Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dc/c515c9-df08-426c-80e6-0367268ff871/1/GvwAX-XDF_eeCQODQGQLb8gSvCY.roa
File: GvwAX-XDF_eeCQODQGQLb8gSvCY.roa (raw, json)
Hash identifier: i5HZf03B5XnTxKg3cH6MgZ8l0FgrKkLsVp4zNppM5dI=
Subject key identifier: 1A:FC:00:5F:E5:C3:17:F7:9E:09:03:83:40:64:0B:6F:C8:12:BC:26
Certificate issuer: /CN=081b7a22e51cfb9cf84205e4449998ad55d8f065
Certificate serial: 018C675E5C148752068AB74733C3AAC87ABC
Authority key identifier: 08:1B:7A:22:E5:1C:FB:9C:F8:42:05:E4:44:99:98:AD:55:D8:F0:65
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CBt6IuUc-5z4QgXkRJmYrVXY8GU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dc/c515c9-df08-426c-80e6-0367268ff871/1/GvwAX-XDF_eeCQODQGQLb8gSvCY.roa
Signing time: Thu 14 Dec 2023 08:08:06 +0000
ROA not before: Thu 14 Dec 2023 08:08:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 206065
IP address blocks: 45.140.228.0/22 maxlen: 22
85.198.48.0/20 maxlen: 20
45.156.180.0/22 maxlen: 22
45.156.192.0/22 maxlen: 22
45.156.194.0/23 maxlen: 24
45.156.200.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:67:5e:5c:14:87:52:06:8a:b7:47:33:c3:aa:c8:7a:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=081b7a22e51cfb9cf84205e4449998ad55d8f065
Validity
Not Before: Dec 14 08:08:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1afc005fe5c317f79e09038340640b6fc812bc26
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:7d:59:bc:dc:81:33:61:87:6f:b6:c7:5d:c8:
3b:fe:78:5b:61:b4:d3:7d:49:d9:33:35:cd:a0:64:
83:25:0c:b2:86:2d:42:91:96:4e:55:90:23:e0:f9:
9e:8a:b5:87:f4:3a:70:04:1c:f0:9f:c2:4e:10:7e:
dd:46:ff:47:ca:e4:6e:e7:72:c8:4c:3c:46:79:9a:
d9:30:a8:62:3a:5b:e1:39:79:91:ab:7a:91:9c:2a:
4c:4c:a9:af:b9:b3:d9:43:8e:1b:56:27:92:f0:19:
0c:cc:75:5b:d4:9b:dc:38:06:c6:bc:5b:7b:ef:0d:
2d:fc:c4:e3:06:7c:9c:dd:28:86:f2:b8:e0:9e:a1:
99:6f:ba:2b:20:36:d0:13:5c:01:68:53:f1:96:6d:
d1:09:2b:ed:08:7a:bc:bd:58:5f:42:4e:8a:e8:10:
63:9f:a5:6b:cb:e0:b2:0c:0b:11:78:8c:c5:3f:be:
16:2e:5b:fa:cf:b2:4f:01:bc:f2:d6:cf:c0:ec:c3:
38:e2:a3:48:ef:3b:bd:39:36:ee:c9:e5:be:b6:92:
a1:db:7e:77:82:34:b2:ce:55:da:20:4a:06:d9:8f:
a8:eb:13:44:b7:01:73:9a:c3:33:af:96:7a:76:63:
35:4e:59:39:0e:2e:42:83:bb:8d:09:c2:95:2c:ff:
08:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:FC:00:5F:E5:C3:17:F7:9E:09:03:83:40:64:0B:6F:C8:12:BC:26
X509v3 Authority Key Identifier:
keyid:08:1B:7A:22:E5:1C:FB:9C:F8:42:05:E4:44:99:98:AD:55:D8:F0:65
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CBt6IuUc-5z4QgXkRJmYrVXY8GU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/c515c9-df08-426c-80e6-0367268ff871/1/GvwAX-XDF_eeCQODQGQLb8gSvCY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/c515c9-df08-426c-80e6-0367268ff871/1/CBt6IuUc-5z4QgXkRJmYrVXY8GU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.140.228.0/22
45.156.180.0/22
45.156.192.0/22
45.156.200.0/22
85.198.48.0/20
Signature Algorithm: sha256WithRSAEncryption
16:a7:c7:0c:95:55:7f:b9:a5:9d:c9:43:22:e9:e0:b7:59:5e:
10:12:0e:f0:62:62:2a:49:e0:ef:3b:1b:bf:46:6f:9c:6d:a5:
f3:e9:3a:7f:04:d7:33:eb:09:08:13:ef:10:cc:f7:9b:ff:92:
eb:6a:7b:96:88:70:13:c6:e4:e1:21:ab:7a:0a:19:82:70:4d:
45:28:b8:d3:5a:83:d2:16:09:c4:75:43:2b:e0:27:4d:d7:a9:
72:ec:72:5b:21:a7:06:ef:70:19:10:a1:41:5d:63:89:83:aa:
83:2f:b4:c0:c0:81:8f:ee:e2:8d:c1:cb:e6:95:72:30:d3:1e:
3e:75:fd:9e:27:a6:96:12:29:9c:8f:4f:d4:c6:78:98:76:0a:
58:b4:15:a3:f3:94:8f:99:c0:0e:d2:25:d9:8c:9f:eb:6f:96:
6b:db:56:ec:1b:aa:2a:d1:b6:05:83:82:ce:08:09:c5:3e:c8:
7c:75:42:64:27:96:c6:27:3b:bc:0b:5b:6a:26:d6:71:b4:b5:
81:1e:95:52:be:ff:57:9e:58:16:1c:74:28:d1:66:9e:fc:a1:
a7:61:a5:58:ba:60:f8:dc:af:d9:97:47:fd:ee:26:54:af:ec:
06:1a:a6:a3:84:82:74:99:c3:30:38:ff:bb:de:dc:d8:d7:04:
5f:bd:16:74
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYxnXlwUh1IGirdHM8OqyHq8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA4MWI3YTIyZTUxY2ZiOWNmODQyMDVlNDQ0OTk5OGFkNTVk
OGYwNjUwHhcNMjMxMjE0MDgwODA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYWZjMDA1ZmU1YzMxN2Y3OWUwOTAzODM0MDY0MGI2ZmM4MTJiYzI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoH1ZvNyBM2GHb7bHXcg7/nhbYbTT
fUnZMzXNoGSDJQyyhi1CkZZOVZAj4PmeirWH9DpwBBzwn8JOEH7dRv9HyuRu53LI
TDxGeZrZMKhiOlvhOXmRq3qRnCpMTKmvubPZQ44bVieS8BkMzHVb1JvcOAbGvFt7
7w0t/MTjBnyc3SiG8rjgnqGZb7orIDbQE1wBaFPxlm3RCSvtCHq8vVhfQk6K6BBj
n6Vry+CyDAsReIzFP74WLlv6z7JPAbzy1s/A7MM44qNI7zu9OTbuyeW+tpKh2353
gjSyzlXaIEoG2Y+o6xNEtwFzmsMzr5Z6dmM1Tlk5Di5Cg7uNCcKVLP8IVQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFBr8AF/lwxf3ngkDg0BkC2/IErwmMB8GA1UdIwQY
MBaAFAgbeiLlHPuc+EIF5ESZmK1V2PBlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ0J0Nkl1VWMtNXo0UWdYa1JKbVlyVlhZOEdVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYy9jNTE1YzktZGYwOC00MjZjLTgwZTYt
MDM2NzI2OGZmODcxLzEvR3Z3QVgtWERGX2VlQ1FPRFFHUUxiOGdTdkNZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYy9jNTE1YzktZGYwOC00MjZjLTgwZTYtMDM2NzI2OGZmODcx
LzEvQ0J0Nkl1VWMtNXo0UWdYa1JKbVlyVlhZOEdVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQCLYzkAwQC
LZy0AwQCLZzAAwQCLZzIAwQEVcYwMA0GCSqGSIb3DQEBCwUAA4IBAQAWp8cMlVV/
uaWdyUMi6eC3WV4QEg7wYmIqSeDvOxu/Rm+cbaXz6Tp/BNcz6wkIE+8QzPeb/5Lr
anuWiHATxuThIat6ChmCcE1FKLjTWoPSFgnEdUMr4CdN16ly7HJbIacG73AZEKFB
XWOJg6qDL7TAwIGP7uKNwcvmlXIw0x4+df2eJ6aWEimcj0/UxniYdgpYtBWj85SP
mcAO0iXZjJ/rb5Zr21bsG6oq0bYFg4LOCAnFPsh8dUJkJ5bGJzu8C1tqJtZxtLWB
HpVSvv9XnlgWHHQo0Wae/KGnYaVYumD43K/Zl0f97iZUr+wGGqajhIJ0mcMwOP+7
3tzY1wRfvRZ0
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:47:49 2024 by rpki-client on console-ams.rpki-client.org