Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/ccc94b-c287-4e5f-8604-7e594f2494cc/1/GCjrEnPeulkYv_6xyfibIHql25w.roa
File: GCjrEnPeulkYv_6xyfibIHql25w.roa (raw, json)
Hash identifier: xLm7sCDvf260XpiTCWrAk8IOrXkLYrl40H7oTZbfJ4w=
Subject key identifier: 18:28:EB:12:73:DE:BA:59:18:BF:FE:B1:C9:F8:9B:20:7A:A5:DB:9C
Certificate issuer: /CN=763d457e5d3cc0acd8a74f8b10e2686bfbc496cb
Certificate serial: 018EC424D6A2E6E7272EC5F43B7910C81398
Authority key identifier: 76:3D:45:7E:5D:3C:C0:AC:D8:A7:4F:8B:10:E2:68:6B:FB:C4:96:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dj1Ffl08wKzYp0-LEOJoa_vElss.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d4/ccc94b-c287-4e5f-8604-7e594f2494cc/1/GCjrEnPeulkYv_6xyfibIHql25w.roa
Signing time: Tue 09 Apr 2024 18:35:32 +0000
ROA not before: Tue 09 Apr 2024 18:35:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43278
IP address blocks: 5.42.211.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:c4:24:d6:a2:e6:e7:27:2e:c5:f4:3b:79:10:c8:13:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=763d457e5d3cc0acd8a74f8b10e2686bfbc496cb
Validity
Not Before: Apr 9 18:35:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1828eb1273deba5918bffeb1c9f89b207aa5db9c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:8b:76:6a:96:ba:01:01:4a:33:48:47:4a:be:
d2:b9:ca:6b:f1:d8:f9:c8:a3:12:c5:cb:28:e5:e1:
13:86:80:68:78:1e:1d:c2:cb:e5:8c:58:56:64:5e:
d4:07:ed:e1:0f:29:b8:0b:9b:d8:c4:73:fd:f5:fe:
71:1d:41:49:0e:70:9f:e3:48:d7:cf:79:aa:06:6b:
8f:74:2d:ce:ed:c0:dc:50:c5:dd:ec:cc:11:dc:1b:
80:47:1f:cb:0d:a9:d4:f3:40:49:65:b9:65:32:f2:
63:51:2e:00:4c:f8:4f:da:11:a6:43:51:75:24:47:
77:bb:d0:9f:a3:73:11:02:d1:c6:11:7a:13:b3:d2:
da:94:ed:39:ff:d1:1a:c1:b6:43:5c:54:74:61:ad:
80:c4:c3:ee:3d:47:ce:49:b3:de:e6:cc:cd:de:48:
44:0e:2e:00:fc:d1:be:6e:da:bb:15:89:46:6c:e5:
00:cf:2b:7e:7d:6c:e3:15:0a:1f:d1:12:29:eb:d4:
0a:19:86:4c:63:d3:64:3c:5c:a3:83:63:35:12:c0:
aa:e2:5b:b8:19:58:9f:10:46:01:c4:1f:ed:da:4c:
c8:bc:bf:96:84:62:00:27:37:3f:0d:e2:be:ab:eb:
75:74:13:6a:16:b5:f4:65:b7:5e:aa:95:2f:91:69:
8c:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:28:EB:12:73:DE:BA:59:18:BF:FE:B1:C9:F8:9B:20:7A:A5:DB:9C
X509v3 Authority Key Identifier:
keyid:76:3D:45:7E:5D:3C:C0:AC:D8:A7:4F:8B:10:E2:68:6B:FB:C4:96:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dj1Ffl08wKzYp0-LEOJoa_vElss.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/ccc94b-c287-4e5f-8604-7e594f2494cc/1/GCjrEnPeulkYv_6xyfibIHql25w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/ccc94b-c287-4e5f-8604-7e594f2494cc/1/dj1Ffl08wKzYp0-LEOJoa_vElss.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.42.211.0/24
Signature Algorithm: sha256WithRSAEncryption
2f:b1:46:81:0a:d4:fd:a1:d5:c7:fe:97:b8:21:f3:8e:0b:06:
b0:1b:76:ba:f3:46:b3:47:f1:ae:0d:4d:05:11:47:28:f5:45:
d8:76:ab:4c:e0:11:c6:85:1d:fd:cb:bf:6e:29:ac:c5:b1:2b:
a7:37:64:29:3c:ec:e2:24:55:77:cb:0e:e3:ed:e6:f0:04:f7:
bb:93:82:7b:22:a3:e4:23:cd:86:ff:a9:1d:90:c6:ea:68:1d:
c3:de:a9:c1:e5:f4:e3:8c:7a:48:48:f9:20:92:1a:70:b2:b4:
08:dc:9c:d0:6a:1f:64:5f:09:b3:f2:3f:bd:a2:b0:37:e2:30:
cc:59:0f:22:df:3a:1b:28:e4:3d:60:7b:f7:37:f5:a9:0d:4e:
ca:8b:e0:e5:41:17:fb:90:9c:22:2d:a1:6b:cc:4a:ae:c1:74:
09:fa:2f:7b:f5:aa:eb:38:56:ef:28:d1:3f:29:47:44:e9:52:
ab:2c:2c:fe:dc:8c:51:50:45:33:6d:a9:44:17:67:1d:4f:92:
3b:61:dc:7c:6b:3b:8c:fe:71:79:f6:6d:78:1a:dd:b4:2c:67:
07:6f:39:16:21:fd:5f:80:b2:9d:4f:db:19:3a:08:bd:09:a7:
07:87:9c:fc:0f:c6:af:b8:a3:68:26:be:4f:da:26:89:0a:2e:
ef:c0:70:62
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY7EJNai5ucnLsX0O3kQyBOYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc2M2Q0NTdlNWQzY2MwYWNkOGE3NGY4YjEwZTI2ODZiZmJj
NDk2Y2IwHhcNMjQwNDA5MTgzNTMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxODI4ZWIxMjczZGViYTU5MThiZmZlYjFjOWY4OWIyMDdhYTVkYjljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgYt2apa6AQFKM0hHSr7Sucpr8dj5
yKMSxcso5eEThoBoeB4dwsvljFhWZF7UB+3hDym4C5vYxHP99f5xHUFJDnCf40jX
z3mqBmuPdC3O7cDcUMXd7MwR3BuARx/LDanU80BJZbllMvJjUS4ATPhP2hGmQ1F1
JEd3u9Cfo3MRAtHGEXoTs9LalO05/9EawbZDXFR0Ya2AxMPuPUfOSbPe5szN3khE
Di4A/NG+btq7FYlGbOUAzyt+fWzjFQof0RIp69QKGYZMY9NkPFyjg2M1EsCq4lu4
GVifEEYBxB/t2kzIvL+WhGIAJzc/DeK+q+t1dBNqFrX0ZbdeqpUvkWmM5QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBgo6xJz3rpZGL/+scn4myB6pducMB8GA1UdIwQY
MBaAFHY9RX5dPMCs2KdPixDiaGv7xJbLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZGoxRmZsMDh3S3pZcDAtTEVPSm9hX3ZFbHNzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNC9jY2M5NGItYzI4Ny00ZTVmLTg2MDQt
N2U1OTRmMjQ5NGNjLzEvR0NqckVuUGV1bGtZdl82eHlmaWJJSHFsMjV3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNC9jY2M5NGItYzI4Ny00ZTVmLTg2MDQtN2U1OTRmMjQ5NGNj
LzEvZGoxRmZsMDh3S3pZcDAtTEVPSm9hX3ZFbHNzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQABSrTMA0G
CSqGSIb3DQEBCwUAA4IBAQAvsUaBCtT9odXH/pe4IfOOCwawG3a680azR/GuDU0F
EUco9UXYdqtM4BHGhR39y79uKazFsSunN2QpPOziJFV3yw7j7ebwBPe7k4J7IqPk
I82G/6kdkMbqaB3D3qnB5fTjjHpISPkgkhpwsrQI3JzQah9kXwmz8j+9orA34jDM
WQ8i3zobKOQ9YHv3N/WpDU7Ki+DlQRf7kJwiLaFrzEquwXQJ+i979arrOFbvKNE/
KUdE6VKrLCz+3IxRUEUzbalEF2cdT5I7Ydx8azuM/nF59m14Gt20LGcHbzkWIf1f
gLKdT9sZOgi9CacHh5z8D8avuKNoJr5P2iaJCi7vwHBi
-----END CERTIFICATE-----
Generated at Mon Aug 12 12:24:57 2024 by rpki-client on console-fra.rpki-client.org