Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/771486-bee3-424a-b341-7cfdf2df6632/1/GXCLjlxnxhvVk6VElDiIEvWKs6w.roa
File: GXCLjlxnxhvVk6VElDiIEvWKs6w.roa (raw, json)
Hash identifier: Qt5QAzF7sy5aJY+/LcQXdS8Akg6uXec/zEQUSWp/3Bg=
Subject key identifier: 19:70:8B:8E:5C:67:C6:1B:D5:93:A5:44:94:38:88:12:F5:8A:B3:AC
Certificate issuer: /CN=310b05251378994cfa8088d23b6eeed4e9e6ab08
Certificate serial: 018CC4245747FADF0C0172B9C7C91EF93B8F
Authority key identifier: 31:0B:05:25:13:78:99:4C:FA:80:88:D2:3B:6E:EE:D4:E9:E6:AB:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MQsFJRN4mUz6gIjSO27u1Onmqwg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/771486-bee3-424a-b341-7cfdf2df6632/1/GXCLjlxnxhvVk6VElDiIEvWKs6w.roa
Signing time: Mon 01 Jan 2024 08:29:25 +0000
ROA not before: Mon 01 Jan 2024 08:29:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 59729
IP address blocks: 193.9.20.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:24:57:47:fa:df:0c:01:72:b9:c7:c9:1e:f9:3b:8f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=310b05251378994cfa8088d23b6eeed4e9e6ab08
Validity
Not Before: Jan 1 08:29:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=19708b8e5c67c61bd593a54494388812f58ab3ac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:77:90:9b:47:e8:7a:0f:04:64:2d:3c:0d:9e:
39:8c:12:5d:8c:7c:20:1a:ae:a7:bb:7c:ff:13:b7:
f1:da:c0:92:19:f8:43:7e:04:00:6c:c6:ab:72:a4:
0a:8a:e7:16:4d:6f:32:0a:89:13:b2:a0:20:96:6d:
dc:4d:3a:bb:4d:16:d9:e7:60:27:37:03:5b:33:ac:
b5:49:7d:02:09:d2:a5:bf:0c:38:43:88:9a:88:96:
33:26:aa:e1:b5:2f:78:67:41:da:b2:a9:0f:9c:14:
36:2c:ed:45:af:d8:96:fc:f4:70:91:85:f0:eb:f3:
29:01:4e:9a:6e:b6:e0:97:08:5b:ac:25:29:70:e9:
10:ef:5a:9f:0f:89:3b:6b:64:2a:b5:59:c7:55:28:
2e:5b:bf:38:3a:d5:9d:b6:ad:ba:b0:1d:c2:95:06:
d2:c8:97:fb:8d:93:7a:55:c9:fc:bd:0b:e9:bc:84:
0b:60:d8:5b:84:03:32:23:b8:41:95:62:47:2f:14:
b1:5b:5e:78:f1:68:19:3d:a0:af:c5:a8:24:95:64:
63:70:b4:46:54:5b:64:76:35:99:ac:16:cc:3f:52:
c8:9e:bb:d0:ab:26:1c:43:2b:9a:7a:6d:95:d0:8c:
1f:81:96:ee:98:d6:94:ee:8f:5a:c7:8f:3f:0c:d2:
42:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:70:8B:8E:5C:67:C6:1B:D5:93:A5:44:94:38:88:12:F5:8A:B3:AC
X509v3 Authority Key Identifier:
keyid:31:0B:05:25:13:78:99:4C:FA:80:88:D2:3B:6E:EE:D4:E9:E6:AB:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MQsFJRN4mUz6gIjSO27u1Onmqwg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/771486-bee3-424a-b341-7cfdf2df6632/1/GXCLjlxnxhvVk6VElDiIEvWKs6w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/771486-bee3-424a-b341-7cfdf2df6632/1/MQsFJRN4mUz6gIjSO27u1Onmqwg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.9.20.0/24
Signature Algorithm: sha256WithRSAEncryption
7d:44:b1:10:b3:e7:ee:91:d2:4f:4d:cc:a1:07:c7:d0:60:3b:
26:61:0e:50:f1:fe:ed:ab:ee:e5:a6:13:c0:92:42:78:34:ce:
f4:ba:2f:18:2f:4f:9f:3e:08:a1:4d:25:99:83:d5:57:b1:5f:
a9:fc:5c:d8:71:fc:36:db:32:48:12:2a:86:22:80:75:82:cb:
57:94:06:68:64:ff:06:7a:6c:31:f6:9e:a6:5c:d1:24:ca:2b:
33:a4:75:a2:5a:a9:97:f9:4d:40:6d:62:b4:4c:ff:4e:1e:b9:
2a:10:a2:75:5b:f4:c7:4d:1e:bd:f5:b8:7d:40:81:33:84:06:
13:77:47:3b:cb:e2:5a:5c:41:bc:f2:b8:41:7f:e9:98:f7:be:
0d:f7:3e:c8:c3:e3:de:0a:f3:a3:2f:a6:5e:41:91:2a:9b:50:
78:4d:6c:4c:9a:bc:c2:ec:06:d0:b8:95:bb:bb:18:2e:c0:9f:
8e:b6:8b:95:1a:63:c8:60:59:b5:3f:94:da:f5:f0:bb:3c:af:
0f:ff:20:6a:69:8b:b0:97:0f:e9:ac:ba:66:ee:5f:86:af:a7:
26:24:12:6f:c1:a9:f7:4d:6e:dd:50:55:19:3f:af:10:6e:a8:
75:b4:bf:32:80:6c:bf:35:f1:c3:18:1f:35:37:4e:66:42:5d:
0e:b3:2d:4a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzEJFdH+t8MAXK5x8ke+TuPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMxMGIwNTI1MTM3ODk5NGNmYTgwODhkMjNiNmVlZWQ0ZTll
NmFiMDgwHhcNMjQwMTAxMDgyOTI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxOTcwOGI4ZTVjNjdjNjFiZDU5M2E1NDQ5NDM4ODgxMmY1OGFiM2FjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqXeQm0foeg8EZC08DZ45jBJdjHwg
Gq6nu3z/E7fx2sCSGfhDfgQAbMarcqQKiucWTW8yCokTsqAglm3cTTq7TRbZ52An
NwNbM6y1SX0CCdKlvww4Q4iaiJYzJqrhtS94Z0HasqkPnBQ2LO1Fr9iW/PRwkYXw
6/MpAU6abrbglwhbrCUpcOkQ71qfD4k7a2QqtVnHVSguW784OtWdtq26sB3ClQbS
yJf7jZN6Vcn8vQvpvIQLYNhbhAMyI7hBlWJHLxSxW1548WgZPaCvxagklWRjcLRG
VFtkdjWZrBbMP1LInrvQqyYcQyuaem2V0IwfgZbumNaU7o9ax48/DNJCtwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBlwi45cZ8Yb1ZOlRJQ4iBL1irOsMB8GA1UdIwQY
MBaAFDELBSUTeJlM+oCI0jtu7tTp5qsIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTVFzRkpSTjRtVXo2Z0lqU08yN3UxT25tcXdnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC83NzE0ODYtYmVlMy00MjRhLWIzNDEt
N2NmZGYyZGY2NjMyLzEvR1hDTGpseG54aHZWazZWRWxEaUlFdldLczZ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC83NzE0ODYtYmVlMy00MjRhLWIzNDEtN2NmZGYyZGY2NjMy
LzEvTVFzRkpSTjRtVXo2Z0lqU08yN3UxT25tcXdnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwQkUMA0G
CSqGSIb3DQEBCwUAA4IBAQB9RLEQs+fukdJPTcyhB8fQYDsmYQ5Q8f7tq+7lphPA
kkJ4NM70ui8YL0+fPgihTSWZg9VXsV+p/FzYcfw22zJIEiqGIoB1gstXlAZoZP8G
emwx9p6mXNEkyiszpHWiWqmX+U1AbWK0TP9OHrkqEKJ1W/THTR699bh9QIEzhAYT
d0c7y+JaXEG88rhBf+mY974N9z7Iw+PeCvOjL6ZeQZEqm1B4TWxMmrzC7AbQuJW7
uxguwJ+OtouVGmPIYFm1P5Ta9fC7PK8P/yBqaYuwlw/prLpm7l+Gr6cmJBJvwan3
TW7dUFUZP68Qbqh1tL8ygGy/NfHDGB81N05mQl0Osy1K
-----END CERTIFICATE-----
Generated at Thu Aug 22 17:02:49 2024 by rpki-client on console-fra.rpki-client.org