Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6c/1c60ac-ba3f-440b-868b-ea12ef9422ec/1/Dl9QLAwoUS4vBw5K0vOHioBW2rY.roa
File: Dl9QLAwoUS4vBw5K0vOHioBW2rY.roa (raw, json)
Hash identifier: G1sobzVuBrCdAZL1Y9lS8h1PJzRitdxuKnifTp4FbYQ=
Subject key identifier: 0E:5F:50:2C:0C:28:51:2E:2F:07:0E:4A:D2:F3:87:8A:80:56:DA:B6
Certificate issuer: /CN=7222c5ab7db3dd3966192faafe07f3115b0c8ee5
Certificate serial: 01916B0986FEED89CE500DA5DB548F5A4EEF
Authority key identifier: 72:22:C5:AB:7D:B3:DD:39:66:19:2F:AA:FE:07:F3:11:5B:0C:8E:E5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ciLFq32z3TlmGS-q_gfzEVsMjuU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6c/1c60ac-ba3f-440b-868b-ea12ef9422ec/1/Dl9QLAwoUS4vBw5K0vOHioBW2rY.roa
Signing time: Mon 19 Aug 2024 14:27:52 +0000
ROA not before: Mon 19 Aug 2024 14:27:52 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49872
IP address blocks: 109.122.192.0/24 maxlen: 24
109.122.193.0/24 maxlen: 24
109.122.194.0/24 maxlen: 24
109.122.195.0/24 maxlen: 24
109.122.196.0/24 maxlen: 24
109.122.197.0/24 maxlen: 24
109.122.198.0/24 maxlen: 24
109.122.199.0/24 maxlen: 24
109.122.200.0/24 maxlen: 24
109.122.201.0/24 maxlen: 24
109.122.202.0/24 maxlen: 24
109.122.203.0/24 maxlen: 24
109.122.204.0/24 maxlen: 24
109.122.205.0/24 maxlen: 24
109.122.206.0/24 maxlen: 24
109.122.207.0/24 maxlen: 24
109.122.208.0/24 maxlen: 24
109.122.209.0/24 maxlen: 24
109.122.210.0/24 maxlen: 24
109.122.211.0/24 maxlen: 24
109.122.212.0/24 maxlen: 24
109.122.213.0/24 maxlen: 24
109.122.214.0/24 maxlen: 24
109.122.215.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:6b:09:86:fe:ed:89:ce:50:0d:a5:db:54:8f:5a:4e:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7222c5ab7db3dd3966192faafe07f3115b0c8ee5
Validity
Not Before: Aug 19 14:27:52 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0e5f502c0c28512e2f070e4ad2f3878a8056dab6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:b1:9b:d9:a1:43:8d:fb:e6:13:f6:09:a0:25:
3d:a4:5a:fc:dd:9a:e3:c1:fb:87:35:86:52:98:c6:
1d:03:75:3b:c8:bb:72:49:de:c8:2a:df:dc:6d:46:
e6:7b:50:74:58:1b:cc:ff:c8:ee:05:3a:91:27:f1:
cc:18:ae:3a:fe:fe:03:3e:27:83:c1:c8:96:e8:91:
98:eb:31:33:fd:ef:a2:56:a2:3a:0d:b4:b7:1e:67:
a0:a3:4a:f9:b9:fd:4e:b7:b1:6e:c3:c4:5e:ca:49:
97:47:fe:9d:f6:1d:95:2c:42:98:bf:e5:88:5b:0d:
e6:ef:f0:ee:91:7a:a8:f0:63:61:76:94:5f:62:7f:
53:b6:4f:64:27:53:1e:e6:76:f0:1a:83:65:5d:a3:
05:10:69:b4:e0:31:83:aa:cf:f9:50:a4:f6:1e:c4:
5b:b3:42:69:1a:72:ef:7c:6b:5e:6b:74:32:9a:20:
3a:2e:cf:d9:98:e3:40:5b:f5:be:42:69:d1:8f:9f:
30:aa:52:0c:da:64:f7:b6:dc:25:6a:9d:41:f9:d1:
cd:f5:78:c5:bc:8d:8d:79:d7:45:79:17:4d:af:27:
ba:72:7d:c6:4c:5d:0c:6a:bf:03:ed:ad:3f:18:23:
8e:a8:f5:e2:bb:94:4a:f2:80:a8:4b:16:b8:09:ee:
87:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:5F:50:2C:0C:28:51:2E:2F:07:0E:4A:D2:F3:87:8A:80:56:DA:B6
X509v3 Authority Key Identifier:
keyid:72:22:C5:AB:7D:B3:DD:39:66:19:2F:AA:FE:07:F3:11:5B:0C:8E:E5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ciLFq32z3TlmGS-q_gfzEVsMjuU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/1c60ac-ba3f-440b-868b-ea12ef9422ec/1/Dl9QLAwoUS4vBw5K0vOHioBW2rY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/1c60ac-ba3f-440b-868b-ea12ef9422ec/1/ciLFq32z3TlmGS-q_gfzEVsMjuU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.122.192.0-109.122.215.255
Signature Algorithm: sha256WithRSAEncryption
24:ff:01:b4:58:c1:95:b9:34:2c:02:fa:6d:0e:95:aa:ef:15:
bb:77:c6:0c:a0:97:c6:63:cc:8c:6b:83:0f:17:52:0f:ec:1c:
f1:0d:69:04:6d:d2:3d:e3:88:51:2a:31:40:63:7d:4c:0f:7f:
e9:e3:f8:aa:3c:f2:af:08:4e:b5:be:d5:8a:a7:46:a7:05:ee:
3b:f0:01:74:c0:cd:ab:9b:00:8f:ca:b7:cc:45:36:6f:1e:7b:
9f:64:ac:14:12:5a:96:1b:96:34:87:aa:30:b2:09:cb:49:cc:
4d:7f:b0:ed:b3:ca:61:2b:9e:e3:40:36:7e:eb:2b:97:39:0a:
ef:ac:ad:31:94:66:50:22:53:2d:00:82:38:63:6e:27:d8:42:
b6:92:05:18:1e:8d:25:ee:fd:a4:2c:cd:50:e1:51:fd:39:d2:
c6:0a:18:90:10:c3:5a:50:ac:ab:6f:d6:d4:e9:e0:fe:57:ae:
38:81:8b:df:85:b5:3e:11:d5:11:14:4d:af:1c:97:28:b6:32:
aa:12:c6:99:2d:10:94:dd:4d:5f:14:ba:b0:b2:9e:24:91:2a:
dc:c2:f7:4f:65:df:32:ff:f9:a5:47:68:cb:b2:f3:85:ca:e8:
db:37:8a:df:21:24:aa:f5:78:48:6c:af:9e:23:8b:80:30:0a:
22:df:7c:ed
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZFrCYb+7YnOUA2l21SPWk7vMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMjJjNWFiN2RiM2RkMzk2NjE5MmZhYWZlMDdmMzExNWIw
YzhlZTUwHhcNMjQwODE5MTQyNzUyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZTVmNTAyYzBjMjg1MTJlMmYwNzBlNGFkMmYzODc4YTgwNTZkYWI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAibGb2aFDjfvmE/YJoCU9pFr83Zrj
wfuHNYZSmMYdA3U7yLtySd7IKt/cbUbme1B0WBvM/8juBTqRJ/HMGK46/v4DPieD
wciW6JGY6zEz/e+iVqI6DbS3Hmego0r5uf1Ot7Fuw8ReykmXR/6d9h2VLEKYv+WI
Ww3m7/DukXqo8GNhdpRfYn9Ttk9kJ1Me5nbwGoNlXaMFEGm04DGDqs/5UKT2HsRb
s0JpGnLvfGtea3QymiA6Ls/ZmONAW/W+QmnRj58wqlIM2mT3ttwlap1B+dHN9XjF
vI2NeddFeRdNrye6cn3GTF0Mar8D7a0/GCOOqPXiu5RK8oCoSxa4Ce6HcwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFA5fUCwMKFEuLwcOStLzh4qAVtq2MB8GA1UdIwQY
MBaAFHIixat9s905Zhkvqv4H8xFbDI7lMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2lMRnEzMnozVGxtR1MtcV9nZnpFVnNNanVVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yy8xYzYwYWMtYmEzZi00NDBiLTg2OGIt
ZWExMmVmOTQyMmVjLzEvRGw5UUxBd29VUzR2Qnc1SzB2T0hpb0JXMnJZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yy8xYzYwYWMtYmEzZi00NDBiLTg2OGItZWExMmVmOTQyMmVj
LzEvY2lMRnEzMnozVGxtR1MtcV9nZnpFVnNNanVVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAZtesAD
BANtetAwDQYJKoZIhvcNAQELBQADggEBACT/AbRYwZW5NCwC+m0OlarvFbt3xgyg
l8ZjzIxrgw8XUg/sHPENaQRt0j3jiFEqMUBjfUwPf+nj+Ko88q8ITrW+1YqnRqcF
7jvwAXTAzaubAI/Kt8xFNm8ee59krBQSWpYbljSHqjCyCctJzE1/sO2zymErnuNA
Nn7rK5c5Cu+srTGUZlAiUy0AgjhjbifYQraSBRgejSXu/aQszVDhUf050sYKGJAQ
w1pQrKtv1tTp4P5XrjiBi9+FtT4R1REUTa8clyi2MqoSxpktEJTdTV8UurCyniSR
KtzC909l3zL/+aVHaMuy84XK6Ns3it8hJKr1eEhsr54ji4AwCiLffO0=
-----END CERTIFICATE-----
Generated at Tue Apr 22 12:11:12 2025 by rpki-client