Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4a/ea1cff-ae8f-4719-89b3-003a1568bf3f/1/gshudtG4xwIxTqY5yYFAkQSRaOQ.roa
File: gshudtG4xwIxTqY5yYFAkQSRaOQ.roa (raw, json)
Hash identifier: I2d/NcT42SpwehP2H0MXdBR63igtcfdSUEP/GH3+P88=
Subject key identifier: 82:C8:6E:76:D1:B8:C7:02:31:4E:A6:39:C9:81:40:91:04:91:68:E4
Certificate issuer: /CN=29be02dea0a086e9880f564c86872bbc597cc672
Certificate serial: 018480072AE329628751F5FFCDE22BB23434
Authority key identifier: 29:BE:02:DE:A0:A0:86:E9:88:0F:56:4C:86:87:2B:BC:59:7C:C6:72
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Kb4C3qCghumID1ZMhocrvFl8xnI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4a/ea1cff-ae8f-4719-89b3-003a1568bf3f/1/gshudtG4xwIxTqY5yYFAkQSRaOQ.roa
Signing time: Wed 16 Nov 2022 10:41:04 +0000
ROA not before: Wed 16 Nov 2022 10:41:04 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 9002
IP address blocks: 139.45.192.0/19 maxlen: 19
139.45.192.0/18 maxlen: 18
87.245.192.0/18 maxlen: 18
87.245.208.0/20 maxlen: 20
185.82.8.0/22 maxlen: 22
87.245.224.0/19 maxlen: 19
139.45.224.0/19 maxlen: 19
2a02:2d8::/32 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:80:07:2a:e3:29:62:87:51:f5:ff:cd:e2:2b:b2:34:34
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=29be02dea0a086e9880f564c86872bbc597cc672
Validity
Not Before: Nov 16 10:41:04 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=82c86e76d1b8c702314ea639c9814091049168e4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:a0:99:95:fb:52:48:77:a8:f1:e0:92:53:51:
6e:9a:da:f2:75:be:18:db:8b:c4:9b:31:54:ed:85:
54:7e:46:86:35:c1:c2:bc:1a:d3:25:a2:85:40:47:
a5:b3:25:96:2b:ce:28:64:ea:af:5e:a2:d8:3e:39:
1e:93:c1:b4:19:0f:33:5c:d8:f7:f2:e5:d9:64:66:
bc:1c:74:50:07:f2:54:bd:40:07:c8:8d:e4:9e:e1:
c3:c4:60:6a:e0:4b:aa:82:3d:62:30:0a:8f:46:e8:
09:fe:d8:62:11:04:d4:91:c0:f4:00:18:32:3e:db:
80:6a:17:95:39:d5:fc:4d:07:cd:6c:6a:54:4e:56:
09:ec:96:d5:5b:7d:d9:70:16:79:72:94:91:09:86:
72:f6:b9:a4:5e:8c:1d:42:9f:02:6f:e4:3d:74:20:
20:63:10:ea:4f:79:a8:80:6f:8c:af:5b:1f:e4:22:
61:78:a4:48:02:68:b4:ba:b2:d9:c7:8d:fd:3c:5b:
a5:55:d8:09:9f:69:30:0c:37:cb:5b:a6:52:78:80:
1c:ac:e3:76:32:6c:fe:de:df:d2:2a:4c:d0:f9:f3:
66:11:6c:d5:62:08:71:63:12:0e:97:18:76:a7:76:
0b:0b:09:67:c3:7a:e5:0a:42:bd:e1:1c:41:c7:d6:
37:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:C8:6E:76:D1:B8:C7:02:31:4E:A6:39:C9:81:40:91:04:91:68:E4
X509v3 Authority Key Identifier:
keyid:29:BE:02:DE:A0:A0:86:E9:88:0F:56:4C:86:87:2B:BC:59:7C:C6:72
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Kb4C3qCghumID1ZMhocrvFl8xnI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/ea1cff-ae8f-4719-89b3-003a1568bf3f/1/gshudtG4xwIxTqY5yYFAkQSRaOQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/ea1cff-ae8f-4719-89b3-003a1568bf3f/1/Kb4C3qCghumID1ZMhocrvFl8xnI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.245.192.0/18
139.45.192.0/18
185.82.8.0/22
IPv6:
2a02:2d8::/32
Signature Algorithm: sha256WithRSAEncryption
7a:54:9e:75:f3:ac:ad:4f:10:54:44:86:96:78:26:b9:ed:8a:
4e:f4:99:dc:e0:31:64:56:72:0c:b5:4c:cd:89:45:e4:23:bd:
ea:83:37:25:9b:12:89:88:4e:d4:5b:ef:b8:8f:1a:69:e2:f2:
1b:10:d7:43:a2:68:47:c7:ba:81:f4:fc:78:8d:1d:48:3f:d8:
19:d9:2d:f0:02:ad:9b:07:f1:f8:ae:b1:3c:98:d1:fe:e4:39:
97:4c:da:12:1b:27:06:e4:f2:fb:44:a0:13:50:07:73:57:e2:
e0:76:14:bf:ca:7f:ce:42:4a:6f:c4:28:9f:20:c8:ac:a3:4c:
18:12:8e:20:ca:68:db:40:fb:ac:b6:df:2c:b9:8f:a8:1f:50:
57:2c:2b:da:28:f8:bd:80:2a:a3:42:6f:cc:5f:cd:d2:10:a8:
b3:a0:cc:3b:47:84:51:92:ac:e7:f8:e7:ed:d2:c6:9f:65:93:
63:6e:61:ce:9f:f6:98:85:93:da:50:ed:89:09:63:e3:6d:01:
4d:b9:94:b1:be:b7:17:dd:07:90:25:31:a3:08:7d:94:b0:af:
dc:9c:c4:85:da:78:51:93:56:70:43:ee:21:c0:a2:91:30:a6:
e6:dd:92:e5:10:82:87:68:28:30:4f:0f:a7:19:d9:7e:2a:76:
6c:68:b7:9f
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYSAByrjKWKHUfX/zeIrsjQ0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5YmUwMmRlYTBhMDg2ZTk4ODBmNTY0Yzg2ODcyYmJjNTk3
Y2M2NzIwHhcNMjIxMTE2MTA0MTA0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MmM4NmU3NmQxYjhjNzAyMzE0ZWE2MzljOTgxNDA5MTA0OTE2OGU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7KCZlftSSHeo8eCSU1Fumtrydb4Y
24vEmzFU7YVUfkaGNcHCvBrTJaKFQEelsyWWK84oZOqvXqLYPjkek8G0GQ8zXNj3
8uXZZGa8HHRQB/JUvUAHyI3knuHDxGBq4Euqgj1iMAqPRugJ/thiEQTUkcD0ABgy
PtuAaheVOdX8TQfNbGpUTlYJ7JbVW33ZcBZ5cpSRCYZy9rmkXowdQp8Cb+Q9dCAg
YxDqT3mogG+Mr1sf5CJheKRIAmi0urLZx439PFulVdgJn2kwDDfLW6ZSeIAcrON2
Mmz+3t/SKkzQ+fNmEWzVYghxYxIOlxh2p3YLCwlnw3rlCkK94RxBx9Y3FQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFILIbnbRuMcCMU6mOcmBQJEEkWjkMB8GA1UdIwQY
MBaAFCm+At6goIbpiA9WTIaHK7xZfMZyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS2I0QzNxQ2dodW1JRDFaTWhvY3J2Rmw4eG5JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80YS9lYTFjZmYtYWU4Zi00NzE5LTg5YjMt
MDAzYTE1NjhiZjNmLzEvZ3NodWR0RzR4d0l4VHFZNXlZRkFrUVNSYU9RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80YS9lYTFjZmYtYWU4Zi00NzE5LTg5YjMtMDAzYTE1NjhiZjNm
LzEvS2I0QzNxQ2dodW1JRDFaTWhvY3J2Rmw4eG5JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQGV/XAAwQG
iy3AAwQCuVIIMA0EAgACMAcDBQAqAgLYMA0GCSqGSIb3DQEBCwUAA4IBAQB6VJ51
86ytTxBURIaWeCa57YpO9Jnc4DFkVnIMtUzNiUXkI73qgzclmxKJiE7UW++4jxpp
4vIbENdDomhHx7qB9Px4jR1IP9gZ2S3wAq2bB/H4rrE8mNH+5DmXTNoSGycG5PL7
RKATUAdzV+LgdhS/yn/OQkpvxCifIMiso0wYEo4gymjbQPustt8suY+oH1BXLCva
KPi9gCqjQm/MX83SEKizoMw7R4RRkqzn+Oft0safZZNjbmHOn/aYhZPaUO2JCWPj
bQFNuZSxvrcX3QeQJTGjCH2UsK/cnMSF2nhRk1ZwQ+4hwKKRMKbm3ZLlEIKHaCgw
Tw+nGdl+KnZsaLef
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:07:09 2024 by rpki-client on console-ams.rpki-client.org