Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ae/d6b874-aea8-4b7e-b0d2-69b953c9d5aa/1/GnW2lwnfalK5KsdhFAlHE-1qbSI.roa
File: GnW2lwnfalK5KsdhFAlHE-1qbSI.roa (raw, json)
Hash identifier: tZ5BICjjYBwWVqvpxtIx+MF9rgdE2d3jRMYU2Ki3NY0=
Subject key identifier: 1A:75:B6:97:09:DF:6A:52:B9:2A:C7:61:14:09:47:13:ED:6A:6D:22
Certificate issuer: /CN=542f633f76e8d8aaeaa32b5ace16a3db3943d80c
Certificate serial: 38843663
Authority key identifier: 54:2F:63:3F:76:E8:D8:AA:EA:A3:2B:5A:CE:16:A3:DB:39:43:D8:0C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VC9jP3bo2Krqoytazhaj2zlD2Aw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ae/d6b874-aea8-4b7e-b0d2-69b953c9d5aa/1/GnW2lwnfalK5KsdhFAlHE-1qbSI.roa
Signing time: Fri 27 May 2022 13:56:14 +0000
ROA not before: Fri 27 May 2022 13:56:14 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 65632
IP address blocks: 188.125.174.0/24 maxlen: 24
188.125.163.0/24 maxlen: 24
188.125.162.0/24 maxlen: 24
188.125.161.0/24 maxlen: 24
188.125.160.0/24 maxlen: 24
188.125.166.0/24 maxlen: 24
188.125.165.0/24 maxlen: 24
188.125.164.0/24 maxlen: 24
188.125.170.0/24 maxlen: 24
188.125.169.0/24 maxlen: 24
188.125.168.0/24 maxlen: 24
188.125.167.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 948188771 (0x38843663)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=542f633f76e8d8aaeaa32b5ace16a3db3943d80c
Validity
Not Before: May 27 13:56:14 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=1a75b69709df6a52b92ac76114094713ed6a6d22
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:d9:40:a2:fb:5e:69:66:04:f9:dc:3b:fc:8a:
04:e0:1b:55:5e:3d:f7:1f:89:af:e1:2d:8a:c5:cb:
15:0e:71:c5:38:2c:86:c3:b2:4d:3d:26:19:57:ab:
f6:3d:73:d1:03:0c:56:74:8c:a4:5a:8f:c7:ab:a5:
5c:8b:ad:41:e9:dc:22:c0:0a:6f:f6:fb:8c:c2:1e:
06:33:f3:31:91:ff:c5:b2:d4:6e:0a:45:74:d7:1d:
18:ed:3b:88:31:25:77:d1:fd:9d:11:2d:0b:85:be:
56:7b:df:b8:ed:7a:6b:b1:bb:4e:4d:85:ec:db:25:
99:7e:37:2f:3c:43:ed:77:73:94:02:b2:af:fb:84:
20:3c:d3:4d:55:d7:94:c0:30:d3:5b:4c:4f:59:f2:
0f:07:08:09:a7:34:d0:f1:ae:07:e3:2a:fb:aa:f5:
a5:7b:8a:7b:81:17:83:89:12:1d:78:10:e0:fb:ea:
77:1b:26:21:54:85:09:04:c2:0c:d4:3c:d9:53:a6:
d1:bd:39:52:34:c1:39:5a:83:57:d3:3b:dc:ef:70:
4e:33:0d:85:db:79:c9:1e:75:38:f5:e9:89:86:65:
fb:94:3f:ed:8b:68:cd:54:90:09:71:2a:05:47:8e:
e7:40:5a:7d:c5:e2:7e:15:09:8f:fb:e1:d4:d5:b8:
4e:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:75:B6:97:09:DF:6A:52:B9:2A:C7:61:14:09:47:13:ED:6A:6D:22
X509v3 Authority Key Identifier:
keyid:54:2F:63:3F:76:E8:D8:AA:EA:A3:2B:5A:CE:16:A3:DB:39:43:D8:0C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VC9jP3bo2Krqoytazhaj2zlD2Aw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/d6b874-aea8-4b7e-b0d2-69b953c9d5aa/1/GnW2lwnfalK5KsdhFAlHE-1qbSI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/d6b874-aea8-4b7e-b0d2-69b953c9d5aa/1/VC9jP3bo2Krqoytazhaj2zlD2Aw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.125.160.0-188.125.170.255
188.125.174.0/24
Signature Algorithm: sha256WithRSAEncryption
c9:36:ef:6e:d5:94:56:d4:cc:d8:07:d0:f9:07:a6:80:83:dc:
7d:ec:9d:10:31:c5:68:20:ee:96:aa:1a:da:84:b8:9a:38:c8:
56:c3:16:9a:91:e0:1b:e6:91:7d:58:0b:7c:7d:c1:ff:02:90:
8d:31:a8:a1:7c:75:c4:f2:2e:f2:e5:e6:fb:d8:28:98:1e:c7:
aa:5d:bc:35:6d:10:38:ea:b6:bd:d4:c3:53:05:be:23:49:1c:
f3:a2:51:10:8e:5b:db:db:8d:67:48:e2:98:3c:11:6d:2e:43:
82:e5:2b:fb:8d:8d:bc:36:04:c6:9b:1a:ae:41:fa:32:74:5c:
5d:2e:88:9c:28:aa:38:d4:b2:be:6e:3e:16:d1:71:44:33:e5:
32:98:84:bd:38:1f:fe:50:7e:87:56:88:7f:63:c6:b3:51:4c:
3b:88:90:0d:9c:ae:1b:6f:3f:35:87:75:3a:ce:de:da:0a:c5:
68:ff:35:e7:eb:02:d9:f0:58:56:9c:cf:bd:a2:a6:5b:32:b9:
21:65:48:6a:ae:af:a8:92:62:13:43:06:0f:1c:2e:d7:0b:20:
c5:f6:95:a4:0f:9f:1d:bb:0f:fc:c5:29:e1:e6:cb:37:b8:8d:
52:13:07:30:b6:6b:b5:c4:f6:5e:df:7b:cf:87:d3:ff:18:fb:
6c:b0:98:a4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgIEOIQ2YzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
NDJmNjMzZjc2ZThkOGFhZWFhMzJiNWFjZTE2YTNkYjM5NDNkODBjMB4XDTIyMDUy
NzEzNTYxNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMWE3NWI2OTcwOWRm
NmE1MmI5MmFjNzYxMTQwOTQ3MTNlZDZhNmQyMjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKLZQKL7XmlmBPncO/yKBOAbVV499x+Jr+EtisXLFQ5xxTgs
hsOyTT0mGVer9j1z0QMMVnSMpFqPx6ulXIutQencIsAKb/b7jMIeBjPzMZH/xbLU
bgpFdNcdGO07iDEld9H9nREtC4W+VnvfuO16a7G7Tk2F7NslmX43LzxD7XdzlAKy
r/uEIDzTTVXXlMAw01tMT1nyDwcICac00PGuB+Mq+6r1pXuKe4EXg4kSHXgQ4Pvq
dxsmIVSFCQTCDNQ82VOm0b05UjTBOVqDV9M73O9wTjMNhdt5yR51OPXpiYZl+5Q/
7YtozVSQCXEqBUeO50BafcXifhUJj/vh1NW4TuUCAwEAAaOCAhcwggITMB0GA1Ud
DgQWBBQadbaXCd9qUrkqx2EUCUcT7WptIjAfBgNVHSMEGDAWgBRUL2M/dujYquqj
K1rOFqPbOUPYDDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1ZDOWpQM2JvMktycW95dGF6aGFqMnpsRDJBdy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYWUvZDZiODc0LWFlYTgtNGI3ZS1iMGQyLTY5Yjk1M2M5ZDVhYS8x
L0duVzJsd25mYWxLNUtzZGhGQWxIRS0xcWJTSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYWUv
ZDZiODc0LWFlYTgtNGI3ZS1iMGQyLTY5Yjk1M2M5ZDVhYS8xL1ZDOWpQM2JvMkty
cW95dGF6aGFqMnpsRDJBdy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAt
BggrBgEFBQcBBwEB/wQeMBwwGgQCAAEwFDAMAwQFvH2gAwQAvH2qAwQAvH2uMA0G
CSqGSIb3DQEBCwUAA4IBAQDJNu9u1ZRW1MzYB9D5B6aAg9x97J0QMcVoIO6Wqhra
hLiaOMhWwxaakeAb5pF9WAt8fcH/ApCNMaihfHXE8i7y5eb72CiYHseqXbw1bRA4
6ra91MNTBb4jSRzzolEQjlvb241nSOKYPBFtLkOC5Sv7jY28NgTGmxquQfoydFxd
LoicKKo41LK+bj4W0XFEM+UymIS9OB/+UH6HVoh/Y8azUUw7iJANnK4bbz81h3U6
zt7aCsVo/zXn6wLZ8FhWnM+9oqZbMrkhZUhqrq+okmITQwYPHC7XCyDF9pWkD58d
uw/8xSnh5ss3uI1SEwcwtmu1xPZe33vPh9P/GPtssJik
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:38:25 2024 by rpki-client on console-ams.rpki-client.org