Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/6e44b7-baff-45f3-a4e9-17f881f771cb/1/GobucKUyiHHivVmJiAoH2vERfaM.roa
File: GobucKUyiHHivVmJiAoH2vERfaM.roa (raw, json)
Hash identifier: CapjAiKsfn5EvRYjho4zPiv/g9MQkoG34Wu2N8cD+LQ=
Subject key identifier: 1A:86:EE:70:A5:32:88:71:E2:BD:59:89:88:0A:07:DA:F1:11:7D:A3
Certificate issuer: /CN=56641d162079efd3c560a5de9e9226b2f2f0b097
Certificate serial: 0189870C8B6009BE5150804E86D62B4B292D
Authority key identifier: 56:64:1D:16:20:79:EF:D3:C5:60:A5:DE:9E:92:26:B2:F2:F0:B0:97
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VmQdFiB579PFYKXenpImsvLwsJc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2f/6e44b7-baff-45f3-a4e9-17f881f771cb/1/GobucKUyiHHivVmJiAoH2vERfaM.roa
Signing time: Mon 24 Jul 2023 08:38:13 +0000
ROA not before: Mon 24 Jul 2023 08:38:13 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 1239
IP address blocks: 188.214.157.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:87:0c:8b:60:09:be:51:50:80:4e:86:d6:2b:4b:29:2d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=56641d162079efd3c560a5de9e9226b2f2f0b097
Validity
Not Before: Jul 24 08:38:13 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1a86ee70a5328871e2bd5989880a07daf1117da3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:9d:9f:c9:ac:24:4c:a9:ed:47:0f:4f:f0:45:
ce:27:74:19:da:d7:50:a4:ed:6e:ef:4b:5f:f7:60:
c2:d2:80:1e:c4:35:61:46:98:da:7d:ac:c2:5e:6a:
01:0e:a0:25:88:ed:d9:ee:46:bb:3e:57:88:54:10:
e2:3d:b5:e3:29:8b:5b:5e:2a:46:3a:59:bd:b1:8f:
05:67:93:4b:c1:0a:d0:65:71:1c:20:27:38:58:3f:
16:85:91:8c:e7:1c:b6:f6:21:0a:6f:a1:dc:de:a8:
bc:bd:ef:a5:d7:e7:d1:02:a6:f3:db:2b:23:72:c0:
c6:02:36:82:ae:a3:c7:cd:b6:73:4a:0a:d6:1a:59:
7b:41:61:66:9c:e5:ba:f6:50:b9:39:a8:5b:a6:c1:
2a:2f:95:23:de:4c:cc:1f:6c:d1:e7:e2:63:d3:23:
67:dc:80:5a:9c:bc:21:c4:e8:07:6e:3e:de:49:45:
0d:fe:45:d9:18:0d:1c:d6:4b:98:56:af:48:d9:d3:
5d:9c:f7:03:80:81:b3:89:11:f9:2d:e8:a8:43:e5:
80:bb:85:0a:0d:0c:d0:0c:a5:9a:b5:b2:98:78:a5:
3c:0b:8f:cf:4e:9f:59:d3:16:90:68:8d:6e:93:ed:
f6:04:3c:48:2e:7f:3e:0e:58:b4:6d:b2:f8:1e:1a:
dc:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:86:EE:70:A5:32:88:71:E2:BD:59:89:88:0A:07:DA:F1:11:7D:A3
X509v3 Authority Key Identifier:
keyid:56:64:1D:16:20:79:EF:D3:C5:60:A5:DE:9E:92:26:B2:F2:F0:B0:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VmQdFiB579PFYKXenpImsvLwsJc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/6e44b7-baff-45f3-a4e9-17f881f771cb/1/GobucKUyiHHivVmJiAoH2vERfaM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/6e44b7-baff-45f3-a4e9-17f881f771cb/1/VmQdFiB579PFYKXenpImsvLwsJc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.214.157.0/24
Signature Algorithm: sha256WithRSAEncryption
2b:e6:c3:e8:45:f0:a0:76:77:83:54:f7:9e:01:d3:4c:0a:06:
e5:28:ee:f1:00:fb:fc:b0:a7:57:e0:97:a1:f9:98:43:41:10:
b6:88:59:23:2f:3a:cb:27:82:21:bf:27:6f:83:ee:dc:ba:63:
3c:9e:64:75:52:82:e0:2c:e4:5d:2d:c7:fe:5f:ba:8a:38:20:
7b:4d:71:39:7c:2f:b9:d6:d8:98:0d:fe:15:63:bb:ed:06:9e:
4d:10:b0:74:2e:d7:ba:70:61:b6:a2:e7:58:f1:57:d3:47:82:
4d:6b:b8:49:b9:3c:d9:5c:fd:60:f4:9b:f3:33:28:cb:87:5e:
9e:89:84:8f:d9:8b:9f:db:05:86:74:41:e7:1f:6b:29:ad:a8:
b5:b5:22:19:81:21:9f:b4:c7:66:0a:08:3b:20:ca:a7:b3:f2:
45:a5:8b:a3:99:6f:e5:25:99:29:ee:2d:41:f9:66:6d:d6:fd:
74:75:e8:f0:c8:fe:4a:f0:46:1d:25:f8:54:a1:15:a7:8b:c4:
11:c7:80:1a:f7:6c:f8:0a:64:46:76:0b:12:4a:fc:79:ec:c0:
c8:0c:e4:14:45:10:a9:ec:a1:3b:61:80:92:79:60:48:9c:ea:
42:6e:11:8b:c0:a3:71:b6:af:3c:c3:b6:cf:99:0a:a3:f9:63:
9f:9c:07:99
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYmHDItgCb5RUIBOhtYrSyktMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU2NjQxZDE2MjA3OWVmZDNjNTYwYTVkZTllOTIyNmIyZjJm
MGIwOTcwHhcNMjMwNzI0MDgzODEzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYTg2ZWU3MGE1MzI4ODcxZTJiZDU5ODk4ODBhMDdkYWYxMTE3ZGEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh52fyawkTKntRw9P8EXOJ3QZ2tdQ
pO1u70tf92DC0oAexDVhRpjafazCXmoBDqAliO3Z7ka7PleIVBDiPbXjKYtbXipG
Olm9sY8FZ5NLwQrQZXEcICc4WD8WhZGM5xy29iEKb6Hc3qi8ve+l1+fRAqbz2ysj
csDGAjaCrqPHzbZzSgrWGll7QWFmnOW69lC5OahbpsEqL5Uj3kzMH2zR5+Jj0yNn
3IBanLwhxOgHbj7eSUUN/kXZGA0c1kuYVq9I2dNdnPcDgIGziRH5LeioQ+WAu4UK
DQzQDKWatbKYeKU8C4/PTp9Z0xaQaI1uk+32BDxILn8+Dli0bbL4HhrcVQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBqG7nClMohx4r1ZiYgKB9rxEX2jMB8GA1UdIwQY
MBaAFFZkHRYgee/TxWCl3p6SJrLy8LCXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVm1RZEZpQjU3OVBGWUtYZW5wSW1zdkx3c0pjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi82ZTQ0YjctYmFmZi00NWYzLWE0ZTkt
MTdmODgxZjc3MWNiLzEvR29idWNLVXlpSEhpdlZtSmlBb0gydkVSZmFNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZi82ZTQ0YjctYmFmZi00NWYzLWE0ZTktMTdmODgxZjc3MWNi
LzEvVm1RZEZpQjU3OVBGWUtYZW5wSW1zdkx3c0pjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAvNadMA0G
CSqGSIb3DQEBCwUAA4IBAQAr5sPoRfCgdneDVPeeAdNMCgblKO7xAPv8sKdX4Jeh
+ZhDQRC2iFkjLzrLJ4Ihvydvg+7cumM8nmR1UoLgLORdLcf+X7qKOCB7TXE5fC+5
1tiYDf4VY7vtBp5NELB0Lte6cGG2oudY8VfTR4JNa7hJuTzZXP1g9JvzMyjLh16e
iYSP2Yuf2wWGdEHnH2sprai1tSIZgSGftMdmCgg7IMqns/JFpYujmW/lJZkp7i1B
+WZt1v10dejwyP5K8EYdJfhUoRWni8QRx4Aa92z4CmRGdgsSSvx57MDIDOQURRCp
7KE7YYCSeWBInOpCbhGLwKNxtq88w7bPmQqj+WOfnAeZ
-----END CERTIFICATE-----
Generated at Wed Aug 2 12:40:08 2023 by rpki-client on console-fra.rpki-client.org