Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/147fe0-fb50-4e84-bca4-135f497c3264/1/nii612-STpoVcGJNU_TxjF39GhA.roa
File: nii612-STpoVcGJNU_TxjF39GhA.roa (raw, json)
Hash identifier: V+2WKzlieqS5Esagp5Tkz1+uOjPNe6wNczCvKDXkcPY=
Subject key identifier: 9E:28:BA:D7:6F:92:4E:9A:15:70:62:4D:53:F4:F1:8C:5D:FD:1A:10
Certificate issuer: /CN=1d53c2c8bb7364a553242f3f1773362227b30e94
Certificate serial: 018572B3F9DE00AE83269F3977407548451D
Authority key identifier: 1D:53:C2:C8:BB:73:64:A5:53:24:2F:3F:17:73:36:22:27:B3:0E:94
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HVPCyLtzZKVTJC8_F3M2IiezDpQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/147fe0-fb50-4e84-bca4-135f497c3264/1/nii612-STpoVcGJNU_TxjF39GhA.roa
Signing time: Mon 02 Jan 2023 13:37:55 +0000
ROA not before: Mon 02 Jan 2023 13:37:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 59545
IP address blocks: 109.205.192.0/24 maxlen: 24
109.205.192.0/23 maxlen: 24
109.205.196.0/23 maxlen: 24
109.205.193.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:b3:f9:de:00:ae:83:26:9f:39:77:40:75:48:45:1d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1d53c2c8bb7364a553242f3f1773362227b30e94
Validity
Not Before: Jan 2 13:37:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9e28bad76f924e9a1570624d53f4f18c5dfd1a10
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:fb:36:f2:e7:f4:75:4a:50:60:9d:c3:91:41:
98:bc:f8:35:99:d6:d0:f2:92:2e:0d:b2:9e:0a:dc:
b2:3b:8b:cf:40:e5:d3:c2:71:94:7a:d1:de:ad:db:
09:bb:ae:55:83:49:61:1d:0e:72:60:b9:6b:b5:b9:
b3:72:99:54:96:51:72:92:fd:2b:3e:55:1f:cf:96:
47:e8:ca:2a:a9:da:f0:36:d6:d5:47:48:71:6e:f3:
96:5b:f3:27:c8:42:1c:c2:63:40:fb:2c:9d:d1:ce:
70:4e:e7:e5:66:03:7a:43:c4:c5:9e:89:19:51:01:
f5:70:f4:26:94:2f:d1:89:b9:cd:1f:81:ce:dc:81:
c0:30:64:32:97:d9:3c:0f:09:12:30:bb:49:58:53:
9f:ac:b7:a8:16:30:63:23:b6:00:25:4e:d6:41:2c:
6d:c1:9b:4e:a3:49:7c:84:af:83:3f:da:84:06:d1:
79:1f:39:91:f9:b8:7e:a2:0a:cd:5b:7e:05:03:bf:
5b:36:50:87:1c:8a:0a:b7:6f:ec:09:07:04:ae:e8:
fc:c5:f7:cd:f8:71:e7:dd:bc:1a:fb:76:a6:6d:11:
04:40:09:b1:99:d9:8e:f7:b1:dc:61:04:81:5b:52:
cc:9f:8d:d7:fd:c4:9c:25:68:82:1a:e4:b3:ce:3a:
c4:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:28:BA:D7:6F:92:4E:9A:15:70:62:4D:53:F4:F1:8C:5D:FD:1A:10
X509v3 Authority Key Identifier:
keyid:1D:53:C2:C8:BB:73:64:A5:53:24:2F:3F:17:73:36:22:27:B3:0E:94
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HVPCyLtzZKVTJC8_F3M2IiezDpQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/147fe0-fb50-4e84-bca4-135f497c3264/1/nii612-STpoVcGJNU_TxjF39GhA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/147fe0-fb50-4e84-bca4-135f497c3264/1/HVPCyLtzZKVTJC8_F3M2IiezDpQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.205.192.0/23
109.205.196.0/23
Signature Algorithm: sha256WithRSAEncryption
9b:88:e2:37:01:91:92:17:26:ea:d5:f8:85:27:7f:05:4b:01:
af:67:d2:1c:5a:df:b4:81:02:8a:30:38:7e:d8:4a:fa:ff:c7:
28:05:cd:40:7a:38:52:58:af:f6:59:ee:b5:d8:61:b9:3f:90:
ce:f8:75:43:6e:33:75:32:09:5e:a0:55:56:79:8e:3f:9b:26:
ae:32:34:a4:76:b8:10:d9:ab:0a:1f:96:43:12:f3:b3:5c:2c:
e2:8d:ca:73:a3:e6:e7:c1:31:6f:95:50:d9:15:40:6c:d2:59:
ec:b9:a7:1d:e6:af:76:b3:3e:b4:67:c9:2a:a5:c6:58:55:a3:
7f:45:cc:6b:ee:1c:e8:2f:06:e6:3f:30:39:84:8e:f8:2f:a2:
38:95:62:60:e3:0f:e0:f9:93:59:f9:6a:46:39:a6:d3:3d:59:
fa:8a:6f:83:d8:61:66:e6:54:cd:27:7c:dd:f9:6d:ad:83:9b:
52:cd:b0:3c:e1:dc:86:d8:0b:03:12:ce:b5:70:9b:8a:c8:3b:
82:59:6c:78:60:8a:99:ee:b1:98:5c:97:ef:13:89:3e:60:2d:
36:9a:69:07:08:04:71:0f:33:ba:b0:42:ef:ed:f0:53:d3:d2:
08:68:93:d1:19:6f:0d:74:a8:b5:26:c9:c4:bb:ec:f3:e9:60:
e8:05:0e:04
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVys/neAK6DJp85d0B1SEUdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFkNTNjMmM4YmI3MzY0YTU1MzI0MmYzZjE3NzMzNjIyMjdi
MzBlOTQwHhcNMjMwMTAyMTMzNzU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZTI4YmFkNzZmOTI0ZTlhMTU3MDYyNGQ1M2Y0ZjE4YzVkZmQxYTEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlvs28uf0dUpQYJ3DkUGYvPg1mdbQ
8pIuDbKeCtyyO4vPQOXTwnGUetHerdsJu65Vg0lhHQ5yYLlrtbmzcplUllFykv0r
PlUfz5ZH6MoqqdrwNtbVR0hxbvOWW/MnyEIcwmNA+yyd0c5wTuflZgN6Q8TFnokZ
UQH1cPQmlC/RibnNH4HO3IHAMGQyl9k8DwkSMLtJWFOfrLeoFjBjI7YAJU7WQSxt
wZtOo0l8hK+DP9qEBtF5HzmR+bh+ogrNW34FA79bNlCHHIoKt2/sCQcEruj8xffN
+HHn3bwa+3ambREEQAmxmdmO97HcYQSBW1LMn43X/cScJWiCGuSzzjrEJQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJ4outdvkk6aFXBiTVP08Yxd/RoQMB8GA1UdIwQY
MBaAFB1Twsi7c2SlUyQvPxdzNiInsw6UMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSFZQQ3lMdHpaS1ZUSkM4X0YzTTJJaWV6RHBRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC8xNDdmZTAtZmI1MC00ZTg0LWJjYTQt
MTM1ZjQ5N2MzMjY0LzEvbmlpNjEyLVNUcG9WY0dKTlVfVHhqRjM5R2hBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC8xNDdmZTAtZmI1MC00ZTg0LWJjYTQtMTM1ZjQ5N2MzMjY0
LzEvSFZQQ3lMdHpaS1ZUSkM4X0YzTTJJaWV6RHBRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBbc3AAwQB
bc3EMA0GCSqGSIb3DQEBCwUAA4IBAQCbiOI3AZGSFybq1fiFJ38FSwGvZ9IcWt+0
gQKKMDh+2Er6/8coBc1AejhSWK/2We612GG5P5DO+HVDbjN1MgleoFVWeY4/myau
MjSkdrgQ2asKH5ZDEvOzXCzijcpzo+bnwTFvlVDZFUBs0lnsuacd5q92sz60Z8kq
pcZYVaN/Rcxr7hzoLwbmPzA5hI74L6I4lWJg4w/g+ZNZ+WpGOabTPVn6im+D2GFm
5lTNJ3zd+W2tg5tSzbA84dyG2AsDEs61cJuKyDuCWWx4YIqZ7rGYXJfvE4k+YC02
mmkHCARxDzO6sELv7fBT09IIaJPRGW8NdKi1JsnEu+zz6WDoBQ4E
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:51:51 2024 by rpki-client on console-ams.rpki-client.org