Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/a97e21-b5fe-4a56-a98a-bdd4af5f35d1/1/GCb4b5LlRCp6blJEojNgnomukis.roa
File: GCb4b5LlRCp6blJEojNgnomukis.roa (raw, json)
Hash identifier: urOri+cldJVrRA7c+yyjhYufF/MP0U8c6A3s07CXQus=
Subject key identifier: 18:26:F8:6F:92:E5:44:2A:7A:6E:52:44:A2:33:60:9E:89:AE:92:2B
Certificate issuer: /CN=f1479b83c520d784445c24828bab633f0d702cf3
Certificate serial: 018842585333B17DF712B645F1E8A8E9F4C7
Authority key identifier: F1:47:9B:83:C5:20:D7:84:44:5C:24:82:8B:AB:63:3F:0D:70:2C:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8Uebg8Ug14REXCSCi6tjPw1wLPM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/a97e21-b5fe-4a56-a98a-bdd4af5f35d1/1/GCb4b5LlRCp6blJEojNgnomukis.roa
Signing time: Mon 22 May 2023 07:24:24 +0000
ROA not before: Mon 22 May 2023 07:24:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8399
IP address blocks: 37.97.64.0/19 maxlen: 19
185.24.140.0/22 maxlen: 22
185.218.208.0/22 maxlen: 22
88.213.224.0/19 maxlen: 19
37.97.69.0/24 maxlen: 24
37.97.70.0/24 maxlen: 24
217.181.128.0/17 maxlen: 17
37.97.80.0/23 maxlen: 23
185.6.92.0/22 maxlen: 22
178.255.160.0/21 maxlen: 21
37.97.96.0/20 maxlen: 20
195.135.0.0/17 maxlen: 17
217.74.96.0/20 maxlen: 20
195.135.0.0/18 maxlen: 18
185.65.248.0/22 maxlen: 22
157.143.128.0/17 maxlen: 17
81.93.0.0/19 maxlen: 19
217.181.250.0/23 maxlen: 23
109.235.232.0/21 maxlen: 21
109.235.233.0/24 maxlen: 24
109.235.232.0/24 maxlen: 24
109.235.239.0/24 maxlen: 24
185.32.208.0/22 maxlen: 22
80.251.96.0/20 maxlen: 20
178.157.16.0/20 maxlen: 20
195.135.48.0/24 maxlen: 24
178.157.32.0/20 maxlen: 20
65.39.64.0/19 maxlen: 19
185.8.252.0/22 maxlen: 22
185.42.176.0/22 maxlen: 22
2a0c:600::/29 maxlen: 29
2a02:c440::/29 maxlen: 29
2a02:6e8::/32 maxlen: 32
2a0b:e3c0::/29 maxlen: 29
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:42:58:53:33:b1:7d:f7:12:b6:45:f1:e8:a8:e9:f4:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f1479b83c520d784445c24828bab633f0d702cf3
Validity
Not Before: May 22 07:24:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1826f86f92e5442a7a6e5244a233609e89ae922b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:c0:8f:c7:7d:ae:80:0d:2b:90:c1:25:7b:5b:
57:0c:8f:26:a6:4d:d1:45:b1:92:92:5e:f7:93:f3:
cd:b9:b8:72:af:30:35:b2:32:ed:f9:58:b6:4d:ba:
e1:e6:9c:cd:44:2d:ed:20:67:d4:30:3e:2d:bb:60:
d0:1c:75:48:88:c4:b5:7e:6b:b4:f3:a7:bc:28:b5:
a9:99:96:d3:9d:26:77:40:97:22:93:69:98:09:5c:
d4:38:fb:16:b6:ac:11:58:7c:02:65:09:60:0b:88:
72:89:4b:7f:2b:d7:5a:9d:23:36:22:3d:67:0a:b0:
d4:bf:94:cc:46:76:86:10:39:0b:81:f4:aa:3f:87:
3c:92:85:74:0b:e5:3f:d7:5a:12:f9:1f:f9:5c:ea:
08:98:5e:b6:51:d0:93:4d:f0:5a:fc:19:1d:cf:35:
23:97:b3:95:22:fe:a4:0a:18:ce:7f:68:eb:0c:bc:
b8:52:b1:4b:ff:47:9b:4d:9f:73:f4:c4:07:85:c4:
a4:72:91:7b:44:94:22:63:95:b0:a1:0d:91:79:c2:
98:15:eb:0b:3e:59:6f:77:c3:f5:db:ca:16:52:1b:
e5:2f:81:c3:fd:1a:de:1a:9b:a4:cb:06:f8:10:25:
fe:8c:39:47:27:0a:f4:7d:a4:df:1d:27:20:c3:13:
b8:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:26:F8:6F:92:E5:44:2A:7A:6E:52:44:A2:33:60:9E:89:AE:92:2B
X509v3 Authority Key Identifier:
keyid:F1:47:9B:83:C5:20:D7:84:44:5C:24:82:8B:AB:63:3F:0D:70:2C:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8Uebg8Ug14REXCSCi6tjPw1wLPM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/a97e21-b5fe-4a56-a98a-bdd4af5f35d1/1/GCb4b5LlRCp6blJEojNgnomukis.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/a97e21-b5fe-4a56-a98a-bdd4af5f35d1/1/8Uebg8Ug14REXCSCi6tjPw1wLPM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.97.64.0-37.97.111.255
65.39.64.0/19
80.251.96.0/20
81.93.0.0/19
88.213.224.0/19
109.235.232.0/21
157.143.128.0/17
178.157.16.0-178.157.47.255
178.255.160.0/21
185.6.92.0/22
185.8.252.0/22
185.24.140.0/22
185.32.208.0/22
185.42.176.0/22
185.65.248.0/22
185.218.208.0/22
195.135.0.0/17
217.74.96.0/20
217.181.128.0/17
IPv6:
2a02:6e8::/32
2a02:c440::/29
2a0b:e3c0::/29
2a0c:600::/29
Signature Algorithm: sha256WithRSAEncryption
05:e5:b9:91:85:cf:4c:47:2f:1f:44:d9:1b:a2:d4:37:ae:d4:
fd:69:f3:4e:bd:dc:85:c0:82:73:24:a2:65:0b:cc:e9:a6:7b:
c0:21:55:e7:50:63:18:7c:97:da:57:7d:9b:7c:9e:52:25:93:
e7:ba:c4:7a:d4:23:dd:e4:d2:78:58:a1:7b:58:62:3d:13:2b:
50:47:e6:44:98:71:86:0c:31:f2:29:7f:6d:bc:6d:6f:85:a0:
9a:cd:94:72:3d:ea:5a:c3:35:f6:30:b1:1c:26:7c:d3:3b:d0:
b1:79:db:a3:63:d3:72:3f:f9:b4:1c:9b:46:7f:20:bf:f0:f8:
de:c9:bc:4b:dd:5b:7f:19:33:6d:b7:4f:66:df:04:cd:17:cb:
86:18:cb:50:02:4d:50:1a:af:ef:e9:03:08:9b:d5:3d:21:87:
86:2c:71:38:63:90:47:47:96:06:1a:28:e0:e5:3e:09:55:09:
29:c1:28:08:22:08:a4:a6:3d:b6:47:21:04:f5:56:00:67:c7:
52:8c:23:87:37:70:44:7b:06:6e:13:46:d9:71:de:32:51:c5:
48:e1:d4:73:95:76:73:39:ff:f9:38:fa:ea:f9:ca:d9:0a:1b:
5e:00:3e:ab:67:4d:66:7b:1f:0a:d3:16:37:e8:8f:57:29:40:
85:28:77:23
-----BEGIN CERTIFICATE-----
MIIFojCCBIqgAwIBAgISAYhCWFMzsX33ErZF8eio6fTHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxNDc5YjgzYzUyMGQ3ODQ0NDVjMjQ4MjhiYWI2MzNmMGQ3
MDJjZjMwHhcNMjMwNTIyMDcyNDI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxODI2Zjg2ZjkyZTU0NDJhN2E2ZTUyNDRhMjMzNjA5ZTg5YWU5MjJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAisCPx32ugA0rkMEle1tXDI8mpk3R
RbGSkl73k/PNubhyrzA1sjLt+Vi2Tbrh5pzNRC3tIGfUMD4tu2DQHHVIiMS1fmu0
86e8KLWpmZbTnSZ3QJcik2mYCVzUOPsWtqwRWHwCZQlgC4hyiUt/K9danSM2Ij1n
CrDUv5TMRnaGEDkLgfSqP4c8koV0C+U/11oS+R/5XOoImF62UdCTTfBa/BkdzzUj
l7OVIv6kChjOf2jrDLy4UrFL/0ebTZ9z9MQHhcSkcpF7RJQiY5WwoQ2RecKYFesL
Pllvd8P128oWUhvlL4HD/RreGpukywb4ECX+jDlHJwr0faTfHScgwxO43QIDAQAB
o4ICrjCCAqowHQYDVR0OBBYEFBgm+G+S5UQqem5SRKIzYJ6JrpIrMB8GA1UdIwQY
MBaAFPFHm4PFINeERFwkgourYz8NcCzzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOFVlYmc4VWcxNFJFWENTQ2k2dGpQdzF3TFBNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi9hOTdlMjEtYjVmZS00YTU2LWE5OGEt
YmRkNGFmNWYzNWQxLzEvR0NiNGI1TGxSQ3A2YmxKRW9qTmdub211a2lzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi9hOTdlMjEtYjVmZS00YTU2LWE5OGEtYmRkNGFmNWYzNWQx
LzEvOFVlYmc4VWcxNFJFWENTQ2k2dGpQdzF3TFBNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHDBggrBgEFBQcBBwEB/wSBszCBsDCBiQQCAAEwgYIwDAME
BiVhQAMEBCVhYAMEBUEnQAMEBFD7YAMEBVFdAAMEBVjV4AMEA23r6AMEB52PgDAM
AwQEsp0QAwQEsp0gAwQDsv+gAwQCuQZcAwQCuQj8AwQCuRiMAwQCuSDQAwQCuSqw
AwQCuUH4AwQCudrQAwQHw4cAAwQE2UpgAwQH2bWAMCIEAgACMBwDBQAqAgboAwUD
KgLEQAMFAyoL48ADBQMqDAYAMA0GCSqGSIb3DQEBCwUAA4IBAQAF5bmRhc9MRy8f
RNkbotQ3rtT9afNOvdyFwIJzJKJlC8zppnvAIVXnUGMYfJfaV32bfJ5SJZPnusR6
1CPd5NJ4WKF7WGI9EytQR+ZEmHGGDDHyKX9tvG1vhaCazZRyPepawzX2MLEcJnzT
O9CxedujY9NyP/m0HJtGfyC/8PjeybxL3Vt/GTNtt09m3wTNF8uGGMtQAk1QGq/v
6QMIm9U9IYeGLHE4Y5BHR5YGGijg5T4JVQkpwSgIIgikpj22RyEE9VYAZ8dSjCOH
N3BEewZuE0bZcd4yUcVI4dRzlXZzOf/5OPrq+crZChteAD6rZ01mex8K0xY36I9X
KUCFKHcj
-----END CERTIFICATE-----
Generated at Sun Apr 20 00:08:47 2025 by rpki-client