Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/70bf8b-d8c4-40c3-9022-63348cdbf024/1/GcFLwG5JitSQs4S4To1DzvkvpTI.roa
File: GcFLwG5JitSQs4S4To1DzvkvpTI.roa (raw, json)
Hash identifier: Dw91Sz5+ty+3J29Eq/DIhVrvFoDNjdzm/jYjXA5ueMI=
Subject key identifier: 19:C1:4B:C0:6E:49:8A:D4:90:B3:84:B8:4E:8D:43:CE:F9:2F:A5:32
Certificate issuer: /CN=8e1c11658d2041eaf2502fe5408ed493bbd4f318
Certificate serial: 0119C50B
Authority key identifier: 8E:1C:11:65:8D:20:41:EA:F2:50:2F:E5:40:8E:D4:93:BB:D4:F3:18
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jhwRZY0gQeryUC_lQI7Uk7vU8xg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/70bf8b-d8c4-40c3-9022-63348cdbf024/1/GcFLwG5JitSQs4S4To1DzvkvpTI.roa
Signing time: Sat 01 Jan 2022 06:03:50 +0000
ROA not before: Sat 01 Jan 2022 06:03:50 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 7922
IP address blocks: 193.41.32.0/24 maxlen: 24
193.39.250.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 18466059 (0x119c50b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8e1c11658d2041eaf2502fe5408ed493bbd4f318
Validity
Not Before: Jan 1 06:03:50 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=19c14bc06e498ad490b384b84e8d43cef92fa532
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:1d:81:07:78:3d:9b:f1:c7:0a:d5:d3:ab:e7:
cf:45:73:6d:5f:4f:e3:55:c6:32:82:c0:03:22:db:
9e:fe:a2:02:b7:3c:2a:bb:54:f2:54:5c:a2:94:81:
77:17:53:70:11:d7:bb:aa:b7:d9:2e:0d:ba:2b:c8:
96:53:d7:fb:45:2c:f2:57:af:f1:71:2b:58:c0:b1:
10:66:5b:c6:c3:ce:0e:ef:5f:a0:03:ff:2f:fe:ad:
74:a7:31:14:e7:4d:e8:c4:51:0f:0b:aa:f9:f3:f8:
1e:60:ae:3e:29:cf:57:28:cf:05:4e:5b:66:18:49:
a2:78:a9:fd:9a:21:96:41:12:b6:a3:be:06:eb:3d:
b0:52:20:23:eb:57:5d:f9:f9:1b:e4:bf:8c:38:97:
e9:dc:62:8c:25:8b:64:31:50:28:82:86:3f:cc:44:
3a:08:a1:08:7d:47:e3:8a:2f:91:4d:14:14:71:bd:
74:74:e5:3b:48:5e:ff:7d:8a:5c:56:cc:c9:d1:31:
68:eb:4b:8a:6c:10:29:d5:20:90:e3:89:66:9f:a9:
ac:c5:a9:1d:bb:ea:2b:75:ae:15:b3:55:9a:4d:d2:
91:ba:7e:e6:b7:39:58:27:d3:31:a1:a3:71:01:ce:
89:92:29:35:53:77:1b:c9:2a:19:a2:94:90:0d:21:
e1:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:C1:4B:C0:6E:49:8A:D4:90:B3:84:B8:4E:8D:43:CE:F9:2F:A5:32
X509v3 Authority Key Identifier:
keyid:8E:1C:11:65:8D:20:41:EA:F2:50:2F:E5:40:8E:D4:93:BB:D4:F3:18
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jhwRZY0gQeryUC_lQI7Uk7vU8xg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/70bf8b-d8c4-40c3-9022-63348cdbf024/1/GcFLwG5JitSQs4S4To1DzvkvpTI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/62/70bf8b-d8c4-40c3-9022-63348cdbf024/1/jhwRZY0gQeryUC_lQI7Uk7vU8xg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.39.250.0/24
193.41.32.0/24
Signature Algorithm: sha256WithRSAEncryption
75:82:e4:a8:a5:f8:6b:8f:4d:04:d6:aa:17:c3:27:98:4d:bf:
98:56:44:7f:2d:1e:23:0f:74:22:3f:04:0e:9e:ca:87:5f:a1:
4f:aa:aa:a1:b1:17:07:3f:72:0f:b0:59:15:65:8b:6e:88:49:
4b:09:a6:a8:5b:4e:4b:02:82:81:68:d6:23:4d:ac:bd:cd:5d:
ea:3f:eb:51:a6:39:06:b3:55:a3:19:a1:c4:74:a3:4b:25:24:
74:97:7e:f7:b7:68:f0:59:b5:bb:df:cb:11:c8:a2:4c:fc:2a:
9d:7e:3a:34:94:fd:23:22:9f:72:d6:db:fc:3f:19:14:0e:af:
52:45:bc:58:2c:4d:9b:b6:24:5c:89:49:c5:27:f8:e9:90:ee:
e5:a1:c5:b9:60:4e:04:34:23:d9:5b:f9:1c:43:85:ae:e6:a4:
65:3a:84:34:55:c2:b2:6b:0d:3e:a6:0e:40:c3:2d:24:09:26:
c2:65:0b:21:16:fc:b9:65:1f:71:91:54:26:ae:eb:56:66:39:
56:b4:b6:ee:60:c4:3c:2a:69:7e:d5:19:d0:d2:22:a5:51:73:
af:78:a4:49:b8:78:2e:3d:7f:e4:26:b4:7a:73:1b:fd:65:24:
df:13:ff:c2:30:18:15:99:5d:46:58:56:a1:0c:6e:2f:46:a9:
15:b3:73:27
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEARnFCzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
ZTFjMTE2NThkMjA0MWVhZjI1MDJmZTU0MDhlZDQ5M2JiZDRmMzE4MB4XDTIyMDEw
MTA2MDM1MFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMTljMTRiYzA2ZTQ5
OGFkNDkwYjM4NGI4NGU4ZDQzY2VmOTJmYTUzMjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJ0dgQd4PZvxxwrV06vnz0VzbV9P41XGMoLAAyLbnv6iArc8
KrtU8lRcopSBdxdTcBHXu6q32S4NuivIllPX+0Us8lev8XErWMCxEGZbxsPODu9f
oAP/L/6tdKcxFOdN6MRRDwuq+fP4HmCuPinPVyjPBU5bZhhJonip/ZohlkEStqO+
Bus9sFIgI+tXXfn5G+S/jDiX6dxijCWLZDFQKIKGP8xEOgihCH1H44ovkU0UFHG9
dHTlO0he/32KXFbMydExaOtLimwQKdUgkOOJZp+prMWpHbvqK3WuFbNVmk3Skbp+
5rc5WCfTMaGjcQHOiZIpNVN3G8kqGaKUkA0h4RkCAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBQZwUvAbkmK1JCzhLhOjUPO+S+lMjAfBgNVHSMEGDAWgBSOHBFljSBB6vJQ
L+VAjtSTu9TzGDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2pod1JaWTBnUWVyeVVDX2xRSTdVazd2VTh4Zy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNjIvNzBiZjhiLWQ4YzQtNDBjMy05MDIyLTYzMzQ4Y2RiZjAyNC8x
L0djRkx3RzVKaXRTUXM0UzRUbzFEenZrdnBUSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjIv
NzBiZjhiLWQ4YzQtNDBjMy05MDIyLTYzMzQ4Y2RiZjAyNC8xL2pod1JaWTBnUWVy
eVVDX2xRSTdVazd2VTh4Zy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAMEn+gMEAMEpIDANBgkqhkiG9w0B
AQsFAAOCAQEAdYLkqKX4a49NBNaqF8MnmE2/mFZEfy0eIw90Ij8EDp7Kh1+hT6qq
obEXBz9yD7BZFWWLbohJSwmmqFtOSwKCgWjWI02svc1d6j/rUaY5BrNVoxmhxHSj
SyUkdJd+97do8Fm1u9/LEciiTPwqnX46NJT9IyKfctbb/D8ZFA6vUkW8WCxNm7Yk
XIlJxSf46ZDu5aHFuWBOBDQj2Vv5HEOFruakZTqENFXCsmsNPqYOQMMtJAkmwmUL
IRb8uWUfcZFUJq7rVmY5VrS27mDEPCppftUZ0NIipVFzr3ikSbh4Lj1/5Ca0enMb
/WUk3xP/wjAYFZldRlhWoQxuL0apFbNzJw==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:00:43 2023 by rpki-client on console-ams.rpki-client.org