Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/gmykggt94_No6VenuwFZ1H7wQiY.roa
File: gmykggt94_No6VenuwFZ1H7wQiY.roa (raw, json)
Hash identifier: OZlG77oAoP4nXR06FzQzOwP7XRhXp0Ul2A49kAngJyc=
Subject key identifier: 82:6C:A4:82:0B:7D:E3:F3:68:E9:57:A7:BB:01:59:D4:7E:F0:42:26
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0194282512F18D12D4A444A0FD0E80B9EB0E
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/gmykggt94_No6VenuwFZ1H7wQiY.roa
Signing time: Thu 02 Jan 2025 17:51:45 +0000
ROA not before: Thu 02 Jan 2025 17:51:45 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215224
IP address blocks: 193.124.227.0/24 maxlen: 24
194.87.53.0/24 maxlen: 24
194.135.46.0/24 maxlen: 24
195.133.55.0/24 maxlen: 24
212.192.247.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:25:12:f1:8d:12:d4:a4:44:a0:fd:0e:80:b9:eb:0e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Jan 2 17:51:45 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=826ca4820b7de3f368e957a7bb0159d47ef04226
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:05:50:ff:d6:57:06:0b:0f:01:62:8f:9d:3a:
31:36:35:0e:33:4d:d9:82:82:03:31:81:a2:22:72:
da:c6:99:32:84:55:11:46:2d:40:0b:87:1f:35:6e:
a0:96:2a:bf:80:b6:13:a9:7f:b0:9d:99:85:19:11:
59:8d:3c:6a:c3:16:db:fd:ac:dd:9b:d6:e3:ae:cf:
67:23:cd:61:4f:76:37:4b:1c:7f:99:3e:18:6f:90:
b6:d1:1e:4d:1d:24:a1:cf:10:c8:a4:80:56:af:b3:
22:28:3e:10:aa:b1:1a:96:f3:7b:9c:9c:52:62:d3:
e9:b0:ff:94:89:81:97:58:0d:3e:31:96:0e:92:80:
97:f7:d4:dd:49:09:8f:42:91:44:19:a6:e3:4b:b7:
0e:ec:ba:bc:05:1c:7f:00:73:26:e7:2e:90:f7:1c:
bd:3f:47:26:af:15:aa:5a:0e:64:a8:54:57:7d:4d:
d3:06:16:46:40:59:f4:6f:6f:35:60:fc:77:af:a3:
43:80:4a:8b:b7:2b:54:9f:c6:cd:7f:61:cf:26:78:
57:95:03:71:a1:70:de:af:42:ec:f5:9a:6f:d5:81:
29:bc:08:a0:24:f7:bd:02:87:59:c2:b3:f3:1d:4d:
a5:08:a5:df:32:ca:37:99:7c:f2:52:32:f8:46:eb:
87:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:6C:A4:82:0B:7D:E3:F3:68:E9:57:A7:BB:01:59:D4:7E:F0:42:26
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/gmykggt94_No6VenuwFZ1H7wQiY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.124.227.0/24
194.87.53.0/24
194.135.46.0/24
195.133.55.0/24
212.192.247.0/24
Signature Algorithm: sha256WithRSAEncryption
04:1a:b7:ce:7f:47:77:38:f5:db:05:ff:5c:2b:a1:ac:e9:4c:
aa:4a:af:2b:dd:f5:b0:1c:69:7f:fc:23:68:fd:2d:18:0e:ab:
bf:0a:55:87:18:1a:a6:fc:3e:a1:48:46:4b:8f:2e:45:92:e7:
a6:db:2f:f7:95:96:f0:7c:27:fb:06:ac:32:ec:de:fe:9c:65:
5d:9e:b4:b8:3e:59:29:05:b5:80:41:a0:e6:6e:df:fb:dc:56:
40:7f:05:96:17:42:9f:e1:64:5f:e6:b3:e6:23:31:c5:f9:be:
40:7e:9c:15:60:8b:09:8a:3f:40:33:07:d3:0d:2a:96:4a:04:
7a:da:1e:47:17:e0:31:61:97:43:b5:85:1d:ac:a9:46:fa:63:
6c:36:aa:49:98:7b:11:4c:5e:6c:52:05:ed:d9:3c:8b:9e:07:
fe:ff:fd:30:38:bb:23:b3:a1:6d:58:cf:dc:84:12:c8:13:99:
e1:53:a4:5f:41:d3:05:07:0c:44:13:fd:14:34:1d:3e:7a:f7:
89:64:e0:6f:37:0c:33:82:9f:34:ff:ff:ba:3f:b1:3f:b5:49:
e3:1d:a8:3f:8b:53:c1:ba:93:39:37:01:8d:53:97:ec:db:ac:
93:c8:6e:b0:08:51:3f:b1:c2:b1:b0:10:c6:e8:22:12:7b:07:
0e:56:e7:0b
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZQoJRLxjRLUpESg/Q6AuesOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjUwMTAyMTc1MTQ1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MjZjYTQ4MjBiN2RlM2YzNjhlOTU3YTdiYjAxNTlkNDdlZjA0MjI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoQVQ/9ZXBgsPAWKPnToxNjUOM03Z
goIDMYGiInLaxpkyhFURRi1AC4cfNW6gliq/gLYTqX+wnZmFGRFZjTxqwxbb/azd
m9bjrs9nI81hT3Y3Sxx/mT4Yb5C20R5NHSShzxDIpIBWr7MiKD4QqrEalvN7nJxS
YtPpsP+UiYGXWA0+MZYOkoCX99TdSQmPQpFEGabjS7cO7Lq8BRx/AHMm5y6Q9xy9
P0cmrxWqWg5kqFRXfU3TBhZGQFn0b281YPx3r6NDgEqLtytUn8bNf2HPJnhXlQNx
oXDer0Ls9Zpv1YEpvAigJPe9AodZwrPzHU2lCKXfMso3mXzyUjL4RuuHswIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFIJspIILfePzaOlXp7sBWdR+8EImMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvZ215a2dndDk0X05vNlZlbnV3RloxSDd3UWlZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAwXzjAwQA
wlc1AwQAwocuAwQAw4U3AwQA1MD3MA0GCSqGSIb3DQEBCwUAA4IBAQAEGrfOf0d3
OPXbBf9cK6Gs6UyqSq8r3fWwHGl//CNo/S0YDqu/ClWHGBqm/D6hSEZLjy5Fkuem
2y/3lZbwfCf7Bqwy7N7+nGVdnrS4PlkpBbWAQaDmbt/73FZAfwWWF0Kf4WRf5rPm
IzHF+b5AfpwVYIsJij9AMwfTDSqWSgR62h5HF+AxYZdDtYUdrKlG+mNsNqpJmHsR
TF5sUgXt2TyLngf+//0wOLsjs6FtWM/chBLIE5nhU6RfQdMFBwxEE/0UNB0+eveJ
ZOBvNwwzgp80//+6P7E/tUnjHag/i1PBupM5NwGNU5fs26yTyG6wCFE/scKxsBDG
6CISewcOVucL
-----END CERTIFICATE-----
Generated at Fri Apr 18 20:23:12 2025 by rpki-client