Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/gQZ1Euib5VQqFfMmvXLx1DIroIE.roa
File: gQZ1Euib5VQqFfMmvXLx1DIroIE.roa (raw, json)
Hash identifier: SkqP/RYsy5sTYsCJP0DhMjPlsgSCtyNhNawAcU15q0A=
Subject key identifier: 81:06:75:12:E8:9B:E5:54:2A:15:F3:26:BD:72:F1:D4:32:2B:A0:81
Certificate issuer: /CN=5da3941c27cfe5c234c4bf221ecb2a579b2deaab
Certificate serial: 018D13D7EE5BF401E6636611A1A3903BD85E
Authority key identifier: 5D:A3:94:1C:27:CF:E5:C2:34:C4:BF:22:1E:CB:2A:57:9B:2D:EA:AB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XaOUHCfP5cI0xL8iHssqV5st6qs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/gQZ1Euib5VQqFfMmvXLx1DIroIE.roa
Signing time: Tue 16 Jan 2024 19:55:34 +0000
ROA not before: Tue 16 Jan 2024 19:55:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 61317
IP address blocks: 37.77.147.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:13:d7:ee:5b:f4:01:e6:63:66:11:a1:a3:90:3b:d8:5e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5da3941c27cfe5c234c4bf221ecb2a579b2deaab
Validity
Not Before: Jan 16 19:55:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=81067512e89be5542a15f326bd72f1d4322ba081
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:22:71:ab:49:53:cf:ed:2b:4d:e3:4f:a3:03:
fe:64:40:86:e1:4c:dd:dc:26:02:e3:66:e3:ef:b3:
5e:ed:de:9e:65:97:5a:07:ef:0b:7a:e8:e0:fc:db:
ad:1e:86:cd:7f:53:71:fc:12:9d:d4:77:d3:fc:90:
86:0d:7c:4e:b4:61:38:98:62:d9:55:ea:d7:34:a5:
c8:60:35:e3:72:1b:8a:f4:d0:d5:6f:5e:bb:ed:47:
b9:9f:f0:c9:6b:18:5f:f2:63:c2:d1:e1:ac:ce:32:
c7:dd:9f:00:1f:98:d7:76:6e:1d:1d:ec:a6:2d:40:
1c:44:df:d3:d9:3c:ab:29:5d:28:f4:91:70:7f:ef:
a3:9a:e0:6c:99:e2:b3:83:0b:8e:d7:c9:9a:01:81:
99:6a:c9:b7:b2:f4:e4:3a:f8:30:3c:7e:76:67:4a:
e1:1f:72:48:f5:49:55:d4:87:dc:38:34:81:70:92:
c7:b4:e5:ae:3c:06:02:b6:69:4e:71:1d:1c:c0:c1:
6d:fb:9c:b8:8a:e2:5e:73:85:0d:ed:c7:db:df:ee:
15:85:d4:fd:83:ec:e8:97:9e:b1:78:8d:d1:60:ce:
22:69:76:5b:83:13:3f:c1:d8:25:d6:0f:5a:b6:a5:
d9:33:e5:19:37:f7:f4:58:e2:7e:73:43:66:65:1b:
e2:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:06:75:12:E8:9B:E5:54:2A:15:F3:26:BD:72:F1:D4:32:2B:A0:81
X509v3 Authority Key Identifier:
keyid:5D:A3:94:1C:27:CF:E5:C2:34:C4:BF:22:1E:CB:2A:57:9B:2D:EA:AB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XaOUHCfP5cI0xL8iHssqV5st6qs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/gQZ1Euib5VQqFfMmvXLx1DIroIE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/XaOUHCfP5cI0xL8iHssqV5st6qs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.77.147.0/24
Signature Algorithm: sha256WithRSAEncryption
29:89:7e:ef:7a:b9:d7:05:9d:ba:0c:c5:76:8e:fb:26:e9:64:
72:52:f2:8d:56:37:ab:c6:0c:9d:08:ac:ab:12:2a:42:a7:a9:
2b:7b:34:8c:94:46:9c:7a:07:87:c4:21:e6:e6:50:d0:f7:38:
3d:45:9e:90:d0:e8:fe:b0:34:b8:0a:ad:99:b6:42:22:8e:89:
0e:02:63:99:5d:92:e9:f8:4e:10:90:61:e0:c6:24:43:da:f8:
cc:19:17:f0:81:d8:56:82:22:77:d8:c8:90:ca:0a:a4:45:7c:
f0:80:07:66:d6:2a:ef:ed:82:dc:59:40:a1:45:cb:f3:f5:c4:
7c:f0:90:ae:a3:6a:06:38:2b:a9:14:ad:5e:4c:ec:a8:ce:8a:
9c:22:5c:2d:e2:d3:fd:5c:16:ec:59:dd:7b:ad:ed:ee:50:97:
c7:02:42:56:da:d1:2b:45:17:2d:13:c2:da:9e:2d:f0:9a:52:
fe:40:bb:71:26:ed:8e:ae:a5:ae:8f:6b:fb:bc:d8:bb:ce:13:
f4:8e:67:80:52:c8:57:b6:a0:45:78:7b:b2:2c:d1:f7:3f:80:
9f:66:54:4c:8d:61:6c:5b:0b:ca:e3:e8:30:08:d3:1b:5f:73:
2e:7b:74:ca:ed:37:31:22:45:15:16:01:a5:4c:47:b6:1e:e8:
df:c2:e5:a5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY0T1+5b9AHmY2YRoaOQO9heMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkYTM5NDFjMjdjZmU1YzIzNGM0YmYyMjFlY2IyYTU3OWIy
ZGVhYWIwHhcNMjQwMTE2MTk1NTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MTA2NzUxMmU4OWJlNTU0MmExNWYzMjZiZDcyZjFkNDMyMmJhMDgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoCJxq0lTz+0rTeNPowP+ZECG4Uzd
3CYC42bj77Ne7d6eZZdaB+8Leujg/NutHobNf1Nx/BKd1HfT/JCGDXxOtGE4mGLZ
VerXNKXIYDXjchuK9NDVb1677Ue5n/DJaxhf8mPC0eGszjLH3Z8AH5jXdm4dHeym
LUAcRN/T2TyrKV0o9JFwf++jmuBsmeKzgwuO18maAYGZasm3svTkOvgwPH52Z0rh
H3JI9UlV1IfcODSBcJLHtOWuPAYCtmlOcR0cwMFt+5y4iuJec4UN7cfb3+4VhdT9
g+zol56xeI3RYM4iaXZbgxM/wdgl1g9atqXZM+UZN/f0WOJ+c0NmZRviIwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIEGdRLom+VUKhXzJr1y8dQyK6CBMB8GA1UdIwQY
MBaAFF2jlBwnz+XCNMS/Ih7LKlebLeqrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGFPVUhDZlA1Y0kweEw4aUhzc3FWNXN0NnFzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC8zMGVkM2UtYzRjNC00ZGU4LWI0ZjEt
ZjExYTM5ZjI2YzNiLzEvZ1FaMUV1aWI1VlFxRmZNbXZYTHgxRElyb0lFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC8zMGVkM2UtYzRjNC00ZGU4LWI0ZjEtZjExYTM5ZjI2YzNi
LzEvWGFPVUhDZlA1Y0kweEw4aUhzc3FWNXN0NnFzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAJU2TMA0G
CSqGSIb3DQEBCwUAA4IBAQApiX7vernXBZ26DMV2jvsm6WRyUvKNVjerxgydCKyr
EipCp6krezSMlEacegeHxCHm5lDQ9zg9RZ6Q0Oj+sDS4Cq2ZtkIijokOAmOZXZLp
+E4QkGHgxiRD2vjMGRfwgdhWgiJ32MiQygqkRXzwgAdm1irv7YLcWUChRcvz9cR8
8JCuo2oGOCupFK1eTOyozoqcIlwt4tP9XBbsWd17re3uUJfHAkJW2tErRRctE8La
ni3wmlL+QLtxJu2OrqWuj2v7vNi7zhP0jmeAUshXtqBFeHuyLNH3P4CfZlRMjWFs
WwvK4+gwCNMbX3Mue3TK7TcxIkUVFgGlTEe2HujfwuWl
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:20:25 2024 by rpki-client on console-ams.rpki-client.org