Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/ca9dbe-0095-40f3-b932-0d8f7dd8cce6/1/GTJ59OlnzbSK_GGINZEGCU7pMmg.roa
File: GTJ59OlnzbSK_GGINZEGCU7pMmg.roa (raw, json)
Hash identifier: 8Yt8g0vO3F9Vs3OmSGNWVCT2tnO5dDPeBB6qSVacxsY=
Subject key identifier: 19:32:79:F4:E9:67:CD:B4:8A:FC:61:88:35:91:06:09:4E:E9:32:68
Certificate issuer: /CN=a9807f6d50d97d971dcf2e2e5064e9b907adb3ec
Certificate serial: 018BB3E91014C2AD288D8DB5AA25B6F0165B
Authority key identifier: A9:80:7F:6D:50:D9:7D:97:1D:CF:2E:2E:50:64:E9:B9:07:AD:B3:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qYB_bVDZfZcdzy4uUGTpuQets-w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/ca9dbe-0095-40f3-b932-0d8f7dd8cce6/1/GTJ59OlnzbSK_GGINZEGCU7pMmg.roa
Signing time: Thu 09 Nov 2023 11:47:57 +0000
ROA not before: Thu 09 Nov 2023 11:47:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 13285
IP address blocks: 78.144.0.0/13 maxlen: 24
2.96.0.0/13 maxlen: 24
217.68.128.0/20 maxlen: 24
185.173.120.0/22 maxlen: 24
92.0.0.0/11 maxlen: 24
62.24.128.0/17 maxlen: 24
89.240.0.0/14 maxlen: 24
212.139.24.0/24 maxlen: 24
212.139.148.0/22 maxlen: 22
91.146.112.0/21 maxlen: 24
62.241.160.0/19 maxlen: 24
185.173.116.0/22 maxlen: 24
185.112.212.0/22 maxlen: 24
217.8.0.0/19 maxlen: 24
212.139.133.0/24 maxlen: 24
2001:4a00::/27 maxlen: 27
2a00:4340::/32 maxlen: 32
2001:7e0::/32 maxlen: 32
2a0b:e900::/29 maxlen: 29
2a0b:db00::/29 maxlen: 29
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:b3:e9:10:14:c2:ad:28:8d:8d:b5:aa:25:b6:f0:16:5b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a9807f6d50d97d971dcf2e2e5064e9b907adb3ec
Validity
Not Before: Nov 9 11:47:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=193279f4e967cdb48afc6188359106094ee93268
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:80:6c:77:d1:04:57:92:0f:2a:8c:2c:8c:ec:
e7:f4:b9:2f:88:f6:59:16:4a:a0:84:ea:03:8e:f5:
ec:88:b9:f7:c0:ea:8c:6d:17:25:1d:b8:dd:ef:39:
7e:41:3e:ae:e4:16:b4:96:e5:65:52:1a:92:dc:60:
af:af:d2:0d:81:4a:9b:59:4f:a9:a0:80:cb:b5:ab:
2a:59:5f:6e:f3:98:ae:f8:76:2f:e8:72:70:45:6c:
8b:0c:c3:f9:5f:42:a2:7c:c2:2e:14:90:53:90:22:
d3:81:9b:3f:fd:1c:11:ee:a5:69:8a:56:9f:2c:a5:
01:92:f4:04:9b:6b:1e:ed:a6:70:cb:9e:60:f0:6b:
03:ac:41:c7:b8:78:2b:20:81:0e:4a:08:41:6f:d1:
7f:54:db:15:ff:cd:a6:1b:3b:43:64:e3:d7:24:0d:
fd:4b:df:e3:ed:65:63:a1:58:c2:01:aa:15:98:eb:
e5:f8:8f:11:ab:01:5a:5e:a8:f0:0f:2d:0e:ce:8b:
b2:df:c7:83:46:e3:b4:ca:89:5c:90:8b:ea:33:1b:
d1:a3:c4:2d:e3:48:8b:64:2e:f7:72:6c:b0:f6:49:
97:b4:cf:0e:9d:50:06:06:ef:bc:6d:38:3c:76:7f:
fd:d4:e4:89:6e:b3:43:5d:35:b9:4c:10:e2:86:01:
3c:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:32:79:F4:E9:67:CD:B4:8A:FC:61:88:35:91:06:09:4E:E9:32:68
X509v3 Authority Key Identifier:
keyid:A9:80:7F:6D:50:D9:7D:97:1D:CF:2E:2E:50:64:E9:B9:07:AD:B3:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qYB_bVDZfZcdzy4uUGTpuQets-w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/ca9dbe-0095-40f3-b932-0d8f7dd8cce6/1/GTJ59OlnzbSK_GGINZEGCU7pMmg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/ca9dbe-0095-40f3-b932-0d8f7dd8cce6/1/qYB_bVDZfZcdzy4uUGTpuQets-w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.96.0.0/13
62.24.128.0/17
62.241.160.0/19
78.144.0.0/13
89.240.0.0/14
91.146.112.0/21
92.0.0.0/11
185.112.212.0/22
185.173.116.0-185.173.123.255
212.139.24.0/24
212.139.133.0/24
212.139.148.0/22
217.8.0.0/19
217.68.128.0/20
IPv6:
2001:7e0::/32
2001:4a00::/27
2a00:4340::/32
2a0b:db00::/29
2a0b:e900::/29
Signature Algorithm: sha256WithRSAEncryption
87:7a:5c:a2:6a:63:be:ca:5c:e8:61:1f:f1:db:e0:a1:15:41:
76:48:f7:05:d0:73:06:ef:e3:f5:95:7c:20:e6:2c:a4:31:a6:
fb:bc:81:74:80:9e:7e:48:09:c5:80:09:1e:3d:86:a5:54:6f:
4e:d7:52:33:c7:8e:d9:b9:64:0c:01:52:0e:fc:f8:1d:80:19:
a1:b0:59:68:5c:ed:be:01:dc:eb:80:f0:2c:21:b1:66:6a:e7:
5c:d9:dd:3b:2d:06:32:8a:64:d9:67:6b:42:41:4e:3f:0f:e2:
0e:09:30:bc:fa:52:5c:bf:4d:71:3d:8c:b9:67:d4:22:24:23:
23:5f:f5:37:62:c2:c4:c9:ff:dc:8f:6f:16:6b:b1:ad:c9:b6:
48:2f:eb:e2:02:19:06:a4:8f:f4:72:56:e2:8d:47:70:3d:98:
b9:2b:47:2e:7e:7d:88:4c:7b:9b:d4:16:63:38:a3:b5:f5:6b:
38:b6:94:19:a0:5e:1a:86:cc:67:d9:34:77:6f:51:a2:7d:a2:
87:99:a8:75:22:d1:c6:48:a2:4f:55:a7:c2:6a:57:46:09:bd:
a1:d2:a1:ce:25:eb:69:6b:69:a8:49:df:4b:50:6d:8c:c9:e7:
5d:8e:1e:e9:e2:5d:a2:b6:20:1d:28:7b:96:91:91:df:ea:ab:
c2:80:df:c6
-----BEGIN CERTIFICATE-----
MIIFfTCCBGWgAwIBAgISAYuz6RAUwq0ojY21qiW28BZbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE5ODA3ZjZkNTBkOTdkOTcxZGNmMmUyZTUwNjRlOWI5MDdh
ZGIzZWMwHhcNMjMxMTA5MTE0NzU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxOTMyNzlmNGU5NjdjZGI0OGFmYzYxODgzNTkxMDYwOTRlZTkzMjY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjoBsd9EEV5IPKowsjOzn9LkviPZZ
FkqghOoDjvXsiLn3wOqMbRclHbjd7zl+QT6u5Ba0luVlUhqS3GCvr9INgUqbWU+p
oIDLtasqWV9u85iu+HYv6HJwRWyLDMP5X0KifMIuFJBTkCLTgZs//RwR7qVpilaf
LKUBkvQEm2se7aZwy55g8GsDrEHHuHgrIIEOSghBb9F/VNsV/82mGztDZOPXJA39
S9/j7WVjoVjCAaoVmOvl+I8RqwFaXqjwDy0Ozouy38eDRuO0yolckIvqMxvRo8Qt
40iLZC73cmyw9kmXtM8OnVAGBu+8bTg8dn/91OSJbrNDXTW5TBDihgE8GQIDAQAB
o4ICiTCCAoUwHQYDVR0OBBYEFBkyefTpZ820ivxhiDWRBglO6TJoMB8GA1UdIwQY
MBaAFKmAf21Q2X2XHc8uLlBk6bkHrbPsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcVlCX2JWRFpmWmNkenk0dVVHVHB1UWV0cy13LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi9jYTlkYmUtMDA5NS00MGYzLWI5MzIt
MGQ4ZjdkZDhjY2U2LzEvR1RKNTlPbG56YlNLX0dHSU5aRUdDVTdwTW1nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi9jYTlkYmUtMDA5NS00MGYzLWI5MzItMGQ4ZjdkZDhjY2U2
LzEvcVlCX2JWRFpmWmNkenk0dVVHVHB1UWV0cy13LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGeBggrBgEFBQcBBwEB/wSBjjCBizBeBAIAATBYAwMDAmAD
BAc+GIADBAU+8aADAwNOkAMDAlnwAwQDW5JwAwMFXAADBAK5cNQwDAMEArmtdAME
ArmteAMEANSLGAMEANSLhQMEAtSLlAMEBdkIAAMEBNlEgDApBAIAAjAjAwUAIAEH
4AMFBSABSgADBQAqAENAAwUDKgvbAAMFAyoL6QAwDQYJKoZIhvcNAQELBQADggEB
AId6XKJqY77KXOhhH/Hb4KEVQXZI9wXQcwbv4/WVfCDmLKQxpvu8gXSAnn5ICcWA
CR49hqVUb07XUjPHjtm5ZAwBUg78+B2AGaGwWWhc7b4B3OuA8CwhsWZq51zZ3Tst
BjKKZNlna0JBTj8P4g4JMLz6Uly/TXE9jLln1CIkIyNf9TdiwsTJ/9yPbxZrsa3J
tkgv6+ICGQakj/RyVuKNR3A9mLkrRy5+fYhMe5vUFmM4o7X1azi2lBmgXhqGzGfZ
NHdvUaJ9ooeZqHUi0cZIok9Vp8JqV0YJvaHSoc4l62lraahJ30tQbYzJ512OHuni
XaK2IB0oe5aRkd/qq8KA38Y=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:23:44 2024 by rpki-client on console-fra.rpki-client.org