Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/6e44b7-baff-45f3-a4e9-17f881f771cb/1/G6JE0nv5Ij2zz_On2blYbEeqppg.roa
File: G6JE0nv5Ij2zz_On2blYbEeqppg.roa (raw, json)
Hash identifier: M0PCj1CmPAzourQNM0hA7EmTPOs/pbZz9CbauzkILqk=
Subject key identifier: 1B:A2:44:D2:7B:F9:22:3D:B3:CF:F3:A7:D9:B9:58:6C:47:AA:A6:98
Certificate issuer: /CN=56641d162079efd3c560a5de9e9226b2f2f0b097
Certificate serial: 01856F8BA2566173E459BF257FF0D226909C
Authority key identifier: 56:64:1D:16:20:79:EF:D3:C5:60:A5:DE:9E:92:26:B2:F2:F0:B0:97
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VmQdFiB579PFYKXenpImsvLwsJc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2f/6e44b7-baff-45f3-a4e9-17f881f771cb/1/G6JE0nv5Ij2zz_On2blYbEeqppg.roa
Signing time: Sun 01 Jan 2023 22:55:00 +0000
ROA not before: Sun 01 Jan 2023 22:55:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 1239
IP address blocks: 188.214.157.0/24 maxlen: 24
86.105.182.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:8b:a2:56:61:73:e4:59:bf:25:7f:f0:d2:26:90:9c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=56641d162079efd3c560a5de9e9226b2f2f0b097
Validity
Not Before: Jan 1 22:55:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1ba244d27bf9223db3cff3a7d9b9586c47aaa698
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:6a:c5:a7:87:f4:74:da:67:93:54:74:ce:27:
66:9a:7f:b3:71:c7:cb:8b:45:49:ad:12:9a:0b:57:
84:84:27:54:80:6a:8c:4f:89:67:31:04:fe:e9:b8:
9a:e7:1c:f8:d8:ec:70:04:1b:35:50:8b:18:bb:18:
7b:44:e6:08:c6:1e:98:2a:77:8c:b4:89:af:91:79:
10:f2:f0:51:8f:f9:fe:3d:dc:c0:26:dc:c1:df:ec:
a7:b5:cb:05:bb:db:42:a6:93:67:ec:10:f3:b6:38:
62:a4:45:e0:f2:eb:32:72:89:7a:12:c4:cd:90:e1:
62:3e:2b:00:26:57:80:b4:11:72:e8:d8:9f:6d:1a:
85:d6:1d:ef:3a:e8:65:f2:e7:40:c7:5b:87:4d:98:
06:d5:43:48:60:db:7e:35:cd:3d:51:56:b7:62:80:
3c:86:4b:21:61:b9:ec:f2:6f:56:b7:70:07:5e:c2:
df:37:74:91:62:52:a0:a2:37:8c:62:f6:b1:d8:29:
de:f1:3d:2c:29:58:4f:19:70:28:39:3f:c9:4b:b1:
4e:76:5a:dd:8d:97:d1:75:69:e4:4a:c7:4e:bf:87:
af:b6:94:06:42:f6:03:dc:e9:5c:e7:ce:69:1a:d6:
ad:eb:d5:e3:68:4d:79:92:e5:93:10:36:39:1d:16:
69:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:A2:44:D2:7B:F9:22:3D:B3:CF:F3:A7:D9:B9:58:6C:47:AA:A6:98
X509v3 Authority Key Identifier:
keyid:56:64:1D:16:20:79:EF:D3:C5:60:A5:DE:9E:92:26:B2:F2:F0:B0:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VmQdFiB579PFYKXenpImsvLwsJc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/6e44b7-baff-45f3-a4e9-17f881f771cb/1/G6JE0nv5Ij2zz_On2blYbEeqppg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/6e44b7-baff-45f3-a4e9-17f881f771cb/1/VmQdFiB579PFYKXenpImsvLwsJc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.105.182.0/24
188.214.157.0/24
Signature Algorithm: sha256WithRSAEncryption
11:57:1a:46:99:b4:e6:13:1b:4c:56:8c:8b:3c:0e:4f:b7:dd:
18:7c:6a:b8:f1:f5:ac:62:7e:f0:df:e2:67:63:2a:5a:dc:21:
1c:38:52:78:6f:e2:d1:c8:a5:b0:8e:8a:f0:c8:96:29:92:da:
b4:ba:2a:9b:02:73:a5:0f:97:bb:1f:38:9a:55:fe:0e:24:ce:
c1:84:cd:c1:83:b4:13:eb:ef:dd:c5:e9:74:7f:8a:0e:b3:3e:
43:f7:4b:7e:3f:09:dc:72:99:0d:ba:65:ee:97:54:32:6d:8e:
4f:b9:85:7a:cc:b4:db:06:fe:d3:69:2b:0e:86:e4:4b:94:71:
92:0a:d4:9e:91:7d:ae:a9:13:86:fc:5d:ca:0a:a1:58:7c:ef:
50:b0:8b:2d:bc:18:7a:06:e0:a1:a5:dd:f2:be:1f:ab:18:dd:
4b:27:d0:bd:ae:0c:af:22:0f:88:c3:2e:35:43:25:bb:f2:13:
1f:f8:8a:e8:0c:64:1d:49:c5:36:9c:b3:30:92:15:94:bc:d0:
12:46:70:f3:80:4c:3d:f3:91:08:54:ef:69:fe:5e:77:9f:cb:
c3:5c:ca:3a:a5:30:8f:19:f9:39:b5:1d:f3:37:7f:08:92:12:
89:eb:38:81:f2:e1:25:a5:d5:8a:0e:1b:32:65:65:5e:a1:8f:
0a:a5:1d:3e
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVvi6JWYXPkWb8lf/DSJpCcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU2NjQxZDE2MjA3OWVmZDNjNTYwYTVkZTllOTIyNmIyZjJm
MGIwOTcwHhcNMjMwMTAxMjI1NTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYmEyNDRkMjdiZjkyMjNkYjNjZmYzYTdkOWI5NTg2YzQ3YWFhNjk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlGrFp4f0dNpnk1R0zidmmn+zccfL
i0VJrRKaC1eEhCdUgGqMT4lnMQT+6bia5xz42OxwBBs1UIsYuxh7ROYIxh6YKneM
tImvkXkQ8vBRj/n+PdzAJtzB3+yntcsFu9tCppNn7BDztjhipEXg8usycol6EsTN
kOFiPisAJleAtBFy6NifbRqF1h3vOuhl8udAx1uHTZgG1UNIYNt+Nc09UVa3YoA8
hkshYbns8m9Wt3AHXsLfN3SRYlKgojeMYvax2Cne8T0sKVhPGXAoOT/JS7FOdlrd
jZfRdWnkSsdOv4evtpQGQvYD3Olc585pGtat69XjaE15kuWTEDY5HRZpGQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFBuiRNJ7+SI9s8/zp9m5WGxHqqaYMB8GA1UdIwQY
MBaAFFZkHRYgee/TxWCl3p6SJrLy8LCXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVm1RZEZpQjU3OVBGWUtYZW5wSW1zdkx3c0pjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi82ZTQ0YjctYmFmZi00NWYzLWE0ZTkt
MTdmODgxZjc3MWNiLzEvRzZKRTBudjVJajJ6el9PbjJibFliRWVxcHBnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZi82ZTQ0YjctYmFmZi00NWYzLWE0ZTktMTdmODgxZjc3MWNi
LzEvVm1RZEZpQjU3OVBGWUtYZW5wSW1zdkx3c0pjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAVmm2AwQA
vNadMA0GCSqGSIb3DQEBCwUAA4IBAQARVxpGmbTmExtMVoyLPA5Pt90YfGq48fWs
Yn7w3+JnYypa3CEcOFJ4b+LRyKWwjorwyJYpktq0uiqbAnOlD5e7HziaVf4OJM7B
hM3Bg7QT6+/dxel0f4oOsz5D90t+PwnccpkNumXul1QybY5PuYV6zLTbBv7TaSsO
huRLlHGSCtSekX2uqROG/F3KCqFYfO9QsIstvBh6BuChpd3yvh+rGN1LJ9C9rgyv
Ig+Iwy41QyW78hMf+IroDGQdScU2nLMwkhWUvNASRnDzgEw985EIVO9p/l53n8vD
XMo6pTCPGfk5tR3zN38IkhKJ6ziB8uElpdWKDhsyZWVeoY8KpR0+
-----END CERTIFICATE-----
Generated at Mon Jul 24 09:09:15 2023 by rpki-client on console-fra.rpki-client.org