Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e9/b3987a-4504-4749-9d73-df572fe9672a/1/6s_srSOhoiJ5h_9eYI996JDOLWE.roa
File: 6s_srSOhoiJ5h_9eYI996JDOLWE.roa (raw, json)
Hash identifier: +H9EGuar7B4a/XxFAqroMPSosFEPUyBYpZhV3U+G4fI=
Subject key identifier: EA:CF:EC:AD:23:A1:A2:22:79:87:FF:5E:60:8F:7D:E8:90:CE:2D:61
Certificate issuer: /CN=dbb396dfa951ec4157f211e5ed740ed97e1b0f3f
Certificate serial: 018D5F7B69754AD91B1B64F8374D3AE97300
Authority key identifier: DB:B3:96:DF:A9:51:EC:41:57:F2:11:E5:ED:74:0E:D9:7E:1B:0F:3F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/27OW36lR7EFX8hHl7XQO2X4bDz8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e9/b3987a-4504-4749-9d73-df572fe9672a/1/6s_srSOhoiJ5h_9eYI996JDOLWE.roa
Signing time: Wed 31 Jan 2024 12:25:39 +0000
ROA not before: Wed 31 Jan 2024 12:25:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 199995
IP address blocks: 109.71.77.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:5f:7b:69:75:4a:d9:1b:1b:64:f8:37:4d:3a:e9:73:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dbb396dfa951ec4157f211e5ed740ed97e1b0f3f
Validity
Not Before: Jan 31 12:25:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=eacfecad23a1a2227987ff5e608f7de890ce2d61
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:a6:73:89:e1:95:f9:bf:4c:bc:32:29:f0:2b:
f6:14:8b:dd:74:29:6f:e2:d9:f9:cb:bc:20:f1:9c:
5a:71:f5:93:cf:ca:40:9a:f5:1f:be:c6:4e:eb:b4:
c5:64:62:3f:6e:49:e7:11:39:da:0b:ee:41:23:f5:
ab:1b:97:da:94:1a:cb:08:44:a1:1c:3b:f3:cf:82:
0d:28:07:ea:2d:db:a5:f8:8a:90:76:7c:d1:64:cb:
43:c5:8e:a6:83:04:fa:63:42:27:3c:9d:0b:d0:a4:
b4:da:6d:1e:7a:59:5c:3c:cf:38:af:5e:7e:e3:57:
65:bb:69:d9:c7:b7:dd:c8:5f:c7:c4:44:3d:5b:01:
1f:8c:86:a1:d0:e7:77:bf:09:17:56:96:aa:22:b4:
b8:02:1e:5a:3f:4b:05:84:f6:c0:bd:75:16:dc:9d:
fb:33:6f:eb:12:58:84:61:e4:06:71:07:f9:92:ea:
cf:ec:f4:5b:3d:82:d4:c3:0d:2b:8f:df:b1:b8:bf:
2b:70:28:1a:d3:f6:60:df:3f:60:46:bc:7c:4b:b9:
a7:41:6e:9e:66:ca:46:72:da:16:0b:11:7b:70:26:
26:82:80:ef:60:73:d2:cf:09:56:a9:f0:7c:bf:76:
65:8c:00:d1:42:af:3e:fb:e2:5b:4e:20:36:49:57:
35:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EA:CF:EC:AD:23:A1:A2:22:79:87:FF:5E:60:8F:7D:E8:90:CE:2D:61
X509v3 Authority Key Identifier:
keyid:DB:B3:96:DF:A9:51:EC:41:57:F2:11:E5:ED:74:0E:D9:7E:1B:0F:3F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/27OW36lR7EFX8hHl7XQO2X4bDz8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/b3987a-4504-4749-9d73-df572fe9672a/1/6s_srSOhoiJ5h_9eYI996JDOLWE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/b3987a-4504-4749-9d73-df572fe9672a/1/27OW36lR7EFX8hHl7XQO2X4bDz8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.71.77.0/24
Signature Algorithm: sha256WithRSAEncryption
71:18:de:63:72:c4:82:34:d7:f7:63:66:01:c1:a8:3d:22:63:
f0:55:75:15:dc:80:48:b5:04:cb:29:73:4d:d2:e1:fb:8c:92:
6b:b3:9f:52:28:fb:ba:95:48:f7:65:94:8b:ca:7d:9d:47:88:
94:6d:cb:3c:51:80:ee:ee:d1:fc:54:0f:0b:7a:60:67:66:51:
2c:e8:5d:db:2a:da:db:c0:af:b2:61:ed:0c:d8:d0:8b:d5:8b:
40:88:87:e4:02:40:d7:92:a0:f1:4e:0d:34:54:b6:95:a4:32:
f5:41:8c:de:91:78:b3:67:3a:c3:eb:6b:c4:98:58:6f:ac:07:
9f:d6:70:6c:c5:20:62:7e:2b:9a:01:df:99:80:f5:96:b3:67:
86:bb:76:1a:9d:4c:48:01:ce:46:19:cd:28:fc:6e:44:81:49:
d5:92:39:07:49:4c:c0:f8:ec:0e:7a:b3:42:53:2a:e7:cd:fb:
21:cb:fe:cf:ee:ba:ba:48:54:bd:04:f7:8f:e1:68:a1:71:10:
2f:5b:22:77:2b:d6:63:be:83:e1:2d:a7:0e:ed:ab:47:46:00:
29:b8:79:fb:c7:ab:5c:e6:70:7b:88:91:46:d5:a3:20:c3:38:
0f:9f:70:91:ce:1f:53:1a:e0:50:82:73:c6:c8:17:7d:7f:8a:
40:99:4e:37
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY1fe2l1StkbG2T4N0066XMAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRiYjM5NmRmYTk1MWVjNDE1N2YyMTFlNWVkNzQwZWQ5N2Ux
YjBmM2YwHhcNMjQwMTMxMTIyNTM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYWNmZWNhZDIzYTFhMjIyNzk4N2ZmNWU2MDhmN2RlODkwY2UyZDYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApKZzieGV+b9MvDIp8Cv2FIvddClv
4tn5y7wg8ZxacfWTz8pAmvUfvsZO67TFZGI/bknnETnaC+5BI/WrG5falBrLCESh
HDvzz4INKAfqLdul+IqQdnzRZMtDxY6mgwT6Y0InPJ0L0KS02m0eellcPM84r15+
41dlu2nZx7fdyF/HxEQ9WwEfjIah0Od3vwkXVpaqIrS4Ah5aP0sFhPbAvXUW3J37
M2/rEliEYeQGcQf5kurP7PRbPYLUww0rj9+xuL8rcCga0/Zg3z9gRrx8S7mnQW6e
ZspGctoWCxF7cCYmgoDvYHPSzwlWqfB8v3ZljADRQq8+++JbTiA2SVc1MwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOrP7K0joaIieYf/XmCPfeiQzi1hMB8GA1UdIwQY
MBaAFNuzlt+pUexBV/IR5e10Dtl+Gw8/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMjdPVzM2bFI3RUZYOGhIbDdYUU8yWDRiRHo4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOS9iMzk4N2EtNDUwNC00NzQ5LTlkNzMt
ZGY1NzJmZTk2NzJhLzEvNnNfc3JTT2hvaUo1aF85ZVlJOTk2SkRPTFdFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOS9iMzk4N2EtNDUwNC00NzQ5LTlkNzMtZGY1NzJmZTk2NzJh
LzEvMjdPVzM2bFI3RUZYOGhIbDdYUU8yWDRiRHo4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAbUdNMA0G
CSqGSIb3DQEBCwUAA4IBAQBxGN5jcsSCNNf3Y2YBwag9ImPwVXUV3IBItQTLKXNN
0uH7jJJrs59SKPu6lUj3ZZSLyn2dR4iUbcs8UYDu7tH8VA8LemBnZlEs6F3bKtrb
wK+yYe0M2NCL1YtAiIfkAkDXkqDxTg00VLaVpDL1QYzekXizZzrD62vEmFhvrAef
1nBsxSBifiuaAd+ZgPWWs2eGu3YanUxIAc5GGc0o/G5EgUnVkjkHSUzA+OwOerNC
Uyrnzfshy/7P7rq6SFS9BPeP4WihcRAvWyJ3K9ZjvoPhLacO7atHRgApuHn7x6tc
5nB7iJFG1aMgwzgPn3CRzh9TGuBQgnPGyBd9f4pAmU43
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:58:10 2024 by rpki-client on console-fra.rpki-client.org