Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6c/1c60ac-ba3f-440b-868b-ea12ef9422ec/1/nfvUQJitNZaWqQ6Lj4UMTXNE6L8.roa
File: nfvUQJitNZaWqQ6Lj4UMTXNE6L8.roa (raw, json)
Hash identifier: htpGjRuvS7/YQ4cPGr8ktFhTg8qWpmRCkRv+MeDZdVs=
Subject key identifier: 9D:FB:D4:40:98:AD:35:96:96:A9:0E:8B:8F:85:0C:4D:73:44:E8:BF
Certificate issuer: /CN=7222c5ab7db3dd3966192faafe07f3115b0c8ee5
Certificate serial: 03523917
Authority key identifier: 72:22:C5:AB:7D:B3:DD:39:66:19:2F:AA:FE:07:F3:11:5B:0C:8E:E5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ciLFq32z3TlmGS-q_gfzEVsMjuU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6c/1c60ac-ba3f-440b-868b-ea12ef9422ec/1/nfvUQJitNZaWqQ6Lj4UMTXNE6L8.roa
Signing time: Sat 01 Jan 2022 06:54:08 +0000
ROA not before: Sat 01 Jan 2022 06:54:08 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 49872
IP address blocks: 109.122.193.0/24 maxlen: 24
109.122.217.0/24 maxlen: 24
109.122.222.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 55720215 (0x3523917)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7222c5ab7db3dd3966192faafe07f3115b0c8ee5
Validity
Not Before: Jan 1 06:54:08 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9dfbd44098ad359696a90e8b8f850c4d7344e8bf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:67:b3:d4:c5:ea:df:d7:ac:a1:21:9a:49:e5:
cf:73:e6:69:4d:d2:b0:01:6a:95:c2:f9:22:85:01:
36:52:8b:e7:85:44:07:d5:52:f8:36:c5:95:cb:72:
0d:3f:23:3a:71:06:8b:9d:08:02:13:f4:4e:64:d1:
8c:28:d4:d5:6f:17:be:c4:29:ad:8e:7c:d8:74:f3:
1e:15:f0:28:e0:ef:5b:82:cf:f1:2c:d9:8c:bd:5a:
5c:8b:92:8d:00:b8:5b:56:09:8c:43:18:9d:75:20:
86:47:f9:23:5a:3f:5b:a5:aa:e5:a0:54:cc:72:8f:
a8:8c:89:81:b4:03:97:4b:da:cf:a6:70:3c:d7:ee:
1c:d1:cd:95:93:fa:16:ac:18:25:86:ed:1b:fa:50:
bd:cc:b8:e4:36:cd:2e:75:62:7a:7a:17:15:04:2f:
7f:e6:9a:ab:66:95:03:a6:10:5c:97:55:41:0f:a0:
79:7d:71:87:c2:bd:b8:55:9b:c0:af:76:76:b6:dd:
1e:c1:24:55:9a:80:76:42:c1:a1:22:cb:8a:2c:33:
87:f8:b5:61:bc:69:e6:3e:dc:ff:8b:7d:c4:a9:fd:
3e:f5:03:49:e2:e3:58:5f:02:8c:a1:33:96:87:4e:
c7:b1:ce:b4:5b:cf:cc:d1:76:a4:87:b8:d4:12:49:
b7:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:FB:D4:40:98:AD:35:96:96:A9:0E:8B:8F:85:0C:4D:73:44:E8:BF
X509v3 Authority Key Identifier:
keyid:72:22:C5:AB:7D:B3:DD:39:66:19:2F:AA:FE:07:F3:11:5B:0C:8E:E5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ciLFq32z3TlmGS-q_gfzEVsMjuU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/1c60ac-ba3f-440b-868b-ea12ef9422ec/1/nfvUQJitNZaWqQ6Lj4UMTXNE6L8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/1c60ac-ba3f-440b-868b-ea12ef9422ec/1/ciLFq32z3TlmGS-q_gfzEVsMjuU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.122.193.0/24
109.122.217.0/24
109.122.222.0/24
Signature Algorithm: sha256WithRSAEncryption
9a:d4:4c:af:cf:55:5d:a9:dd:f4:65:fc:d5:6a:c2:d1:5d:d4:
6b:44:8a:c6:50:3f:ac:90:88:ff:8e:16:f0:c3:c7:8c:bf:41:
01:f8:93:fa:2a:74:88:70:7d:99:71:10:69:b8:14:f8:2b:48:
1d:a7:f6:9c:cc:c3:63:04:4b:44:84:96:9e:d2:c6:0f:31:c2:
10:fc:df:1d:7b:b4:90:c0:28:ee:d5:b0:fc:72:97:9a:4c:b3:
46:b0:a2:ac:b8:55:9c:58:be:6a:aa:61:99:21:75:19:f5:cf:
da:0b:6a:8f:76:e6:a6:11:95:0a:a1:fb:23:43:4f:4b:86:be:
48:ce:46:33:61:6c:7e:53:20:5a:c9:02:c3:39:0c:13:8d:35:
06:82:5d:ce:ec:fd:2c:d8:f5:6e:7b:79:46:db:fb:d7:a5:c2:
22:fc:92:91:ed:d6:7f:e3:cd:49:61:70:cd:66:de:07:2d:bc:
dd:9c:68:a4:a9:72:ff:f1:f5:0e:2b:78:57:71:81:d4:cc:ca:
79:07:3b:c7:f8:e4:8e:0d:44:22:ca:65:84:98:29:0d:bf:9d:
2b:b3:d3:f5:a6:a6:85:a9:de:96:6c:53:db:61:3f:3e:b6:a4:
01:46:c7:3d:e6:b5:f4:bc:aa:af:97:78:de:74:b0:c2:4c:88:
ef:b1:db:fd
-----BEGIN CERTIFICATE-----
MIIE+zCCA+OgAwIBAgIEA1I5FzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
MjIyYzVhYjdkYjNkZDM5NjYxOTJmYWFmZTA3ZjMxMTViMGM4ZWU1MB4XDTIyMDEw
MTA2NTQwOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOWRmYmQ0NDA5OGFk
MzU5Njk2YTkwZThiOGY4NTBjNGQ3MzQ0ZThiZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALlns9TF6t/XrKEhmknlz3PmaU3SsAFqlcL5IoUBNlKL54VE
B9VS+DbFlctyDT8jOnEGi50IAhP0TmTRjCjU1W8XvsQprY582HTzHhXwKODvW4LP
8SzZjL1aXIuSjQC4W1YJjEMYnXUghkf5I1o/W6Wq5aBUzHKPqIyJgbQDl0vaz6Zw
PNfuHNHNlZP6FqwYJYbtG/pQvcy45DbNLnVienoXFQQvf+aaq2aVA6YQXJdVQQ+g
eX1xh8K9uFWbwK92drbdHsEkVZqAdkLBoSLLiiwzh/i1Ybxp5j7c/4t9xKn9PvUD
SeLjWF8CjKEzlodOx7HOtFvPzNF2pIe41BJJt4sCAwEAAaOCAhUwggIRMB0GA1Ud
DgQWBBSd+9RAmK01lpapDouPhQxNc0TovzAfBgNVHSMEGDAWgBRyIsWrfbPdOWYZ
L6r+B/MRWwyO5TAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2NpTEZxMzJ6M1RsbUdTLXFfZ2Z6RVZzTWp1VS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNmMvMWM2MGFjLWJhM2YtNDQwYi04NjhiLWVhMTJlZjk0MjJlYy8x
L25mdlVRSml0TlphV3FRNkxqNFVNVFhORTZMOC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNmMv
MWM2MGFjLWJhM2YtNDQwYi04NjhiLWVhMTJlZjk0MjJlYy8xL2NpTEZxMzJ6M1Rs
bUdTLXFfZ2Z6RVZzTWp1VS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAr
BggrBgEFBQcBBwEB/wQcMBowGAQCAAEwEgMEAG16wQMEAG162QMEAG163jANBgkq
hkiG9w0BAQsFAAOCAQEAmtRMr89VXand9GX81WrC0V3Ua0SKxlA/rJCI/44W8MPH
jL9BAfiT+ip0iHB9mXEQabgU+CtIHaf2nMzDYwRLRISWntLGDzHCEPzfHXu0kMAo
7tWw/HKXmkyzRrCirLhVnFi+aqphmSF1GfXP2gtqj3bmphGVCqH7I0NPS4a+SM5G
M2FsflMgWskCwzkME401BoJdzuz9LNj1bnt5Rtv716XCIvySke3Wf+PNSWFwzWbe
By283ZxopKly//H1Dit4V3GB1MzKeQc7x/jkjg1EIsplhJgpDb+dK7PT9aamhane
lmxT22E/PrakAUbHPea19Lyqr5d43nSwwkyI77Hb/Q==
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:26:03 2025 by rpki-client