Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/1df18e-6c4d-434b-8e31-71eb95f50e5b/1/x2C-6bkrA7J44N-IXS6ECdhJzUI.roa
File: x2C-6bkrA7J44N-IXS6ECdhJzUI.roa (raw, json)
Hash identifier: jE6a8igI66wbDXFLB+VnZJT5SJCDWtb8KVMt2KKZoEQ=
Subject key identifier: C7:60:BE:E9:B9:2B:03:B2:78:E0:DF:88:5D:2E:84:09:D8:49:CD:42
Certificate issuer: /CN=ff87e0ab032b0c05eb5e74cc2c08698dd324d963
Certificate serial: 018C308D64D9F578C4A4B855BC7EE4BD7FFB
Authority key identifier: FF:87:E0:AB:03:2B:0C:05:EB:5E:74:CC:2C:08:69:8D:D3:24:D9:63
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_4fgqwMrDAXrXnTMLAhpjdMk2WM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/33/1df18e-6c4d-434b-8e31-71eb95f50e5b/1/x2C-6bkrA7J44N-IXS6ECdhJzUI.roa
Signing time: Sun 03 Dec 2023 16:40:21 +0000
ROA not before: Sun 03 Dec 2023 16:40:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 213200
IP address blocks: 109.122.195.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:30:8d:64:d9:f5:78:c4:a4:b8:55:bc:7e:e4:bd:7f:fb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ff87e0ab032b0c05eb5e74cc2c08698dd324d963
Validity
Not Before: Dec 3 16:40:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c760bee9b92b03b278e0df885d2e8409d849cd42
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:d9:56:3a:5e:9b:da:7b:20:00:f9:46:9a:ed:
b9:4b:73:cf:26:cb:4e:63:ab:c7:28:7f:9b:59:c2:
ec:07:19:a0:1f:67:78:fd:cf:6b:6c:06:8a:e8:a5:
b5:26:af:78:5d:00:a7:22:ce:14:cd:4b:2c:62:81:
1e:36:dd:6d:24:b3:81:be:51:e1:10:4a:86:89:f9:
24:7b:36:e9:8d:17:63:4e:03:78:52:4f:87:e1:4c:
7a:00:a8:25:2a:6f:3a:61:4f:64:7f:14:23:ac:2f:
3f:de:5f:0e:f8:65:62:d8:38:40:1b:20:ec:0f:57:
5c:b8:86:03:7f:90:47:3d:da:e0:5e:02:e0:33:8f:
39:23:05:f9:e2:da:2b:92:e5:16:ab:57:ee:e1:0a:
aa:c5:b3:5b:d6:d0:ad:ee:d1:69:ad:15:a9:77:72:
8f:d6:1c:f9:43:15:fe:14:d2:bc:2f:d0:39:26:1a:
77:4a:b4:b1:30:00:da:89:72:3c:40:68:9a:3c:69:
3b:dd:9e:bd:27:94:75:b4:6d:90:d0:c3:c8:88:34:
95:43:ef:43:f2:54:74:e1:be:78:23:a3:c8:08:99:
18:06:5e:24:cd:1b:2d:95:c1:95:70:f6:56:49:f2:
f1:e5:e5:70:e0:3d:01:f3:a1:ee:b9:c8:bf:2a:88:
7e:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:60:BE:E9:B9:2B:03:B2:78:E0:DF:88:5D:2E:84:09:D8:49:CD:42
X509v3 Authority Key Identifier:
keyid:FF:87:E0:AB:03:2B:0C:05:EB:5E:74:CC:2C:08:69:8D:D3:24:D9:63
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_4fgqwMrDAXrXnTMLAhpjdMk2WM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/1df18e-6c4d-434b-8e31-71eb95f50e5b/1/x2C-6bkrA7J44N-IXS6ECdhJzUI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/33/1df18e-6c4d-434b-8e31-71eb95f50e5b/1/_4fgqwMrDAXrXnTMLAhpjdMk2WM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.122.195.0/24
Signature Algorithm: sha256WithRSAEncryption
57:44:88:db:18:5c:d2:9d:b4:e3:80:17:bc:c0:52:97:86:97:
1a:4a:1a:cc:ca:7d:26:45:ef:31:4b:fe:cb:b2:6a:a7:53:c6:
99:7b:02:a2:95:db:d1:e9:82:57:d1:6b:31:52:18:e7:7b:fd:
cd:c0:6f:e7:99:71:a5:22:ec:85:5e:48:c3:b6:03:7a:34:1c:
f6:1f:5a:73:7c:95:4e:f3:02:fe:ed:e1:3e:99:eb:c4:ae:8c:
fa:5d:65:dc:6c:f3:ad:ba:6b:44:ea:48:95:9f:40:53:b1:68:
72:56:15:66:84:c1:98:a6:67:f3:5b:f0:13:0f:fd:ec:3b:cb:
ae:d6:a2:93:f1:79:59:e4:8d:5c:06:5f:ba:c6:04:55:2e:8c:
1d:64:41:ac:f2:88:39:4a:69:3a:88:f9:ef:18:8d:4e:ce:7c:
c6:c7:4b:c9:4d:c4:b0:2d:38:ec:36:5a:6c:a4:91:f7:68:e2:
e8:1f:c5:48:7b:a0:56:63:a8:81:87:17:59:9b:e2:9a:f4:21:
9e:08:c8:95:0b:32:df:22:c0:08:eb:d5:d4:b6:a1:cd:4a:8f:
53:70:be:5d:6b:04:61:f7:71:52:e7:b4:d3:a3:89:b5:17:d7:
d7:78:3b:b4:9b:e6:a3:06:61:c2:d1:44:65:b7:59:24:fe:64:
48:7a:f4:5b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYwwjWTZ9XjEpLhVvH7kvX/7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZmODdlMGFiMDMyYjBjMDVlYjVlNzRjYzJjMDg2OThkZDMy
NGQ5NjMwHhcNMjMxMjAzMTY0MDIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNzYwYmVlOWI5MmIwM2IyNzhlMGRmODg1ZDJlODQwOWQ4NDljZDQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq9lWOl6b2nsgAPlGmu25S3PPJstO
Y6vHKH+bWcLsBxmgH2d4/c9rbAaK6KW1Jq94XQCnIs4UzUssYoEeNt1tJLOBvlHh
EEqGifkkezbpjRdjTgN4Uk+H4Ux6AKglKm86YU9kfxQjrC8/3l8O+GVi2DhAGyDs
D1dcuIYDf5BHPdrgXgLgM485IwX54torkuUWq1fu4QqqxbNb1tCt7tFprRWpd3KP
1hz5QxX+FNK8L9A5Jhp3SrSxMADaiXI8QGiaPGk73Z69J5R1tG2Q0MPIiDSVQ+9D
8lR04b54I6PICJkYBl4kzRstlcGVcPZWSfLx5eVw4D0B86Huuci/Koh+xwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMdgvum5KwOyeODfiF0uhAnYSc1CMB8GA1UdIwQY
MBaAFP+H4KsDKwwF6150zCwIaY3TJNljMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvXzRmZ3F3TXJEQVhyWG5UTUxBaHBqZE1rMldNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy8xZGYxOGUtNmM0ZC00MzRiLThlMzEt
NzFlYjk1ZjUwZTViLzEveDJDLTZia3JBN0o0NE4tSVhTNkVDZGhKelVJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMy8xZGYxOGUtNmM0ZC00MzRiLThlMzEtNzFlYjk1ZjUwZTVi
LzEvXzRmZ3F3TXJEQVhyWG5UTUxBaHBqZE1rMldNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAbXrDMA0G
CSqGSIb3DQEBCwUAA4IBAQBXRIjbGFzSnbTjgBe8wFKXhpcaShrMyn0mRe8xS/7L
smqnU8aZewKildvR6YJX0WsxUhjne/3NwG/nmXGlIuyFXkjDtgN6NBz2H1pzfJVO
8wL+7eE+mevEroz6XWXcbPOtumtE6kiVn0BTsWhyVhVmhMGYpmfzW/ATD/3sO8uu
1qKT8XlZ5I1cBl+6xgRVLowdZEGs8og5Smk6iPnvGI1OznzGx0vJTcSwLTjsNlps
pJH3aOLoH8VIe6BWY6iBhxdZm+Ka9CGeCMiVCzLfIsAI69XUtqHNSo9TcL5dawRh
93FS57TTo4m1F9fXeDu0m+ajBmHC0URlt1kk/mRIevRb
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:48 2024 by rpki-client on console-fra.rpki-client.org