Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/g_Gin0vhoMbRRu5X2mrWchMu7ng.roa
File: g_Gin0vhoMbRRu5X2mrWchMu7ng.roa (raw, json)
Hash identifier: fZZ07XEt681RQBu3IQHOV30VNeTepK/W4nGIhKR5BJs=
Subject key identifier: 83:F1:A2:9F:4B:E1:A0:C6:D1:46:EE:57:DA:6A:D6:72:13:2E:EE:78
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 01907C955057ACBF5028F271354924783FA1
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/g_Gin0vhoMbRRu5X2mrWchMu7ng.roa
Signing time: Thu 04 Jul 2024 07:11:18 +0000
ROA not before: Thu 04 Jul 2024 07:11:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215211
IP address blocks: 46.224.0.0/15 maxlen: 15
91.98.0.0/16 maxlen: 16
151.238.0.0/15 maxlen: 15
2a14:6e40::/32 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:7c:95:50:57:ac:bf:50:28:f2:71:35:49:24:78:3f:a1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Jul 4 07:11:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=83f1a29f4be1a0c6d146ee57da6ad672132eee78
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:52:3b:9a:4c:fb:7c:1b:f5:13:0a:45:41:a5:
86:6f:4a:f6:3f:e5:a3:36:04:08:8c:d4:fa:23:a4:
2b:d4:93:5e:fe:80:63:d2:cc:d4:7e:df:54:4f:f4:
11:08:9b:69:6a:a0:cb:bf:34:e4:a1:1d:f4:51:ef:
99:fb:eb:07:5c:ae:b2:b0:73:22:3c:bb:fd:40:55:
ae:bc:f8:83:8b:0a:7c:f4:65:a4:70:0e:0d:95:82:
73:17:c4:4e:74:c0:72:1c:e5:f6:0c:66:c6:12:ce:
31:50:36:78:b8:28:9d:26:a8:3f:e5:84:96:00:2b:
71:59:8b:1b:90:48:11:af:a7:7f:a8:91:cd:37:a6:
d8:88:8b:ea:5a:50:7d:39:87:2e:fa:df:39:40:5f:
07:06:7f:a5:db:3b:a2:0a:63:9b:b4:51:a1:c8:67:
ce:ce:f4:e1:7a:eb:f8:25:c6:ba:56:a9:89:43:de:
84:7d:0e:68:e1:cd:cf:c7:f9:86:1d:3d:ce:a0:83:
32:52:4c:29:60:fe:bc:6a:20:bc:3c:f6:e0:fb:1b:
0b:88:08:08:17:5b:df:5d:a2:b4:48:91:5c:5f:76:
a6:93:df:39:31:de:c1:f0:98:d0:79:61:c4:09:59:
e0:d2:4c:1c:d2:38:9b:c0:0f:46:52:b0:18:83:ed:
2b:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:F1:A2:9F:4B:E1:A0:C6:D1:46:EE:57:DA:6A:D6:72:13:2E:EE:78
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/g_Gin0vhoMbRRu5X2mrWchMu7ng.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.224.0.0/15
91.98.0.0/16
151.238.0.0/15
IPv6:
2a14:6e40::/32
Signature Algorithm: sha256WithRSAEncryption
3e:3c:7e:41:e0:e8:9d:9d:4d:44:c6:40:8a:24:17:b6:66:c3:
d0:d4:18:af:57:f9:83:e5:b2:34:8a:e3:85:57:3d:5e:46:f4:
d7:f1:a0:0d:05:15:e8:be:39:fa:12:ed:5a:e8:e2:c2:d2:af:
cd:5d:b8:db:7a:6d:24:ef:07:38:b4:2e:62:4d:02:9b:0b:b7:
7b:23:97:92:11:6d:db:14:ca:0c:5b:76:20:08:6f:cc:33:f1:
e9:a7:7a:44:f7:ef:49:bf:8f:91:27:ee:c2:cf:2c:0e:04:ed:
35:4d:f2:ee:4d:6e:c2:e6:91:20:72:68:93:a4:ff:ae:09:e5:
29:d1:fa:b7:70:ba:80:c2:cb:ab:dc:00:c7:5b:01:94:2c:3d:
46:99:2c:b2:16:80:9c:65:6a:18:21:c1:fd:44:21:5d:ec:6b:
79:ef:39:d4:5e:40:e8:d2:c8:c2:48:bb:7e:71:35:79:83:10:
d9:67:f0:49:28:ad:19:94:ef:be:74:6f:e5:06:3a:27:28:99:
36:7e:57:e2:12:88:b2:30:60:df:c4:b1:11:48:a6:cc:0f:82:
38:e8:9e:1a:87:5d:fb:6f:3c:5f:d3:40:0e:49:5d:29:f5:29:
7f:72:af:f8:53:8d:77:0e:bf:dd:0f:c9:3b:57:1b:7e:da:2c:
be:c3:35:fb
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZB8lVBXrL9QKPJxNUkkeD+hMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjQwNzA0MDcxMTE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4M2YxYTI5ZjRiZTFhMGM2ZDE0NmVlNTdkYTZhZDY3MjEzMmVlZTc4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtFI7mkz7fBv1EwpFQaWGb0r2P+Wj
NgQIjNT6I6Qr1JNe/oBj0szUft9UT/QRCJtpaqDLvzTkoR30Ue+Z++sHXK6ysHMi
PLv9QFWuvPiDiwp89GWkcA4NlYJzF8ROdMByHOX2DGbGEs4xUDZ4uCidJqg/5YSW
ACtxWYsbkEgRr6d/qJHNN6bYiIvqWlB9OYcu+t85QF8HBn+l2zuiCmObtFGhyGfO
zvTheuv4Jca6VqmJQ96EfQ5o4c3Px/mGHT3OoIMyUkwpYP68aiC8PPbg+xsLiAgI
F1vfXaK0SJFcX3amk985Md7B8JjQeWHECVng0kwc0jibwA9GUrAYg+0rowIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFIPxop9L4aDG0UbuV9pq1nITLu54MB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvZ19HaW4wdmhvTWJSUnU1WDJtcldjaE11N25nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAVBAIAATAPAwMBLuADAwBb
YgMDAZfuMA0EAgACMAcDBQAqFG5AMA0GCSqGSIb3DQEBCwUAA4IBAQA+PH5B4Oid
nU1ExkCKJBe2ZsPQ1BivV/mD5bI0iuOFVz1eRvTX8aANBRXovjn6Eu1a6OLC0q/N
Xbjbem0k7wc4tC5iTQKbC7d7I5eSEW3bFMoMW3YgCG/MM/Hpp3pE9+9Jv4+RJ+7C
zywOBO01TfLuTW7C5pEgcmiTpP+uCeUp0fq3cLqAwsur3ADHWwGULD1GmSyyFoCc
ZWoYIcH9RCFd7Gt57znUXkDo0sjCSLt+cTV5gxDZZ/BJKK0ZlO++dG/lBjonKJk2
flfiEoiyMGDfxLERSKbMD4I46J4ah137bzxf00AOSV0p9Sl/cq/4U413Dr/dD8k7
Vxt+2iy+wzX7
-----END CERTIFICATE-----
Generated at Fri Jul 12 07:33:26 2024 by rpki-client on console-fra.rpki-client.org