Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/GiPVbOchDXEipXQXzJqzyHvtHOs.roa
File: GiPVbOchDXEipXQXzJqzyHvtHOs.roa (raw, json)
Hash identifier: mc5iqwtzeKe5fPS6YnRL/jzbE+3aCihPHhV3gkB5xOE=
Subject key identifier: 1A:23:D5:6C:E7:21:0D:71:22:A5:74:17:CC:9A:B3:C8:7B:ED:1C:EB
Certificate issuer: /CN=f8e62634e1bd5133a9de4512ae98cad1b2219b59
Certificate serial: 4189C5BA
Authority key identifier: F8:E6:26:34:E1:BD:51:33:A9:DE:45:12:AE:98:CA:D1:B2:21:9B:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/GiPVbOchDXEipXQXzJqzyHvtHOs.roa
Signing time: Sat 01 Jan 2022 10:05:58 +0000
ROA not before: Sat 01 Jan 2022 10:05:58 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 12302
IP address blocks: 31.14.34.0/24 maxlen: 24
89.45.228.0/24 maxlen: 24
89.45.44.0/23 maxlen: 23
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1099548090 (0x4189c5ba)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f8e62634e1bd5133a9de4512ae98cad1b2219b59
Validity
Not Before: Jan 1 10:05:58 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=1a23d56ce7210d7122a57417cc9ab3c87bed1ceb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:36:c7:9a:d2:d0:ea:91:d5:20:93:75:3a:be:
2b:5d:0c:94:4c:9f:bc:7e:43:09:b8:a5:11:19:bd:
47:3d:d3:57:5e:8e:6c:1e:41:85:12:24:1a:fa:6c:
d4:ed:4a:73:f1:98:24:61:1a:cc:12:ac:83:1c:e3:
3c:6f:c6:84:e8:b5:4d:d1:4c:da:5d:06:11:9c:d1:
f0:45:a0:ac:f2:85:ae:f5:04:db:90:e0:c8:67:be:
70:e7:15:89:76:20:b2:10:68:af:68:23:01:34:db:
b5:c3:98:97:56:ef:37:bc:12:04:d7:6a:18:67:ba:
56:ba:0d:86:af:8f:6c:d1:88:8f:eb:5f:76:df:e9:
05:5e:ca:90:7d:65:23:4f:99:a4:7c:80:ba:ad:b4:
43:6e:93:25:ec:82:aa:ac:bc:f5:62:05:bf:fc:8d:
ff:f0:d1:95:ee:fa:1c:70:68:06:e5:99:bc:52:9c:
19:5f:d6:0a:e8:6b:3b:5f:44:80:7c:4f:44:fe:16:
45:16:96:1e:32:b2:4d:d9:60:44:44:95:44:9a:be:
a7:74:3f:c4:89:73:38:ed:e6:af:f6:71:a1:e6:37:
9f:3e:59:65:ca:c7:83:22:22:0d:c3:7b:03:64:80:
7d:cb:17:bb:56:c7:c4:6a:ed:56:d9:fd:0c:98:b6:
9b:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:23:D5:6C:E7:21:0D:71:22:A5:74:17:CC:9A:B3:C8:7B:ED:1C:EB
X509v3 Authority Key Identifier:
keyid:F8:E6:26:34:E1:BD:51:33:A9:DE:45:12:AE:98:CA:D1:B2:21:9B:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/GiPVbOchDXEipXQXzJqzyHvtHOs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.14.34.0/24
89.45.44.0/23
89.45.228.0/24
Signature Algorithm: sha256WithRSAEncryption
d8:57:4a:05:75:2f:4b:10:b9:2c:13:4d:d7:ea:3c:b7:3d:cb:
7f:a7:0d:5b:9b:7a:a5:d4:74:fb:b8:f9:53:ac:2b:6a:03:0a:
0f:bc:f0:2b:de:22:ee:d8:2d:36:c5:ff:32:1b:96:85:dc:ca:
5f:b8:23:c2:35:79:d2:3f:f2:5c:3c:27:c2:52:67:8f:c3:8e:
d2:e8:92:f0:c3:e1:db:34:90:e6:4a:d5:50:c6:d1:6b:1b:2a:
6b:e6:7d:82:a5:fd:04:f4:66:76:7b:f9:b2:b4:d7:e0:01:fe:
f6:bc:74:a4:74:a2:c7:8e:b1:ed:18:8c:1b:32:1b:36:ad:54:
d8:9e:55:22:8a:fd:a0:85:5e:d0:5c:f4:47:8c:6f:cb:19:76:
69:73:74:75:e2:cf:78:31:38:70:1f:fd:3f:c1:52:92:82:a3:
28:ce:e9:44:9b:a7:7a:5d:b1:99:9f:45:de:69:bc:10:9e:6e:
5e:32:c8:b5:21:02:48:a0:2d:29:2f:10:35:e1:f5:05:e2:fb:
f1:fe:33:27:ee:3c:60:08:0e:e8:93:a2:fa:92:3d:62:46:e2:
6e:31:14:2a:9d:8c:7b:3e:99:16:9a:2a:50:c7:1c:68:d8:17:
7b:ac:7f:eb:ea:5f:0a:f0:30:e6:ad:18:92:0b:d7:55:f1:93:
97:4a:b4:e7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgIEQYnFujANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
OGU2MjYzNGUxYmQ1MTMzYTlkZTQ1MTJhZTk4Y2FkMWIyMjE5YjU5MB4XDTIyMDEw
MTEwMDU1OFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMWEyM2Q1NmNlNzIx
MGQ3MTIyYTU3NDE3Y2M5YWIzYzg3YmVkMWNlYjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALo2x5rS0OqR1SCTdTq+K10MlEyfvH5DCbilERm9Rz3TV16O
bB5BhRIkGvps1O1Kc/GYJGEazBKsgxzjPG/GhOi1TdFM2l0GEZzR8EWgrPKFrvUE
25DgyGe+cOcViXYgshBor2gjATTbtcOYl1bvN7wSBNdqGGe6VroNhq+PbNGIj+tf
dt/pBV7KkH1lI0+ZpHyAuq20Q26TJeyCqqy89WIFv/yN//DRle76HHBoBuWZvFKc
GV/WCuhrO19EgHxPRP4WRRaWHjKyTdlgRESVRJq+p3Q/xIlzOO3mr/ZxoeY3nz5Z
ZcrHgyIiDcN7A2SAfcsXu1bHxGrtVtn9DJi2mwMCAwEAAaOCAhcwggITMB0GA1Ud
DgQWBBQaI9Vs5yENcSKldBfMmrPIe+0c6zAfBgNVHSMEGDAWgBT45iY04b1RM6ne
RRKumMrRsiGbWTAOBgNVHQ8BAf8EBAMCB4AwZQYIKwYBBQUHAQEEWTBXMFUGCCsG
AQUFBzAChklyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzEtT1ltTk9HOVVUT3Aza1VTcnBqSzBiSWhtMWsuY2VyMIGNBggrBgEFBQcBCwSB
gDB+MHwGCCsGAQUFBzALhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS9ERUZBVUxULzc4L2RhMzM5OC02Njk4LTQ1ZjItYmFhZS05MmUyNWZlMTYzMzEv
MS9HaVBWYk9jaERYRWlwWFFYekpxenlIdnRIT3Mucm9hMIGCBgNVHR8EezB5MHeg
daBzhnFyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzc4
L2RhMzM5OC02Njk4LTQ1ZjItYmFhZS05MmUyNWZlMTYzMzEvMS8xLU9ZbU5PRzlV
VE9wM2tVU3JwakswYklobTFrLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4C
MCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAHw4iAwQBWS0sAwQAWS3kMA0G
CSqGSIb3DQEBCwUAA4IBAQDYV0oFdS9LELksE03X6jy3Pct/pw1bm3ql1HT7uPlT
rCtqAwoPvPAr3iLu2C02xf8yG5aF3MpfuCPCNXnSP/JcPCfCUmePw47S6JLww+Hb
NJDmStVQxtFrGypr5n2Cpf0E9GZ2e/mytNfgAf72vHSkdKLHjrHtGIwbMhs2rVTY
nlUiiv2ghV7QXPRHjG/LGXZpc3R14s94MThwH/0/wVKSgqMozulEm6d6XbGZn0Xe
abwQnm5eMsi1IQJIoC0pLxA14fUF4vvx/jMn7jxgCA7ok6L6kj1iRuJuMRQqnYx7
PpkWmipQxxxo2Bd7rH/r6l8K8DDmrRiSC9dV8ZOXSrTn
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:18:52 2024 by rpki-client on console-ams.rpki-client.org