Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/631925-6b0e-4ea5-91d7-08ad94101d7e/1/GvDoLWGbS1se5UVprt8ejCILBFk.roa
File: GvDoLWGbS1se5UVprt8ejCILBFk.roa (raw, json)
Hash identifier: TOp9lNQ23nD33FKfkYOYDI0rr9+j9xut8TQMZp/ZcYM=
Subject key identifier: 1A:F0:E8:2D:61:9B:4B:5B:1E:E5:45:69:AE:DF:1E:8C:22:0B:04:59
Certificate issuer: /CN=67955b1aa1c0284d2843b96f26c5fe751e66946f
Certificate serial: 01823E989508066B1EB82997B83D5933F320
Authority key identifier: 67:95:5B:1A:A1:C0:28:4D:28:43:B9:6F:26:C5:FE:75:1E:66:94:6F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Z5VbGqHAKE0oQ7lvJsX-dR5mlG8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/eb/631925-6b0e-4ea5-91d7-08ad94101d7e/1/GvDoLWGbS1se5UVprt8ejCILBFk.roa
Signing time: Wed 27 Jul 2022 07:39:23 +0000
ROA not before: Wed 27 Jul 2022 07:39:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 56690
IP address blocks: 91.238.96.0/22 maxlen: 22
91.203.232.0/23 maxlen: 23
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:3e:98:95:08:06:6b:1e:b8:29:97:b8:3d:59:33:f3:20
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=67955b1aa1c0284d2843b96f26c5fe751e66946f
Validity
Not Before: Jul 27 07:39:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=1af0e82d619b4b5b1ee54569aedf1e8c220b0459
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:6b:d6:56:83:9b:87:07:4a:65:de:63:61:e1:
35:21:b8:d6:f0:12:e4:7c:90:8a:27:25:66:d6:e1:
d8:f1:2c:67:f7:49:8d:ff:7f:4d:a8:5f:92:71:c0:
61:5e:50:34:19:0a:32:18:a9:55:9b:f0:a3:9d:7f:
03:8c:9d:3b:26:30:b3:91:a6:ea:74:99:2b:c2:1d:
3e:60:e1:71:cb:7e:a9:ae:e8:b3:b7:0c:61:6e:f1:
bd:7d:2a:5e:74:72:34:81:96:96:33:55:07:f1:f1:
77:36:47:89:3c:44:88:d3:26:51:3e:96:f1:35:87:
9d:f0:e4:17:ff:86:8b:23:c9:29:3b:44:29:96:fb:
b1:52:be:b4:d5:cd:5e:99:d8:21:98:70:26:c1:77:
06:cf:cb:d1:8f:16:0c:de:ee:bb:62:e3:84:cc:f6:
20:49:56:62:20:ad:8b:2a:83:fc:5d:e3:f5:d0:5a:
ed:ce:0e:0d:e6:19:c4:b4:06:01:62:ca:3b:41:88:
d0:ec:59:42:af:a1:bb:95:94:14:29:00:53:51:e0:
0a:d7:81:ff:3d:6f:da:45:b7:f0:5d:c2:c5:5a:4d:
34:be:c8:b9:0d:43:42:04:c4:81:64:c9:31:d3:77:
26:0c:2a:44:d8:9f:cb:fe:43:22:e7:8e:60:23:27:
20:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:F0:E8:2D:61:9B:4B:5B:1E:E5:45:69:AE:DF:1E:8C:22:0B:04:59
X509v3 Authority Key Identifier:
keyid:67:95:5B:1A:A1:C0:28:4D:28:43:B9:6F:26:C5:FE:75:1E:66:94:6F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Z5VbGqHAKE0oQ7lvJsX-dR5mlG8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/631925-6b0e-4ea5-91d7-08ad94101d7e/1/GvDoLWGbS1se5UVprt8ejCILBFk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/631925-6b0e-4ea5-91d7-08ad94101d7e/1/Z5VbGqHAKE0oQ7lvJsX-dR5mlG8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.203.232.0/23
91.238.96.0/22
Signature Algorithm: sha256WithRSAEncryption
87:e3:bc:e0:8b:ff:2b:73:72:01:bc:7d:57:75:6d:37:1f:09:
e7:e8:33:47:4b:cf:b6:a5:43:f4:5c:29:fd:57:0e:9f:2f:2b:
21:40:01:8b:63:59:ca:67:6a:14:09:ff:2d:74:60:c3:7f:01:
c9:d7:6e:6e:b5:48:d5:be:3c:18:ac:34:85:ca:8b:30:68:c3:
da:69:de:56:2c:05:f5:c4:27:b4:5f:39:ac:69:72:9c:b5:86:
21:4c:16:be:ee:03:74:9c:98:5e:d1:b1:a5:61:03:78:40:50:
10:fa:bc:9e:63:8b:11:5f:76:d4:49:b5:52:fc:05:fc:40:33:
7d:b5:9f:13:0c:d6:a4:f2:ad:ee:af:ce:a4:fd:34:88:fb:32:
e3:59:3f:2c:fd:f7:65:ec:b5:b6:c7:10:b2:e7:53:35:97:57:
12:cf:da:2c:97:60:ef:fa:0a:ac:03:07:19:1e:8e:80:33:14:
30:08:46:a0:15:69:56:3e:9b:98:0b:74:63:d3:6c:b4:f1:aa:
cc:16:16:1f:12:7d:16:93:5c:4f:12:66:15:82:67:88:d8:b8:
73:83:dd:e1:33:01:44:33:30:f0:9c:b9:dc:32:d3:ad:17:33:
80:8b:99:00:22:75:79:26:86:ce:10:aa:b2:03:9c:ed:c2:04:
d4:6d:94:8a
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYI+mJUIBmseuCmXuD1ZM/MgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY3OTU1YjFhYTFjMDI4NGQyODQzYjk2ZjI2YzVmZTc1MWU2
Njk0NmYwHhcNMjIwNzI3MDczOTIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYWYwZTgyZDYxOWI0YjViMWVlNTQ1NjlhZWRmMWU4YzIyMGIwNDU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjmvWVoObhwdKZd5jYeE1IbjW8BLk
fJCKJyVm1uHY8Sxn90mN/39NqF+SccBhXlA0GQoyGKlVm/CjnX8DjJ07JjCzkabq
dJkrwh0+YOFxy36pruiztwxhbvG9fSpedHI0gZaWM1UH8fF3NkeJPESI0yZRPpbx
NYed8OQX/4aLI8kpO0QplvuxUr601c1emdghmHAmwXcGz8vRjxYM3u67YuOEzPYg
SVZiIK2LKoP8XeP10Frtzg4N5hnEtAYBYso7QYjQ7FlCr6G7lZQUKQBTUeAK14H/
PW/aRbfwXcLFWk00vsi5DUNCBMSBZMkx03cmDCpE2J/L/kMi545gIycgUwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFBrw6C1hm0tbHuVFaa7fHowiCwRZMB8GA1UdIwQY
MBaAFGeVWxqhwChNKEO5bybF/nUeZpRvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWjVWYkdxSEFLRTBvUTdsdkpzWC1kUjVtbEc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi82MzE5MjUtNmIwZS00ZWE1LTkxZDct
MDhhZDk0MTAxZDdlLzEvR3ZEb0xXR2JTMXNlNVVWcHJ0OGVqQ0lMQkZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi82MzE5MjUtNmIwZS00ZWE1LTkxZDctMDhhZDk0MTAxZDdl
LzEvWjVWYkdxSEFLRTBvUTdsdkpzWC1kUjVtbEc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBW8voAwQC
W+5gMA0GCSqGSIb3DQEBCwUAA4IBAQCH47zgi/8rc3IBvH1XdW03Hwnn6DNHS8+2
pUP0XCn9Vw6fLyshQAGLY1nKZ2oUCf8tdGDDfwHJ125utUjVvjwYrDSFyoswaMPa
ad5WLAX1xCe0XzmsaXKctYYhTBa+7gN0nJhe0bGlYQN4QFAQ+ryeY4sRX3bUSbVS
/AX8QDN9tZ8TDNak8q3ur86k/TSI+zLjWT8s/fdl7LW2xxCy51M1l1cSz9osl2Dv
+gqsAwcZHo6AMxQwCEagFWlWPpuYC3Rj02y08arMFhYfEn0Wk1xPEmYVgmeI2Lhz
g93hMwFEMzDwnLncMtOtFzOAi5kAInV5JobOEKqyA5ztwgTUbZSK
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:50:52 2024 by rpki-client on console-ams.rpki-client.org