Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ae/d6b874-aea8-4b7e-b0d2-69b953c9d5aa/1/gtCaYr_2JixqBKgHSoMSQcZwZd8.roa
File: gtCaYr_2JixqBKgHSoMSQcZwZd8.roa (raw, json)
Hash identifier: VqvyJCLQ62AdIn7DSvMl+hDdtJ862oLNGAovFbYt114=
Subject key identifier: 82:D0:9A:62:BF:F6:26:2C:6A:04:A8:07:4A:83:12:41:C6:70:65:DF
Certificate issuer: /CN=542f633f76e8d8aaeaa32b5ace16a3db3943d80c
Certificate serial: 01857246BA7391AFFCC6E27406675C488BC8
Authority key identifier: 54:2F:63:3F:76:E8:D8:AA:EA:A3:2B:5A:CE:16:A3:DB:39:43:D8:0C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VC9jP3bo2Krqoytazhaj2zlD2Aw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ae/d6b874-aea8-4b7e-b0d2-69b953c9d5aa/1/gtCaYr_2JixqBKgHSoMSQcZwZd8.roa
Signing time: Mon 02 Jan 2023 11:38:35 +0000
ROA not before: Mon 02 Jan 2023 11:38:35 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 65632
IP address blocks: 188.125.174.0/24 maxlen: 24
188.125.163.0/24 maxlen: 24
188.125.162.0/24 maxlen: 24
188.125.161.0/24 maxlen: 24
188.125.160.0/24 maxlen: 24
188.125.166.0/24 maxlen: 24
188.125.165.0/24 maxlen: 24
188.125.164.0/24 maxlen: 24
188.125.170.0/24 maxlen: 24
188.125.169.0/24 maxlen: 24
188.125.168.0/24 maxlen: 24
188.125.167.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:46:ba:73:91:af:fc:c6:e2:74:06:67:5c:48:8b:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=542f633f76e8d8aaeaa32b5ace16a3db3943d80c
Validity
Not Before: Jan 2 11:38:35 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=82d09a62bff6262c6a04a8074a831241c67065df
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:d0:40:fb:ff:0a:ad:0a:4d:1e:60:a6:30:67:
a8:25:2a:9f:35:5d:ea:fe:7b:0a:14:80:39:55:ce:
09:33:d3:6c:f2:33:91:b1:d2:46:12:07:06:61:43:
6a:84:73:2d:71:74:ce:e5:93:89:ea:c1:49:30:0b:
50:5d:55:5a:ab:5d:00:5d:31:18:e4:1c:bc:a1:87:
e7:df:ba:ec:8b:a3:58:5f:70:f9:7d:12:b8:73:2a:
73:3c:1a:9a:62:e4:a6:a3:2b:60:f2:c6:c2:0e:01:
d6:3e:8b:e8:4b:c5:d0:81:0f:5b:b2:e4:0c:13:96:
01:d8:f4:36:8d:00:cf:1f:a5:02:a1:13:65:b7:a4:
ed:c7:05:17:bc:f9:1c:a5:c1:a9:76:0c:4b:24:9a:
ea:70:58:6b:65:77:8a:96:5d:cc:fc:48:e1:f8:43:
ec:3c:7f:b7:23:a7:a0:3c:67:41:e9:df:7b:8f:80:
c2:2e:8a:c3:8b:2d:cc:96:1e:b9:93:6c:c5:ef:98:
31:5b:46:08:0c:8f:25:d7:50:6b:a9:cf:41:51:67:
8d:46:ea:cd:3b:82:8b:e8:cb:e6:16:7f:f6:bb:00:
a4:28:2b:d5:e4:bf:76:1e:25:5f:fd:74:9d:eb:b6:
0b:59:19:95:a2:20:5e:72:6a:df:ea:01:b1:ce:3c:
cd:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:D0:9A:62:BF:F6:26:2C:6A:04:A8:07:4A:83:12:41:C6:70:65:DF
X509v3 Authority Key Identifier:
keyid:54:2F:63:3F:76:E8:D8:AA:EA:A3:2B:5A:CE:16:A3:DB:39:43:D8:0C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VC9jP3bo2Krqoytazhaj2zlD2Aw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/d6b874-aea8-4b7e-b0d2-69b953c9d5aa/1/gtCaYr_2JixqBKgHSoMSQcZwZd8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/d6b874-aea8-4b7e-b0d2-69b953c9d5aa/1/VC9jP3bo2Krqoytazhaj2zlD2Aw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.125.160.0-188.125.170.255
188.125.174.0/24
Signature Algorithm: sha256WithRSAEncryption
77:b3:43:3f:20:6d:c4:ad:a2:5a:6a:0d:b0:05:44:96:71:73:
5c:13:86:7a:af:f2:70:18:7d:91:65:2c:2a:79:f6:7d:df:10:
b6:8b:a6:3f:3a:e2:2e:42:70:15:f8:58:18:f8:31:b0:36:3a:
cb:51:18:19:0a:41:05:db:81:ce:90:97:30:46:ee:21:27:f2:
b5:f4:c2:e6:b6:ed:7b:03:e8:3b:e1:6d:e1:1e:99:2d:25:79:
ee:d5:26:ae:11:62:d9:48:82:c8:d9:94:63:f8:e5:86:b6:61:
24:19:02:ae:1f:47:51:e7:98:43:ea:1f:d6:57:cb:31:f6:d0:
60:2a:9e:2c:49:0f:7a:5f:87:36:fa:af:70:8a:30:c7:f8:af:
99:c6:d3:2b:9e:5b:e0:cc:67:20:1c:ce:75:0f:93:75:f9:e3:
10:30:5d:e6:68:d7:f9:9c:46:03:8b:1c:7e:95:b1:ac:42:99:
e9:ec:33:04:34:86:42:5a:46:dd:ce:ab:4d:a6:f8:63:2a:01:
e9:2c:19:7e:02:73:b9:be:91:71:2b:f1:49:96:d5:d6:2c:35:
bf:8d:8a:6b:d0:49:67:9b:8a:63:77:df:f6:0d:99:2a:65:1d:
c2:b9:a7:d1:85:f2:5d:ba:89:ce:8b:11:d5:cf:54:76:63:27:
9e:c5:df:9f
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYVyRrpzka/8xuJ0BmdcSIvIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU0MmY2MzNmNzZlOGQ4YWFlYWEzMmI1YWNlMTZhM2RiMzk0
M2Q4MGMwHhcNMjMwMTAyMTEzODM1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MmQwOWE2MmJmZjYyNjJjNmEwNGE4MDc0YTgzMTI0MWM2NzA2NWRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgtBA+/8KrQpNHmCmMGeoJSqfNV3q
/nsKFIA5Vc4JM9Ns8jORsdJGEgcGYUNqhHMtcXTO5ZOJ6sFJMAtQXVVaq10AXTEY
5By8oYfn37rsi6NYX3D5fRK4cypzPBqaYuSmoytg8sbCDgHWPovoS8XQgQ9bsuQM
E5YB2PQ2jQDPH6UCoRNlt6TtxwUXvPkcpcGpdgxLJJrqcFhrZXeKll3M/Ejh+EPs
PH+3I6egPGdB6d97j4DCLorDiy3Mlh65k2zF75gxW0YIDI8l11Brqc9BUWeNRurN
O4KL6MvmFn/2uwCkKCvV5L92HiVf/XSd67YLWRmVoiBecmrf6gGxzjzNMQIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFILQmmK/9iYsagSoB0qDEkHGcGXfMB8GA1UdIwQY
MBaAFFQvYz926Niq6qMrWs4Wo9s5Q9gMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVkM5alAzYm8yS3Jxb3l0YXpoYWoyemxEMkF3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZS9kNmI4NzQtYWVhOC00YjdlLWIwZDIt
NjliOTUzYzlkNWFhLzEvZ3RDYVlyXzJKaXhxQktnSFNvTVNRY1p3WmQ4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZS9kNmI4NzQtYWVhOC00YjdlLWIwZDItNjliOTUzYzlkNWFh
LzEvVkM5alAzYm8yS3Jxb3l0YXpoYWoyemxEMkF3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBAW8faAD
BAC8faoDBAC8fa4wDQYJKoZIhvcNAQELBQADggEBAHezQz8gbcStolpqDbAFRJZx
c1wThnqv8nAYfZFlLCp59n3fELaLpj864i5CcBX4WBj4MbA2OstRGBkKQQXbgc6Q
lzBG7iEn8rX0wua27XsD6DvhbeEemS0lee7VJq4RYtlIgsjZlGP45Ya2YSQZAq4f
R1HnmEPqH9ZXyzH20GAqnixJD3pfhzb6r3CKMMf4r5nG0yueW+DMZyAcznUPk3X5
4xAwXeZo1/mcRgOLHH6VsaxCmensMwQ0hkJaRt3Oq02m+GMqAeksGX4Cc7m+kXEr
8UmW1dYsNb+NimvQSWebimN33/YNmSplHcK5p9GF8l26ic6LEdXPVHZjJ57F358=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:49:47 2024 by rpki-client on console-fra.rpki-client.org