Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/G55gb_DiC3DoE_yzpWTGyq7Qorc.roa
File: G55gb_DiC3DoE_yzpWTGyq7Qorc.roa (raw, json)
Hash identifier: LkavCvi3eRu9C3bmntxokoI3QhrWs2YmGEGTlzBKCdY=
Subject key identifier: 1B:9E:60:6F:F0:E2:0B:70:E8:13:FC:B3:A5:64:C6:CA:AE:D0:A2:B7
Certificate issuer: /CN=c2778de2a9be9802120382e750d159e95872c2ae
Certificate serial: 018A3219659550A65867F7A0F9737A51E04E
Authority key identifier: C2:77:8D:E2:A9:BE:98:02:12:03:82:E7:50:D1:59:E9:58:72:C2:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wneN4qm-mAISA4LnUNFZ6Vhywq4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/G55gb_DiC3DoE_yzpWTGyq7Qorc.roa
Signing time: Sat 26 Aug 2023 13:47:19 +0000
ROA not before: Sat 26 Aug 2023 13:47:19 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 16200
IP address blocks: 91.186.192.0/24 maxlen: 24
83.147.192.0/24 maxlen: 24
83.147.193.0/24 maxlen: 24
83.147.194.0/24 maxlen: 24
185.114.72.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:32:19:65:95:50:a6:58:67:f7:a0:f9:73:7a:51:e0:4e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c2778de2a9be9802120382e750d159e95872c2ae
Validity
Not Before: Aug 26 13:47:19 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1b9e606ff0e20b70e813fcb3a564c6caaed0a2b7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:71:f5:50:d2:48:f9:63:53:a2:70:90:f3:3e:
bb:ae:51:bc:0f:ab:60:9d:f6:c8:de:91:3d:fb:8c:
3a:22:1a:fb:6c:44:39:a0:45:64:86:7d:47:d0:cb:
2a:cf:36:ff:49:1d:74:fd:94:6b:d7:c4:0f:b0:75:
1c:ae:66:64:ec:56:48:e3:3c:9f:59:3a:d6:65:74:
e7:5f:76:92:d3:a8:78:53:dc:0c:af:c5:c5:1a:5c:
ce:e6:78:a8:98:dd:3a:79:f3:72:6e:83:7a:0d:07:
f0:0d:0c:15:65:fa:93:89:7a:b4:e0:5e:bd:e2:2c:
6c:7c:5d:52:b5:9a:c8:9b:97:fc:b5:e3:e0:07:52:
41:03:69:7d:0e:a0:23:87:ac:75:05:8d:fb:d1:47:
d8:40:6b:f4:a3:44:64:76:a5:06:20:a7:37:29:0d:
b4:c8:db:86:13:03:fc:96:20:ab:12:2d:e6:89:59:
c0:73:10:e8:ce:95:e3:a7:fa:92:be:47:1e:b8:86:
5a:85:3e:49:d6:a0:b6:df:c8:63:a7:96:98:0b:66:
62:6d:47:98:b5:06:d6:18:f1:93:26:7a:68:6e:38:
0d:b6:7a:e9:bc:eb:53:63:84:f2:bc:72:7b:1e:e5:
e7:db:9f:3d:67:ca:2f:b3:27:7f:75:7e:9d:40:be:
89:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:9E:60:6F:F0:E2:0B:70:E8:13:FC:B3:A5:64:C6:CA:AE:D0:A2:B7
X509v3 Authority Key Identifier:
keyid:C2:77:8D:E2:A9:BE:98:02:12:03:82:E7:50:D1:59:E9:58:72:C2:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wneN4qm-mAISA4LnUNFZ6Vhywq4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/G55gb_DiC3DoE_yzpWTGyq7Qorc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/wneN4qm-mAISA4LnUNFZ6Vhywq4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.147.192.0-83.147.194.255
91.186.192.0/24
185.114.72.0/22
Signature Algorithm: sha256WithRSAEncryption
64:b1:37:b7:e6:f4:20:d2:be:59:83:26:87:65:a8:ca:6f:dd:
f9:89:e8:96:bd:f0:f7:a7:42:36:f8:aa:4e:f9:18:0f:e1:e1:
fa:0e:e1:48:d1:44:60:f9:a5:c9:ca:9b:23:f6:18:89:88:d9:
1c:2d:d1:9b:c5:37:3b:d6:39:53:4a:7b:e3:5a:94:90:79:49:
ba:a2:46:1c:a7:e7:b1:6d:9e:fe:3d:54:5a:09:65:64:6a:35:
f4:aa:23:29:61:80:9d:d7:f4:6d:fe:3a:fa:24:e6:b1:bb:2f:
bf:28:d4:a8:11:a0:83:3d:1e:e7:58:2b:9e:15:9e:a8:05:b5:
e6:08:5e:90:9b:10:21:e5:40:3a:07:6c:86:f1:4a:bc:f2:c2:
18:75:41:1a:08:9d:6c:29:0c:e6:f5:15:1a:ea:a2:7b:09:36:
04:5b:9c:8a:6b:51:ae:3f:c9:42:02:06:d0:9d:79:60:39:fb:
a4:a1:9b:28:3a:17:13:4c:a6:b4:83:f7:e2:f1:f6:cc:b1:26:
1e:fe:aa:11:59:33:98:1d:ca:31:da:90:62:d4:4b:f0:e3:89:
11:7b:33:db:33:09:06:3c:93:36:74:69:95:c0:eb:ae:2e:25:
6b:75:2e:9b:c2:69:4d:6e:7e:1b:80:a2:fb:b0:a9:b0:25:19:
15:3b:57:59
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYoyGWWVUKZYZ/eg+XN6UeBOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyNzc4ZGUyYTliZTk4MDIxMjAzODJlNzUwZDE1OWU5NTg3
MmMyYWUwHhcNMjMwODI2MTM0NzE5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYjllNjA2ZmYwZTIwYjcwZTgxM2ZjYjNhNTY0YzZjYWFlZDBhMmI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr3H1UNJI+WNTonCQ8z67rlG8D6tg
nfbI3pE9+4w6Ihr7bEQ5oEVkhn1H0Msqzzb/SR10/ZRr18QPsHUcrmZk7FZI4zyf
WTrWZXTnX3aS06h4U9wMr8XFGlzO5niomN06efNyboN6DQfwDQwVZfqTiXq04F69
4ixsfF1StZrIm5f8tePgB1JBA2l9DqAjh6x1BY370UfYQGv0o0RkdqUGIKc3KQ20
yNuGEwP8liCrEi3miVnAcxDozpXjp/qSvkceuIZahT5J1qC238hjp5aYC2ZibUeY
tQbWGPGTJnpobjgNtnrpvOtTY4TyvHJ7HuXn2589Z8ovsyd/dX6dQL6JowIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFBueYG/w4gtw6BP8s6Vkxsqu0KK3MB8GA1UdIwQY
MBaAFMJ3jeKpvpgCEgOC51DRWelYcsKuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd25lTjRxbS1tQUlTQTRMblVORlo2Vmh5d3E0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC80MTA5MzAtOWQ2NS00YmU4LTllYmEt
Zjk4ZGE1NGFmNDM0LzEvRzU1Z2JfRGlDM0RvRV95enBXVEd5cTdRb3JjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC80MTA5MzAtOWQ2NS00YmU4LTllYmEtZjk4ZGE1NGFmNDM0
LzEvd25lTjRxbS1tQUlTQTRMblVORlo2Vmh5d3E0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaMAwDBAZTk8AD
BABTk8IDBABbusADBAK5ckgwDQYJKoZIhvcNAQELBQADggEBAGSxN7fm9CDSvlmD
JodlqMpv3fmJ6Ja98PenQjb4qk75GA/h4foO4UjRRGD5pcnKmyP2GImI2Rwt0ZvF
NzvWOVNKe+NalJB5SbqiRhyn57Ftnv49VFoJZWRqNfSqIylhgJ3X9G3+Ovok5rG7
L78o1KgRoIM9HudYK54VnqgFteYIXpCbECHlQDoHbIbxSrzywhh1QRoInWwpDOb1
FRrqonsJNgRbnIprUa4/yUICBtCdeWA5+6Shmyg6FxNMprSD9+Lx9syxJh7+qhFZ
M5gdyjHakGLUS/DjiRF7M9szCQY8kzZ0aZXA664uJWt1LpvCaU1ufhuAovuwqbAl
GRU7V1k=
-----END CERTIFICATE-----
Generated at Fri Sep 1 11:39:20 2023 by rpki-client on console-fra.rpki-client.org