Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/GVjLbPMGKlsHU3At-c1ycTzGujs.roa
File: GVjLbPMGKlsHU3At-c1ycTzGujs.roa (raw, json)
Hash identifier: dqNVt94bchhqREc3y4QfhC3uoQg4JOceSz534knTNpA=
Subject key identifier: 19:58:CB:6C:F3:06:2A:5B:07:53:70:2D:F9:CD:72:71:3C:C6:BA:3B
Certificate issuer: /CN=5da3941c27cfe5c234c4bf221ecb2a579b2deaab
Certificate serial: 0181F46D4320B3C046A14A9D9411B4957910
Authority key identifier: 5D:A3:94:1C:27:CF:E5:C2:34:C4:BF:22:1E:CB:2A:57:9B:2D:EA:AB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XaOUHCfP5cI0xL8iHssqV5st6qs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/GVjLbPMGKlsHU3At-c1ycTzGujs.roa
Signing time: Tue 12 Jul 2022 22:00:10 +0000
ROA not before: Tue 12 Jul 2022 22:00:10 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 12722
IP address blocks: 45.14.221.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:81:f4:6d:43:20:b3:c0:46:a1:4a:9d:94:11:b4:95:79:10
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5da3941c27cfe5c234c4bf221ecb2a579b2deaab
Validity
Not Before: Jul 12 22:00:10 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=1958cb6cf3062a5b0753702df9cd72713cc6ba3b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:47:6d:9f:cd:51:e3:68:dd:85:00:7b:19:f7:
a4:be:6a:17:60:c7:a7:00:45:40:41:0f:f7:2a:7f:
e9:fa:e2:ee:9f:d7:10:c3:88:bf:9e:81:18:64:91:
54:4a:3b:ff:c3:b2:0f:33:18:85:d8:2e:ae:ce:2c:
7b:c0:35:26:7a:f2:49:25:3c:e5:d1:84:d0:34:ee:
13:90:5a:b9:94:12:5e:1d:4e:1b:4c:70:39:a9:a2:
2d:ae:49:c2:04:54:e7:4f:5a:e8:8d:39:9b:3f:09:
61:cb:0e:c5:d1:30:25:82:c0:4c:2f:3f:ea:06:44:
02:e6:a2:a1:49:94:89:6b:98:f6:5c:92:d7:6c:f5:
01:f4:7b:88:9c:61:d5:64:dc:89:ba:2e:65:42:ac:
57:af:d3:1d:ed:1f:4d:b2:23:e8:a1:c7:5b:e6:93:
77:1f:d2:1f:4c:84:77:17:60:65:37:7f:8c:a3:c7:
a5:3a:23:46:88:cb:0d:d8:84:a8:dc:6c:49:ac:44:
cb:30:f3:b1:35:46:60:df:6f:a9:49:da:78:8c:f2:
37:c5:4a:91:dc:da:4b:8e:f4:c2:da:50:67:e2:c7:
20:af:94:1d:c4:63:83:3e:54:55:98:8d:c1:ae:4c:
29:11:d0:16:cc:0f:06:e6:43:8c:77:6a:22:c4:ba:
e5:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:58:CB:6C:F3:06:2A:5B:07:53:70:2D:F9:CD:72:71:3C:C6:BA:3B
X509v3 Authority Key Identifier:
keyid:5D:A3:94:1C:27:CF:E5:C2:34:C4:BF:22:1E:CB:2A:57:9B:2D:EA:AB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XaOUHCfP5cI0xL8iHssqV5st6qs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/GVjLbPMGKlsHU3At-c1ycTzGujs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/XaOUHCfP5cI0xL8iHssqV5st6qs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.14.221.0/24
Signature Algorithm: sha256WithRSAEncryption
64:6e:25:b2:a5:7f:ed:cf:38:20:be:f9:fc:6d:d7:10:b2:d4:
a9:04:e5:95:a8:73:63:2d:e4:c5:06:ca:11:f9:42:be:c0:36:
3d:06:fd:80:67:67:47:ee:e6:9e:d6:cb:9e:c8:ce:96:a3:25:
22:96:2f:91:a2:61:9c:47:eb:bd:ac:dd:2c:bc:60:4f:07:6e:
11:e9:7d:8c:c0:e6:c6:d8:f3:01:e1:6c:48:30:a9:f0:c3:19:
ac:25:14:79:a8:0d:fe:88:79:78:47:17:b3:4b:76:65:19:ce:
0f:b1:61:01:41:d5:8e:a4:b0:2c:8c:b4:9e:ca:7b:01:f7:3c:
55:ff:a1:44:30:86:b6:18:9d:0d:98:52:e7:d8:17:0d:de:b9:
2d:e7:4b:38:24:9d:c7:b0:21:c1:2a:05:3f:1e:1b:dd:00:40:
d0:45:24:42:a5:a9:b5:b8:21:59:ca:ec:83:61:93:db:02:10:
7c:55:c6:aa:a9:18:7b:df:13:fe:d8:cb:3e:cc:4b:5b:b6:3c:
64:78:46:3f:4e:df:a7:85:66:b3:ca:ce:27:eb:eb:fb:92:62:
e1:5b:20:72:75:a5:94:f5:b1:83:c2:21:db:8e:0a:3a:d7:ea:
f8:60:af:32:0e:99:01:d4:13:fd:b3:e1:9b:66:b7:1a:ad:1f:
ad:10:a9:7a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYH0bUMgs8BGoUqdlBG0lXkQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkYTM5NDFjMjdjZmU1YzIzNGM0YmYyMjFlY2IyYTU3OWIy
ZGVhYWIwHhcNMjIwNzEyMjIwMDEwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxOTU4Y2I2Y2YzMDYyYTViMDc1MzcwMmRmOWNkNzI3MTNjYzZiYTNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlUdtn81R42jdhQB7GfekvmoXYMen
AEVAQQ/3Kn/p+uLun9cQw4i/noEYZJFUSjv/w7IPMxiF2C6uzix7wDUmevJJJTzl
0YTQNO4TkFq5lBJeHU4bTHA5qaItrknCBFTnT1rojTmbPwlhyw7F0TAlgsBMLz/q
BkQC5qKhSZSJa5j2XJLXbPUB9HuInGHVZNyJui5lQqxXr9Md7R9NsiPoocdb5pN3
H9IfTIR3F2BlN3+Mo8elOiNGiMsN2ISo3GxJrETLMPOxNUZg32+pSdp4jPI3xUqR
3NpLjvTC2lBn4scgr5QdxGODPlRVmI3BrkwpEdAWzA8G5kOMd2oixLrlfwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBlYy2zzBipbB1NwLfnNcnE8xro7MB8GA1UdIwQY
MBaAFF2jlBwnz+XCNMS/Ih7LKlebLeqrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGFPVUhDZlA1Y0kweEw4aUhzc3FWNXN0NnFzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC8zMGVkM2UtYzRjNC00ZGU4LWI0ZjEt
ZjExYTM5ZjI2YzNiLzEvR1ZqTGJQTUdLbHNIVTNBdC1jMXljVHpHdWpzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC8zMGVkM2UtYzRjNC00ZGU4LWI0ZjEtZjExYTM5ZjI2YzNi
LzEvWGFPVUhDZlA1Y0kweEw4aUhzc3FWNXN0NnFzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALQ7dMA0G
CSqGSIb3DQEBCwUAA4IBAQBkbiWypX/tzzggvvn8bdcQstSpBOWVqHNjLeTFBsoR
+UK+wDY9Bv2AZ2dH7uae1sueyM6WoyUili+RomGcR+u9rN0svGBPB24R6X2MwObG
2PMB4WxIMKnwwxmsJRR5qA3+iHl4RxezS3ZlGc4PsWEBQdWOpLAsjLSeynsB9zxV
/6FEMIa2GJ0NmFLn2BcN3rkt50s4JJ3HsCHBKgU/HhvdAEDQRSRCpam1uCFZyuyD
YZPbAhB8VcaqqRh73xP+2Ms+zEtbtjxkeEY/Tt+nhWazys4n6+v7kmLhWyBydaWU
9bGDwiHbjgo61+r4YK8yDpkB1BP9s+GbZrcarR+tEKl6
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:36:47 2024 by rpki-client on console-fra.rpki-client.org