Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/99/ee42bb-1e49-4c21-a4d6-ec287e1d37e5/1/GuhuIwGS5V2cvZ2J-DL2PAQi5AE.roa
File: GuhuIwGS5V2cvZ2J-DL2PAQi5AE.roa (raw, json)
Hash identifier: EvGsd2Wvf3sZv1GFbGXLWRiaX+FQbXm1x2WirjbfNsQ=
Subject key identifier: 1A:E8:6E:23:01:92:E5:5D:9C:BD:9D:89:F8:32:F6:3C:04:22:E4:01
Certificate issuer: /CN=e316318247d211841f9620a9a1130010ddb486f2
Certificate serial: 0184134CD108B68E7C3CDD0E797C975F5EE3
Authority key identifier: E3:16:31:82:47:D2:11:84:1F:96:20:A9:A1:13:00:10:DD:B4:86:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4xYxgkfSEYQfliCpoRMAEN20hvI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/99/ee42bb-1e49-4c21-a4d6-ec287e1d37e5/1/GuhuIwGS5V2cvZ2J-DL2PAQi5AE.roa
Signing time: Wed 26 Oct 2022 07:58:32 +0000
ROA not before: Wed 26 Oct 2022 07:58:32 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 834
IP address blocks: 91.232.99.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:13:4c:d1:08:b6:8e:7c:3c:dd:0e:79:7c:97:5f:5e:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e316318247d211841f9620a9a1130010ddb486f2
Validity
Not Before: Oct 26 07:58:32 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=1ae86e230192e55d9cbd9d89f832f63c0422e401
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:5b:98:ee:2c:eb:c5:a5:97:a6:d5:52:96:ce:
44:02:84:49:52:5c:ed:04:8c:9a:b7:a1:b4:86:87:
dd:58:78:92:7e:82:d9:2f:da:91:20:6f:b1:7f:2d:
fe:ee:f1:8b:ce:46:de:ca:4b:16:c4:72:72:dc:91:
02:20:0d:69:7f:8c:34:4b:fa:59:ca:09:1a:9f:3c:
13:39:a1:b3:fb:14:00:8e:04:72:cd:4f:0e:7b:0d:
13:34:a7:7a:ca:fc:d1:fb:1f:bf:94:2a:08:f7:47:
86:85:e0:a7:1d:ba:91:7f:38:16:0f:86:52:7c:4c:
d2:44:d0:56:05:0b:6b:fd:ff:7e:17:ab:b1:38:d4:
75:4c:56:fd:65:44:ad:a7:0e:d5:b0:c1:ba:eb:67:
a8:94:aa:59:70:e5:81:44:0c:94:f7:8a:9a:3d:67:
06:80:e2:ab:4b:52:14:49:a0:72:65:84:77:22:be:
1d:d2:6d:b0:fc:b7:16:dc:f4:cd:1e:4a:17:92:c6:
0b:ac:5c:f4:78:ae:35:65:a3:5c:cc:09:5b:f4:6d:
de:3e:49:94:bf:ce:10:f3:40:84:86:cd:ec:cd:65:
b5:b5:87:46:fe:dd:2f:31:76:61:2d:7b:20:15:34:
9f:43:15:a4:cc:27:af:c1:1c:9d:24:57:49:df:13:
73:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:E8:6E:23:01:92:E5:5D:9C:BD:9D:89:F8:32:F6:3C:04:22:E4:01
X509v3 Authority Key Identifier:
keyid:E3:16:31:82:47:D2:11:84:1F:96:20:A9:A1:13:00:10:DD:B4:86:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4xYxgkfSEYQfliCpoRMAEN20hvI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/ee42bb-1e49-4c21-a4d6-ec287e1d37e5/1/GuhuIwGS5V2cvZ2J-DL2PAQi5AE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/99/ee42bb-1e49-4c21-a4d6-ec287e1d37e5/1/4xYxgkfSEYQfliCpoRMAEN20hvI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.232.99.0/24
Signature Algorithm: sha256WithRSAEncryption
36:d9:66:c2:20:e3:a5:04:5b:45:4d:20:56:b4:a2:45:83:66:
24:93:81:b2:f1:4a:e6:42:43:e6:28:31:86:91:75:83:51:5e:
15:93:8a:a4:17:9f:36:fe:19:1b:db:ac:cd:4f:c3:68:71:28:
72:e9:b3:76:da:e1:0d:50:c1:15:9b:ed:17:19:6a:a5:30:39:
99:22:20:e9:28:0c:c6:a6:15:c0:7b:91:95:f8:0a:a2:78:b2:
34:e3:8d:42:1c:09:17:e9:9a:bf:81:27:b9:e6:be:e1:67:61:
86:09:f9:4c:24:21:a7:16:77:e3:17:1c:c5:1c:09:ef:5b:2f:
9f:0d:69:c1:bf:29:f1:7f:0c:de:0b:8d:21:ee:a8:59:51:76:
04:cf:14:ad:8e:65:01:f8:38:4d:2b:d7:20:fa:98:87:c3:21:
fa:84:56:08:ca:3d:7f:ff:82:9c:c0:2e:0d:cb:83:f1:93:d2:
5e:c1:75:f8:ad:e4:d1:87:30:d3:15:c9:47:be:c2:a2:70:15:
14:81:74:71:7c:00:9e:64:46:c8:ec:ac:c0:4d:67:72:a4:cb:
f3:03:a3:fd:2c:94:97:e8:64:41:0a:77:e3:a1:b4:81:ba:6b:
a7:54:70:65:7e:2a:bc:d7:d0:15:f2:6b:4a:85:9c:51:90:03:
d1:d1:54:10
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYQTTNEIto58PN0OeXyXX17jMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUzMTYzMTgyNDdkMjExODQxZjk2MjBhOWExMTMwMDEwZGRi
NDg2ZjIwHhcNMjIxMDI2MDc1ODMyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYWU4NmUyMzAxOTJlNTVkOWNiZDlkODlmODMyZjYzYzA0MjJlNDAxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvluY7izrxaWXptVSls5EAoRJUlzt
BIyat6G0hofdWHiSfoLZL9qRIG+xfy3+7vGLzkbeyksWxHJy3JECIA1pf4w0S/pZ
ygkanzwTOaGz+xQAjgRyzU8Oew0TNKd6yvzR+x+/lCoI90eGheCnHbqRfzgWD4ZS
fEzSRNBWBQtr/f9+F6uxONR1TFb9ZUStpw7VsMG662eolKpZcOWBRAyU94qaPWcG
gOKrS1IUSaByZYR3Ir4d0m2w/LcW3PTNHkoXksYLrFz0eK41ZaNczAlb9G3ePkmU
v84Q80CEhs3szWW1tYdG/t0vMXZhLXsgFTSfQxWkzCevwRydJFdJ3xNztwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBrobiMBkuVdnL2difgy9jwEIuQBMB8GA1UdIwQY
MBaAFOMWMYJH0hGEH5YgqaETABDdtIbyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNHhZeGdrZlNFWVFmbGlDcG9STUFFTjIwaHZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OS9lZTQyYmItMWU0OS00YzIxLWE0ZDYt
ZWMyODdlMWQzN2U1LzEvR3VodUl3R1M1VjJjdloySi1ETDJQQVFpNUFFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OS9lZTQyYmItMWU0OS00YzIxLWE0ZDYtZWMyODdlMWQzN2U1
LzEvNHhZeGdrZlNFWVFmbGlDcG9STUFFTjIwaHZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW+hjMA0G
CSqGSIb3DQEBCwUAA4IBAQA22WbCIOOlBFtFTSBWtKJFg2Ykk4Gy8UrmQkPmKDGG
kXWDUV4Vk4qkF582/hkb26zNT8NocShy6bN22uENUMEVm+0XGWqlMDmZIiDpKAzG
phXAe5GV+AqieLI0441CHAkX6Zq/gSe55r7hZ2GGCflMJCGnFnfjFxzFHAnvWy+f
DWnBvynxfwzeC40h7qhZUXYEzxStjmUB+DhNK9cg+piHwyH6hFYIyj1//4KcwC4N
y4Pxk9JewXX4reTRhzDTFclHvsKicBUUgXRxfACeZEbI7KzATWdypMvzA6P9LJSX
6GRBCnfjobSBumunVHBlfiq819AV8mtKhZxRkAPR0VQQ
-----END CERTIFICATE-----
Generated at Mon Apr 21 15:03:09 2025 by rpki-client