Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/1df18e-6c4d-434b-8e31-71eb95f50e5b/1/w_pnSq8jjInbmarOUTodnBgc1l8.roa
File: w_pnSq8jjInbmarOUTodnBgc1l8.roa (raw, json)
Hash identifier: z+ic5bXI8Z7r6Cp63UpyMaA8edXs32nU7rp4xVLGHk8=
Subject key identifier: C3:FA:67:4A:AF:23:8C:89:DB:99:AA:CE:51:3A:1D:9C:18:1C:D6:5F
Certificate issuer: /CN=ff87e0ab032b0c05eb5e74cc2c08698dd324d963
Certificate serial: 0187A865E591AA011834CA5CDACC227AF0D5
Authority key identifier: FF:87:E0:AB:03:2B:0C:05:EB:5E:74:CC:2C:08:69:8D:D3:24:D9:63
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_4fgqwMrDAXrXnTMLAhpjdMk2WM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/33/1df18e-6c4d-434b-8e31-71eb95f50e5b/1/w_pnSq8jjInbmarOUTodnBgc1l8.roa
Signing time: Sat 22 Apr 2023 09:57:42 +0000
ROA not before: Sat 22 Apr 2023 09:57:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49981
IP address blocks: 109.122.208.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:a8:65:e5:91:aa:01:18:34:ca:5c:da:cc:22:7a:f0:d5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ff87e0ab032b0c05eb5e74cc2c08698dd324d963
Validity
Not Before: Apr 22 09:57:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c3fa674aaf238c89db99aace513a1d9c181cd65f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:cd:19:f8:86:0d:1b:18:62:0d:d0:c8:b0:d2:
77:12:05:74:04:ce:86:cc:22:d0:5d:2c:51:7f:47:
18:51:23:88:0b:f6:43:2d:5c:20:2a:b0:7b:a6:e0:
71:d5:e7:1a:2a:87:c5:2c:a9:01:06:49:c2:6b:14:
95:86:4d:fd:c9:74:11:e4:62:53:b0:69:d5:db:f8:
47:c7:28:c8:c6:fe:e2:eb:ea:5a:1d:fc:ae:db:6b:
0d:b2:ad:89:19:8d:70:73:45:24:40:67:f9:cf:0c:
ce:fd:98:94:55:57:b1:b8:69:c8:d5:9b:98:88:35:
d2:85:a0:f5:91:80:61:9f:8f:c9:eb:8f:87:26:12:
7e:8b:12:5b:ed:3f:17:db:63:52:ba:a5:18:71:bd:
e9:a1:c5:e4:61:94:74:96:25:b0:8b:1d:3a:e4:db:
6f:07:04:20:b4:70:f5:31:7e:1f:33:89:0c:9f:fe:
93:e9:ca:ce:23:91:11:00:a1:6e:4f:58:96:be:f6:
24:b8:2e:db:27:ab:d0:3b:10:bf:64:74:3f:62:1c:
f4:2d:2c:2b:a3:07:93:ea:03:f0:fa:6e:c0:69:83:
c7:59:e6:5a:0d:b3:ad:f3:e2:85:2a:2c:2f:db:07:
8e:d2:9a:95:d6:9a:b3:8b:4b:c5:0d:5f:f9:73:08:
6e:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C3:FA:67:4A:AF:23:8C:89:DB:99:AA:CE:51:3A:1D:9C:18:1C:D6:5F
X509v3 Authority Key Identifier:
keyid:FF:87:E0:AB:03:2B:0C:05:EB:5E:74:CC:2C:08:69:8D:D3:24:D9:63
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_4fgqwMrDAXrXnTMLAhpjdMk2WM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/1df18e-6c4d-434b-8e31-71eb95f50e5b/1/w_pnSq8jjInbmarOUTodnBgc1l8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/33/1df18e-6c4d-434b-8e31-71eb95f50e5b/1/_4fgqwMrDAXrXnTMLAhpjdMk2WM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.122.208.0/24
Signature Algorithm: sha256WithRSAEncryption
95:62:0a:77:77:e5:a5:ae:49:2c:9e:94:55:f2:11:72:eb:54:
5a:c9:36:6f:af:16:9d:f2:13:ab:33:45:c4:10:4d:5e:0c:32:
80:96:08:83:61:82:55:80:fe:06:8b:9c:15:b4:d5:79:ad:f8:
be:ce:35:5e:4f:2e:2d:d6:61:bd:3c:bd:10:e2:ab:fe:7b:c0:
b3:7c:bb:79:ad:18:8b:71:bb:c6:2f:0a:57:d8:ed:33:55:b1:
39:90:b0:3f:1e:86:41:bf:89:0f:21:7f:a6:bc:46:4a:06:58:
a9:95:cd:19:8f:0d:e7:d0:92:9f:59:18:f7:a1:95:f9:c9:3e:
67:21:bb:22:29:76:ed:b0:42:13:ac:33:70:a1:e7:94:db:94:
51:06:29:0e:33:89:2b:0d:cf:9d:a4:c3:d3:c4:f2:0a:f8:1d:
14:f8:b5:d7:b5:7e:8f:9a:f9:b6:91:01:f8:ef:1a:96:cd:46:
c5:eb:41:8e:b0:cc:d4:bc:47:fd:18:75:e0:a5:ff:7d:ec:eb:
d4:3b:21:6e:2f:7d:c8:35:35:de:23:f1:3a:df:df:85:9f:2d:
a4:ce:26:be:f6:cf:d0:68:6f:48:80:77:70:5b:31:4c:42:97:
a7:ed:f2:64:e6:3c:3e:01:f4:7f:0f:b8:db:23:64:92:43:53:
63:17:c1:63
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYeoZeWRqgEYNMpc2swievDVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZmODdlMGFiMDMyYjBjMDVlYjVlNzRjYzJjMDg2OThkZDMy
NGQ5NjMwHhcNMjMwNDIyMDk1NzQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjM2ZhNjc0YWFmMjM4Yzg5ZGI5OWFhY2U1MTNhMWQ5YzE4MWNkNjVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA480Z+IYNGxhiDdDIsNJ3EgV0BM6G
zCLQXSxRf0cYUSOIC/ZDLVwgKrB7puBx1ecaKofFLKkBBknCaxSVhk39yXQR5GJT
sGnV2/hHxyjIxv7i6+paHfyu22sNsq2JGY1wc0UkQGf5zwzO/ZiUVVexuGnI1ZuY
iDXShaD1kYBhn4/J64+HJhJ+ixJb7T8X22NSuqUYcb3pocXkYZR0liWwix065Ntv
BwQgtHD1MX4fM4kMn/6T6crOI5ERAKFuT1iWvvYkuC7bJ6vQOxC/ZHQ/Yhz0LSwr
oweT6gPw+m7AaYPHWeZaDbOt8+KFKiwv2weO0pqV1pqzi0vFDV/5cwhu0wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMP6Z0qvI4yJ25mqzlE6HZwYHNZfMB8GA1UdIwQY
MBaAFP+H4KsDKwwF6150zCwIaY3TJNljMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvXzRmZ3F3TXJEQVhyWG5UTUxBaHBqZE1rMldNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy8xZGYxOGUtNmM0ZC00MzRiLThlMzEt
NzFlYjk1ZjUwZTViLzEvd19wblNxOGpqSW5ibWFyT1VUb2RuQmdjMWw4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMy8xZGYxOGUtNmM0ZC00MzRiLThlMzEtNzFlYjk1ZjUwZTVi
LzEvXzRmZ3F3TXJEQVhyWG5UTUxBaHBqZE1rMldNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAbXrQMA0G
CSqGSIb3DQEBCwUAA4IBAQCVYgp3d+WlrkksnpRV8hFy61RayTZvrxad8hOrM0XE
EE1eDDKAlgiDYYJVgP4Gi5wVtNV5rfi+zjVeTy4t1mG9PL0Q4qv+e8CzfLt5rRiL
cbvGLwpX2O0zVbE5kLA/HoZBv4kPIX+mvEZKBliplc0Zjw3n0JKfWRj3oZX5yT5n
IbsiKXbtsEITrDNwoeeU25RRBikOM4krDc+dpMPTxPIK+B0U+LXXtX6Pmvm2kQH4
7xqWzUbF60GOsMzUvEf9GHXgpf997OvUOyFuL33INTXeI/E639+Fny2kzia+9s/Q
aG9IgHdwWzFMQpen7fJk5jw+AfR/D7jbI2SSQ1NjF8Fj
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:02:04 2024 by rpki-client on console-ams.rpki-client.org