Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/GBi6aAxHhF0p-Ae7w4iR1A1jg3I.roa
File: GBi6aAxHhF0p-Ae7w4iR1A1jg3I.roa (raw, json)
Hash identifier: 4ukY8cUnvuXl7d84IxAvHqv294AnLKD+z5WMfKy5Rc4=
Subject key identifier: 18:18:BA:68:0C:47:84:5D:29:F8:07:BB:C3:88:91:D4:0D:63:83:72
Certificate issuer: /CN=05b1d13c2e26e12786246a5ec4c5bea69864b20f
Certificate serial: 01861339C3E9D57BEB51645CB7779D8872CC
Authority key identifier: 05:B1:D1:3C:2E:26:E1:27:86:24:6A:5E:C4:C5:BE:A6:98:64:B2:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BbHRPC4m4SeGJGpexMW-pphksg8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/GBi6aAxHhF0p-Ae7w4iR1A1jg3I.roa
Signing time: Thu 02 Feb 2023 17:43:18 +0000
ROA not before: Thu 02 Feb 2023 17:43:18 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211529
IP address blocks: 194.5.95.0/24 maxlen: 24
45.66.118.0/24 maxlen: 24
45.129.185.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:13:39:c3:e9:d5:7b:eb:51:64:5c:b7:77:9d:88:72:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=05b1d13c2e26e12786246a5ec4c5bea69864b20f
Validity
Not Before: Feb 2 17:43:18 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1818ba680c47845d29f807bbc38891d40d638372
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:6d:5f:57:1d:69:4c:a6:9c:e9:86:58:a8:10:
79:0e:e1:6b:af:55:0e:87:29:55:5c:3c:46:d5:37:
d6:d4:87:2e:04:ba:67:d2:a8:3d:c6:b9:29:d8:76:
5c:77:b4:3b:0a:26:08:10:dd:78:c8:02:cc:08:8e:
9d:83:b7:51:60:09:d5:f9:8f:4e:1d:2f:4e:ef:b4:
02:ce:93:31:35:d6:97:ae:27:21:b3:a9:95:68:2b:
e7:f0:e6:90:0a:57:37:23:06:14:06:72:58:c5:a1:
e7:cb:29:5f:be:a4:bd:06:b4:93:db:76:e2:10:e2:
76:05:f5:21:2c:fa:09:2b:e7:c4:20:8b:e8:2d:e3:
9b:a3:01:54:2f:07:91:ef:4d:51:56:b9:74:62:1b:
1d:8f:33:94:84:19:97:42:db:ad:6c:5b:3b:60:92:
64:42:2b:72:7b:2f:bf:37:55:6c:75:a6:60:58:45:
31:c8:70:20:f6:ad:30:5d:9b:84:c5:26:9c:2d:5b:
21:9d:8a:45:1a:b9:d9:44:a1:ff:ae:a3:de:7e:74:
e2:a4:4c:66:f9:36:39:d5:68:f5:79:b7:aa:65:11:
f8:9a:2f:11:11:86:d1:23:8e:e7:7b:d7:f4:ff:dd:
44:b0:bf:45:bc:79:ba:c2:53:a1:ce:c9:3d:50:bb:
87:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:18:BA:68:0C:47:84:5D:29:F8:07:BB:C3:88:91:D4:0D:63:83:72
X509v3 Authority Key Identifier:
keyid:05:B1:D1:3C:2E:26:E1:27:86:24:6A:5E:C4:C5:BE:A6:98:64:B2:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BbHRPC4m4SeGJGpexMW-pphksg8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/GBi6aAxHhF0p-Ae7w4iR1A1jg3I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/BbHRPC4m4SeGJGpexMW-pphksg8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.66.118.0/24
45.129.185.0/24
194.5.95.0/24
Signature Algorithm: sha256WithRSAEncryption
7e:76:ba:49:6b:5d:4a:9d:c7:c7:4a:f2:f1:59:b3:f1:9a:30:
a0:ba:31:db:c2:45:ee:58:92:41:bb:e5:aa:f0:23:0a:69:2d:
a0:64:af:ee:c4:10:4d:d1:3c:d1:af:2a:e0:19:59:54:be:1a:
fd:86:67:33:af:00:8f:74:15:c0:4e:f7:63:7e:4d:96:8f:b9:
9c:10:5c:b2:09:b4:04:04:78:3c:82:9f:a2:dd:2e:ca:b7:04:
89:00:07:5c:d1:87:e9:74:7f:ae:fc:e7:cc:62:a0:d9:45:2c:
ad:2e:2e:cb:68:52:c3:5c:12:76:51:a7:29:e4:a8:a8:4c:3a:
9e:ec:31:fd:2d:48:f8:78:2c:55:be:21:36:62:24:d4:be:e4:
a5:a0:10:5a:e0:21:9d:e9:9b:3a:79:c2:74:fd:28:7f:72:ca:
b0:02:f2:5c:d6:1c:dd:97:71:2d:0f:43:56:29:6f:09:1c:44:
33:38:1e:ea:57:a1:39:23:2a:1b:52:57:fc:20:2d:89:97:47:
db:b1:34:a2:52:80:65:73:94:08:a5:df:ad:d9:32:09:b9:d7:
b7:88:59:83:9c:d3:32:e5:cc:31:61:d9:34:43:9a:a0:1e:d7:
fb:05:20:b0:60:84:36:a0:2a:03:2a:78:04:ce:fd:3d:a8:a8:
47:69:7c:98
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYYTOcPp1XvrUWRct3ediHLMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1YjFkMTNjMmUyNmUxMjc4NjI0NmE1ZWM0YzViZWE2OTg2
NGIyMGYwHhcNMjMwMjAyMTc0MzE4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxODE4YmE2ODBjNDc4NDVkMjlmODA3YmJjMzg4OTFkNDBkNjM4MzcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi21fVx1pTKac6YZYqBB5DuFrr1UO
hylVXDxG1TfW1IcuBLpn0qg9xrkp2HZcd7Q7CiYIEN14yALMCI6dg7dRYAnV+Y9O
HS9O77QCzpMxNdaXrichs6mVaCvn8OaQClc3IwYUBnJYxaHnyylfvqS9BrST23bi
EOJ2BfUhLPoJK+fEIIvoLeObowFULweR701RVrl0YhsdjzOUhBmXQtutbFs7YJJk
Qityey+/N1VsdaZgWEUxyHAg9q0wXZuExSacLVshnYpFGrnZRKH/rqPefnTipExm
+TY51Wj1ebeqZRH4mi8REYbRI47ne9f0/91EsL9FvHm6wlOhzsk9ULuHWwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFBgYumgMR4RdKfgHu8OIkdQNY4NyMB8GA1UdIwQY
MBaAFAWx0TwuJuEnhiRqXsTFvqaYZLIPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQmJIUlBDNG00U2VHSkdwZXhNVy1wcGhrc2c4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC9jNjEwOTItNzM0YS00ZWVmLTlkNjct
NDkwNTI0M2JjODI4LzEvR0JpNmFBeEhoRjBwLUFlN3c0aVIxQTFqZzNJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOC9jNjEwOTItNzM0YS00ZWVmLTlkNjctNDkwNTI0M2JjODI4
LzEvQmJIUlBDNG00U2VHSkdwZXhNVy1wcGhrc2c4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQALUJ2AwQA
LYG5AwQAwgVfMA0GCSqGSIb3DQEBCwUAA4IBAQB+drpJa11KncfHSvLxWbPxmjCg
ujHbwkXuWJJBu+Wq8CMKaS2gZK/uxBBN0TzRryrgGVlUvhr9hmczrwCPdBXATvdj
fk2Wj7mcEFyyCbQEBHg8gp+i3S7KtwSJAAdc0YfpdH+u/OfMYqDZRSytLi7LaFLD
XBJ2Uacp5KioTDqe7DH9LUj4eCxVviE2YiTUvuSloBBa4CGd6Zs6ecJ0/Sh/csqw
AvJc1hzdl3EtD0NWKW8JHEQzOB7qV6E5IyobUlf8IC2Jl0fbsTSiUoBlc5QIpd+t
2TIJude3iFmDnNMy5cwxYdk0Q5qgHtf7BSCwYIQ2oCoDKngEzv09qKhHaXyY
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:05:47 2023 by rpki-client on console-ams.rpki-client.org