Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6c/1c60ac-ba3f-440b-868b-ea12ef9422ec/1/ZJDxmEq7bVdfHNc-10fzoTzxGHs.roa
File: ZJDxmEq7bVdfHNc-10fzoTzxGHs.roa (raw, json)
Hash identifier: Nq50kyPdaOuPrgFhcF3ZrCZDqykfP2KArzJVcqZ7wEM=
Subject key identifier: 64:90:F1:98:4A:BB:6D:57:5F:1C:D7:3E:D7:47:F3:A1:3C:F1:18:7B
Certificate issuer: /CN=7222c5ab7db3dd3966192faafe07f3115b0c8ee5
Certificate serial: 018DF09710550299C6029E5CA8D35F65744D
Authority key identifier: 72:22:C5:AB:7D:B3:DD:39:66:19:2F:AA:FE:07:F3:11:5B:0C:8E:E5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ciLFq32z3TlmGS-q_gfzEVsMjuU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6c/1c60ac-ba3f-440b-868b-ea12ef9422ec/1/ZJDxmEq7bVdfHNc-10fzoTzxGHs.roa
Signing time: Wed 28 Feb 2024 16:40:48 +0000
ROA not before: Wed 28 Feb 2024 16:40:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 7354
IP address blocks: 109.122.214.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:f0:97:10:55:02:99:c6:02:9e:5c:a8:d3:5f:65:74:4d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7222c5ab7db3dd3966192faafe07f3115b0c8ee5
Validity
Not Before: Feb 28 16:40:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6490f1984abb6d575f1cd73ed747f3a13cf1187b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f5:f3:40:40:37:4c:ed:41:c2:ef:03:b6:25:5b:
b8:a0:fb:52:7f:a0:bb:95:f0:31:ab:f1:4d:49:d8:
d9:75:cc:bf:6f:57:8e:ac:32:3b:a1:35:19:f9:a4:
e3:a6:ae:0b:93:69:e2:13:0c:cf:6c:66:44:db:1d:
c6:7c:1a:17:36:ac:69:75:95:30:e7:99:b6:ff:1e:
a1:d5:46:b4:6e:c8:46:94:b9:11:35:54:eb:a3:53:
ef:ad:67:20:57:25:3b:3b:3a:e2:a0:91:2e:a9:2e:
cb:bb:f9:c4:bb:18:22:d0:b3:b1:62:ba:a6:fa:69:
fa:d1:1a:08:f5:9c:d5:eb:af:4f:42:8a:aa:37:7a:
38:12:2f:fd:14:f1:11:32:89:98:cd:ea:13:95:68:
35:e1:f2:69:ce:42:71:b6:d4:06:79:6c:a2:de:c4:
a6:14:af:0c:b6:c3:44:83:e4:de:fa:6d:0c:02:3a:
b9:71:6d:f3:81:e5:f6:28:a3:9f:18:d2:11:ae:d6:
e7:e3:1d:01:01:a4:dd:94:ec:bc:2d:75:c7:d4:e4:
0e:7d:97:b3:b9:34:2d:99:50:2c:a6:f9:e3:3d:8f:
f6:a9:84:97:17:16:9c:cb:0a:54:39:7c:9a:92:2c:
b5:be:11:98:b3:f6:61:21:d3:4b:8f:6a:d3:4e:4b:
1f:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:90:F1:98:4A:BB:6D:57:5F:1C:D7:3E:D7:47:F3:A1:3C:F1:18:7B
X509v3 Authority Key Identifier:
keyid:72:22:C5:AB:7D:B3:DD:39:66:19:2F:AA:FE:07:F3:11:5B:0C:8E:E5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ciLFq32z3TlmGS-q_gfzEVsMjuU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/1c60ac-ba3f-440b-868b-ea12ef9422ec/1/ZJDxmEq7bVdfHNc-10fzoTzxGHs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/1c60ac-ba3f-440b-868b-ea12ef9422ec/1/ciLFq32z3TlmGS-q_gfzEVsMjuU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.122.214.0/24
Signature Algorithm: sha256WithRSAEncryption
01:4f:39:7f:c0:43:60:76:cd:a8:0c:97:ff:65:8c:15:e7:b9:
da:22:f6:5b:40:77:cd:f0:61:1a:87:15:27:9f:de:66:8f:81:
d9:85:17:a0:5e:99:3d:9b:25:23:c2:ad:3c:b5:ec:c4:4d:cd:
b7:70:26:ac:ea:7b:6a:0c:6c:25:9d:0c:c6:c8:8b:1a:75:8e:
9f:bd:06:b2:a6:23:6e:ec:5d:93:22:b6:af:05:74:71:db:33:
e0:00:99:31:dc:66:6e:cc:f3:a6:1f:6e:79:a2:3c:bf:13:cf:
b4:f9:fe:90:78:5e:4b:38:03:99:61:2a:16:a7:6d:94:21:b6:
09:34:6c:44:19:31:ed:0c:0e:01:bb:4b:5d:2c:b9:08:37:99:
37:da:49:5f:34:47:d3:aa:29:b8:e2:36:b3:8c:16:06:8c:05:
76:4a:39:77:da:01:8b:c4:3c:1b:1f:e1:b1:27:bd:db:ff:81:
4e:aa:27:19:ce:4b:d0:31:23:68:89:45:3f:1d:bb:95:cd:ef:
dd:25:ac:84:81:12:34:06:a8:7f:68:89:cd:80:75:b4:ce:5c:
c7:a4:8b:07:1a:15:e9:10:37:38:8d:8d:59:28:b6:36:74:ba:
fe:99:8b:52:9f:6a:bd:47:4b:22:9d:b9:25:6c:d6:4e:ad:2e:
9d:7a:29:64
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY3wlxBVApnGAp5cqNNfZXRNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMjJjNWFiN2RiM2RkMzk2NjE5MmZhYWZlMDdmMzExNWIw
YzhlZTUwHhcNMjQwMjI4MTY0MDQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NDkwZjE5ODRhYmI2ZDU3NWYxY2Q3M2VkNzQ3ZjNhMTNjZjExODdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9fNAQDdM7UHC7wO2JVu4oPtSf6C7
lfAxq/FNSdjZdcy/b1eOrDI7oTUZ+aTjpq4Lk2niEwzPbGZE2x3GfBoXNqxpdZUw
55m2/x6h1Ua0bshGlLkRNVTro1PvrWcgVyU7OzrioJEuqS7Lu/nEuxgi0LOxYrqm
+mn60RoI9ZzV669PQoqqN3o4Ei/9FPERMomYzeoTlWg14fJpzkJxttQGeWyi3sSm
FK8MtsNEg+Te+m0MAjq5cW3zgeX2KKOfGNIRrtbn4x0BAaTdlOy8LXXH1OQOfZez
uTQtmVAspvnjPY/2qYSXFxacywpUOXyakiy1vhGYs/ZhIdNLj2rTTksfKwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGSQ8ZhKu21XXxzXPtdH86E88Rh7MB8GA1UdIwQY
MBaAFHIixat9s905Zhkvqv4H8xFbDI7lMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2lMRnEzMnozVGxtR1MtcV9nZnpFVnNNanVVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yy8xYzYwYWMtYmEzZi00NDBiLTg2OGIt
ZWExMmVmOTQyMmVjLzEvWkpEeG1FcTdiVmRmSE5jLTEwZnpvVHp4R0hzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yy8xYzYwYWMtYmEzZi00NDBiLTg2OGItZWExMmVmOTQyMmVj
LzEvY2lMRnEzMnozVGxtR1MtcV9nZnpFVnNNanVVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAbXrWMA0G
CSqGSIb3DQEBCwUAA4IBAQABTzl/wENgds2oDJf/ZYwV57naIvZbQHfN8GEahxUn
n95mj4HZhRegXpk9myUjwq08tezETc23cCas6ntqDGwlnQzGyIsadY6fvQaypiNu
7F2TIravBXRx2zPgAJkx3GZuzPOmH255ojy/E8+0+f6QeF5LOAOZYSoWp22UIbYJ
NGxEGTHtDA4Bu0tdLLkIN5k32klfNEfTqim44jazjBYGjAV2Sjl32gGLxDwbH+Gx
J73b/4FOqicZzkvQMSNoiUU/HbuVze/dJayEgRI0Bqh/aInNgHW0zlzHpIsHGhXp
EDc4jY1ZKLY2dLr+mYtSn2q9R0sinbklbNZOrS6deilk
-----END CERTIFICATE-----
Generated at Wed Mar 6 18:13:29 2024 by rpki-client on console.sobornost.net