Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6c/1c60ac-ba3f-440b-868b-ea12ef9422ec/1/fjK6tkkrJj3sFQ1-6N8J3TOHbJ8.roa
File: fjK6tkkrJj3sFQ1-6N8J3TOHbJ8.roa (raw, json)
Hash identifier: 7F4bWpVrMr89AxPgOeY8RUkVwps7wn80LFZDcem7di0=
Subject key identifier: 7E:32:BA:B6:49:2B:26:3D:EC:15:0D:7E:E8:DF:09:DD:33:87:6C:9F
Certificate issuer: /CN=7222c5ab7db3dd3966192faafe07f3115b0c8ee5
Certificate serial: 018F4874FA4CAD56A897C8D4A68CB89FBD52
Authority key identifier: 72:22:C5:AB:7D:B3:DD:39:66:19:2F:AA:FE:07:F3:11:5B:0C:8E:E5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ciLFq32z3TlmGS-q_gfzEVsMjuU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6c/1c60ac-ba3f-440b-868b-ea12ef9422ec/1/fjK6tkkrJj3sFQ1-6N8J3TOHbJ8.roa
Signing time: Sun 05 May 2024 11:12:56 +0000
ROA not before: Sun 05 May 2024 11:12:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49872
IP address blocks: 109.122.192.0/24 maxlen: 24
109.122.193.0/24 maxlen: 24
109.122.194.0/24 maxlen: 24
109.122.195.0/24 maxlen: 24
109.122.196.0/24 maxlen: 24
109.122.197.0/24 maxlen: 24
109.122.198.0/24 maxlen: 24
109.122.200.0/24 maxlen: 24
109.122.201.0/24 maxlen: 24
109.122.202.0/24 maxlen: 24
109.122.203.0/24 maxlen: 24
109.122.204.0/24 maxlen: 24
109.122.205.0/24 maxlen: 24
109.122.206.0/24 maxlen: 24
109.122.207.0/24 maxlen: 24
109.122.208.0/24 maxlen: 24
109.122.210.0/24 maxlen: 24
109.122.211.0/24 maxlen: 24
109.122.212.0/24 maxlen: 24
109.122.213.0/24 maxlen: 24
109.122.214.0/24 maxlen: 24
109.122.215.0/24 maxlen: 24
109.122.216.0/24 maxlen: 24
109.122.217.0/24 maxlen: 24
109.122.218.0/24 maxlen: 24
109.122.219.0/24 maxlen: 24
109.122.220.0/24 maxlen: 24
109.122.221.0/24 maxlen: 24
109.122.222.0/24 maxlen: 24
109.122.223.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:48:74:fa:4c:ad:56:a8:97:c8:d4:a6:8c:b8:9f:bd:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7222c5ab7db3dd3966192faafe07f3115b0c8ee5
Validity
Not Before: May 5 11:12:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7e32bab6492b263dec150d7ee8df09dd33876c9f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:45:93:b9:5f:c2:16:f2:be:53:e3:c7:87:3a:
8f:b2:d4:aa:a0:b6:9b:e0:f7:af:93:a4:cc:1e:38:
5a:29:c2:9e:bd:06:c8:5a:df:b3:32:1b:06:bd:11:
76:c3:a7:a5:65:83:9e:64:3e:b9:2f:9c:0f:44:89:
b6:81:70:25:45:5e:c6:eb:b9:e9:96:79:67:a5:8e:
7b:13:ee:21:f3:e5:ed:ed:6f:0b:5a:9f:ed:19:83:
07:e1:d6:39:fb:9f:e6:1b:59:f7:76:05:db:03:07:
78:d7:34:b8:b2:b2:8b:c2:6b:22:e4:7b:ce:8e:bc:
92:70:5f:61:62:16:42:1d:b4:7f:bd:8d:86:10:85:
a7:1a:cf:bf:77:65:cf:ca:e9:35:98:cb:58:77:bf:
55:28:ba:03:57:73:9e:4c:37:63:35:d7:15:86:8c:
e3:1b:c0:71:5b:d4:f6:ca:04:2b:6f:8b:74:04:eb:
d9:50:74:23:45:9a:73:62:3e:0c:a1:41:05:5f:4c:
e2:56:21:b2:bc:9e:78:ac:f0:c6:14:73:47:86:6f:
b7:57:20:4d:0b:90:2f:11:4a:f4:dc:6a:ab:ed:9b:
87:f6:32:39:b3:78:63:e4:e2:e4:7e:01:88:c5:20:
73:d0:a6:04:db:60:73:f7:3b:06:21:31:60:43:3b:
0b:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:32:BA:B6:49:2B:26:3D:EC:15:0D:7E:E8:DF:09:DD:33:87:6C:9F
X509v3 Authority Key Identifier:
keyid:72:22:C5:AB:7D:B3:DD:39:66:19:2F:AA:FE:07:F3:11:5B:0C:8E:E5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ciLFq32z3TlmGS-q_gfzEVsMjuU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/1c60ac-ba3f-440b-868b-ea12ef9422ec/1/fjK6tkkrJj3sFQ1-6N8J3TOHbJ8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/1c60ac-ba3f-440b-868b-ea12ef9422ec/1/ciLFq32z3TlmGS-q_gfzEVsMjuU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.122.192.0-109.122.198.255
109.122.200.0-109.122.208.255
109.122.210.0-109.122.223.255
Signature Algorithm: sha256WithRSAEncryption
1f:07:75:b8:ac:1e:4c:fa:4a:03:ae:ad:69:09:bb:1b:05:7e:
c0:3d:e3:41:6c:79:de:51:e6:cb:36:a8:8b:a5:cf:fd:04:63:
9f:85:cc:37:a3:e0:55:1a:5c:f3:06:93:0b:e5:b1:e7:30:3b:
59:7f:31:6c:01:2d:ce:e6:10:e6:4f:38:3f:46:80:23:18:e4:
06:c8:fb:d7:39:07:5a:84:a9:57:15:04:9c:f4:57:80:f8:90:
da:f5:aa:ea:08:02:3e:f5:9b:eb:ca:02:d7:4a:18:d8:34:fb:
cf:70:97:bf:33:ea:dd:f8:04:d5:9e:13:6b:d2:40:7d:e6:01:
a9:05:0c:cb:cf:15:35:4c:12:04:79:f3:76:1f:e4:dd:b8:a1:
fb:8f:20:b3:61:e8:1c:d1:db:74:8b:f4:fd:ff:41:f1:a0:7e:
c4:61:9e:49:de:c6:2f:eb:12:c5:d5:92:ab:3c:d1:98:2e:0d:
44:12:ae:3b:28:5e:49:d5:c0:cb:06:04:d5:f6:3d:39:35:87:
72:30:4d:97:8f:c6:65:46:73:6c:3b:d9:d7:34:ab:0d:53:03:
2e:0e:d5:54:91:7e:0b:b9:f6:6f:bf:87:8b:8b:43:5b:65:47:
03:c4:7b:a3:3f:bf:72:eb:40:9e:9e:65:d2:27:5f:32:c4:9e:
0d:63:18:c6
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAY9IdPpMrVaol8jUpoy4n71SMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMjJjNWFiN2RiM2RkMzk2NjE5MmZhYWZlMDdmMzExNWIw
YzhlZTUwHhcNMjQwNTA1MTExMjU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZTMyYmFiNjQ5MmIyNjNkZWMxNTBkN2VlOGRmMDlkZDMzODc2YzlmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs0WTuV/CFvK+U+PHhzqPstSqoLab
4Pevk6TMHjhaKcKevQbIWt+zMhsGvRF2w6elZYOeZD65L5wPRIm2gXAlRV7G67np
lnlnpY57E+4h8+Xt7W8LWp/tGYMH4dY5+5/mG1n3dgXbAwd41zS4srKLwmsi5HvO
jryScF9hYhZCHbR/vY2GEIWnGs+/d2XPyuk1mMtYd79VKLoDV3OeTDdjNdcVhozj
G8BxW9T2ygQrb4t0BOvZUHQjRZpzYj4MoUEFX0ziViGyvJ54rPDGFHNHhm+3VyBN
C5AvEUr03Gqr7ZuH9jI5s3hj5OLkfgGIxSBz0KYE22Bz9zsGITFgQzsLHwIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFH4yurZJKyY97BUNfujfCd0zh2yfMB8GA1UdIwQY
MBaAFHIixat9s905Zhkvqv4H8xFbDI7lMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2lMRnEzMnozVGxtR1MtcV9nZnpFVnNNanVVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yy8xYzYwYWMtYmEzZi00NDBiLTg2OGIt
ZWExMmVmOTQyMmVjLzEvZmpLNnRra3JKajNzRlExLTZOOEozVE9IYko4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yy8xYzYwYWMtYmEzZi00NDBiLTg2OGItZWExMmVmOTQyMmVj
LzEvY2lMRnEzMnozVGxtR1MtcV9nZnpFVnNNanVVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqMAwDBAZtesAD
BABtesYwDAMEA216yAMEAG160DAMAwQBbXrSAwQFbXrAMA0GCSqGSIb3DQEBCwUA
A4IBAQAfB3W4rB5M+koDrq1pCbsbBX7APeNBbHneUebLNqiLpc/9BGOfhcw3o+BV
GlzzBpML5bHnMDtZfzFsAS3O5hDmTzg/RoAjGOQGyPvXOQdahKlXFQSc9FeA+JDa
9arqCAI+9ZvrygLXShjYNPvPcJe/M+rd+ATVnhNr0kB95gGpBQzLzxU1TBIEefN2
H+TduKH7jyCzYegc0dt0i/T9/0HxoH7EYZ5J3sYv6xLF1ZKrPNGYLg1EEq47KF5J
1cDLBgTV9j05NYdyME2Xj8ZlRnNsO9nXNKsNUwMuDtVUkX4LufZvv4eLi0NbZUcD
xHujP79y60CenmXSJ18yxJ4NYxjG
-----END CERTIFICATE-----
Generated at Sun Apr 20 02:53:45 2025 by rpki-client