Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f2/266caf-3b43-49e0-b6e1-9c174e53e4fe/1/GPm8WjJGzbSLualq-m5Du-bQLO0.roa
File: GPm8WjJGzbSLualq-m5Du-bQLO0.roa (raw, json)
Hash identifier: s3UZQ3A701G49btgjI12R2GZPijX4ftWZSPIFj7isjc=
Subject key identifier: 18:F9:BC:5A:32:46:CD:B4:8B:B9:A9:6A:FA:6E:43:BB:E6:D0:2C:ED
Certificate issuer: /CN=1045dacc837798c3e6cf31f4d27946a33b0de661
Certificate serial: 29EC5B78
Authority key identifier: 10:45:DA:CC:83:77:98:C3:E6:CF:31:F4:D2:79:46:A3:3B:0D:E6:61
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EEXazIN3mMPmzzH00nlGozsN5mE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f2/266caf-3b43-49e0-b6e1-9c174e53e4fe/1/GPm8WjJGzbSLualq-m5Du-bQLO0.roa
Signing time: Sat 01 Jan 2022 13:54:22 +0000
ROA not before: Sat 01 Jan 2022 13:54:22 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 59917
IP address blocks: 95.181.208.0/23 maxlen: 23
95.181.210.0/23 maxlen: 23
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 703355768 (0x29ec5b78)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1045dacc837798c3e6cf31f4d27946a33b0de661
Validity
Not Before: Jan 1 13:54:22 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=18f9bc5a3246cdb48bb9a96afa6e43bbe6d02ced
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:1b:1f:89:d8:1b:ff:be:45:00:03:76:5c:9b:
24:ff:b4:b9:02:6b:4f:bc:ae:07:31:0a:47:75:60:
8b:5b:30:64:7d:f4:90:22:45:50:30:62:98:91:d4:
e1:00:06:6f:07:50:94:51:49:ac:e7:50:a8:bd:36:
de:2e:74:c2:df:2d:13:56:69:a6:48:32:b0:86:18:
e2:20:01:ac:90:20:11:ce:2e:33:6a:b6:37:39:05:
22:2a:9e:8f:6b:5b:9d:ee:94:73:fc:d0:7a:6b:c2:
62:28:38:db:ca:bc:87:46:1e:31:7d:e0:9d:53:23:
c8:48:cc:4e:b5:82:3c:f7:1d:a2:82:54:34:b8:37:
6a:f8:93:2b:d8:6e:79:d0:d6:e9:5b:db:c5:08:b6:
12:b6:6c:39:fa:f6:eb:5b:2f:7f:b1:95:ef:5a:5b:
e1:96:91:30:36:9a:03:7e:63:5a:c0:55:91:d9:bc:
4d:aa:47:e7:05:44:2e:85:6e:8a:de:29:d5:a9:d1:
ed:df:16:ef:b3:81:a9:e9:32:1a:ab:9f:61:53:4f:
dc:63:21:0b:27:5c:f9:8c:9e:3b:0b:a1:9a:3d:df:
9c:7f:24:b4:48:a9:33:b8:17:57:96:56:6c:c7:8b:
f8:d3:d6:7a:39:60:4a:dc:76:9c:e9:e3:60:43:1d:
a6:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:F9:BC:5A:32:46:CD:B4:8B:B9:A9:6A:FA:6E:43:BB:E6:D0:2C:ED
X509v3 Authority Key Identifier:
keyid:10:45:DA:CC:83:77:98:C3:E6:CF:31:F4:D2:79:46:A3:3B:0D:E6:61
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EEXazIN3mMPmzzH00nlGozsN5mE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/266caf-3b43-49e0-b6e1-9c174e53e4fe/1/GPm8WjJGzbSLualq-m5Du-bQLO0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/266caf-3b43-49e0-b6e1-9c174e53e4fe/1/EEXazIN3mMPmzzH00nlGozsN5mE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.181.208.0/22
Signature Algorithm: sha256WithRSAEncryption
17:33:fd:c2:b3:ad:00:98:2d:5f:48:7b:d9:bc:df:49:2a:66:
d9:bd:46:d0:a3:a2:e5:28:3e:09:88:26:e9:d7:20:81:80:6b:
49:dc:49:c3:9a:db:9a:05:3b:2e:e3:2c:38:6e:d7:42:72:6f:
b1:e4:5b:85:45:92:36:6c:f7:45:2d:65:53:71:86:61:ad:63:
58:9e:e2:eb:07:dd:61:39:56:59:00:e3:b9:aa:d7:83:85:66:
51:01:7a:b3:ba:00:93:f3:27:a1:42:8c:82:be:b7:70:49:92:
13:30:1b:82:69:da:d3:61:96:e7:30:b9:ff:2d:e5:f5:17:cc:
b1:df:d3:5e:94:cc:27:94:27:db:01:72:f0:77:5b:9e:7e:49:
a6:35:25:52:0a:33:47:b0:f6:d0:5e:95:ab:95:cb:5b:ae:c6:
b1:dd:b1:a6:0c:46:8e:45:d9:6e:77:e6:87:6e:03:bb:4a:c0:
1f:67:56:d9:2e:1f:dd:9c:fc:fc:a2:99:7d:3d:30:9d:80:e5:
14:41:4d:ee:67:93:23:c7:41:58:31:e8:0b:6d:ce:3a:ae:7a:
92:05:5a:c5:4f:0f:62:de:f3:e7:91:fd:16:6b:71:cb:79:9b:
75:71:75:5f:a7:24:c9:ae:44:bd:66:3f:c2:79:c5:bc:ee:cd:
08:9d:c9:da
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEKexbeDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
MDQ1ZGFjYzgzNzc5OGMzZTZjZjMxZjRkMjc5NDZhMzNiMGRlNjYxMB4XDTIyMDEw
MTEzNTQyMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMThmOWJjNWEzMjQ2
Y2RiNDhiYjlhOTZhZmE2ZTQzYmJlNmQwMmNlZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALMbH4nYG/++RQADdlybJP+0uQJrT7yuBzEKR3Vgi1swZH30
kCJFUDBimJHU4QAGbwdQlFFJrOdQqL023i50wt8tE1ZppkgysIYY4iABrJAgEc4u
M2q2NzkFIiqej2tbne6Uc/zQemvCYig428q8h0YeMX3gnVMjyEjMTrWCPPcdooJU
NLg3aviTK9huedDW6VvbxQi2ErZsOfr261svf7GV71pb4ZaRMDaaA35jWsBVkdm8
TapH5wVELoVuit4p1anR7d8W77OBqekyGqufYVNP3GMhCydc+YyeOwuhmj3fnH8k
tEipM7gXV5ZWbMeL+NPWejlgStx2nOnjYEMdplMCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQY+bxaMkbNtIu5qWr6bkO75tAs7TAfBgNVHSMEGDAWgBQQRdrMg3eYw+bP
MfTSeUajOw3mYTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0VFWGF6SU4zbU1QbXp6SDAwbmxHb3pzTjVtRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZjIvMjY2Y2FmLTNiNDMtNDllMC1iNmUxLTljMTc0ZTUzZTRmZS8x
L0dQbThXakpHemJTTHVhbHEtbTVEdS1iUUxPMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZjIv
MjY2Y2FmLTNiNDMtNDllMC1iNmUxLTljMTc0ZTUzZTRmZS8xL0VFWGF6SU4zbU1Q
bXp6SDAwbmxHb3pzTjVtRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAl+10DANBgkqhkiG9w0BAQsFAAOC
AQEAFzP9wrOtAJgtX0h72bzfSSpm2b1G0KOi5Sg+CYgm6dcggYBrSdxJw5rbmgU7
LuMsOG7XQnJvseRbhUWSNmz3RS1lU3GGYa1jWJ7i6wfdYTlWWQDjuarXg4VmUQF6
s7oAk/MnoUKMgr63cEmSEzAbgmna02GW5zC5/y3l9RfMsd/TXpTMJ5Qn2wFy8Hdb
nn5JpjUlUgozR7D20F6Vq5XLW67Gsd2xpgxGjkXZbnfmh24Du0rAH2dW2S4f3Zz8
/KKZfT0wnYDlFEFN7meTI8dBWDHoC23OOq56kgVaxU8PYt7z55H9Fmtxy3mbdXF1
X6ckya5EvWY/wnnFvO7NCJ3J2g==
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:37:19 2025 by rpki-client