Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/66b74c-81c1-410e-957d-a8d65dccb96b/1/GBKu6CSTPdb-iyKYkL58MSw0onA.roa
File: GBKu6CSTPdb-iyKYkL58MSw0onA.roa (raw, json)
Hash identifier: JT3LyRQoICYN5j0XWSC+tFIGXi6tDjURBdg5pspjNDc=
Subject key identifier: 18:12:AE:E8:24:93:3D:D6:FE:8B:22:98:90:BE:7C:31:2C:34:A2:70
Certificate issuer: /CN=72e4baf99ab840129133285fe9ad7b83fd130c39
Certificate serial: 01856CE6149D905EAAF1474FAEBBB7126393
Authority key identifier: 72:E4:BA:F9:9A:B8:40:12:91:33:28:5F:E9:AD:7B:83:FD:13:0C:39
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cuS6-Zq4QBKRMyhf6a17g_0TDDk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/66b74c-81c1-410e-957d-a8d65dccb96b/1/GBKu6CSTPdb-iyKYkL58MSw0onA.roa
Signing time: Sun 01 Jan 2023 10:34:55 +0000
ROA not before: Sun 01 Jan 2023 10:34:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212228
IP address blocks: 45.11.180.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:e6:14:9d:90:5e:aa:f1:47:4f:ae:bb:b7:12:63:93
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72e4baf99ab840129133285fe9ad7b83fd130c39
Validity
Not Before: Jan 1 10:34:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1812aee824933dd6fe8b229890be7c312c34a270
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:9f:14:67:6f:32:4b:dc:e6:ed:cd:c9:25:e4:
06:e3:41:97:6a:e3:97:16:33:25:6e:96:53:50:e3:
f8:32:07:3f:ba:f3:5f:4c:fa:ca:52:a2:0a:18:3b:
57:e2:1f:8c:38:0a:ea:85:1c:f8:e7:f5:95:b8:ee:
e5:46:ae:3b:ec:4c:78:4d:0c:38:a4:3d:d0:eb:c4:
27:cd:af:19:07:5b:01:2d:f4:09:6d:8d:bc:46:39:
81:60:1c:dc:04:01:d8:5e:e3:c2:d4:c9:27:3d:2a:
3d:00:62:12:97:35:a6:6e:a6:0c:a9:2d:7b:b6:00:
3a:cb:99:7d:e0:6c:00:f2:4b:4b:f9:32:02:e5:f2:
e5:13:82:6f:9e:e0:aa:6d:0a:58:22:14:44:99:2c:
7a:66:e8:4b:ea:6c:45:c7:3c:ad:ec:51:8f:75:7a:
97:47:11:21:d1:eb:3e:97:19:9f:83:35:32:cb:1c:
c4:28:91:bd:32:cd:2c:d1:dc:a5:35:db:37:34:78:
b5:59:94:ca:ea:c9:f5:da:83:55:ba:e1:b2:03:06:
fd:5c:02:8d:30:a6:be:24:88:83:c4:ca:4b:35:74:
78:7b:d4:12:91:9b:2b:0b:95:6f:ec:df:fd:2d:dd:
66:28:a3:0c:d3:13:92:3e:73:16:5a:ad:e1:f3:3f:
05:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:12:AE:E8:24:93:3D:D6:FE:8B:22:98:90:BE:7C:31:2C:34:A2:70
X509v3 Authority Key Identifier:
keyid:72:E4:BA:F9:9A:B8:40:12:91:33:28:5F:E9:AD:7B:83:FD:13:0C:39
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cuS6-Zq4QBKRMyhf6a17g_0TDDk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/66b74c-81c1-410e-957d-a8d65dccb96b/1/GBKu6CSTPdb-iyKYkL58MSw0onA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/66b74c-81c1-410e-957d-a8d65dccb96b/1/cuS6-Zq4QBKRMyhf6a17g_0TDDk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.11.180.0/24
Signature Algorithm: sha256WithRSAEncryption
8b:90:5b:9b:16:ac:19:ed:9e:bd:6c:64:56:c9:e1:bc:f9:c4:
e9:20:a1:4c:86:c3:fc:a7:a6:d8:8b:11:13:64:d1:17:5d:b5:
f7:21:e1:af:36:98:5d:b0:46:ab:14:5f:83:a0:17:5d:91:c3:
ed:60:51:46:49:c5:d7:2c:c3:d4:d3:3e:e3:f0:3e:b1:a8:a2:
5f:02:31:be:4b:0e:04:4f:27:60:3a:6d:fb:7a:2e:ae:59:6f:
8c:03:2b:45:c4:fd:b1:b1:67:89:1a:32:0e:71:0a:3c:76:1c:
37:ab:bf:f8:5d:66:20:2b:e7:7f:f3:3d:05:9e:b1:d3:de:5d:
ba:87:0d:84:11:37:c1:c9:7a:8d:bf:13:7b:3f:ac:36:ca:ad:
9c:3f:c2:8b:84:12:cc:6d:87:25:68:31:8c:f1:9d:22:3e:4d:
c1:8f:11:5c:d8:df:98:56:c8:15:80:b2:23:30:5a:96:3d:36:
35:d5:47:ad:18:c1:9f:07:ba:31:64:7a:44:ce:fc:a7:04:c1:
08:9e:9b:63:86:f7:22:97:4b:34:b6:aa:41:f1:29:0f:83:d4:
1c:d7:fd:b4:94:0a:c9:f6:74:62:81:a2:5e:fb:54:24:80:fe:
d5:41:24:af:ba:78:35:11:f3:4d:73:57:77:34:93:17:ac:36:
f1:39:1d:15
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVs5hSdkF6q8UdPrru3EmOTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyZTRiYWY5OWFiODQwMTI5MTMzMjg1ZmU5YWQ3YjgzZmQx
MzBjMzkwHhcNMjMwMTAxMTAzNDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxODEyYWVlODI0OTMzZGQ2ZmU4YjIyOTg5MGJlN2MzMTJjMzRhMjcwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtJ8UZ28yS9zm7c3JJeQG40GXauOX
FjMlbpZTUOP4Mgc/uvNfTPrKUqIKGDtX4h+MOArqhRz45/WVuO7lRq477Ex4TQw4
pD3Q68Qnza8ZB1sBLfQJbY28RjmBYBzcBAHYXuPC1MknPSo9AGISlzWmbqYMqS17
tgA6y5l94GwA8ktL+TIC5fLlE4JvnuCqbQpYIhREmSx6ZuhL6mxFxzyt7FGPdXqX
RxEh0es+lxmfgzUyyxzEKJG9Ms0s0dylNds3NHi1WZTK6sn12oNVuuGyAwb9XAKN
MKa+JIiDxMpLNXR4e9QSkZsrC5Vv7N/9Ld1mKKMM0xOSPnMWWq3h8z8FBQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBgSrugkkz3W/osimJC+fDEsNKJwMB8GA1UdIwQY
MBaAFHLkuvmauEASkTMoX+mte4P9Eww5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY3VTNi1acTRRQktSTXloZjZhMTdnXzBURERrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi82NmI3NGMtODFjMS00MTBlLTk1N2Qt
YThkNjVkY2NiOTZiLzEvR0JLdTZDU1RQZGItaXlLWWtMNThNU3cwb25BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi82NmI3NGMtODFjMS00MTBlLTk1N2QtYThkNjVkY2NiOTZi
LzEvY3VTNi1acTRRQktSTXloZjZhMTdnXzBURERrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALQu0MA0G
CSqGSIb3DQEBCwUAA4IBAQCLkFubFqwZ7Z69bGRWyeG8+cTpIKFMhsP8p6bYixET
ZNEXXbX3IeGvNphdsEarFF+DoBddkcPtYFFGScXXLMPU0z7j8D6xqKJfAjG+Sw4E
TydgOm37ei6uWW+MAytFxP2xsWeJGjIOcQo8dhw3q7/4XWYgK+d/8z0FnrHT3l26
hw2EETfByXqNvxN7P6w2yq2cP8KLhBLMbYclaDGM8Z0iPk3BjxFc2N+YVsgVgLIj
MFqWPTY11UetGMGfB7oxZHpEzvynBMEInptjhvcil0s0tqpB8SkPg9Qc1/20lArJ
9nRigaJe+1QkgP7VQSSvung1EfNNc1d3NJMXrDbxOR0V
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:02:46 2024 by rpki-client on console-ams.rpki-client.org