Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/41f6f5-cef0-4a57-8e47-0a85986208a9/1/7iGc4i1VSBKzetVLvD0C9NtlGEQ.roa
File: 7iGc4i1VSBKzetVLvD0C9NtlGEQ.roa (raw, json)
Hash identifier: ybGn6k11XrMm1yGrsF++utieOb8sUQY6lO22u9AG42I=
Subject key identifier: EE:21:9C:E2:2D:55:48:12:B3:7A:D5:4B:BC:3D:02:F4:DB:65:18:44
Certificate issuer: /CN=5f51bcd89eb7f5b3ab08806ef51a7c2f6eb98efc
Certificate serial: 01852ED7B2E6230A75E1ED3AE918703B767D
Authority key identifier: 5F:51:BC:D8:9E:B7:F5:B3:AB:08:80:6E:F5:1A:7C:2F:6E:B9:8E:FC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/X1G82J639bOrCIBu9Rp8L265jvw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/42/41f6f5-cef0-4a57-8e47-0a85986208a9/1/7iGc4i1VSBKzetVLvD0C9NtlGEQ.roa
Signing time: Tue 20 Dec 2022 09:22:46 +0000
ROA not before: Tue 20 Dec 2022 09:22:46 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 50259
IP address blocks: 109.95.60.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:2e:d7:b2:e6:23:0a:75:e1:ed:3a:e9:18:70:3b:76:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5f51bcd89eb7f5b3ab08806ef51a7c2f6eb98efc
Validity
Not Before: Dec 20 09:22:46 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ee219ce22d554812b37ad54bbc3d02f4db651844
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:cb:4d:b2:58:98:d1:7b:45:59:15:99:c9:33:
2f:13:2c:55:5e:fb:7a:6d:98:cd:80:bf:f8:b6:20:
0a:2c:94:99:3b:4a:82:55:2e:a0:40:15:69:2c:5b:
5e:b9:56:81:cd:83:82:d9:12:c3:ee:12:6f:da:54:
8e:e5:a2:06:8b:2b:bd:12:b0:49:ea:3b:dc:f4:57:
b8:dd:fc:c5:ea:11:41:48:5d:46:68:73:99:d1:77:
bf:34:89:0f:66:5a:e5:77:c3:e7:63:b1:a7:07:c1:
91:f5:b5:09:0f:f8:67:ef:a7:e1:95:e0:00:65:b8:
a5:91:1d:4a:56:e4:bd:b4:20:28:2d:06:3b:b6:40:
a1:ce:62:61:8d:94:e7:8d:96:5b:0a:7c:f0:88:f1:
0e:a0:56:b4:34:8f:90:63:5b:41:5e:19:1e:1a:a0:
f3:91:a5:1a:d0:7e:86:7b:c5:01:ac:6d:c9:29:6a:
b4:f6:2a:33:89:64:47:c9:21:6c:f5:17:0c:bf:b8:
e9:57:62:f0:30:85:cd:38:ed:97:df:4c:5b:b9:af:
4f:81:99:80:95:9a:73:0e:2c:13:91:37:f0:18:2b:
66:9a:d5:7c:98:a8:e3:47:23:47:b7:2c:27:a1:25:
b6:20:4f:68:cc:9f:12:ee:02:0a:8a:2f:5c:3e:65:
40:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EE:21:9C:E2:2D:55:48:12:B3:7A:D5:4B:BC:3D:02:F4:DB:65:18:44
X509v3 Authority Key Identifier:
keyid:5F:51:BC:D8:9E:B7:F5:B3:AB:08:80:6E:F5:1A:7C:2F:6E:B9:8E:FC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/X1G82J639bOrCIBu9Rp8L265jvw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/41f6f5-cef0-4a57-8e47-0a85986208a9/1/7iGc4i1VSBKzetVLvD0C9NtlGEQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/42/41f6f5-cef0-4a57-8e47-0a85986208a9/1/X1G82J639bOrCIBu9Rp8L265jvw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.95.60.0/22
Signature Algorithm: sha256WithRSAEncryption
84:0f:e0:dc:0c:9b:76:e8:7b:d0:84:e5:c8:bd:f5:6d:76:a7:
ab:5e:94:ac:04:49:52:37:ae:d9:77:b3:82:1f:34:a7:ae:6a:
38:0f:84:3a:06:43:62:13:1b:ef:2f:a4:6e:97:42:cb:9b:7a:
95:59:c7:a1:29:3d:e5:6a:9f:7c:56:76:ba:e6:1e:e4:d1:f1:
c0:44:cf:b1:18:36:89:ea:1a:6b:b8:d1:b7:38:3b:83:17:47:
7f:7d:3b:1c:7a:c1:da:ae:cb:fa:4b:56:b8:e8:75:d6:a0:64:
f7:6b:0b:d9:bc:70:46:43:0d:6c:30:c8:61:22:ea:12:1b:22:
bf:7f:f6:07:b3:b2:a3:33:a6:37:29:6b:0d:75:00:c5:cc:bd:
c0:18:ef:02:b4:83:23:59:4e:7f:79:b1:ed:e2:4e:12:20:24:
e1:6c:58:ff:19:aa:3d:54:9f:3c:20:ac:03:23:7e:55:ec:ec:
25:25:2c:f3:a0:6c:9f:2e:fa:3d:7a:62:5c:d9:75:23:da:88:
4f:49:74:26:0e:c6:da:2a:9b:89:47:c7:59:25:90:ed:0d:ba:
76:7f:ed:51:38:90:30:d2:a0:95:b1:b2:aa:9a:88:11:1d:44:
6f:08:f6:40:66:ec:52:64:19:cc:a5:3a:bb:88:7b:e7:a7:c5:
4b:db:d4:62
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYUu17LmIwp14e066RhwO3Z9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVmNTFiY2Q4OWViN2Y1YjNhYjA4ODA2ZWY1MWE3YzJmNmVi
OThlZmMwHhcNMjIxMjIwMDkyMjQ2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZTIxOWNlMjJkNTU0ODEyYjM3YWQ1NGJiYzNkMDJmNGRiNjUxODQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2ctNsliY0XtFWRWZyTMvEyxVXvt6
bZjNgL/4tiAKLJSZO0qCVS6gQBVpLFteuVaBzYOC2RLD7hJv2lSO5aIGiyu9ErBJ
6jvc9Fe43fzF6hFBSF1GaHOZ0Xe/NIkPZlrld8PnY7GnB8GR9bUJD/hn76fhleAA
ZbilkR1KVuS9tCAoLQY7tkChzmJhjZTnjZZbCnzwiPEOoFa0NI+QY1tBXhkeGqDz
kaUa0H6Ge8UBrG3JKWq09ioziWRHySFs9RcMv7jpV2LwMIXNOO2X30xbua9PgZmA
lZpzDiwTkTfwGCtmmtV8mKjjRyNHtywnoSW2IE9ozJ8S7gIKii9cPmVAPwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFO4hnOItVUgSs3rVS7w9AvTbZRhEMB8GA1UdIwQY
MBaAFF9RvNiet/WzqwiAbvUafC9uuY78MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWDFHODJKNjM5Yk9yQ0lCdTlScDhMMjY1anZ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi80MWY2ZjUtY2VmMC00YTU3LThlNDct
MGE4NTk4NjIwOGE5LzEvN2lHYzRpMVZTQkt6ZXRWTHZEMEM5TnRsR0VRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi80MWY2ZjUtY2VmMC00YTU3LThlNDctMGE4NTk4NjIwOGE5
LzEvWDFHODJKNjM5Yk9yQ0lCdTlScDhMMjY1anZ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCbV88MA0G
CSqGSIb3DQEBCwUAA4IBAQCED+DcDJt26HvQhOXIvfVtdqerXpSsBElSN67Zd7OC
HzSnrmo4D4Q6BkNiExvvL6Rul0LLm3qVWcehKT3lap98Vna65h7k0fHARM+xGDaJ
6hpruNG3ODuDF0d/fTscesHarsv6S1a46HXWoGT3awvZvHBGQw1sMMhhIuoSGyK/
f/YHs7KjM6Y3KWsNdQDFzL3AGO8CtIMjWU5/ebHt4k4SICThbFj/Gao9VJ88IKwD
I35V7OwlJSzzoGyfLvo9emJc2XUj2ohPSXQmDsbaKpuJR8dZJZDtDbp2f+1ROJAw
0qCVsbKqmogRHURvCPZAZuxSZBnMpTq7iHvnp8VL29Ri
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:05:23 2024 by rpki-client on console-ams.rpki-client.org