Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/41f6f5-cef0-4a57-8e47-0a85986208a9/1/j5469VF5Me_gosLGgTlMnTyNfM8.roa
File: j5469VF5Me_gosLGgTlMnTyNfM8.roa (raw, json)
Hash identifier: 0aLQA0IvDyQ2bJvOcKry1RcPgBSVVzoMZxtRuVE6N5I=
Subject key identifier: 8F:9E:3A:F5:51:79:31:EF:E0:A2:C2:C6:81:39:4C:9D:3C:8D:7C:CF
Certificate issuer: /CN=5f51bcd89eb7f5b3ab08806ef51a7c2f6eb98efc
Certificate serial: 01852E828CB77DE4F7C25F68C016E3D97912
Authority key identifier: 5F:51:BC:D8:9E:B7:F5:B3:AB:08:80:6E:F5:1A:7C:2F:6E:B9:8E:FC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/X1G82J639bOrCIBu9Rp8L265jvw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/42/41f6f5-cef0-4a57-8e47-0a85986208a9/1/j5469VF5Me_gosLGgTlMnTyNfM8.roa
Signing time: Tue 20 Dec 2022 07:49:45 +0000
ROA not before: Tue 20 Dec 2022 07:49:45 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 31732
IP address blocks: 109.95.60.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:2e:82:8c:b7:7d:e4:f7:c2:5f:68:c0:16:e3:d9:79:12
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5f51bcd89eb7f5b3ab08806ef51a7c2f6eb98efc
Validity
Not Before: Dec 20 07:49:45 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=8f9e3af5517931efe0a2c2c681394c9d3c8d7ccf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:1c:42:8c:fa:ab:84:56:a1:c7:81:53:5d:10:
12:a9:b1:9a:62:4f:31:00:dd:d4:41:0a:5f:6f:80:
0f:31:59:ba:8e:b8:5e:bc:35:38:f7:b1:11:44:68:
0f:cd:75:59:23:7c:73:bf:0b:8a:b8:8f:d8:3a:05:
c8:6c:16:29:93:f7:52:df:d5:11:fd:69:ba:a0:64:
07:2a:23:9f:ac:a8:74:71:db:fe:d6:30:f9:6d:c6:
09:cb:d3:38:94:9c:bc:cf:20:a4:5b:58:89:50:57:
a7:1b:dc:0d:c0:c0:b5:c8:ab:ec:21:0b:74:78:c8:
5d:23:a4:72:ae:8c:09:98:1e:91:4f:dd:18:2a:73:
c2:5d:c8:28:b5:b6:aa:5b:2f:8a:6c:c3:52:fa:83:
46:9e:c7:83:b7:ab:0f:f9:d9:6c:47:ba:b1:41:d2:
52:5f:dc:bd:6b:2a:cc:a8:88:1d:40:63:8b:29:d7:
7e:31:ef:33:98:85:23:2f:a3:ac:1e:4a:83:d8:b9:
49:68:d1:a3:a1:30:e5:75:13:14:75:6c:9f:fb:09:
24:49:0a:b2:56:b9:a9:1d:43:62:bb:6d:f1:85:ff:
8b:ed:ec:6f:a6:4b:d2:65:ae:d8:c0:87:21:cd:7f:
3d:33:56:73:54:75:69:13:02:64:76:bd:6b:eb:07:
3b:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:9E:3A:F5:51:79:31:EF:E0:A2:C2:C6:81:39:4C:9D:3C:8D:7C:CF
X509v3 Authority Key Identifier:
keyid:5F:51:BC:D8:9E:B7:F5:B3:AB:08:80:6E:F5:1A:7C:2F:6E:B9:8E:FC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/X1G82J639bOrCIBu9Rp8L265jvw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/41f6f5-cef0-4a57-8e47-0a85986208a9/1/j5469VF5Me_gosLGgTlMnTyNfM8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/42/41f6f5-cef0-4a57-8e47-0a85986208a9/1/X1G82J639bOrCIBu9Rp8L265jvw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.95.60.0/22
Signature Algorithm: sha256WithRSAEncryption
45:29:d0:0a:6b:d6:20:20:38:66:b7:41:44:15:03:19:18:e9:
15:33:bd:90:5d:1f:3d:c5:dc:fe:f6:34:ef:e7:7c:ba:46:20:
b8:61:06:4b:8c:1b:40:e5:7a:e5:29:2c:f9:e6:77:cc:78:e1:
97:ba:a0:ba:c0:6b:9f:ae:4a:b4:fa:93:a3:07:57:ba:a3:f0:
35:97:c3:08:d9:80:c1:18:21:50:89:5c:1c:90:36:df:50:1f:
b4:f5:77:7a:0b:fa:f5:38:00:38:31:b0:95:6f:1a:d1:95:90:
ed:15:ed:0f:00:52:97:ba:65:c6:c0:5b:28:ec:e3:8c:3b:b7:
5c:75:e6:3b:56:d7:d3:9a:92:b4:80:53:0e:c9:f8:80:03:dd:
c1:e9:3d:ef:10:cd:dd:df:f0:3b:7f:30:07:5e:89:a3:15:fa:
66:8a:3e:8c:8a:8b:f8:c0:bf:d6:6e:e4:b8:fc:34:00:60:05:
e0:c8:cc:54:54:51:81:d9:90:57:b5:62:f2:1d:41:0b:be:95:
31:35:df:f5:b8:1a:44:58:50:dd:cf:e4:b6:31:a1:10:9c:da:
ae:cc:11:c4:d2:64:db:2d:be:8d:cd:d3:b0:9c:69:48:dd:27:
d0:64:d4:62:17:a5:15:5c:9d:2b:0b:9e:ea:df:32:33:77:50:
af:54:34:5c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYUugoy3feT3wl9owBbj2XkSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVmNTFiY2Q4OWViN2Y1YjNhYjA4ODA2ZWY1MWE3YzJmNmVi
OThlZmMwHhcNMjIxMjIwMDc0OTQ1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZjllM2FmNTUxNzkzMWVmZTBhMmMyYzY4MTM5NGM5ZDNjOGQ3Y2NmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyBxCjPqrhFahx4FTXRASqbGaYk8x
AN3UQQpfb4APMVm6jrhevDU497ERRGgPzXVZI3xzvwuKuI/YOgXIbBYpk/dS39UR
/Wm6oGQHKiOfrKh0cdv+1jD5bcYJy9M4lJy8zyCkW1iJUFenG9wNwMC1yKvsIQt0
eMhdI6RyrowJmB6RT90YKnPCXcgotbaqWy+KbMNS+oNGnseDt6sP+dlsR7qxQdJS
X9y9ayrMqIgdQGOLKdd+Me8zmIUjL6OsHkqD2LlJaNGjoTDldRMUdWyf+wkkSQqy
VrmpHUNiu23xhf+L7exvpkvSZa7YwIchzX89M1ZzVHVpEwJkdr1r6wc7jQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFI+eOvVReTHv4KLCxoE5TJ08jXzPMB8GA1UdIwQY
MBaAFF9RvNiet/WzqwiAbvUafC9uuY78MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWDFHODJKNjM5Yk9yQ0lCdTlScDhMMjY1anZ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi80MWY2ZjUtY2VmMC00YTU3LThlNDct
MGE4NTk4NjIwOGE5LzEvajU0NjlWRjVNZV9nb3NMR2dUbE1uVHlOZk04LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi80MWY2ZjUtY2VmMC00YTU3LThlNDctMGE4NTk4NjIwOGE5
LzEvWDFHODJKNjM5Yk9yQ0lCdTlScDhMMjY1anZ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCbV88MA0G
CSqGSIb3DQEBCwUAA4IBAQBFKdAKa9YgIDhmt0FEFQMZGOkVM72QXR89xdz+9jTv
53y6RiC4YQZLjBtA5XrlKSz55nfMeOGXuqC6wGufrkq0+pOjB1e6o/A1l8MI2YDB
GCFQiVwckDbfUB+09Xd6C/r1OAA4MbCVbxrRlZDtFe0PAFKXumXGwFso7OOMO7dc
deY7VtfTmpK0gFMOyfiAA93B6T3vEM3d3/A7fzAHXomjFfpmij6Miov4wL/WbuS4
/DQAYAXgyMxUVFGB2ZBXtWLyHUELvpUxNd/1uBpEWFDdz+S2MaEQnNquzBHE0mTb
Lb6NzdOwnGlI3SfQZNRiF6UVXJ0rC57q3zIzd1CvVDRc
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:24:10 2025 by rpki-client