Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4b/a78979-dd24-4be7-8194-1fc19ea73a2a/1/GiNCme1TjuOW_o-82Q_1IysvpSE.roa
File: GiNCme1TjuOW_o-82Q_1IysvpSE.roa (raw, json)
Hash identifier: gmeCyQaOUvKXMWQRT4eAZAERK0bAzcX/a2032UCqD8c=
Subject key identifier: 1A:23:42:99:ED:53:8E:E3:96:FE:8F:BC:D9:0F:F5:23:2B:2F:A5:21
Certificate issuer: /CN=93e8f4ed5dd06301c423988e786dabf51c5f5674
Certificate serial: 07061738
Authority key identifier: 93:E8:F4:ED:5D:D0:63:01:C4:23:98:8E:78:6D:AB:F5:1C:5F:56:74
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/k-j07V3QYwHEI5iOeG2r9RxfVnQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4b/a78979-dd24-4be7-8194-1fc19ea73a2a/1/GiNCme1TjuOW_o-82Q_1IysvpSE.roa
Signing time: Sat 01 Jan 2022 13:06:45 +0000
ROA not before: Sat 01 Jan 2022 13:06:45 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 49800
IP address blocks: 212.42.195.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 117839672 (0x7061738)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=93e8f4ed5dd06301c423988e786dabf51c5f5674
Validity
Not Before: Jan 1 13:06:45 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=1a234299ed538ee396fe8fbcd90ff5232b2fa521
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:c5:7e:65:03:6f:6a:b4:63:1d:96:19:37:87:
85:ef:a2:e0:3a:b4:4f:cd:d6:4a:89:38:a9:86:2f:
30:25:80:41:18:7a:52:c0:61:07:a4:da:0f:0b:a3:
51:30:2f:d4:80:b5:1d:b4:e9:22:9d:f3:a1:e2:01:
a5:ea:e3:be:0d:e7:5e:18:d3:4f:fb:c3:38:3f:72:
85:0c:b1:c7:9f:8e:b0:d6:4c:7c:96:24:a7:4b:6d:
7d:4b:95:f5:a0:34:c7:61:1c:20:47:9d:eb:ed:f8:
8b:aa:3c:9e:56:02:07:10:29:79:df:7b:0b:4d:d2:
7d:bd:de:8a:e6:08:56:81:ab:1c:2d:68:b9:f3:ba:
a5:0b:57:03:ae:a7:7b:50:5b:83:80:0d:17:cd:e5:
ec:1e:9d:fc:ca:25:b5:00:e2:74:cd:e2:49:53:4a:
39:18:dc:dd:59:ed:19:9d:88:65:58:99:20:28:a1:
fc:b0:49:95:ac:a1:8b:78:cd:5e:f5:87:58:a0:d0:
df:f7:aa:b2:55:9f:ac:0c:f4:8e:8b:28:ec:2e:93:
10:02:df:35:b0:41:66:c3:98:b8:11:62:7b:c1:3f:
d2:d0:f4:79:2d:a5:ba:39:3c:5c:f0:3b:b0:f6:01:
33:6f:58:83:e1:80:7d:7a:7f:16:0e:43:26:23:5b:
53:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:23:42:99:ED:53:8E:E3:96:FE:8F:BC:D9:0F:F5:23:2B:2F:A5:21
X509v3 Authority Key Identifier:
keyid:93:E8:F4:ED:5D:D0:63:01:C4:23:98:8E:78:6D:AB:F5:1C:5F:56:74
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/k-j07V3QYwHEI5iOeG2r9RxfVnQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/a78979-dd24-4be7-8194-1fc19ea73a2a/1/GiNCme1TjuOW_o-82Q_1IysvpSE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/a78979-dd24-4be7-8194-1fc19ea73a2a/1/k-j07V3QYwHEI5iOeG2r9RxfVnQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.42.195.0/24
Signature Algorithm: sha256WithRSAEncryption
2a:7d:01:1a:53:c6:82:3e:ed:6f:bf:47:f2:4d:c8:89:09:de:
13:4d:70:5d:b5:5e:8e:79:8f:8d:72:81:ea:d2:9d:aa:c5:66:
71:a6:af:14:c8:e0:6b:86:36:bd:e1:2e:78:34:63:53:e7:cc:
de:41:45:36:1a:02:1a:10:ad:24:11:bd:fd:60:42:20:d0:05:
9c:a2:b3:a9:0c:e8:a6:0a:79:e5:df:4d:7e:b4:26:81:ea:52:
c6:7e:f6:85:ca:79:43:9d:dc:06:5b:72:1d:9e:cf:c3:bf:38:
07:56:55:e4:5e:86:a4:2b:77:d0:a7:a5:a3:b6:7e:2c:94:3c:
51:3b:c6:22:8a:b4:b9:e1:9d:71:87:a7:0f:23:90:98:ef:5c:
44:0a:cf:8f:25:13:52:20:d9:56:3b:ce:6d:a3:0d:c1:82:c3:
65:4c:72:a2:fa:b4:fe:e7:18:81:76:61:e8:d2:61:3e:f2:9c:
d2:d0:ec:16:8e:7e:cc:6d:09:5d:0b:fb:55:37:8b:64:4e:ac:
bd:26:08:75:54:04:94:46:e6:df:2e:d4:07:e9:3b:cb:31:6c:
8d:65:28:fd:9c:59:34:36:8d:c3:b8:3c:9f:83:7f:df:1b:47:
85:fc:5e:6b:71:07:f9:83:cd:6c:98:d4:b9:f6:3f:df:d5:37:
67:4f:46:1d
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBwYXODANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
M2U4ZjRlZDVkZDA2MzAxYzQyMzk4OGU3ODZkYWJmNTFjNWY1Njc0MB4XDTIyMDEw
MTEzMDY0NVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMWEyMzQyOTllZDUz
OGVlMzk2ZmU4ZmJjZDkwZmY1MjMyYjJmYTUyMTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK3FfmUDb2q0Yx2WGTeHhe+i4Dq0T83WSok4qYYvMCWAQRh6
UsBhB6TaDwujUTAv1IC1HbTpIp3zoeIBperjvg3nXhjTT/vDOD9yhQyxx5+OsNZM
fJYkp0ttfUuV9aA0x2EcIEed6+34i6o8nlYCBxAped97C03Sfb3eiuYIVoGrHC1o
ufO6pQtXA66ne1Bbg4ANF83l7B6d/MoltQDidM3iSVNKORjc3VntGZ2IZViZICih
/LBJlayhi3jNXvWHWKDQ3/eqslWfrAz0joso7C6TEALfNbBBZsOYuBFie8E/0tD0
eS2lujk8XPA7sPYBM29Yg+GAfXp/Fg5DJiNbU4UCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQaI0KZ7VOO45b+j7zZD/UjKy+lITAfBgNVHSMEGDAWgBST6PTtXdBjAcQj
mI54bav1HF9WdDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2stajA3VjNRWXdIRUk1aU9lRzJyOVJ4ZlZuUS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNGIvYTc4OTc5LWRkMjQtNGJlNy04MTk0LTFmYzE5ZWE3M2EyYS8x
L0dpTkNtZTFUanVPV19vLTgyUV8xSXlzdnBTRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNGIv
YTc4OTc5LWRkMjQtNGJlNy04MTk0LTFmYzE5ZWE3M2EyYS8xL2stajA3VjNRWXdI
RUk1aU9lRzJyOVJ4ZlZuUS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEANQqwzANBgkqhkiG9w0BAQsFAAOC
AQEAKn0BGlPGgj7tb79H8k3IiQneE01wXbVejnmPjXKB6tKdqsVmcaavFMjga4Y2
veEueDRjU+fM3kFFNhoCGhCtJBG9/WBCINAFnKKzqQzopgp55d9NfrQmgepSxn72
hcp5Q53cBltyHZ7Pw784B1ZV5F6GpCt30Kelo7Z+LJQ8UTvGIoq0ueGdcYenDyOQ
mO9cRArPjyUTUiDZVjvObaMNwYLDZUxyovq0/ucYgXZh6NJhPvKc0tDsFo5+zG0J
XQv7VTeLZE6svSYIdVQElEbm3y7UB+k7yzFsjWUo/ZxZNDaNw7g8n4N/3xtHhfxe
a3EH+YPNbJjUufY/39U3Z09GHQ==
-----END CERTIFICATE-----
Generated at Thu Apr 17 07:26:52 2025 by rpki-client