Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6c/1c60ac-ba3f-440b-868b-ea12ef9422ec/1/hywT0hhxpE-qb8SqWg6LZ39C8h8.roa
File: hywT0hhxpE-qb8SqWg6LZ39C8h8.roa (raw, json)
Hash identifier: MvxIfGy2muHDZpq9JYLWg6JGP1Vjwv8KTEGOfx8FOkM=
Subject key identifier: 87:2C:13:D2:18:71:A4:4F:AA:6F:C4:AA:5A:0E:8B:67:7F:42:F2:1F
Certificate issuer: /CN=7222c5ab7db3dd3966192faafe07f3115b0c8ee5
Certificate serial: 018F55C491BAA351E5DFF0FAA43ABCFD5103
Authority key identifier: 72:22:C5:AB:7D:B3:DD:39:66:19:2F:AA:FE:07:F3:11:5B:0C:8E:E5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ciLFq32z3TlmGS-q_gfzEVsMjuU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6c/1c60ac-ba3f-440b-868b-ea12ef9422ec/1/hywT0hhxpE-qb8SqWg6LZ39C8h8.roa
Signing time: Wed 08 May 2024 01:14:56 +0000
ROA not before: Wed 08 May 2024 01:14:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49872
IP address blocks: 109.122.192.0/24 maxlen: 24
109.122.193.0/24 maxlen: 24
109.122.194.0/24 maxlen: 24
109.122.195.0/24 maxlen: 24
109.122.196.0/24 maxlen: 24
109.122.197.0/24 maxlen: 24
109.122.198.0/24 maxlen: 24
109.122.199.0/24 maxlen: 24
109.122.200.0/24 maxlen: 24
109.122.201.0/24 maxlen: 24
109.122.202.0/24 maxlen: 24
109.122.203.0/24 maxlen: 24
109.122.204.0/24 maxlen: 24
109.122.205.0/24 maxlen: 24
109.122.206.0/24 maxlen: 24
109.122.207.0/24 maxlen: 24
109.122.208.0/24 maxlen: 24
109.122.209.0/24 maxlen: 24
109.122.210.0/24 maxlen: 24
109.122.211.0/24 maxlen: 24
109.122.212.0/24 maxlen: 24
109.122.213.0/24 maxlen: 24
109.122.214.0/24 maxlen: 24
109.122.215.0/24 maxlen: 24
109.122.216.0/24 maxlen: 24
109.122.217.0/24 maxlen: 24
109.122.218.0/24 maxlen: 24
109.122.219.0/24 maxlen: 24
109.122.220.0/24 maxlen: 24
109.122.221.0/24 maxlen: 24
109.122.222.0/24 maxlen: 24
109.122.223.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:55:c4:91:ba:a3:51:e5:df:f0:fa:a4:3a:bc:fd:51:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7222c5ab7db3dd3966192faafe07f3115b0c8ee5
Validity
Not Before: May 8 01:14:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=872c13d21871a44faa6fc4aa5a0e8b677f42f21f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:03:1a:89:af:e4:a8:62:f3:b4:95:12:7e:4e:
84:87:6e:70:21:1e:c6:ac:5e:9d:d6:64:65:6e:61:
97:4c:ff:46:a8:c6:59:bb:ab:40:14:5e:8b:b3:77:
be:4a:e2:1b:65:84:70:20:9e:5b:97:89:ec:0e:4d:
cd:d1:2e:a4:74:a0:9a:96:cd:fe:d1:b2:b5:f6:40:
24:33:66:12:10:49:c3:64:d7:8a:e6:52:02:3e:21:
5a:77:1e:dd:d5:1d:0b:d8:cc:0d:8f:9c:80:63:50:
c1:e6:3a:8e:08:8c:40:38:b3:68:75:b6:0e:06:74:
65:ca:e8:f6:81:75:17:72:76:6c:e4:c2:33:bc:8a:
62:4c:c3:ae:03:5e:af:b9:00:da:d0:cc:e9:ea:a3:
ff:3a:1f:c6:b8:6f:47:88:17:c4:78:cd:94:95:21:
c4:c3:a0:69:c9:ac:aa:85:56:e1:39:4c:b6:fc:ee:
d0:02:07:22:d2:82:3c:8b:f3:ae:f1:72:0e:cb:54:
4a:cc:29:b1:2a:9b:c8:06:40:37:7b:f0:32:cc:e7:
5c:11:49:c0:1f:99:87:c8:4f:4c:12:41:3c:fc:5b:
b6:f5:62:25:6c:a2:d0:6e:2e:61:5e:51:7c:a5:8e:
2d:ef:b1:da:d2:53:51:13:55:53:96:14:e2:81:a5:
af:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:2C:13:D2:18:71:A4:4F:AA:6F:C4:AA:5A:0E:8B:67:7F:42:F2:1F
X509v3 Authority Key Identifier:
keyid:72:22:C5:AB:7D:B3:DD:39:66:19:2F:AA:FE:07:F3:11:5B:0C:8E:E5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ciLFq32z3TlmGS-q_gfzEVsMjuU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/1c60ac-ba3f-440b-868b-ea12ef9422ec/1/hywT0hhxpE-qb8SqWg6LZ39C8h8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/1c60ac-ba3f-440b-868b-ea12ef9422ec/1/ciLFq32z3TlmGS-q_gfzEVsMjuU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.122.192.0/19
Signature Algorithm: sha256WithRSAEncryption
82:65:46:ee:f4:13:ac:d4:00:9a:e9:b6:1c:04:2c:ee:8a:59:
80:d4:bc:2e:b5:3b:c8:f4:db:4b:80:a9:f8:59:d7:d9:a2:b4:
17:3a:3c:f6:3a:99:51:8b:8f:08:94:14:ca:ce:dc:e0:bd:26:
51:15:9c:2a:e2:b5:ff:a3:8c:a7:a0:5f:b0:45:5f:a8:41:b8:
9d:83:33:b2:28:4d:3d:79:ad:50:b6:00:55:c8:28:67:3e:bd:
64:ef:0f:75:86:2b:c9:78:b8:5f:c5:d4:00:a7:45:5a:5a:a5:
f9:ba:3f:cb:0c:c1:b1:82:7b:1b:05:72:1c:9c:d8:29:98:f9:
73:a8:66:46:53:86:d4:da:40:80:67:50:c2:26:77:28:6e:e9:
b5:d9:6e:47:17:38:64:4a:3f:21:da:1c:d3:39:a1:35:0f:18:
01:5b:d3:a7:27:94:94:9a:66:c0:d8:75:ce:fd:cc:77:10:8f:
81:5f:01:d3:61:f6:4d:39:82:84:f4:6a:df:06:d8:3c:d3:8c:
55:b5:1d:f0:3a:35:f3:51:3f:57:cd:f0:24:ff:e0:fd:8f:32:
9f:d2:e9:ed:04:48:13:01:21:90:17:38:48:44:a1:10:06:d4:
ee:8c:8e:5c:db:68:2d:8e:68:b8:12:c7:1b:93:34:73:39:e0:
cf:ab:d6:bf
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY9VxJG6o1Hl3/D6pDq8/VEDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMjJjNWFiN2RiM2RkMzk2NjE5MmZhYWZlMDdmMzExNWIw
YzhlZTUwHhcNMjQwNTA4MDExNDU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NzJjMTNkMjE4NzFhNDRmYWE2ZmM0YWE1YTBlOGI2NzdmNDJmMjFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqAMaia/kqGLztJUSfk6Eh25wIR7G
rF6d1mRlbmGXTP9GqMZZu6tAFF6Ls3e+SuIbZYRwIJ5bl4nsDk3N0S6kdKCals3+
0bK19kAkM2YSEEnDZNeK5lICPiFadx7d1R0L2MwNj5yAY1DB5jqOCIxAOLNodbYO
BnRlyuj2gXUXcnZs5MIzvIpiTMOuA16vuQDa0Mzp6qP/Oh/GuG9HiBfEeM2UlSHE
w6BpyayqhVbhOUy2/O7QAgci0oI8i/Ou8XIOy1RKzCmxKpvIBkA3e/AyzOdcEUnA
H5mHyE9MEkE8/Fu29WIlbKLQbi5hXlF8pY4t77Ha0lNRE1VTlhTigaWvzQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIcsE9IYcaRPqm/EqloOi2d/QvIfMB8GA1UdIwQY
MBaAFHIixat9s905Zhkvqv4H8xFbDI7lMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2lMRnEzMnozVGxtR1MtcV9nZnpFVnNNanVVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yy8xYzYwYWMtYmEzZi00NDBiLTg2OGIt
ZWExMmVmOTQyMmVjLzEvaHl3VDBoaHhwRS1xYjhTcVdnNkxaMzlDOGg4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yy8xYzYwYWMtYmEzZi00NDBiLTg2OGItZWExMmVmOTQyMmVj
LzEvY2lMRnEzMnozVGxtR1MtcV9nZnpFVnNNanVVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQFbXrAMA0G
CSqGSIb3DQEBCwUAA4IBAQCCZUbu9BOs1ACa6bYcBCzuilmA1LwutTvI9NtLgKn4
WdfZorQXOjz2OplRi48IlBTKztzgvSZRFZwq4rX/o4ynoF+wRV+oQbidgzOyKE09
ea1QtgBVyChnPr1k7w91hivJeLhfxdQAp0VaWqX5uj/LDMGxgnsbBXIcnNgpmPlz
qGZGU4bU2kCAZ1DCJncobum12W5HFzhkSj8h2hzTOaE1DxgBW9OnJ5SUmmbA2HXO
/cx3EI+BXwHTYfZNOYKE9GrfBtg804xVtR3wOjXzUT9XzfAk/+D9jzKf0untBEgT
ASGQFzhIRKEQBtTujI5c22gtjmi4EscbkzRzOeDPq9a/
-----END CERTIFICATE-----
Generated at Mon Aug 19 17:20:31 2024 by rpki-client on console-fra.rpki-client.org