Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/715d15-2810-4827-8dbd-0bee06126b1a/1/Gduot1mSMk5blfCeQrcWqepCmso.roa
File: Gduot1mSMk5blfCeQrcWqepCmso.roa (raw, json)
Hash identifier: rv1EQrtK3bT34xjB0gmBgh6Jx9PU1UlJIwschtUWfdE=
Subject key identifier: 19:DB:A8:B7:59:92:32:4E:5B:95:F0:9E:42:B7:16:A9:EA:42:9A:CA
Certificate issuer: /CN=adf491488a7cd8448a420945871c0b99672dc66e
Certificate serial: 018F56B9EEE7F816FA2A7631DCA647B928D9
Authority key identifier: AD:F4:91:48:8A:7C:D8:44:8A:42:09:45:87:1C:0B:99:67:2D:C6:6E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rfSRSIp82ESKQglFhxwLmWctxm4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/72/715d15-2810-4827-8dbd-0bee06126b1a/1/Gduot1mSMk5blfCeQrcWqepCmso.roa
Signing time: Wed 08 May 2024 05:42:56 +0000
ROA not before: Wed 08 May 2024 05:42:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 34369
IP address blocks: 84.241.0.0/18 maxlen: 24
94.182.0.0/15 maxlen: 24
94.182.109.0/24 maxlen: 24
94.182.151.0/24 maxlen: 24
151.240.0.0/13 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:56:b9:ee:e7:f8:16:fa:2a:76:31:dc:a6:47:b9:28:d9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=adf491488a7cd8448a420945871c0b99672dc66e
Validity
Not Before: May 8 05:42:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=19dba8b75992324e5b95f09e42b716a9ea429aca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:92:42:9c:60:97:12:af:f5:2f:d5:83:a1:7d:
7c:c9:ba:fe:8b:19:85:53:37:7d:54:75:3a:87:57:
0a:2f:36:27:ba:03:7c:53:0e:a2:99:5d:2e:88:af:
de:8b:8f:aa:08:4f:86:02:51:2a:4d:56:fc:9c:a3:
f0:8e:48:b8:1f:5f:e2:ec:e1:75:39:a9:01:03:fc:
b2:e3:05:1a:04:68:e2:ee:e6:9e:ce:28:2c:00:1a:
93:b0:f3:9c:c8:db:4c:53:78:a9:f0:ec:a9:7e:0e:
77:32:be:f3:82:b7:bb:ce:df:33:4d:2f:98:2a:e5:
1a:99:ea:58:0d:f5:a5:a1:6c:d0:13:1e:45:4a:c2:
e9:99:60:e8:9e:ee:89:68:9a:ee:da:64:da:90:d6:
8b:3a:56:d8:c0:24:92:b6:46:1f:0d:a9:25:f8:69:
df:a3:4d:af:3e:b8:2e:dc:a2:9c:55:28:8e:37:a5:
10:02:d4:b6:3b:f8:d6:37:ef:2e:b4:5f:9b:13:37:
d5:fa:74:fa:37:6b:31:da:d0:0e:88:02:01:f2:ec:
bd:c6:55:37:12:c4:12:41:5d:80:1e:84:90:68:54:
61:e1:2e:b5:3d:bd:f6:b0:b4:5c:ad:09:99:07:ed:
e7:97:58:13:b5:bb:a4:15:75:a5:31:90:2b:91:05:
91:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:DB:A8:B7:59:92:32:4E:5B:95:F0:9E:42:B7:16:A9:EA:42:9A:CA
X509v3 Authority Key Identifier:
keyid:AD:F4:91:48:8A:7C:D8:44:8A:42:09:45:87:1C:0B:99:67:2D:C6:6E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rfSRSIp82ESKQglFhxwLmWctxm4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/715d15-2810-4827-8dbd-0bee06126b1a/1/Gduot1mSMk5blfCeQrcWqepCmso.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/72/715d15-2810-4827-8dbd-0bee06126b1a/1/rfSRSIp82ESKQglFhxwLmWctxm4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.241.0.0/18
94.182.0.0/15
151.240.0.0/13
Signature Algorithm: sha256WithRSAEncryption
81:a2:e7:fd:8c:bf:76:30:62:51:4a:e6:99:86:5d:cd:9d:d2:
8f:f4:a3:b5:8c:64:b3:e3:45:93:05:d6:6e:01:6a:91:41:d2:
91:bd:05:81:43:5b:6d:8e:fb:30:07:45:f4:2e:12:81:d5:17:
cd:fb:ac:a1:9b:81:70:d9:6f:b4:80:a4:7c:58:6a:47:4b:aa:
54:6b:7a:86:11:b8:79:ad:76:1d:f9:e2:da:55:7a:b6:bb:8f:
11:49:62:d2:45:9f:3c:91:cf:4a:7f:13:96:20:1e:9c:1c:e1:
f3:0c:95:37:df:e1:65:66:d4:b7:02:63:de:99:f6:bf:76:c9:
c9:c2:51:8c:e8:33:18:e8:1e:f0:2e:01:48:35:ad:6a:0e:e0:
af:3d:c3:47:0f:a5:cc:a3:2c:73:96:7e:e2:4a:58:0b:71:50:
8b:c6:10:92:46:0d:77:72:f7:4e:9b:f0:5b:fb:a5:61:68:3f:
c7:71:ea:3d:63:00:9c:a8:45:10:83:35:80:29:b4:bc:73:8b:
81:09:40:d3:ad:dc:79:da:3c:c4:ee:5e:e6:c8:7b:3f:05:64:
d4:90:15:10:bc:06:aa:cd:53:6d:86:0a:43:44:9f:8e:23:64:
e2:03:b1:ac:95:ab:36:24:ae:ce:f4:b3:f4:19:62:8b:98:98:
92:9e:f1:25
-----BEGIN CERTIFICATE-----
MIIFBzCCA++gAwIBAgISAY9Wue7n+Bb6KnYx3KZHuSjZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFkZjQ5MTQ4OGE3Y2Q4NDQ4YTQyMDk0NTg3MWMwYjk5Njcy
ZGM2NmUwHhcNMjQwNTA4MDU0MjU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxOWRiYThiNzU5OTIzMjRlNWI5NWYwOWU0MmI3MTZhOWVhNDI5YWNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmpJCnGCXEq/1L9WDoX18ybr+ixmF
Uzd9VHU6h1cKLzYnugN8Uw6imV0uiK/ei4+qCE+GAlEqTVb8nKPwjki4H1/i7OF1
OakBA/yy4wUaBGji7uaezigsABqTsPOcyNtMU3ip8Oypfg53Mr7zgre7zt8zTS+Y
KuUamepYDfWloWzQEx5FSsLpmWDonu6JaJru2mTakNaLOlbYwCSStkYfDakl+Gnf
o02vPrgu3KKcVSiON6UQAtS2O/jWN+8utF+bEzfV+nT6N2sx2tAOiAIB8uy9xlU3
EsQSQV2AHoSQaFRh4S61Pb32sLRcrQmZB+3nl1gTtbukFXWlMZArkQWRKQIDAQAB
o4ICEzCCAg8wHQYDVR0OBBYEFBnbqLdZkjJOW5XwnkK3FqnqQprKMB8GA1UdIwQY
MBaAFK30kUiKfNhEikIJRYccC5lnLcZuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcmZTUlNJcDgyRVNLUWdsRmh4d0xtV2N0eG00LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi83MTVkMTUtMjgxMC00ODI3LThkYmQt
MGJlZTA2MTI2YjFhLzEvR2R1b3QxbVNNazVibGZDZVFyY1dxZXBDbXNvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi83MTVkMTUtMjgxMC00ODI3LThkYmQtMGJlZTA2MTI2YjFh
LzEvcmZTUlNJcDgyRVNLUWdsRmh4d0xtV2N0eG00LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCkGCCsGAQUFBwEHAQH/BBowGDAWBAIAATAQAwQGVPEAAwMB
XrYDAwOX8DANBgkqhkiG9w0BAQsFAAOCAQEAgaLn/Yy/djBiUUrmmYZdzZ3Sj/Sj
tYxks+NFkwXWbgFqkUHSkb0FgUNbbY77MAdF9C4SgdUXzfusoZuBcNlvtICkfFhq
R0uqVGt6hhG4ea12Hfni2lV6truPEUli0kWfPJHPSn8TliAenBzh8wyVN9/hZWbU
twJj3pn2v3bJycJRjOgzGOge8C4BSDWtag7grz3DRw+lzKMsc5Z+4kpYC3FQi8YQ
kkYNd3L3TpvwW/ulYWg/x3HqPWMAnKhFEIM1gCm0vHOLgQlA063cedo8xO5e5sh7
PwVk1JAVELwGqs1TbYYKQ0SfjiNk4gOxrJWrNiSuzvSz9Blii5iYkp7xJQ==
-----END CERTIFICATE-----
Generated at Thu Mar 13 20:34:19 2025 by rpki-client