Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/gjHHHzcu_2oaXn1eVml1cit_OtM.roa
File: gjHHHzcu_2oaXn1eVml1cit_OtM.roa (raw, json)
Hash identifier: qRBzNlYNAi8WJk79FabkkvQ0mZpPea4KrTJygAe07Vg=
Subject key identifier: 82:31:C7:1F:37:2E:FF:6A:1A:5E:7D:5E:56:69:75:72:2B:7F:3A:D3
Certificate issuer: /CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Certificate serial: 018C44EAD73B6F439E3A1B58203F8CDD4F18
Authority key identifier: 8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/gjHHHzcu_2oaXn1eVml1cit_OtM.roa
Signing time: Thu 07 Dec 2023 15:34:50 +0000
ROA not before: Thu 07 Dec 2023 15:34:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 398465
IP address blocks: 185.255.99.0/24 maxlen: 24
194.180.238.0/24 maxlen: 24
185.15.136.0/23 maxlen: 24
89.32.126.0/24 maxlen: 24
92.118.108.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:44:ea:d7:3b:6f:43:9e:3a:1b:58:20:3f:8c:dd:4f:18
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Validity
Not Before: Dec 7 15:34:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8231c71f372eff6a1a5e7d5e566975722b7f3ad3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:ce:f3:7a:9d:5e:f4:ba:1c:59:18:d8:89:ca:
e9:29:e7:92:a9:f9:45:4d:0a:94:8b:3e:29:d2:7a:
f9:11:8e:c9:5f:ac:62:66:5e:58:57:3b:86:90:b6:
cc:8a:f2:99:d5:c8:63:33:70:91:e1:28:98:db:58:
69:e4:f1:a2:fa:7b:98:ea:5f:72:e1:1c:8b:46:b4:
38:2b:fa:9b:a8:1d:53:2c:db:26:b3:22:f1:1b:d9:
69:49:ea:66:3e:8a:d1:db:41:0c:c6:4b:38:de:a9:
43:db:14:e7:8e:cc:47:18:fb:18:49:97:72:d8:7c:
d7:7c:00:e2:0d:fe:72:3c:b2:0b:bc:00:07:aa:d1:
0c:20:a7:c9:83:54:19:e7:9c:7e:5a:9b:ae:15:0d:
0e:b5:4f:e2:a3:e5:95:b1:50:46:22:89:6d:24:fa:
fe:a6:67:b4:c1:ce:96:6d:8c:62:01:a7:8a:23:40:
28:c7:92:a8:7d:99:fd:d1:78:47:ac:5f:5f:f6:4f:
e7:59:03:e4:5c:09:ae:73:88:bb:3f:b0:25:aa:3d:
3f:ef:d0:19:e9:46:30:10:0c:44:51:db:05:2c:43:
fa:c8:19:90:83:a2:68:b3:88:a1:88:a2:be:51:5c:
8a:44:13:67:5a:2b:50:42:f6:b8:8d:7e:46:1e:0b:
90:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:31:C7:1F:37:2E:FF:6A:1A:5E:7D:5E:56:69:75:72:2B:7F:3A:D3
X509v3 Authority Key Identifier:
keyid:8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/gjHHHzcu_2oaXn1eVml1cit_OtM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.32.126.0/24
92.118.108.0/24
185.15.136.0/23
185.255.99.0/24
194.180.238.0/24
Signature Algorithm: sha256WithRSAEncryption
82:26:94:fa:01:2d:1b:75:b7:8a:84:1d:0f:cc:d1:39:89:0b:
a1:95:41:1e:62:3d:39:34:6c:b5:3b:e2:32:5e:28:74:44:12:
24:b1:6c:05:5b:c2:e1:43:72:2f:b0:0b:1f:e4:94:4a:38:70:
e2:21:41:a5:9f:48:ff:65:2d:cd:8f:e6:eb:da:78:ff:09:4c:
a4:b4:1e:22:34:51:45:5c:ee:ec:49:3d:69:6b:7d:4d:ca:86:
fa:0d:0d:f1:dd:e1:25:71:37:e2:44:81:f4:65:b7:cd:50:77:
dd:ea:7d:93:2b:5e:76:27:89:a4:c2:58:d7:f8:2d:10:d2:13:
11:33:84:c9:0a:a6:46:e9:d6:60:45:ad:ff:68:7e:c7:87:a9:
de:80:ab:0b:26:6b:98:4e:de:bf:af:70:68:e3:96:b3:96:7c:
94:ff:68:93:7b:fc:13:c4:92:e1:30:59:98:d7:d5:73:6a:43:
c7:f3:49:be:8a:5c:9c:74:50:53:66:37:43:65:a9:91:0c:2a:
2a:be:d8:25:de:9e:16:a6:d2:22:7b:06:0c:9b:60:6a:23:22:
63:12:9e:ca:8d:ac:a0:26:16:de:7f:2e:91:59:8a:c6:f5:3b:
c5:00:4d:e6:4b:ea:06:55:6f:4c:a0:26:0b:76:1f:4d:0b:1b:
a5:7a:b1:59
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYxE6tc7b0OeOhtYID+M3U8YMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiYWIzMDY4Mzg1OWVjN2UwMjA2ZmU5MjY1MzYzZThlMzk3
MWE5YTgwHhcNMjMxMjA3MTUzNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MjMxYzcxZjM3MmVmZjZhMWE1ZTdkNWU1NjY5NzU3MjJiN2YzYWQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhc7zep1e9LocWRjYicrpKeeSqflF
TQqUiz4p0nr5EY7JX6xiZl5YVzuGkLbMivKZ1chjM3CR4SiY21hp5PGi+nuY6l9y
4RyLRrQ4K/qbqB1TLNsmsyLxG9lpSepmPorR20EMxks43qlD2xTnjsxHGPsYSZdy
2HzXfADiDf5yPLILvAAHqtEMIKfJg1QZ55x+WpuuFQ0OtU/io+WVsVBGIoltJPr+
pme0wc6WbYxiAaeKI0Aox5KofZn90XhHrF9f9k/nWQPkXAmuc4i7P7Alqj0/79AZ
6UYwEAxEUdsFLEP6yBmQg6Jos4ihiKK+UVyKRBNnWitQQva4jX5GHguQiQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFIIxxx83Lv9qGl59XlZpdXIrfzrTMB8GA1UdIwQY
MBaAFIurMGg4Wex+Agb+kmU2Po45camoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQt
M2FjOWU1NmMzMDg5LzEvZ2pISEh6Y3VfMm9hWG4xZVZtbDFjaXRfT3RNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQtM2FjOWU1NmMzMDg5
LzEvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAWSB+AwQA
XHZsAwQBuQ+IAwQAuf9jAwQAwrTuMA0GCSqGSIb3DQEBCwUAA4IBAQCCJpT6AS0b
dbeKhB0PzNE5iQuhlUEeYj05NGy1O+IyXih0RBIksWwFW8LhQ3IvsAsf5JRKOHDi
IUGln0j/ZS3Nj+br2nj/CUyktB4iNFFFXO7sST1pa31Nyob6DQ3x3eElcTfiRIH0
ZbfNUHfd6n2TK152J4mkwljX+C0Q0hMRM4TJCqZG6dZgRa3/aH7Hh6negKsLJmuY
Tt6/r3Bo45azlnyU/2iTe/wTxJLhMFmY19VzakPH80m+ilycdFBTZjdDZamRDCoq
vtgl3p4WptIiewYMm2BqIyJjEp7KjaygJhbefy6RWYrG9TvFAE3mS+oGVW9MoCYL
dh9NCxulerFZ
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:23:41 2024 by rpki-client on console-fra.rpki-client.org