Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/69cbc0-b6c5-4e67-a73b-2b65a7a8be8c/1/xGNMON_DRuLdDcU-mmkKsDmADNc.roa
File: xGNMON_DRuLdDcU-mmkKsDmADNc.roa (raw, json)
Hash identifier: DG66GeOKS51eX8fDwnvw4O6In87UHuYoRWtA4NltoSM=
Subject key identifier: C4:63:4C:38:DF:C3:46:E2:DD:0D:C5:3E:9A:69:0A:B0:39:80:0C:D7
Certificate issuer: /CN=68b22eea4a4a3b81654a227eda94e0e75937b015
Certificate serial: 033E1F0E
Authority key identifier: 68:B2:2E:EA:4A:4A:3B:81:65:4A:22:7E:DA:94:E0:E7:59:37:B0:15
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aLIu6kpKO4FlSiJ-2pTg51k3sBU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/69cbc0-b6c5-4e67-a73b-2b65a7a8be8c/1/xGNMON_DRuLdDcU-mmkKsDmADNc.roa
Signing time: Fri 18 Feb 2022 13:44:45 +0000
ROA not before: Fri 18 Feb 2022 13:44:45 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 15924
IP address blocks: 185.252.114.0/24 maxlen: 24
45.143.191.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 54402830 (0x33e1f0e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=68b22eea4a4a3b81654a227eda94e0e75937b015
Validity
Not Before: Feb 18 13:44:45 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c4634c38dfc346e2dd0dc53e9a690ab039800cd7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:5f:b7:bc:89:be:e1:ae:e8:56:ce:30:cf:17:
7a:e1:a2:cb:ae:f4:b8:bc:aa:46:2b:1a:80:b3:55:
dd:8e:cb:57:0f:25:3c:9f:61:f7:14:1e:35:ca:85:
b5:11:f7:47:91:ec:51:cb:d2:54:3a:0d:cd:c8:04:
1f:d2:ed:e4:65:95:78:61:cd:a8:62:22:17:e7:fc:
72:f0:b2:6f:48:7d:55:e0:10:ff:a9:ad:80:fe:5c:
16:6a:67:03:4b:4d:65:6b:ce:6b:20:e6:af:bd:2c:
91:bf:9c:f9:79:6e:48:8e:02:29:92:c9:0d:83:99:
30:d3:b8:e6:fc:36:98:a9:9a:b8:a1:ac:07:00:0d:
ee:e8:34:29:ec:18:f0:84:0b:f9:4a:33:f5:2d:9b:
44:87:9f:84:7c:54:be:05:6b:cf:65:05:62:40:91:
1d:ce:97:f3:88:dc:b4:1f:15:ad:2c:b4:25:13:94:
72:63:48:02:96:45:1b:f7:f0:40:2c:21:da:ea:a0:
aa:74:f0:e5:68:a0:db:91:90:15:26:14:52:0f:18:
d6:f2:67:5d:53:1d:f9:65:3d:32:c2:3d:87:e5:0e:
41:41:30:95:1a:b4:bd:15:20:6b:45:0e:99:ef:b7:
e7:24:f1:6f:00:83:e0:e7:ce:20:6d:2c:5b:47:f2:
f5:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:63:4C:38:DF:C3:46:E2:DD:0D:C5:3E:9A:69:0A:B0:39:80:0C:D7
X509v3 Authority Key Identifier:
keyid:68:B2:2E:EA:4A:4A:3B:81:65:4A:22:7E:DA:94:E0:E7:59:37:B0:15
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aLIu6kpKO4FlSiJ-2pTg51k3sBU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/69cbc0-b6c5-4e67-a73b-2b65a7a8be8c/1/xGNMON_DRuLdDcU-mmkKsDmADNc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/69cbc0-b6c5-4e67-a73b-2b65a7a8be8c/1/aLIu6kpKO4FlSiJ-2pTg51k3sBU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.143.191.0/24
185.252.114.0/24
Signature Algorithm: sha256WithRSAEncryption
9b:a4:37:5c:63:27:24:b3:1c:17:82:c4:83:e2:30:4c:d1:0a:
cf:08:0a:d1:d8:a9:da:3c:24:47:15:79:50:44:68:80:02:85:
6e:2c:d7:d7:db:6e:d5:83:46:03:28:00:48:06:5d:9e:43:41:
08:c5:02:73:b7:ef:74:c0:60:78:ee:4e:07:63:f0:07:93:76:
21:fd:46:9a:74:f8:48:09:a6:51:76:26:0f:cf:5e:c6:d1:06:
2e:88:96:25:d4:02:ec:0f:70:6c:57:41:24:17:04:52:e4:56:
50:fa:41:14:1d:cd:5e:fc:68:30:a8:31:b1:08:4c:dd:fa:87:
d4:95:86:13:ed:8f:a1:c3:32:ea:af:9e:61:4a:bd:9e:08:37:
b4:64:31:2d:ec:e2:3c:69:a7:c6:99:09:a7:1f:97:05:54:05:
2c:59:7e:a3:ce:85:e5:2c:fc:f6:b4:30:2c:35:35:7f:6c:59:
11:e8:ba:d7:dc:df:29:ad:02:3c:64:25:e2:d2:47:95:95:a0:
b4:9d:1e:a9:e8:73:77:a9:22:4c:0c:b9:35:ff:3f:44:d3:cc:
66:be:8d:d2:83:1c:63:de:33:54:22:ae:cc:a9:f8:28:e3:04:
21:ab:41:ee:50:3b:41:53:f8:89:43:63:29:42:9b:2f:76:0a:
a5:4d:3f:c9
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEAz4fDjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
OGIyMmVlYTRhNGEzYjgxNjU0YTIyN2VkYTk0ZTBlNzU5MzdiMDE1MB4XDTIyMDIx
ODEzNDQ0NVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYzQ2MzRjMzhkZmMz
NDZlMmRkMGRjNTNlOWE2OTBhYjAzOTgwMGNkNzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOpft7yJvuGu6FbOMM8XeuGiy670uLyqRisagLNV3Y7LVw8l
PJ9h9xQeNcqFtRH3R5HsUcvSVDoNzcgEH9Lt5GWVeGHNqGIiF+f8cvCyb0h9VeAQ
/6mtgP5cFmpnA0tNZWvOayDmr70skb+c+XluSI4CKZLJDYOZMNO45vw2mKmauKGs
BwAN7ug0KewY8IQL+Uoz9S2bRIefhHxUvgVrz2UFYkCRHc6X84jctB8VrSy0JROU
cmNIApZFG/fwQCwh2uqgqnTw5Wig25GQFSYUUg8Y1vJnXVMd+WU9MsI9h+UOQUEw
lRq0vRUga0UOme+35yTxbwCD4OfOIG0sW0fy9YsCAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBTEY0w438NG4t0NxT6aaQqwOYAM1zAfBgNVHSMEGDAWgBRosi7qSko7gWVK
In7alODnWTewFTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2FMSXU2a3BLTzRGbFNpSi0ycFRnNTFrM3NCVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYzMvNjljYmMwLWI2YzUtNGU2Ny1hNzNiLTJiNjVhN2E4YmU4Yy8x
L3hHTk1PTl9EUnVMZERjVS1tbWtLc0RtQUROYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYzMv
NjljYmMwLWI2YzUtNGU2Ny1hNzNiLTJiNjVhN2E4YmU4Yy8xL2FMSXU2a3BLTzRG
bFNpSi0ycFRnNTFrM3NCVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAC2PvwMEALn8cjANBgkqhkiG9w0B
AQsFAAOCAQEAm6Q3XGMnJLMcF4LEg+IwTNEKzwgK0dip2jwkRxV5UERogAKFbizX
19tu1YNGAygASAZdnkNBCMUCc7fvdMBgeO5OB2PwB5N2If1GmnT4SAmmUXYmD89e
xtEGLoiWJdQC7A9wbFdBJBcEUuRWUPpBFB3NXvxoMKgxsQhM3fqH1JWGE+2PocMy
6q+eYUq9ngg3tGQxLeziPGmnxpkJpx+XBVQFLFl+o86F5Sz89rQwLDU1f2xZEei6
19zfKa0CPGQl4tJHlZWgtJ0eqehzd6kiTAy5Nf8/RNPMZr6N0oMcY94zVCKuzKn4
KOMEIatB7lA7QVP4iUNjKUKbL3YKpU0/yQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:52:50 2024 by rpki-client on console-fra.rpki-client.org