Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/99/ee42bb-1e49-4c21-a4d6-ec287e1d37e5/1/gsmtFG5WIfTju3hjwBKgcrWENj0.roa
File: gsmtFG5WIfTju3hjwBKgcrWENj0.roa (raw, json)
Hash identifier: rpou965lTj4yNgichvOMxHOTaGduw5CBFOYHTSiNiHg=
Subject key identifier: 82:C9:AD:14:6E:56:21:F4:E3:BB:78:63:C0:12:A0:72:B5:84:36:3D
Certificate issuer: /CN=e316318247d211841f9620a9a1130010ddb486f2
Certificate serial: 0191D658F342005374B5D25081E836E71385
Authority key identifier: E3:16:31:82:47:D2:11:84:1F:96:20:A9:A1:13:00:10:DD:B4:86:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4xYxgkfSEYQfliCpoRMAEN20hvI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/99/ee42bb-1e49-4c21-a4d6-ec287e1d37e5/1/gsmtFG5WIfTju3hjwBKgcrWENj0.roa
Signing time: Mon 09 Sep 2024 10:33:59 +0000
ROA not before: Mon 09 Sep 2024 10:33:59 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 5511
IP address blocks: 91.232.99.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:d6:58:f3:42:00:53:74:b5:d2:50:81:e8:36:e7:13:85
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e316318247d211841f9620a9a1130010ddb486f2
Validity
Not Before: Sep 9 10:33:59 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=82c9ad146e5621f4e3bb7863c012a072b584363d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ef:b9:5b:44:76:61:c9:92:cf:28:51:5c:10:ff:
df:75:fd:84:fc:b2:53:d0:30:10:04:3a:8e:de:92:
da:99:04:81:95:8a:d0:b8:5c:cc:47:0f:09:cb:dd:
ed:46:3a:fb:36:a6:88:2f:d7:41:2c:d9:f1:bf:ee:
bf:da:e6:d1:8e:58:d2:e2:ba:a9:ae:c9:8e:b8:8d:
50:1f:58:42:34:ea:04:c0:94:21:a6:79:3e:60:d6:
30:9d:fa:e7:e1:0c:b6:81:be:25:f4:d9:ea:d7:f7:
57:ae:dd:e3:b6:a2:d8:09:49:b4:51:e5:72:68:9b:
2e:2e:77:e2:21:cc:02:02:b1:39:ce:d4:22:7d:35:
f0:ab:f3:09:e5:1e:fe:b7:55:0f:63:c7:ae:15:69:
b5:d0:27:38:3b:9f:cb:63:6d:b5:4f:83:c6:cc:40:
06:e3:02:02:29:86:bc:5a:63:5d:06:39:e7:09:7b:
64:2c:9f:cf:4c:d0:07:09:1a:1b:94:af:c9:95:26:
4e:68:5b:9e:9c:52:54:76:62:29:1e:a1:9f:76:b0:
d0:30:3a:14:b5:aa:4c:25:c2:57:49:7a:b2:4d:fc:
ac:62:d6:04:59:43:f0:26:91:ed:a9:d1:33:b3:02:
ca:e3:b8:57:d3:a8:5e:2c:e6:df:cb:98:f2:0c:32:
61:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:C9:AD:14:6E:56:21:F4:E3:BB:78:63:C0:12:A0:72:B5:84:36:3D
X509v3 Authority Key Identifier:
keyid:E3:16:31:82:47:D2:11:84:1F:96:20:A9:A1:13:00:10:DD:B4:86:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4xYxgkfSEYQfliCpoRMAEN20hvI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/ee42bb-1e49-4c21-a4d6-ec287e1d37e5/1/gsmtFG5WIfTju3hjwBKgcrWENj0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/99/ee42bb-1e49-4c21-a4d6-ec287e1d37e5/1/4xYxgkfSEYQfliCpoRMAEN20hvI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.232.99.0/24
Signature Algorithm: sha256WithRSAEncryption
0f:44:79:5e:1c:bd:59:c4:62:9e:96:08:d8:f9:02:43:f3:fd:
f8:73:9f:3e:72:c7:67:7c:ee:13:bc:1b:12:c4:fe:2f:c2:d0:
40:87:98:2e:1f:ed:7e:94:c5:37:37:b4:80:36:c4:15:3d:05:
b6:f2:4a:7d:e4:0c:fc:1f:e4:3a:c0:c1:b5:c5:1f:b7:ae:3e:
30:63:3a:b8:e0:ff:57:80:37:e9:1f:75:a9:eb:26:16:62:55:
74:14:b7:90:62:98:8c:21:12:21:08:2e:cf:4d:06:b4:77:7c:
c2:08:46:ba:44:21:27:f1:78:53:c3:13:59:0d:fd:73:6b:90:
7d:b9:63:12:2c:7a:32:c6:e2:2e:c8:c3:f2:bf:f4:fa:56:ec:
aa:5f:65:b3:6c:e6:99:aa:55:3b:b7:73:6b:a7:cf:04:79:cf:
fb:4b:96:92:f2:35:30:81:52:c2:af:db:e1:69:c5:a7:0f:98:
12:e2:bb:de:5b:0c:c1:e1:cf:14:14:09:42:e8:50:e4:d4:f4:
ed:68:17:81:6e:24:02:7f:4d:6f:da:e8:ee:84:0f:cd:95:a1:
cb:d7:71:45:71:74:e4:35:05:79:fb:43:4e:43:ea:98:84:18:
fd:b7:63:9d:bf:55:f6:49:4b:14:46:7d:65:8a:80:7d:4d:d7:
2a:52:ec:73
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZHWWPNCAFN0tdJQgeg25xOFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUzMTYzMTgyNDdkMjExODQxZjk2MjBhOWExMTMwMDEwZGRi
NDg2ZjIwHhcNMjQwOTA5MTAzMzU5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MmM5YWQxNDZlNTYyMWY0ZTNiYjc4NjNjMDEyYTA3MmI1ODQzNjNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA77lbRHZhyZLPKFFcEP/fdf2E/LJT
0DAQBDqO3pLamQSBlYrQuFzMRw8Jy93tRjr7NqaIL9dBLNnxv+6/2ubRjljS4rqp
rsmOuI1QH1hCNOoEwJQhpnk+YNYwnfrn4Qy2gb4l9Nnq1/dXrt3jtqLYCUm0UeVy
aJsuLnfiIcwCArE5ztQifTXwq/MJ5R7+t1UPY8euFWm10Cc4O5/LY221T4PGzEAG
4wICKYa8WmNdBjnnCXtkLJ/PTNAHCRoblK/JlSZOaFuenFJUdmIpHqGfdrDQMDoU
tapMJcJXSXqyTfysYtYEWUPwJpHtqdEzswLK47hX06heLObfy5jyDDJhvQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFILJrRRuViH047t4Y8ASoHK1hDY9MB8GA1UdIwQY
MBaAFOMWMYJH0hGEH5YgqaETABDdtIbyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNHhZeGdrZlNFWVFmbGlDcG9STUFFTjIwaHZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OS9lZTQyYmItMWU0OS00YzIxLWE0ZDYt
ZWMyODdlMWQzN2U1LzEvZ3NtdEZHNVdJZlRqdTNoandCS2djcldFTmowLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OS9lZTQyYmItMWU0OS00YzIxLWE0ZDYtZWMyODdlMWQzN2U1
LzEvNHhZeGdrZlNFWVFmbGlDcG9STUFFTjIwaHZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW+hjMA0G
CSqGSIb3DQEBCwUAA4IBAQAPRHleHL1ZxGKelgjY+QJD8/34c58+csdnfO4TvBsS
xP4vwtBAh5guH+1+lMU3N7SANsQVPQW28kp95Az8H+Q6wMG1xR+3rj4wYzq44P9X
gDfpH3Wp6yYWYlV0FLeQYpiMIRIhCC7PTQa0d3zCCEa6RCEn8XhTwxNZDf1za5B9
uWMSLHoyxuIuyMPyv/T6VuyqX2WzbOaZqlU7t3Nrp88Eec/7S5aS8jUwgVLCr9vh
acWnD5gS4rveWwzB4c8UFAlC6FDk1PTtaBeBbiQCf01v2ujuhA/NlaHL13FFcXTk
NQV5+0NOQ+qYhBj9t2Odv1X2SUsURn1lioB9TdcqUuxz
-----END CERTIFICATE-----
Generated at Fri Nov 15 14:01:49 2024 by rpki-client on console-fra.rpki-client.org