Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7c/64b8dd-9bcb-475e-bf8f-d87fb767d8bd/1/gWDOLawJscZQxu1kbdm8dGKujqU.roa
File: gWDOLawJscZQxu1kbdm8dGKujqU.roa (raw, json)
Hash identifier: q/po3+6wG/uGcNuZB9021Og7G8unukgzGHpt7EIwjoQ=
Subject key identifier: 81:60:CE:2D:AC:09:B1:C6:50:C6:ED:64:6D:D9:BC:74:62:AE:8E:A5
Certificate issuer: /CN=d8c18b5ad3a25f118a83bb2ffbbe795d6643663c
Certificate serial: 4BF6
Authority key identifier: D8:C1:8B:5A:D3:A2:5F:11:8A:83:BB:2F:FB:BE:79:5D:66:43:66:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2MGLWtOiXxGKg7sv-755XWZDZjw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7c/64b8dd-9bcb-475e-bf8f-d87fb767d8bd/1/gWDOLawJscZQxu1kbdm8dGKujqU.roa
Signing time: Mon 10 Jan 2022 18:27:47 +0000
ROA not before: Mon 10 Jan 2022 18:27:47 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 205145
IP address blocks: 185.237.220.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 19446 (0x4bf6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d8c18b5ad3a25f118a83bb2ffbbe795d6643663c
Validity
Not Before: Jan 10 18:27:47 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=8160ce2dac09b1c650c6ed646dd9bc7462ae8ea5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:2f:88:a4:a5:ac:6c:5d:9c:05:fd:d1:d8:b0:
cb:0b:5d:27:95:7d:ac:05:c1:69:b1:3a:ce:2a:d0:
ac:25:2f:90:76:91:79:89:e6:01:5b:20:52:7a:4c:
26:8c:43:fc:06:b5:8f:a9:16:a8:d5:2d:07:2b:b7:
b4:6a:07:74:b0:df:92:ea:03:5e:db:28:29:2a:15:
27:dd:21:43:a9:30:64:07:0e:d0:16:13:ac:aa:fe:
04:17:27:23:c4:6f:25:d4:67:23:2d:63:2c:3d:68:
56:ad:40:cb:3b:6d:97:39:25:f3:d2:9d:7a:28:32:
c8:98:f5:9c:48:05:ec:10:7c:ba:5d:e0:cd:25:2d:
4f:1b:59:68:9d:32:30:59:d2:92:6a:1d:63:a4:b7:
54:bc:d4:33:25:99:fb:bf:5b:d5:fb:4d:bc:fa:b3:
49:43:fa:f8:ef:a2:a0:dc:77:01:eb:57:7b:ea:f6:
b0:0a:3e:7c:c5:50:a2:9a:c2:e6:16:17:ca:39:74:
ff:62:ed:82:11:62:cc:68:50:18:be:e9:03:2b:86:
65:ad:10:22:87:cd:d5:8e:b6:fb:06:33:0d:60:e7:
30:7b:dc:0c:2c:ac:a7:83:f2:f5:40:3f:52:85:ee:
6e:9a:eb:45:ed:1c:86:a7:2c:a9:cf:c7:73:4a:26:
29:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:60:CE:2D:AC:09:B1:C6:50:C6:ED:64:6D:D9:BC:74:62:AE:8E:A5
X509v3 Authority Key Identifier:
keyid:D8:C1:8B:5A:D3:A2:5F:11:8A:83:BB:2F:FB:BE:79:5D:66:43:66:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2MGLWtOiXxGKg7sv-755XWZDZjw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/64b8dd-9bcb-475e-bf8f-d87fb767d8bd/1/gWDOLawJscZQxu1kbdm8dGKujqU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/64b8dd-9bcb-475e-bf8f-d87fb767d8bd/1/2MGLWtOiXxGKg7sv-755XWZDZjw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.237.220.0/22
Signature Algorithm: sha256WithRSAEncryption
5f:fd:d8:33:b2:e9:8a:81:b8:32:0c:0c:99:ce:ec:4f:f2:bf:
77:47:cf:da:12:57:18:61:9a:50:f4:6a:98:ff:41:8d:83:f4:
99:95:92:7e:6d:96:49:64:34:69:2f:36:41:07:8f:39:6e:f5:
85:29:57:b3:dd:da:ad:b0:b9:18:df:c9:7a:ca:7f:8e:72:7a:
df:19:d9:be:a7:16:09:db:74:82:e8:8a:5d:1c:79:90:95:c1:
1b:6a:c3:4c:0c:50:ee:17:19:92:e2:1b:54:13:da:d5:3b:48:
f0:51:56:06:8d:e2:96:4c:32:1a:fe:75:67:fb:38:3e:ea:98:
5f:45:73:17:00:69:b3:9f:9f:cc:12:49:cf:7d:44:0c:41:64:
41:b7:76:ed:70:c6:a3:e9:18:64:3b:9b:76:a0:ae:c3:04:98:
a4:65:cf:b2:7d:33:81:9e:15:48:6d:47:2e:80:99:a4:75:c0:
8c:2e:54:e2:5b:8c:d9:b5:de:27:e0:2b:ce:b4:c9:0b:43:eb:
34:16:72:57:9c:b5:16:46:c9:98:e7:e9:89:7b:f0:fb:c1:af:
a8:5a:1f:68:ad:0f:6e:f0:82:70:fc:b5:51:b4:d1:fb:3d:a1:
ca:d9:1d:9d:30:60:28:2b:81:7e:2f:a7:16:90:8c:96:a1:ce:
47:b5:01:90
-----BEGIN CERTIFICATE-----
MIIE7TCCA9WgAwIBAgICS/YwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoZDhj
MThiNWFkM2EyNWYxMThhODNiYjJmZmJiZTc5NWQ2NjQzNjYzYzAeFw0yMjAxMTAx
ODI3NDdaFw0yMzA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKDgxNjBjZTJkYWMwOWIx
YzY1MGM2ZWQ2NDZkZDliYzc0NjJhZThlYTUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCQL4ikpaxsXZwF/dHYsMsLXSeVfawFwWmxOs4q0KwlL5B2kXmJ
5gFbIFJ6TCaMQ/wGtY+pFqjVLQcrt7RqB3Sw35LqA17bKCkqFSfdIUOpMGQHDtAW
E6yq/gQXJyPEbyXUZyMtYyw9aFatQMs7bZc5JfPSnXooMsiY9ZxIBewQfLpd4M0l
LU8bWWidMjBZ0pJqHWOkt1S81DMlmfu/W9X7Tbz6s0lD+vjvoqDcdwHrV3vq9rAK
PnzFUKKawuYWF8o5dP9i7YIRYsxoUBi+6QMrhmWtECKHzdWOtvsGMw1g5zB73Aws
rKeD8vVAP1KF7m6a60XtHIanLKnPx3NKJinjAgMBAAGjggIJMIICBTAdBgNVHQ4E
FgQUgWDOLawJscZQxu1kbdm8dGKujqUwHwYDVR0jBBgwFoAU2MGLWtOiXxGKg7sv
+755XWZDZjwwDgYDVR0PAQH/BAQDAgeAMGQGCCsGAQUFBwEBBFgwVjBUBggrBgEF
BQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC8y
TUdMV3RPaVh4R0tnN3N2LTc1NVhXWkRaancuY2VyMIGNBggrBgEFBQcBCwSBgDB+
MHwGCCsGAQUFBzALhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9E
RUZBVUxULzdjLzY0YjhkZC05YmNiLTQ3NWUtYmY4Zi1kODdmYjc2N2Q4YmQvMS9n
V0RPTGF3SnNjWlF4dTFrYmRtOGRHS3VqcVUucm9hMIGBBgNVHR8EejB4MHagdKBy
hnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzdjLzY0
YjhkZC05YmNiLTQ3NWUtYmY4Zi1kODdmYjc2N2Q4YmQvMS8yTUdMV3RPaVh4R0tn
N3N2LTc1NVhXWkRaancuY3JsMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYI
KwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAK57dwwDQYJKoZIhvcNAQELBQADggEB
AF/92DOy6YqBuDIMDJnO7E/yv3dHz9oSVxhhmlD0apj/QY2D9JmVkn5tlklkNGkv
NkEHjzlu9YUpV7Pd2q2wuRjfyXrKf45yet8Z2b6nFgnbdILoil0ceZCVwRtqw0wM
UO4XGZLiG1QT2tU7SPBRVgaN4pZMMhr+dWf7OD7qmF9FcxcAabOfn8wSSc99RAxB
ZEG3du1wxqPpGGQ7m3agrsMEmKRlz7J9M4GeFUhtRy6AmaR1wIwuVOJbjNm13ifg
K860yQtD6zQWclectRZGyZjn6Yl78PvBr6haH2itD27wgnD8tVG00fs9ocrZHZ0w
YCgrgX4vpxaQjJahzke1AZA=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:15:32 2025 by rpki-client