Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/1df18e-6c4d-434b-8e31-71eb95f50e5b/1/xtGUe72vWVU6jwlJ8M4QJUubzLM.roa
File: xtGUe72vWVU6jwlJ8M4QJUubzLM.roa (raw, json)
Hash identifier: 4xdjNCPbM4KdiYuoJs5xguL2STWqb2cHtEldQFVHvus=
Subject key identifier: C6:D1:94:7B:BD:AF:59:55:3A:8F:09:49:F0:CE:10:25:4B:9B:CC:B3
Certificate issuer: /CN=ff87e0ab032b0c05eb5e74cc2c08698dd324d963
Certificate serial: 018D379730F664111E622AE2D7484F1CCA55
Authority key identifier: FF:87:E0:AB:03:2B:0C:05:EB:5E:74:CC:2C:08:69:8D:D3:24:D9:63
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_4fgqwMrDAXrXnTMLAhpjdMk2WM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/33/1df18e-6c4d-434b-8e31-71eb95f50e5b/1/xtGUe72vWVU6jwlJ8M4QJUubzLM.roa
Signing time: Tue 23 Jan 2024 18:31:11 +0000
ROA not before: Tue 23 Jan 2024 18:31:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 7354
IP address blocks: 109.122.214.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:37:97:30:f6:64:11:1e:62:2a:e2:d7:48:4f:1c:ca:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ff87e0ab032b0c05eb5e74cc2c08698dd324d963
Validity
Not Before: Jan 23 18:31:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c6d1947bbdaf59553a8f0949f0ce10254b9bccb3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:01:e6:2f:61:80:bf:a7:b1:d6:21:e4:45:36:
e5:d7:2d:b0:02:4f:96:fc:2e:bb:b7:59:96:82:c4:
c9:9d:0d:4f:4f:ec:a3:f3:c9:c5:48:e8:54:49:ed:
51:3f:f1:30:d3:6e:de:b8:d0:d4:49:de:b3:da:11:
cb:3c:aa:75:5e:26:ce:cf:13:28:69:14:ae:04:db:
ee:fd:61:ef:96:e1:c8:12:c2:0a:d1:59:bb:58:66:
ea:85:19:7d:7e:f1:0f:e2:50:fa:62:0f:c0:f0:8f:
8c:b9:81:20:f8:26:63:48:07:e7:44:a6:a0:c5:9c:
87:b5:11:0d:a1:17:c4:b2:43:14:99:3d:1e:7f:f8:
3c:07:10:a4:5e:e4:aa:d3:3d:a1:0c:e7:89:e0:4a:
84:fd:8d:17:27:f4:28:08:a0:df:c5:b6:bd:39:63:
96:7a:7e:13:d0:35:ae:79:3e:ce:98:83:4f:0a:27:
f6:5f:a2:3b:d3:94:5b:71:c7:78:53:54:a8:16:c7:
d4:c6:44:86:0a:d0:02:6e:4c:80:ab:c6:bf:ef:56:
32:11:78:17:3e:21:0f:93:d1:8a:c7:2d:33:38:a6:
4e:ef:1a:b1:65:9b:87:30:a9:f2:4c:d5:49:36:27:
d9:49:20:80:fe:8a:e6:28:75:3a:af:65:35:d5:f1:
ab:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:D1:94:7B:BD:AF:59:55:3A:8F:09:49:F0:CE:10:25:4B:9B:CC:B3
X509v3 Authority Key Identifier:
keyid:FF:87:E0:AB:03:2B:0C:05:EB:5E:74:CC:2C:08:69:8D:D3:24:D9:63
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_4fgqwMrDAXrXnTMLAhpjdMk2WM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/1df18e-6c4d-434b-8e31-71eb95f50e5b/1/xtGUe72vWVU6jwlJ8M4QJUubzLM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/33/1df18e-6c4d-434b-8e31-71eb95f50e5b/1/_4fgqwMrDAXrXnTMLAhpjdMk2WM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.122.214.0/24
Signature Algorithm: sha256WithRSAEncryption
7b:d8:76:ff:60:58:fa:7f:83:b9:21:57:6c:2d:0b:79:0b:37:
e2:4d:d2:1e:ac:86:b8:84:6d:d7:e9:76:25:e8:fa:f2:7e:9d:
79:d4:fd:ca:a5:03:70:80:77:d9:d7:28:12:e6:b7:cf:fb:9e:
72:eb:f5:6e:6d:b4:22:f6:bf:f4:93:b5:88:a4:fc:07:0e:f1:
15:b6:ef:59:eb:c5:7e:76:f3:a7:88:d0:92:e0:32:9f:c0:00:
6c:62:e5:51:99:3c:3d:47:0c:74:ed:4c:b5:e3:be:d7:fe:6b:
2b:d8:a8:55:38:9f:46:05:5c:2d:d3:77:a1:a2:6e:50:10:71:
5b:ae:1f:e1:3c:89:a3:bb:d7:84:85:b9:04:46:c8:75:fd:1a:
71:d0:c0:40:17:7c:20:95:1b:1e:a4:5e:87:7c:50:21:c3:67:
83:0a:64:15:dd:41:4a:83:9e:e8:9c:5e:2d:65:58:c5:82:dd:
a4:d9:64:f6:b2:22:02:19:d7:b0:1e:37:1d:5a:6a:03:3b:03:
35:96:c0:90:31:1e:80:8a:e3:06:88:63:8d:b6:c1:da:45:a0:
1f:02:96:7d:8a:3b:07:31:4d:a8:8c:98:07:bd:ff:3a:03:84:
f6:a8:6c:e4:04:63:6b:55:e2:2c:62:34:46:9e:42:6d:7f:8e:
24:74:d3:7b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY03lzD2ZBEeYiri10hPHMpVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZmODdlMGFiMDMyYjBjMDVlYjVlNzRjYzJjMDg2OThkZDMy
NGQ5NjMwHhcNMjQwMTIzMTgzMTExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNmQxOTQ3YmJkYWY1OTU1M2E4ZjA5NDlmMGNlMTAyNTRiOWJjY2IzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqAHmL2GAv6ex1iHkRTbl1y2wAk+W
/C67t1mWgsTJnQ1PT+yj88nFSOhUSe1RP/Ew027euNDUSd6z2hHLPKp1XibOzxMo
aRSuBNvu/WHvluHIEsIK0Vm7WGbqhRl9fvEP4lD6Yg/A8I+MuYEg+CZjSAfnRKag
xZyHtRENoRfEskMUmT0ef/g8BxCkXuSq0z2hDOeJ4EqE/Y0XJ/QoCKDfxba9OWOW
en4T0DWueT7OmINPCif2X6I705Rbccd4U1SoFsfUxkSGCtACbkyAq8a/71YyEXgX
PiEPk9GKxy0zOKZO7xqxZZuHMKnyTNVJNifZSSCA/ormKHU6r2U11fGrSwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMbRlHu9r1lVOo8JSfDOECVLm8yzMB8GA1UdIwQY
MBaAFP+H4KsDKwwF6150zCwIaY3TJNljMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvXzRmZ3F3TXJEQVhyWG5UTUxBaHBqZE1rMldNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy8xZGYxOGUtNmM0ZC00MzRiLThlMzEt
NzFlYjk1ZjUwZTViLzEveHRHVWU3MnZXVlU2andsSjhNNFFKVXViekxNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMy8xZGYxOGUtNmM0ZC00MzRiLThlMzEtNzFlYjk1ZjUwZTVi
LzEvXzRmZ3F3TXJEQVhyWG5UTUxBaHBqZE1rMldNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAbXrWMA0G
CSqGSIb3DQEBCwUAA4IBAQB72Hb/YFj6f4O5IVdsLQt5CzfiTdIerIa4hG3X6XYl
6Pryfp151P3KpQNwgHfZ1ygS5rfP+55y6/VubbQi9r/0k7WIpPwHDvEVtu9Z68V+
dvOniNCS4DKfwABsYuVRmTw9Rwx07Uy1477X/msr2KhVOJ9GBVwt03ehom5QEHFb
rh/hPImju9eEhbkERsh1/Rpx0MBAF3wglRsepF6HfFAhw2eDCmQV3UFKg57onF4t
ZVjFgt2k2WT2siICGdewHjcdWmoDOwM1lsCQMR6AiuMGiGONtsHaRaAfApZ9ijsH
MU2ojJgHvf86A4T2qGzkBGNrVeIsYjRGnkJtf44kdNN7
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:02:04 2024 by rpki-client on console-ams.rpki-client.org