Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/1df18e-6c4d-434b-8e31-71eb95f50e5b/1/vayXFQQ4i2a1KOCnNiax42P2RWU.roa
File: vayXFQQ4i2a1KOCnNiax42P2RWU.roa (raw, json)
Hash identifier: nj4CiDZEEQMC9fxyPNB0fST35Jk7HRzAsQTuTA/JUB8=
Subject key identifier: BD:AC:97:15:04:38:8B:66:B5:28:E0:A7:36:26:B1:E3:63:F6:45:65
Certificate issuer: /CN=ff87e0ab032b0c05eb5e74cc2c08698dd324d963
Certificate serial: 018D3797303A92CC1C38AB459DB03B1681EA
Authority key identifier: FF:87:E0:AB:03:2B:0C:05:EB:5E:74:CC:2C:08:69:8D:D3:24:D9:63
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_4fgqwMrDAXrXnTMLAhpjdMk2WM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/33/1df18e-6c4d-434b-8e31-71eb95f50e5b/1/vayXFQQ4i2a1KOCnNiax42P2RWU.roa
Signing time: Tue 23 Jan 2024 18:31:11 +0000
ROA not before: Tue 23 Jan 2024 18:31:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 109.122.218.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:37:97:30:3a:92:cc:1c:38:ab:45:9d:b0:3b:16:81:ea
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ff87e0ab032b0c05eb5e74cc2c08698dd324d963
Validity
Not Before: Jan 23 18:31:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=bdac971504388b66b528e0a73626b1e363f64565
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:42:75:d2:68:97:b4:45:1b:3f:f5:90:0c:a2:
bf:c5:fe:8f:7c:7b:7d:77:c2:c0:20:04:a7:31:e6:
83:c0:2c:49:85:21:74:55:5c:3f:f7:78:94:99:ca:
c6:36:09:3c:33:7c:63:c4:9c:87:c7:a7:01:59:f6:
73:74:69:39:2c:7c:08:a5:2c:c5:c5:b6:f8:89:e3:
2e:1d:91:d3:ce:1f:87:af:79:91:17:d5:45:ce:e6:
76:fa:05:a2:fd:02:bd:88:d4:95:c1:e8:3c:65:5f:
de:42:f4:4b:63:cb:f2:44:17:09:77:74:33:bd:a0:
6e:4e:ed:0c:b1:4d:53:24:e7:0b:11:ab:d7:5f:19:
4a:1e:ac:80:33:ae:ab:4a:cd:6c:0c:dc:c2:27:45:
dd:ef:a4:f8:8e:41:d6:00:63:e8:2b:e0:fd:c1:6b:
bf:4a:e3:65:e0:89:c6:63:56:8b:21:68:25:d6:b6:
a3:f1:9a:fa:3f:77:d5:93:17:13:fb:95:b3:ee:dc:
d3:14:1b:9c:1c:a7:c2:c0:10:c5:fd:12:2c:b1:60:
08:21:39:2e:8c:74:e3:6c:89:00:60:25:47:c4:b4:
e2:72:a5:8a:e9:1e:fe:92:71:45:3d:1e:89:c5:7e:
19:d0:e7:95:95:67:7c:b8:a4:95:94:b9:e5:6a:52:
c7:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:AC:97:15:04:38:8B:66:B5:28:E0:A7:36:26:B1:E3:63:F6:45:65
X509v3 Authority Key Identifier:
keyid:FF:87:E0:AB:03:2B:0C:05:EB:5E:74:CC:2C:08:69:8D:D3:24:D9:63
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_4fgqwMrDAXrXnTMLAhpjdMk2WM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/1df18e-6c4d-434b-8e31-71eb95f50e5b/1/vayXFQQ4i2a1KOCnNiax42P2RWU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/33/1df18e-6c4d-434b-8e31-71eb95f50e5b/1/_4fgqwMrDAXrXnTMLAhpjdMk2WM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.122.218.0/24
Signature Algorithm: sha256WithRSAEncryption
02:d1:68:16:5c:ab:8d:38:71:8c:e5:b8:45:e5:7a:0b:1d:75:
f3:22:ed:45:56:50:0f:de:7d:1d:87:a6:66:2f:48:e0:61:f4:
24:b8:cb:6b:3c:f0:8d:f8:a1:51:cf:ab:fe:40:14:6a:1b:8b:
60:be:32:fa:5b:19:c7:0e:31:fa:ec:c1:75:22:4a:71:84:ca:
7a:fb:72:92:4b:8e:15:5c:27:47:ad:3b:df:26:d9:25:84:08:
48:93:cc:79:7b:99:35:de:1d:cb:62:78:87:b8:bb:9a:d3:84:
c3:d6:c8:68:09:24:69:c3:da:70:77:fc:7b:64:3f:84:af:a4:
a7:b0:78:51:0f:9a:f6:a8:1c:a3:02:d1:4e:bb:1b:51:2e:be:
84:21:87:70:9b:c2:92:33:f1:2c:c0:44:64:e3:55:4a:12:d2:
6f:3b:8a:c9:07:63:30:df:1d:02:a7:95:34:af:82:d9:de:ce:
3c:f3:d0:9a:5a:49:c3:0c:a1:3f:5b:80:a0:7f:e2:52:25:43:
b7:87:64:cb:d2:cf:29:41:a0:7f:8f:d1:bb:aa:c4:bf:89:6a:
2a:53:e7:70:42:35:00:f0:ad:eb:7c:0a:57:50:ed:e1:ed:47:
9f:3a:aa:45:57:bb:17:cb:d9:36:75:68:d1:77:0c:53:03:6f:
2e:e2:f9:29
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY03lzA6kswcOKtFnbA7FoHqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZmODdlMGFiMDMyYjBjMDVlYjVlNzRjYzJjMDg2OThkZDMy
NGQ5NjMwHhcNMjQwMTIzMTgzMTExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZGFjOTcxNTA0Mzg4YjY2YjUyOGUwYTczNjI2YjFlMzYzZjY0NTY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkEJ10miXtEUbP/WQDKK/xf6PfHt9
d8LAIASnMeaDwCxJhSF0VVw/93iUmcrGNgk8M3xjxJyHx6cBWfZzdGk5LHwIpSzF
xbb4ieMuHZHTzh+Hr3mRF9VFzuZ2+gWi/QK9iNSVweg8ZV/eQvRLY8vyRBcJd3Qz
vaBuTu0MsU1TJOcLEavXXxlKHqyAM66rSs1sDNzCJ0Xd76T4jkHWAGPoK+D9wWu/
SuNl4InGY1aLIWgl1raj8Zr6P3fVkxcT+5Wz7tzTFBucHKfCwBDF/RIssWAIITku
jHTjbIkAYCVHxLTicqWK6R7+knFFPR6JxX4Z0OeVlWd8uKSVlLnlalLHvQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFL2slxUEOItmtSjgpzYmseNj9kVlMB8GA1UdIwQY
MBaAFP+H4KsDKwwF6150zCwIaY3TJNljMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvXzRmZ3F3TXJEQVhyWG5UTUxBaHBqZE1rMldNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy8xZGYxOGUtNmM0ZC00MzRiLThlMzEt
NzFlYjk1ZjUwZTViLzEvdmF5WEZRUTRpMmExS09Dbk5pYXg0MlAyUldVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMy8xZGYxOGUtNmM0ZC00MzRiLThlMzEtNzFlYjk1ZjUwZTVi
LzEvXzRmZ3F3TXJEQVhyWG5UTUxBaHBqZE1rMldNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAbXraMA0G
CSqGSIb3DQEBCwUAA4IBAQAC0WgWXKuNOHGM5bhF5XoLHXXzIu1FVlAP3n0dh6Zm
L0jgYfQkuMtrPPCN+KFRz6v+QBRqG4tgvjL6WxnHDjH67MF1IkpxhMp6+3KSS44V
XCdHrTvfJtklhAhIk8x5e5k13h3LYniHuLua04TD1shoCSRpw9pwd/x7ZD+Er6Sn
sHhRD5r2qByjAtFOuxtRLr6EIYdwm8KSM/EswERk41VKEtJvO4rJB2Mw3x0Cp5U0
r4LZ3s4889CaWknDDKE/W4Cgf+JSJUO3h2TL0s8pQaB/j9G7qsS/iWoqU+dwQjUA
8K3rfApXUO3h7UefOqpFV7sXy9k2dWjRdwxTA28u4vkp
-----END CERTIFICATE-----
Generated at Thu Feb 15 13:09:21 2024 by rpki-client on console-fra.rpki-client.org