Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/Gi2jH9radNVMZ1pLu0QsCxlh9bQ.roa
File: Gi2jH9radNVMZ1pLu0QsCxlh9bQ.roa (raw, json)
Hash identifier: 30B8AMkCtj8GumD+dJRkMyj6OQAVvZ4hlOCbdNvR+l4=
Subject key identifier: 1A:2D:A3:1F:DA:DA:74:D5:4C:67:5A:4B:BB:44:2C:0B:19:61:F5:B4
Certificate issuer: /CN=f8e62634e1bd5133a9de4512ae98cad1b2219b59
Certificate serial: 01857690DEE9BE3C0ACFEB37B78577648F63
Authority key identifier: F8:E6:26:34:E1:BD:51:33:A9:DE:45:12:AE:98:CA:D1:B2:21:9B:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/Gi2jH9radNVMZ1pLu0QsCxlh9bQ.roa
Signing time: Tue 03 Jan 2023 07:38:03 +0000
ROA not before: Tue 03 Jan 2023 07:38:03 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 12325
IP address blocks: 94.177.28.0/24 maxlen: 24
89.34.219.0/24 maxlen: 24
89.36.140.0/24 maxlen: 24
37.153.158.0/24 maxlen: 24
176.223.66.0/24 maxlen: 24
89.35.124.0/23 maxlen: 24
128.0.41.0/24 maxlen: 24
46.102.237.0/24 maxlen: 24
89.46.42.0/24 maxlen: 24
188.213.212.0/24 maxlen: 24
188.213.216.0/24 maxlen: 24
94.176.213.0/24 maxlen: 24
89.47.36.0/24 maxlen: 24
93.115.203.0/24 maxlen: 24
92.114.32.0/24 maxlen: 24
89.40.222.0/23 maxlen: 24
217.19.4.0/24 maxlen: 24
92.114.54.0/24 maxlen: 24
89.40.36.0/24 maxlen: 24
77.81.100.0/24 maxlen: 24
89.44.105.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:76:90:de:e9:be:3c:0a:cf:eb:37:b7:85:77:64:8f:63
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f8e62634e1bd5133a9de4512ae98cad1b2219b59
Validity
Not Before: Jan 3 07:38:03 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1a2da31fdada74d54c675a4bbb442c0b1961f5b4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:ab:b7:d2:7a:47:ea:78:a1:2e:00:05:ef:3f:
e0:a6:b6:50:02:de:b8:94:82:c9:ef:3e:7f:3a:ab:
07:cd:93:fc:60:1f:1d:8e:09:07:09:0b:bc:0b:81:
10:4b:1e:ea:02:29:c5:cd:bd:8f:2e:3d:a9:2f:03:
58:1a:78:3d:fb:c5:22:f0:07:cd:71:71:db:c0:4c:
ad:e4:15:ca:a1:f0:79:5d:87:40:ea:a0:fc:e4:01:
11:29:38:b5:7f:d5:57:72:9c:42:5b:5d:a2:94:62:
19:90:e5:3b:4d:25:ed:b4:a2:3a:87:6c:ca:92:b5:
1d:a4:b0:6c:ca:b6:79:35:8d:33:88:db:0a:43:fb:
f4:2e:8e:81:52:6b:3d:57:c3:49:d7:f4:2d:00:d5:
6f:30:bb:1e:6f:11:48:64:e7:86:1e:e6:8e:24:d4:
83:eb:fd:b6:24:2c:ad:01:ec:c8:4f:68:37:57:4f:
32:04:5f:b5:47:74:e6:84:48:a3:a0:ea:3d:1c:f0:
ce:0d:b6:6f:29:ff:ad:e4:2e:8a:e0:d1:6a:9b:f8:
ad:e2:e9:a4:87:54:68:31:45:de:cc:81:6b:0c:98:
86:2b:46:f9:e6:4d:41:b6:1d:62:ff:55:63:bf:8e:
bd:29:48:9e:6b:3a:08:8b:1e:0e:54:da:9f:a4:fc:
8d:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:2D:A3:1F:DA:DA:74:D5:4C:67:5A:4B:BB:44:2C:0B:19:61:F5:B4
X509v3 Authority Key Identifier:
keyid:F8:E6:26:34:E1:BD:51:33:A9:DE:45:12:AE:98:CA:D1:B2:21:9B:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/Gi2jH9radNVMZ1pLu0QsCxlh9bQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.153.158.0/24
46.102.237.0/24
77.81.100.0/24
89.34.219.0/24
89.35.124.0/23
89.36.140.0/24
89.40.36.0/24
89.40.222.0/23
89.44.105.0/24
89.46.42.0/24
89.47.36.0/24
92.114.32.0/24
92.114.54.0/24
93.115.203.0/24
94.176.213.0/24
94.177.28.0/24
128.0.41.0/24
176.223.66.0/24
188.213.212.0/24
188.213.216.0/24
217.19.4.0/24
Signature Algorithm: sha256WithRSAEncryption
e9:6b:61:82:fb:ca:de:3f:ac:1b:48:4f:8e:b4:82:ce:c8:12:
cd:f8:1d:22:73:4a:2c:3a:2f:b3:50:e9:35:15:5c:cb:76:9a:
63:99:b6:85:b7:b4:ba:7d:e7:58:bf:5e:e1:64:9a:2c:9b:3d:
c6:4a:5b:39:bb:06:8c:71:07:04:69:33:be:8e:99:24:76:e5:
00:14:01:e5:8d:46:dd:52:dd:a8:4e:60:a0:3c:6d:83:73:a1:
6c:27:68:27:26:3d:04:b4:05:6b:2e:24:58:31:87:9e:f7:85:
ce:99:13:e6:05:72:24:2f:74:78:68:f4:d8:4a:6e:fe:85:1d:
e3:5b:78:d3:2c:ca:04:24:44:8a:99:f5:82:37:fc:26:84:95:
72:6c:ed:ae:3c:84:24:13:d0:4b:aa:81:84:3c:10:0c:ca:39:
00:68:65:ac:c5:74:ac:08:24:5e:90:64:2c:e3:ef:27:15:e4:
bb:7e:25:71:ff:37:2f:a7:83:04:a5:14:70:f6:21:e1:60:19:
38:c9:3c:d6:e1:f2:d4:b8:f7:5c:31:3e:14:39:c3:6b:6a:e5:
46:07:58:7f:fc:48:0a:b7:9f:cb:86:cf:31:b5:46:81:dd:58:
09:dd:08:a5:ec:35:25:20:1d:6a:5a:5b:ff:bd:29:af:ba:cd:
53:de:74:b1
-----BEGIN CERTIFICATE-----
MIIFezCCBGOgAwIBAgISAYV2kN7pvjwKz+s3t4V3ZI9jMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY4ZTYyNjM0ZTFiZDUxMzNhOWRlNDUxMmFlOThjYWQxYjIy
MTliNTkwHhcNMjMwMTAzMDczODAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYTJkYTMxZmRhZGE3NGQ1NGM2NzVhNGJiYjQ0MmMwYjE5NjFmNWI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuqu30npH6nihLgAF7z/gprZQAt64
lILJ7z5/OqsHzZP8YB8djgkHCQu8C4EQSx7qAinFzb2PLj2pLwNYGng9+8Ui8AfN
cXHbwEyt5BXKofB5XYdA6qD85AERKTi1f9VXcpxCW12ilGIZkOU7TSXttKI6h2zK
krUdpLBsyrZ5NY0ziNsKQ/v0Lo6BUms9V8NJ1/QtANVvMLsebxFIZOeGHuaOJNSD
6/22JCytAezIT2g3V08yBF+1R3TmhEijoOo9HPDODbZvKf+t5C6K4NFqm/it4umk
h1RoMUXezIFrDJiGK0b55k1Bth1i/1Vjv469KUieazoIix4OVNqfpPyNGwIDAQAB
o4IChzCCAoMwHQYDVR0OBBYEFBotox/a2nTVTGdaS7tELAsZYfW0MB8GA1UdIwQY
MBaAFPjmJjThvVEzqd5FEq6YytGyIZtZMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1PWW1OT0c5VVRPcDNrVVNycGpLMGJJaG0xay5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzgvZGEzMzk4LTY2OTgtNDVmMi1iYWFl
LTkyZTI1ZmUxNjMzMS8xL0dpMmpIOXJhZE5WTVoxcEx1MFFzQ3hsaDliUS5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNzgvZGEzMzk4LTY2OTgtNDVmMi1iYWFlLTkyZTI1ZmUxNjMz
MS8xLzEtT1ltTk9HOVVUT3Aza1VTcnBqSzBiSWhtMWsuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwgZoGCCsGAQUFBwEHAQH/BIGKMIGHMIGEBAIAATB+AwQA
JZmeAwQALmbtAwQATVFkAwQAWSLbAwQBWSN8AwQAWSSMAwQAWSgkAwQBWSjeAwQA
WSxpAwQAWS4qAwQAWS8kAwQAXHIgAwQAXHI2AwQAXXPLAwQAXrDVAwQAXrEcAwQA
gAApAwQAsN9CAwQAvNXUAwQAvNXYAwQA2RMEMA0GCSqGSIb3DQEBCwUAA4IBAQDp
a2GC+8reP6wbSE+OtILOyBLN+B0ic0osOi+zUOk1FVzLdppjmbaFt7S6fedYv17h
ZJosmz3GSls5uwaMcQcEaTO+jpkkduUAFAHljUbdUt2oTmCgPG2Dc6FsJ2gnJj0E
tAVrLiRYMYee94XOmRPmBXIkL3R4aPTYSm7+hR3jW3jTLMoEJESKmfWCN/wmhJVy
bO2uPIQkE9BLqoGEPBAMyjkAaGWsxXSsCCRekGQs4+8nFeS7fiVx/zcvp4MEpRRw
9iHhYBk4yTzW4fLUuPdcMT4UOcNrauVGB1h//EgKt5/Lhs8xtUaB3VgJ3Qil7DUl
IB1qWlv/vSmvus1T3nSx
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:31:06 2025 by rpki-client