Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/1-Gji63OckMocNfyYCDpHVrQs15U.roa
File: 1-Gji63OckMocNfyYCDpHVrQs15U.roa (raw, json)
Hash identifier: I7qLbGCZSyS/iKv3NXTbgDO3julNuCVA/dB9URBWVD0=
Subject key identifier: F8:68:E2:EB:73:9C:90:CA:1C:35:FC:98:08:3A:47:56:B4:2C:D7:95
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 01837B05ED41F7896F5332450EF7D8EA6F77
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/1-Gji63OckMocNfyYCDpHVrQs15U.roa
Signing time: Mon 26 Sep 2022 18:18:49 +0000
ROA not before: Mon 26 Sep 2022 18:18:49 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 212238
IP address blocks: 194.5.85.0/24 maxlen: 24
45.154.24.0/22 maxlen: 22
80.76.56.0/22 maxlen: 22
45.12.172.0/22 maxlen: 22
193.19.108.0/24 maxlen: 24
45.248.144.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:7b:05:ed:41:f7:89:6f:53:32:45:0e:f7:d8:ea:6f:77
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Sep 26 18:18:49 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f868e2eb739c90ca1c35fc98083a4756b42cd795
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:a7:d1:82:10:58:17:ab:fa:fe:21:14:18:14:
42:af:1c:e0:85:87:42:50:42:d9:1b:6f:ed:4f:59:
a9:80:e3:a3:4b:d4:41:40:ba:7b:35:54:74:f2:11:
c6:89:44:f5:8d:96:12:f9:2e:45:75:35:b2:bf:23:
3f:50:e5:70:91:fa:ea:c4:58:d3:f1:c6:4b:3f:2c:
2f:47:61:cd:e4:f8:33:22:87:ba:39:d6:2e:35:e0:
cf:cd:8f:47:6e:90:f3:6e:7e:32:3c:38:db:7c:16:
ab:23:44:64:41:f0:f7:3f:c9:99:94:f0:dc:ad:6c:
68:48:3f:04:d3:f6:6e:b8:db:74:98:25:3e:7f:0d:
4d:f4:a5:17:61:90:db:6c:bf:6a:a7:ab:c9:04:4f:
9b:d3:08:65:11:84:1d:fd:be:24:7b:09:c2:de:3b:
ec:ef:83:6c:37:32:4e:37:ff:a0:ac:49:92:c9:6b:
e1:23:f0:95:17:51:46:5c:a0:49:2c:08:cf:ef:fd:
5d:16:6b:c7:11:83:c7:51:be:ce:7f:3b:a3:0e:90:
72:0d:0b:29:5a:b3:66:72:0b:2a:f3:f6:df:b4:b5:
01:0b:39:eb:32:aa:72:47:ff:34:e7:e2:b0:9a:3f:
61:c5:2a:f6:33:ce:4b:5d:d3:b5:b6:21:63:d1:46:
dd:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:68:E2:EB:73:9C:90:CA:1C:35:FC:98:08:3A:47:56:B4:2C:D7:95
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/1-Gji63OckMocNfyYCDpHVrQs15U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.12.172.0/22
45.154.24.0/22
45.248.144.0/22
80.76.56.0/22
193.19.108.0/24
194.5.85.0/24
Signature Algorithm: sha256WithRSAEncryption
4b:7c:56:6e:25:c5:6f:69:4c:07:0e:37:11:3e:4c:b3:be:26:
2e:39:26:83:d5:2d:f7:a9:51:4c:e9:b2:a0:cb:8a:77:1a:a2:
7a:95:de:30:f3:3f:6d:cd:e4:33:60:5c:b6:27:10:5c:36:7b:
3e:08:d9:0b:54:c1:e2:51:f5:a4:30:3e:0a:38:ef:dd:4b:71:
b8:87:49:eb:18:2c:28:d2:46:44:96:8b:fa:ab:38:d1:e3:11:
f0:1a:55:88:1c:0f:8c:eb:52:24:04:a6:08:22:5c:da:b7:be:
27:b9:46:92:67:e6:94:5c:36:40:19:85:11:9a:dc:34:9e:72:
1d:8a:8e:64:28:b3:b4:2f:82:48:6d:0f:af:23:43:70:44:45:
01:bb:c7:a4:b1:81:ef:db:c5:62:5a:31:16:27:a4:33:74:45:
4a:99:95:bd:af:b6:5c:f4:4a:4b:68:f5:45:02:be:5a:15:61:
84:3d:57:d2:7e:65:d9:7c:1e:e7:0f:de:46:61:50:bb:70:0b:
ee:55:7c:d3:bb:60:30:bd:27:37:4f:50:09:a5:9a:95:ae:ab:
a4:f0:ed:37:5e:be:fb:56:fc:5a:10:e0:82:7f:05:44:13:a0:
82:34:d3:8b:64:39:86:4d:97:28:32:7d:e4:4b:22:25:57:c4:
ed:bf:32:17
-----BEGIN CERTIFICATE-----
MIIFHDCCBASgAwIBAgISAYN7Be1B94lvUzJFDvfY6m93MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjIwOTI2MTgxODQ5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmODY4ZTJlYjczOWM5MGNhMWMzNWZjOTgwODNhNDc1NmI0MmNkNzk1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiKfRghBYF6v6/iEUGBRCrxzghYdC
UELZG2/tT1mpgOOjS9RBQLp7NVR08hHGiUT1jZYS+S5FdTWyvyM/UOVwkfrqxFjT
8cZLPywvR2HN5PgzIoe6OdYuNeDPzY9HbpDzbn4yPDjbfBarI0RkQfD3P8mZlPDc
rWxoSD8E0/ZuuNt0mCU+fw1N9KUXYZDbbL9qp6vJBE+b0whlEYQd/b4kewnC3jvs
74NsNzJON/+grEmSyWvhI/CVF1FGXKBJLAjP7/1dFmvHEYPHUb7OfzujDpByDQsp
WrNmcgsq8/bftLUBCznrMqpyR/805+Kwmj9hxSr2M85LXdO1tiFj0UbdsQIDAQAB
o4ICKDCCAiQwHQYDVR0OBBYEFPho4utznJDKHDX8mAg6R1a0LNeVMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvMS1Hamk2M09ja01vY05meVlDRHBIVnJRczE1VS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvYmMvOGRkODVhLWJmOGYtNDI1ZS1hMjRiLTJjY2VkYjk2NmE1
OC8xL05zS2t0OVhYUEZ0WEJHSWp2ekRyWlRBRnNPSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjA9BggrBgEFBQcBBwEB/wQuMCwwKgQCAAEwJAMEAi0MrAME
Ai2aGAMEAi34kAMEAlBMOAMEAMETbAMEAMIFVTANBgkqhkiG9w0BAQsFAAOCAQEA
S3xWbiXFb2lMBw43ET5Ms74mLjkmg9Ut96lRTOmyoMuKdxqiepXeMPM/bc3kM2Bc
ticQXDZ7PgjZC1TB4lH1pDA+Cjjv3UtxuIdJ6xgsKNJGRJaL+qs40eMR8BpViBwP
jOtSJASmCCJc2re+J7lGkmfmlFw2QBmFEZrcNJ5yHYqOZCiztC+CSG0PryNDcERF
AbvHpLGB79vFYloxFiekM3RFSpmVva+2XPRKS2j1RQK+WhVhhD1X0n5l2Xwe5w/e
RmFQu3AL7lV807tgML0nN09QCaWala6rpPDtN16++1b8WhDggn8FRBOggjTTi2Q5
hk2XKDJ95EsiJVfE7b8yFw==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:53 2023 by rpki-client on console-ams.rpki-client.org