Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/GyNDcsnr8_u_0niwJnqTT1Vayoo.roa
File: GyNDcsnr8_u_0niwJnqTT1Vayoo.roa (raw, json)
Hash identifier: PmT90IBHoGHpP02oW1OM3rqhm+850T3E4yjn2gHqU2Y=
Subject key identifier: 1B:23:43:72:C9:EB:F3:FB:BF:D2:78:B0:26:7A:93:4F:55:5A:CA:8A
Certificate issuer: /CN=b557ccd43afe816e4953228bf14a75dc29014b8d
Certificate serial: 0187277F71C6D788AA9F25BDE0D77D2C31F9
Authority key identifier: B5:57:CC:D4:3A:FE:81:6E:49:53:22:8B:F1:4A:75:DC:29:01:4B:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tVfM1Dr-gW5JUyKL8Up13CkBS40.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/GyNDcsnr8_u_0niwJnqTT1Vayoo.roa
Signing time: Tue 28 Mar 2023 09:14:36 +0000
ROA not before: Tue 28 Mar 2023 09:14:36 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 7018
IP address blocks: 185.123.156.0/22 maxlen: 23
185.130.40.0/22 maxlen: 23
46.161.210.0/23 maxlen: 23
46.161.216.0/22 maxlen: 23
2a0c:9e04::/32 maxlen: 32
2a0c:9e03::/32 maxlen: 32
2a0c:9e07::/32 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:27:7f:71:c6:d7:88:aa:9f:25:bd:e0:d7:7d:2c:31:f9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b557ccd43afe816e4953228bf14a75dc29014b8d
Validity
Not Before: Mar 28 09:14:36 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1b234372c9ebf3fbbfd278b0267a934f555aca8a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:c2:99:79:fd:bb:f9:0a:60:54:60:da:35:ef:
5a:f0:fd:10:e5:98:24:30:ba:6d:13:a0:e2:c5:c9:
d0:3a:13:4e:d9:b0:30:cb:57:d4:d6:24:f8:e7:28:
52:0f:1a:0f:f1:af:af:b6:f1:f0:40:3b:a8:2c:26:
20:8b:b7:a5:fb:dd:be:40:7f:d3:f3:aa:6a:9d:42:
22:6b:ed:6a:e1:77:98:7a:c1:a5:5c:3a:9f:c9:95:
f6:65:4b:53:3b:bd:0c:2a:17:7e:dc:80:46:9e:6f:
fc:5d:a4:59:17:13:33:26:83:5e:47:d3:b7:ac:ba:
3f:f1:99:04:03:40:aa:09:93:59:6c:f6:66:07:22:
1e:a8:bc:48:97:11:ba:0e:a2:78:8d:fd:81:4c:e4:
01:a7:a9:7d:1c:e9:d6:ee:40:d0:9a:aa:04:b1:a2:
2a:21:08:11:aa:08:8d:a2:2f:d3:9e:f6:cf:3d:6e:
83:98:47:e5:16:cd:6b:11:32:f0:d7:bb:9f:0c:f6:
96:87:98:05:10:90:18:b2:b2:46:58:84:3a:29:c0:
22:1c:b5:92:dd:fa:40:04:d2:86:9d:58:79:99:06:
8c:3b:72:82:79:5b:bc:29:ab:d0:72:ad:b4:e3:43:
48:ff:bf:76:27:6c:c9:07:29:fc:f8:1f:e5:93:6d:
32:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:23:43:72:C9:EB:F3:FB:BF:D2:78:B0:26:7A:93:4F:55:5A:CA:8A
X509v3 Authority Key Identifier:
keyid:B5:57:CC:D4:3A:FE:81:6E:49:53:22:8B:F1:4A:75:DC:29:01:4B:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tVfM1Dr-gW5JUyKL8Up13CkBS40.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/GyNDcsnr8_u_0niwJnqTT1Vayoo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/tVfM1Dr-gW5JUyKL8Up13CkBS40.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.161.210.0/23
46.161.216.0/22
185.123.156.0/22
185.130.40.0/22
IPv6:
2a0c:9e03::-2a0c:9e04:ffff:ffff:ffff:ffff:ffff:ffff
2a0c:9e07::/32
Signature Algorithm: sha256WithRSAEncryption
49:da:7d:75:02:4b:36:8a:4b:de:3a:f9:ce:79:0e:80:7e:5e:
fd:36:eb:b9:65:ca:2d:65:8f:26:17:9a:6f:82:a6:8c:86:f0:
c8:2f:a3:7b:91:08:a8:61:76:6b:12:72:b1:80:ab:ad:41:49:
4a:53:82:5c:92:35:7b:7d:6b:66:f7:c0:81:6c:38:b5:ef:ad:
81:0a:f6:b5:ac:12:4d:e7:db:92:f9:51:cd:7f:85:fd:32:83:
bf:04:ec:e3:36:e0:d3:71:46:8d:b8:1f:9f:3d:9b:c5:e6:43:
58:8a:8c:c8:f1:a1:93:99:99:a3:4b:ce:2b:c7:b0:5f:de:1e:
6a:ec:31:ce:b7:57:83:72:25:c2:a5:bc:d0:28:d5:0d:c6:4e:
03:13:9f:54:d2:93:ac:7d:2d:82:ba:46:bb:8a:cc:fd:49:fb:
56:b0:d2:42:ba:8b:c2:3c:da:9c:16:48:04:f1:9d:c1:a0:9e:
7d:b2:7c:4e:56:7f:b0:69:46:ea:05:9d:b7:64:6e:22:49:dd:
c4:19:47:81:a4:1f:4b:71:4a:de:32:7a:a8:22:8b:57:0a:21:
0d:43:86:70:b2:3f:0a:d0:87:b3:f0:48:5a:56:4a:0a:38:ba:
2a:f8:8d:20:aa:9f:6f:da:c8:05:2f:5d:2a:e1:e7:54:55:df:
39:34:fd:dd
-----BEGIN CERTIFICATE-----
MIIFLjCCBBagAwIBAgISAYcnf3HG14iqnyW94Nd9LDH5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI1NTdjY2Q0M2FmZTgxNmU0OTUzMjI4YmYxNGE3NWRjMjkw
MTRiOGQwHhcNMjMwMzI4MDkxNDM2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYjIzNDM3MmM5ZWJmM2ZiYmZkMjc4YjAyNjdhOTM0ZjU1NWFjYThhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2cKZef27+QpgVGDaNe9a8P0Q5Zgk
MLptE6DixcnQOhNO2bAwy1fU1iT45yhSDxoP8a+vtvHwQDuoLCYgi7el+92+QH/T
86pqnUIia+1q4XeYesGlXDqfyZX2ZUtTO70MKhd+3IBGnm/8XaRZFxMzJoNeR9O3
rLo/8ZkEA0CqCZNZbPZmByIeqLxIlxG6DqJ4jf2BTOQBp6l9HOnW7kDQmqoEsaIq
IQgRqgiNoi/TnvbPPW6DmEflFs1rETLw17ufDPaWh5gFEJAYsrJGWIQ6KcAiHLWS
3fpABNKGnVh5mQaMO3KCeVu8KavQcq2040NI/792J2zJByn8+B/lk20ykQIDAQAB
o4ICOjCCAjYwHQYDVR0OBBYEFBsjQ3LJ6/P7v9J4sCZ6k09VWsqKMB8GA1UdIwQY
MBaAFLVXzNQ6/oFuSVMii/FKddwpAUuNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFZmTTFEci1nVzVKVXlLTDhVcDEzQ2tCUzQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYi8xOTA4NDMtMTgwMy00NDYyLWE3OTUt
NmJjNzU1NzhiNGMzLzEvR3lORGNzbnI4X3VfMG5pd0pucVRUMVZheW9vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYi8xOTA4NDMtMTgwMy00NDYyLWE3OTUtNmJjNzU1NzhiNGMz
LzEvdFZmTTFEci1nVzVKVXlLTDhVcDEzQ2tCUzQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFAGCCsGAQUFBwEHAQH/BEEwPzAeBAIAATAYAwQBLqHSAwQC
LqHYAwQCuXucAwQCuYIoMB0EAgACMBcwDgMFACoMngMDBQAqDJ4EAwUAKgyeBzAN
BgkqhkiG9w0BAQsFAAOCAQEASdp9dQJLNopL3jr5znkOgH5e/TbruWXKLWWPJhea
b4KmjIbwyC+je5EIqGF2axJysYCrrUFJSlOCXJI1e31rZvfAgWw4te+tgQr2tawS
TefbkvlRzX+F/TKDvwTs4zbg03FGjbgfnz2bxeZDWIqMyPGhk5mZo0vOK8ewX94e
auwxzrdXg3IlwqW80CjVDcZOAxOfVNKTrH0tgrpGu4rM/Un7VrDSQrqLwjzanBZI
BPGdwaCefbJ8TlZ/sGlG6gWdt2RuIkndxBlHgaQfS3FK3jJ6qCKLVwohDUOGcLI/
CtCHs/BIWlZKCji6KviNIKqfb9rIBS9dKuHnVFXfOTT93Q==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:52:17 2024 by rpki-client on console-ams.rpki-client.org