Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/1df18e-6c4d-434b-8e31-71eb95f50e5b/1/wGoS2jUZg7dCOcQDXgSKVd7IBcc.roa
File: wGoS2jUZg7dCOcQDXgSKVd7IBcc.roa (raw, json)
Hash identifier: WPXn0/ZSq4L625vUEnqBF/YBODymul5bXYQ+dYN7siA=
Subject key identifier: C0:6A:12:DA:35:19:83:B7:42:39:C4:03:5E:04:8A:55:DE:C8:05:C7
Certificate issuer: /CN=ff87e0ab032b0c05eb5e74cc2c08698dd324d963
Certificate serial: 018BEDC04132D370FDFA7DF819D7F1E83009
Authority key identifier: FF:87:E0:AB:03:2B:0C:05:EB:5E:74:CC:2C:08:69:8D:D3:24:D9:63
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_4fgqwMrDAXrXnTMLAhpjdMk2WM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/33/1df18e-6c4d-434b-8e31-71eb95f50e5b/1/wGoS2jUZg7dCOcQDXgSKVd7IBcc.roa
Signing time: Mon 20 Nov 2023 17:21:21 +0000
ROA not before: Mon 20 Nov 2023 17:21:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 213200
IP address blocks: 109.122.195.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:ed:c0:41:32:d3:70:fd:fa:7d:f8:19:d7:f1:e8:30:09
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ff87e0ab032b0c05eb5e74cc2c08698dd324d963
Validity
Not Before: Nov 20 17:21:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c06a12da351983b74239c4035e048a55dec805c7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:26:93:e6:a2:d1:e2:ee:4b:75:6d:85:8f:c5:
ed:39:c4:1e:27:c3:5d:ad:af:82:6d:ab:4c:df:42:
7f:84:86:8a:9b:e0:6d:b2:f6:9b:f7:80:0e:58:5e:
be:a6:b5:24:db:59:75:a3:3c:24:42:0a:ef:08:1f:
c5:33:23:39:7b:cd:0b:c0:a9:c5:02:84:46:0c:d2:
19:7a:5e:f7:a3:19:c6:0e:0b:f1:75:06:97:ed:8d:
5a:7c:b0:63:1e:54:40:99:2e:ae:96:78:f6:10:6b:
e0:04:24:2c:ec:a5:cb:2f:2e:84:b4:9e:01:4a:7f:
60:0d:57:d0:08:29:bc:ad:c7:ce:8d:1a:8b:75:35:
96:f5:e3:3d:08:6c:d5:91:91:b7:1a:0b:16:ee:6a:
ea:3e:6f:1d:89:c3:14:95:9e:9b:dc:b6:17:2c:21:
34:c2:fc:0d:5f:76:52:a0:dc:1b:80:c7:44:cb:c3:
f8:f8:2c:42:60:e8:62:52:5d:d0:b5:6d:f3:ee:e4:
c8:73:a3:18:17:77:22:e1:5a:85:77:e4:8e:62:5d:
33:0c:5f:fa:3d:f4:f2:9d:77:29:af:48:61:29:7a:
b0:b6:b2:73:e8:67:db:93:1c:59:87:c9:87:a6:68:
c1:e9:9b:ed:d3:3c:c8:f5:1f:79:f6:d5:d8:05:cb:
ac:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:6A:12:DA:35:19:83:B7:42:39:C4:03:5E:04:8A:55:DE:C8:05:C7
X509v3 Authority Key Identifier:
keyid:FF:87:E0:AB:03:2B:0C:05:EB:5E:74:CC:2C:08:69:8D:D3:24:D9:63
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_4fgqwMrDAXrXnTMLAhpjdMk2WM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/1df18e-6c4d-434b-8e31-71eb95f50e5b/1/wGoS2jUZg7dCOcQDXgSKVd7IBcc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/33/1df18e-6c4d-434b-8e31-71eb95f50e5b/1/_4fgqwMrDAXrXnTMLAhpjdMk2WM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.122.195.0/24
Signature Algorithm: sha256WithRSAEncryption
7e:55:e6:56:50:53:a1:82:c9:73:d1:18:60:da:5d:54:d0:f0:
4a:e2:1f:ee:26:44:3d:d6:29:29:b6:73:16:7a:d7:21:4d:8e:
92:66:41:2f:b9:52:c8:e2:7c:73:dc:c1:2d:10:a2:a9:87:39:
77:be:50:fe:f4:ac:93:87:73:b8:f5:e1:b3:28:82:d4:10:3b:
bd:bf:52:1a:e7:50:80:bd:1d:27:e6:a2:70:22:e1:f4:58:3c:
cc:87:bc:2a:de:d3:d0:c7:fc:e3:40:5b:ca:2b:2b:cf:b6:fa:
70:a4:18:92:8f:bf:46:d0:98:a7:43:4c:de:5a:82:3e:83:68:
62:1b:51:70:d4:ff:d5:3e:4b:f6:78:dc:bf:ef:53:83:0f:dd:
94:f0:84:8e:2f:5b:d6:56:01:79:2f:c1:87:d4:04:76:d5:f7:
ab:ea:f5:31:ac:72:96:0a:23:91:a0:1d:3f:79:ed:70:ca:78:
0a:d0:30:b7:93:72:16:6c:97:c0:0c:ed:bd:9e:d8:a1:98:aa:
db:df:d3:9e:88:c0:a8:85:38:bb:ed:f8:f2:f0:5e:da:2a:e8:
30:59:d6:b3:9c:97:4a:d9:7d:47:eb:d3:c6:6e:68:f5:85:d7:
d0:d6:f2:af:a1:b7:42:7e:df:a4:76:1c:ae:fd:50:2f:b4:22:
d6:5a:5f:13
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYvtwEEy03D9+n34Gdfx6DAJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZmODdlMGFiMDMyYjBjMDVlYjVlNzRjYzJjMDg2OThkZDMy
NGQ5NjMwHhcNMjMxMTIwMTcyMTIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMDZhMTJkYTM1MTk4M2I3NDIzOWM0MDM1ZTA0OGE1NWRlYzgwNWM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAriaT5qLR4u5LdW2Fj8XtOcQeJ8Nd
ra+CbatM30J/hIaKm+Btsvab94AOWF6+prUk21l1ozwkQgrvCB/FMyM5e80LwKnF
AoRGDNIZel73oxnGDgvxdQaX7Y1afLBjHlRAmS6ulnj2EGvgBCQs7KXLLy6EtJ4B
Sn9gDVfQCCm8rcfOjRqLdTWW9eM9CGzVkZG3GgsW7mrqPm8dicMUlZ6b3LYXLCE0
wvwNX3ZSoNwbgMdEy8P4+CxCYOhiUl3QtW3z7uTIc6MYF3ci4VqFd+SOYl0zDF/6
PfTynXcpr0hhKXqwtrJz6GfbkxxZh8mHpmjB6Zvt0zzI9R959tXYBcusTQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMBqEto1GYO3QjnEA14EilXeyAXHMB8GA1UdIwQY
MBaAFP+H4KsDKwwF6150zCwIaY3TJNljMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvXzRmZ3F3TXJEQVhyWG5UTUxBaHBqZE1rMldNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy8xZGYxOGUtNmM0ZC00MzRiLThlMzEt
NzFlYjk1ZjUwZTViLzEvd0dvUzJqVVpnN2RDT2NRRFhnU0tWZDdJQmNjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMy8xZGYxOGUtNmM0ZC00MzRiLThlMzEtNzFlYjk1ZjUwZTVi
LzEvXzRmZ3F3TXJEQVhyWG5UTUxBaHBqZE1rMldNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAbXrDMA0G
CSqGSIb3DQEBCwUAA4IBAQB+VeZWUFOhgslz0Rhg2l1U0PBK4h/uJkQ91ikptnMW
etchTY6SZkEvuVLI4nxz3MEtEKKphzl3vlD+9KyTh3O49eGzKILUEDu9v1Ia51CA
vR0n5qJwIuH0WDzMh7wq3tPQx/zjQFvKKyvPtvpwpBiSj79G0JinQ0zeWoI+g2hi
G1Fw1P/VPkv2eNy/71ODD92U8ISOL1vWVgF5L8GH1AR21fer6vUxrHKWCiORoB0/
ee1wyngK0DC3k3IWbJfADO29ntihmKrb39OeiMCohTi77fjy8F7aKugwWdaznJdK
2X1H69PGbmj1hdfQ1vKvobdCft+kdhyu/VAvtCLWWl8T
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:48 2024 by rpki-client on console-fra.rpki-client.org