Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/41f6f5-cef0-4a57-8e47-0a85986208a9/1/xfyAwtBTSrELXVDpMtON6S9zpcQ.roa
File: xfyAwtBTSrELXVDpMtON6S9zpcQ.roa (raw, json)
Hash identifier: zWKY6xImRfAZSMCojvnKSdEmu77eqUut9vjSaI4BEzI=
Subject key identifier: C5:FC:80:C2:D0:53:4A:B1:0B:5D:50:E9:32:D3:8D:E9:2F:73:A5:C4
Certificate issuer: /CN=5f51bcd89eb7f5b3ab08806ef51a7c2f6eb98efc
Certificate serial: 018CC801C61B609285CCCFD6596AD895C1DF
Authority key identifier: 5F:51:BC:D8:9E:B7:F5:B3:AB:08:80:6E:F5:1A:7C:2F:6E:B9:8E:FC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/X1G82J639bOrCIBu9Rp8L265jvw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/42/41f6f5-cef0-4a57-8e47-0a85986208a9/1/xfyAwtBTSrELXVDpMtON6S9zpcQ.roa
Signing time: Tue 02 Jan 2024 02:30:08 +0000
ROA not before: Tue 02 Jan 2024 02:30:08 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 50259
IP address blocks: 109.95.60.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:c6:1b:60:92:85:cc:cf:d6:59:6a:d8:95:c1:df
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5f51bcd89eb7f5b3ab08806ef51a7c2f6eb98efc
Validity
Not Before: Jan 2 02:30:08 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c5fc80c2d0534ab10b5d50e932d38de92f73a5c4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:9f:dc:87:63:e7:ca:f0:ec:62:ee:90:6b:cd:
0b:9a:21:82:2d:c3:e7:2e:90:10:e0:1b:af:e7:2a:
63:1b:a8:f1:80:46:f8:27:e1:8f:af:c0:94:59:9c:
b2:59:91:57:66:d1:ba:a6:20:7b:a8:f0:b7:a6:03:
a0:3f:06:81:a1:b7:98:98:3a:81:c6:d5:1d:ee:b5:
55:a4:29:96:94:b5:12:de:b5:0a:74:17:6e:d6:7a:
26:82:7c:43:96:b9:3e:a6:ef:5c:4c:c7:33:38:e5:
4d:91:9e:21:37:24:17:19:27:33:d2:dc:98:1e:e5:
2d:37:04:75:d9:8d:2f:3a:cb:ec:b2:44:42:80:ab:
53:69:90:00:b1:ed:ab:4e:1d:73:59:04:19:e8:11:
cf:f4:b8:e9:54:b2:47:25:fe:80:cb:a9:aa:44:69:
2f:3d:14:a5:43:6f:b6:35:ed:cd:ee:cd:74:be:18:
82:90:67:b0:36:06:3a:d2:4d:ac:9b:d8:af:1d:52:
06:cf:8d:bd:bd:2b:2e:84:86:8b:9f:a3:e2:67:08:
6f:15:ac:dc:9d:32:a5:56:32:8d:3b:28:bb:1f:2c:
c8:84:54:f6:27:7a:e5:7c:ec:36:fb:e8:31:ae:c0:
5e:71:ce:f7:bc:b9:37:19:91:5e:3e:0d:29:7c:5d:
ff:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:FC:80:C2:D0:53:4A:B1:0B:5D:50:E9:32:D3:8D:E9:2F:73:A5:C4
X509v3 Authority Key Identifier:
keyid:5F:51:BC:D8:9E:B7:F5:B3:AB:08:80:6E:F5:1A:7C:2F:6E:B9:8E:FC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/X1G82J639bOrCIBu9Rp8L265jvw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/41f6f5-cef0-4a57-8e47-0a85986208a9/1/xfyAwtBTSrELXVDpMtON6S9zpcQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/42/41f6f5-cef0-4a57-8e47-0a85986208a9/1/X1G82J639bOrCIBu9Rp8L265jvw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.95.60.0/22
Signature Algorithm: sha256WithRSAEncryption
9f:dd:c3:30:11:e0:b4:a3:b3:7b:ad:ed:1c:f1:4f:32:20:ac:
c5:d9:5d:07:84:66:4a:62:19:73:3e:30:de:a5:cb:cd:1d:18:
5e:30:b1:11:69:9c:fa:08:72:a5:38:2d:b1:41:a8:df:62:74:
14:0e:26:b9:ca:0c:5e:15:c0:f3:09:cd:20:d8:cf:e2:0b:d6:
40:90:01:ff:49:bb:7b:a3:74:51:55:20:5b:1b:b9:91:f4:68:
f2:35:ee:7c:1b:73:ac:0a:e6:ba:f0:a1:9e:83:3d:46:73:56:
b1:6d:ea:c7:1d:94:a1:ad:0e:e4:2b:42:41:03:75:8d:62:47:
ad:fe:d8:2c:28:66:2f:3b:18:f3:c0:f9:5a:91:4e:b6:b6:48:
08:3d:4a:3a:85:71:91:54:d6:d2:b7:75:6c:69:e8:23:00:4f:
d5:f5:30:5e:4d:e8:27:f3:23:cb:69:d3:10:74:0a:60:b6:90:
9d:c5:aa:41:87:9a:d7:bd:3b:88:45:13:c4:13:0c:cf:f9:87:
fb:5f:ad:4c:a5:ad:bd:a7:74:b7:81:9c:d2:af:89:41:48:1d:
b8:2e:68:0d:89:a8:3b:fe:40:b4:62:a2:08:62:75:72:59:c8:
f6:f5:91:f0:bb:25:79:46:3f:12:b8:be:2f:64:5c:a1:d7:e3:
d2:ea:1b:22
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzIAcYbYJKFzM/WWWrYlcHfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVmNTFiY2Q4OWViN2Y1YjNhYjA4ODA2ZWY1MWE3YzJmNmVi
OThlZmMwHhcNMjQwMTAyMDIzMDA4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNWZjODBjMmQwNTM0YWIxMGI1ZDUwZTkzMmQzOGRlOTJmNzNhNWM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn5/ch2PnyvDsYu6Qa80LmiGCLcPn
LpAQ4Buv5ypjG6jxgEb4J+GPr8CUWZyyWZFXZtG6piB7qPC3pgOgPwaBobeYmDqB
xtUd7rVVpCmWlLUS3rUKdBdu1nomgnxDlrk+pu9cTMczOOVNkZ4hNyQXGScz0tyY
HuUtNwR12Y0vOsvsskRCgKtTaZAAse2rTh1zWQQZ6BHP9LjpVLJHJf6Ay6mqRGkv
PRSlQ2+2Ne3N7s10vhiCkGewNgY60k2sm9ivHVIGz429vSsuhIaLn6PiZwhvFazc
nTKlVjKNOyi7HyzIhFT2J3rlfOw2++gxrsBecc73vLk3GZFePg0pfF3/1wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMX8gMLQU0qxC11Q6TLTjekvc6XEMB8GA1UdIwQY
MBaAFF9RvNiet/WzqwiAbvUafC9uuY78MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWDFHODJKNjM5Yk9yQ0lCdTlScDhMMjY1anZ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi80MWY2ZjUtY2VmMC00YTU3LThlNDct
MGE4NTk4NjIwOGE5LzEveGZ5QXd0QlRTckVMWFZEcE10T042Uzl6cGNRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi80MWY2ZjUtY2VmMC00YTU3LThlNDctMGE4NTk4NjIwOGE5
LzEvWDFHODJKNjM5Yk9yQ0lCdTlScDhMMjY1anZ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCbV88MA0G
CSqGSIb3DQEBCwUAA4IBAQCf3cMwEeC0o7N7re0c8U8yIKzF2V0HhGZKYhlzPjDe
pcvNHRheMLERaZz6CHKlOC2xQajfYnQUDia5ygxeFcDzCc0g2M/iC9ZAkAH/Sbt7
o3RRVSBbG7mR9GjyNe58G3OsCua68KGegz1Gc1axberHHZShrQ7kK0JBA3WNYket
/tgsKGYvOxjzwPlakU62tkgIPUo6hXGRVNbSt3VsaegjAE/V9TBeTegn8yPLadMQ
dApgtpCdxapBh5rXvTuIRRPEEwzP+Yf7X61Mpa29p3S3gZzSr4lBSB24LmgNiag7
/kC0YqIIYnVyWcj29ZHwuyV5Rj8SuL4vZFyh1+PS6hsi
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:05:23 2024 by rpki-client on console-ams.rpki-client.org