbvlwI9PW1n9kv+F2Ny0
Y0vduZIs7ozdAI0voKgUQ4TrLRTdvx/vnc2dsc87wHvV
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:48 2024 by rpki-client on console-fra.rpki-client.org