Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/660f1d-5753-4516-8002-e76e3e293e02/1/GnJuILXqRIeGPDA9Yog8OxXn8-g.roa
File: GnJuILXqRIeGPDA9Yog8OxXn8-g.roa (raw, json)
Hash identifier: JBRnQ9Zm3a03J2IVv2ZY7GwgFGaUiBDefrdXMNCtOdk=
Subject key identifier: 1A:72:6E:20:B5:EA:44:87:86:3C:30:3D:62:88:3C:3B:15:E7:F3:E8
Certificate issuer: /CN=84470af0d89d785ba18ba617dc09e3f72c5996f3
Certificate serial: 018A07F3143CEAEC59FDF2F54B46C463A328
Authority key identifier: 84:47:0A:F0:D8:9D:78:5B:A1:8B:A6:17:DC:09:E3:F7:2C:59:96:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hEcK8NideFuhi6YX3Anj9yxZlvM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/15/660f1d-5753-4516-8002-e76e3e293e02/1/GnJuILXqRIeGPDA9Yog8OxXn8-g.roa
Signing time: Fri 18 Aug 2023 09:21:25 +0000
ROA not before: Fri 18 Aug 2023 09:21:25 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 82.206.0.0/19 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:07:f3:14:3c:ea:ec:59:fd:f2:f5:4b:46:c4:63:a3:28
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=84470af0d89d785ba18ba617dc09e3f72c5996f3
Validity
Not Before: Aug 18 09:21:25 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1a726e20b5ea4487863c303d62883c3b15e7f3e8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:73:f9:3b:29:8f:33:9b:da:02:fc:67:3b:59:
f8:44:61:ac:ef:31:44:78:9f:ae:2e:fc:65:0d:6b:
53:d7:80:05:fc:46:4b:f4:ec:53:27:d2:af:cd:a6:
51:77:68:8a:a3:01:06:63:d4:c4:ad:ea:d2:df:45:
0e:e1:4b:38:6d:a8:71:0c:25:cb:06:60:07:54:f2:
49:fa:38:7d:5e:7d:59:70:b5:4c:67:55:91:b3:65:
4f:e7:eb:e8:d9:2b:d8:91:04:b9:97:e3:b0:9e:f8:
01:2f:08:46:c5:01:ba:66:21:55:a1:89:35:06:fb:
f6:05:cc:85:3e:c3:2b:9b:b2:a4:33:60:c8:d5:4d:
8a:b0:80:d1:cb:8a:51:12:71:ca:84:ac:12:b9:46:
cc:7d:9d:08:57:83:ea:c3:e2:5a:68:60:61:44:f7:
29:e2:e3:58:5f:5b:c3:90:3e:9f:0f:5e:a8:1e:74:
50:d6:ff:e2:b4:d9:ba:0f:d0:53:50:aa:3b:0e:9a:
67:77:35:63:a5:41:dc:2e:de:09:9b:de:ca:88:10:
5a:ab:4f:e8:09:c8:96:27:f2:6f:00:0d:4d:8d:48:
70:b9:1d:d3:4f:f5:79:bb:68:82:e0:2e:2b:d4:b5:
ac:7c:11:9d:0a:fa:4f:30:51:af:5d:11:c1:7a:e7:
1a:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:72:6E:20:B5:EA:44:87:86:3C:30:3D:62:88:3C:3B:15:E7:F3:E8
X509v3 Authority Key Identifier:
keyid:84:47:0A:F0:D8:9D:78:5B:A1:8B:A6:17:DC:09:E3:F7:2C:59:96:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hEcK8NideFuhi6YX3Anj9yxZlvM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/660f1d-5753-4516-8002-e76e3e293e02/1/GnJuILXqRIeGPDA9Yog8OxXn8-g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/15/660f1d-5753-4516-8002-e76e3e293e02/1/hEcK8NideFuhi6YX3Anj9yxZlvM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.206.0.0/19
Signature Algorithm: sha256WithRSAEncryption
25:af:03:6d:35:c4:56:ea:7b:c6:a3:93:65:93:3e:ff:e4:15:
3e:85:fa:d6:1d:14:90:c4:59:4c:37:f6:47:a6:81:6a:a7:e9:
30:a6:f0:13:1a:bf:3b:c4:66:ff:a9:7f:6b:11:ba:c7:2d:d0:
b1:52:a6:e2:2a:6f:dd:8f:4c:e7:08:6a:b1:3d:fa:6f:2e:e4:
6b:89:2b:71:c0:7d:56:d8:f8:45:61:d1:4a:a2:e1:68:1e:e5:
b0:ca:95:21:d9:da:49:8e:13:b1:da:c8:1b:49:4b:f7:70:9b:
c3:31:3e:6c:c5:d5:03:9f:cb:0d:ee:32:66:6b:6f:9c:27:5e:
f0:0c:2a:dd:f2:94:b1:a8:54:20:f9:d0:e0:4b:52:44:5c:f1:
44:1d:a1:08:cb:15:6e:7c:ff:70:d2:92:56:b5:dc:cd:9a:5a:
db:d2:74:ff:be:ae:80:00:5d:3a:f6:e6:cf:0b:29:b3:0f:ed:
34:f1:a2:1d:fb:25:f6:4f:26:f1:b2:f7:8c:3e:32:5c:0d:eb:
51:8f:2c:92:c7:04:ef:61:39:35:ce:07:97:e0:5e:7a:a8:b0:
38:13:86:37:82:04:5e:91:91:71:f8:6f:eb:35:f2:77:ec:d2:
f6:8d:50:33:25:43:80:41:09:34:aa:1f:fc:2b:ba:75:de:b4:
cf:62:b3:54
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYoH8xQ86uxZ/fL1S0bEY6MoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0NDcwYWYwZDg5ZDc4NWJhMThiYTYxN2RjMDllM2Y3MmM1
OTk2ZjMwHhcNMjMwODE4MDkyMTI1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYTcyNmUyMGI1ZWE0NDg3ODYzYzMwM2Q2Mjg4M2MzYjE1ZTdmM2U4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr3P5OymPM5vaAvxnO1n4RGGs7zFE
eJ+uLvxlDWtT14AF/EZL9OxTJ9KvzaZRd2iKowEGY9TErerS30UO4Us4bahxDCXL
BmAHVPJJ+jh9Xn1ZcLVMZ1WRs2VP5+vo2SvYkQS5l+OwnvgBLwhGxQG6ZiFVoYk1
Bvv2BcyFPsMrm7KkM2DI1U2KsIDRy4pREnHKhKwSuUbMfZ0IV4Pqw+JaaGBhRPcp
4uNYX1vDkD6fD16oHnRQ1v/itNm6D9BTUKo7DppndzVjpUHcLt4Jm97KiBBaq0/o
CciWJ/JvAA1NjUhwuR3TT/V5u2iC4C4r1LWsfBGdCvpPMFGvXRHBeucaQwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBpybiC16kSHhjwwPWKIPDsV5/PoMB8GA1UdIwQY
MBaAFIRHCvDYnXhboYumF9wJ4/csWZbzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaEVjSzhOaWRlRnVoaTZZWDNBbmo5eXhabHZNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS82NjBmMWQtNTc1My00NTE2LTgwMDIt
ZTc2ZTNlMjkzZTAyLzEvR25KdUlMWHFSSWVHUERBOVlvZzhPeFhuOC1nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNS82NjBmMWQtNTc1My00NTE2LTgwMDItZTc2ZTNlMjkzZTAy
LzEvaEVjSzhOaWRlRnVoaTZZWDNBbmo5eXhabHZNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQFUs4AMA0G
CSqGSIb3DQEBCwUAA4IBAQAlrwNtNcRW6nvGo5Nlkz7/5BU+hfrWHRSQxFlMN/ZH
poFqp+kwpvATGr87xGb/qX9rEbrHLdCxUqbiKm/dj0znCGqxPfpvLuRriStxwH1W
2PhFYdFKouFoHuWwypUh2dpJjhOx2sgbSUv3cJvDMT5sxdUDn8sN7jJma2+cJ17w
DCrd8pSxqFQg+dDgS1JEXPFEHaEIyxVufP9w0pJWtdzNmlrb0nT/vq6AAF069ubP
CymzD+008aId+yX2TybxsveMPjJcDetRjyySxwTvYTk1zgeX4F56qLA4E4Y3ggRe
kZFx+G/rNfJ37NL2jVAzJUOAQQk0qh/8K7p13rTPYrNU
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:51:22 2025 by rpki-client