Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/4c9d73-f805-4d72-8a37-b82b0ed2d323/1/Gv--JsQA4qbmE1mhxa7PImK7ju8.roa
File: Gv--JsQA4qbmE1mhxa7PImK7ju8.roa (raw, json)
Hash identifier: WwY7NkbTphxLqSHc0e8Dg+e8dZeDqi5XzRtERw7twEE=
Subject key identifier: 1A:FF:BE:26:C4:00:E2:A6:E6:13:59:A1:C5:AE:CF:22:62:BB:8E:EF
Certificate issuer: /CN=62bd6c2bdf61e23eafe23dde016db8b3e1595f76
Certificate serial: 025587
Authority key identifier: 62:BD:6C:2B:DF:61:E2:3E:AF:E2:3D:DE:01:6D:B8:B3:E1:59:5F:76
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Yr1sK99h4j6v4j3eAW24s-FZX3Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/4c9d73-f805-4d72-8a37-b82b0ed2d323/1/Gv--JsQA4qbmE1mhxa7PImK7ju8.roa
Signing time: Tue 08 Feb 2022 10:20:08 +0000
ROA not before: Tue 08 Feb 2022 10:20:08 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 51380
IP address blocks: 195.20.4.0/23 maxlen: 23
91.218.192.0/23 maxlen: 23
195.20.6.0/24 maxlen: 24
91.218.194.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 152967 (0x25587)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=62bd6c2bdf61e23eafe23dde016db8b3e1595f76
Validity
Not Before: Feb 8 10:20:08 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=1affbe26c400e2a6e61359a1c5aecf2262bb8eef
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:cd:77:5b:d3:34:9d:ff:0c:05:a2:40:e0:a4:
10:bc:95:9c:f7:6d:91:0a:84:a1:0e:5a:66:d7:1b:
be:53:d9:28:94:86:43:89:0b:1f:47:91:34:63:59:
dc:e0:c4:06:9d:6b:de:03:42:74:49:37:ec:23:e7:
6a:67:c1:54:ad:f9:0d:53:d6:ab:0e:94:57:b6:c2:
87:a2:4e:81:21:97:8c:80:f6:82:d3:87:9e:bd:e6:
f2:7f:88:dd:0b:07:4a:c3:af:1b:08:6a:3e:27:4a:
c6:b9:cb:4e:ad:ae:6b:32:a7:7d:44:73:96:37:07:
2d:a9:97:e5:16:14:d4:f0:d1:4c:ab:d8:e7:09:97:
e4:82:82:6c:03:1b:b9:57:26:0f:cb:50:1d:77:cc:
ff:ad:ae:73:a4:0b:af:cf:98:01:24:31:58:41:c9:
48:1a:98:fa:fe:b3:22:4c:ec:e1:1c:95:66:45:75:
f1:2b:7a:b9:1c:25:02:b7:57:58:b5:ce:00:67:99:
b4:7b:44:d1:91:e0:5f:60:1c:b9:b3:45:d0:72:8a:
e2:7a:d2:a9:c7:b8:2e:85:14:92:a6:14:1f:d0:c7:
15:67:17:90:3b:12:dc:b0:57:df:b2:0f:7f:d2:7f:
44:6a:6c:72:8f:c3:71:00:38:01:9d:de:04:71:70:
b4:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:FF:BE:26:C4:00:E2:A6:E6:13:59:A1:C5:AE:CF:22:62:BB:8E:EF
X509v3 Authority Key Identifier:
keyid:62:BD:6C:2B:DF:61:E2:3E:AF:E2:3D:DE:01:6D:B8:B3:E1:59:5F:76
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yr1sK99h4j6v4j3eAW24s-FZX3Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/4c9d73-f805-4d72-8a37-b82b0ed2d323/1/Gv--JsQA4qbmE1mhxa7PImK7ju8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/4c9d73-f805-4d72-8a37-b82b0ed2d323/1/Yr1sK99h4j6v4j3eAW24s-FZX3Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.218.192.0-91.218.194.255
195.20.4.0-195.20.6.255
Signature Algorithm: sha256WithRSAEncryption
5a:38:e7:79:ce:0e:f7:9e:69:15:7b:cb:bc:e8:e4:55:6e:9b:
b7:a0:43:3d:e5:dd:02:77:02:46:f1:22:29:46:bf:85:c9:e9:
1f:1d:70:6e:01:62:4d:3e:e1:96:48:26:1a:0f:9f:42:d7:cd:
53:d2:1d:73:45:af:9e:e4:9c:31:5a:2e:43:3d:98:f2:c1:7f:
84:a0:08:c0:c2:9a:42:69:07:ac:90:03:a9:98:d9:f5:32:e9:
43:ad:02:ec:ba:bf:21:a4:02:f8:c9:85:98:7d:a3:35:54:b2:
dc:5f:86:88:cf:cf:54:98:ee:79:2a:8e:bf:dc:89:51:49:cf:
bc:56:4f:d2:57:1b:c6:f6:16:e6:56:26:bd:1f:b8:fa:92:de:
63:70:33:6e:20:ea:ce:f0:da:13:0d:18:7f:85:1b:43:20:16:
c0:09:fe:ee:46:de:3e:e2:bd:fc:82:d3:f9:89:c0:81:1b:bb:
c5:6c:29:c2:17:c0:fb:a5:13:c3:53:77:3b:80:2f:50:d9:1f:
93:ff:de:7a:25:38:6b:7e:3d:36:24:12:45:61:7d:3b:72:dc:
49:bf:60:f2:a0:09:a2:8b:79:01:b6:bb:78:ca:d5:ae:fe:d8:
53:0a:a7:c4:d5:02:a7:49:6e:3d:84:58:15:65:eb:b3:9a:a9:
a8:6f:82:22
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgIDAlWHMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDYy
YmQ2YzJiZGY2MWUyM2VhZmUyM2RkZTAxNmRiOGIzZTE1OTVmNzYwHhcNMjIwMjA4
MTAyMDA4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEygxYWZmYmUyNmM0MDBl
MmE2ZTYxMzU5YTFjNWFlY2YyMjYyYmI4ZWVmMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEArM13W9M0nf8MBaJA4KQQvJWc922RCoShDlpm1xu+U9kolIZD
iQsfR5E0Y1nc4MQGnWveA0J0STfsI+dqZ8FUrfkNU9arDpRXtsKHok6BIZeMgPaC
04eevebyf4jdCwdKw68bCGo+J0rGuctOra5rMqd9RHOWNwctqZflFhTU8NFMq9jn
CZfkgoJsAxu5VyYPy1Add8z/ra5zpAuvz5gBJDFYQclIGpj6/rMiTOzhHJVmRXXx
K3q5HCUCt1dYtc4AZ5m0e0TRkeBfYBy5s0XQcorietKpx7guhRSSphQf0McVZxeQ
OxLcsFffsg9/0n9Eamxyj8NxADgBnd4EcXC0cwIDAQABo4ICHzCCAhswHQYDVR0O
BBYEFBr/vibEAOKm5hNZocWuzyJiu47vMB8GA1UdIwQYMBaAFGK9bCvfYeI+r+I9
3gFtuLPhWV92MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
WXIxc0s5OWg0ajZ2NGozZUFXMjRzLUZaWDNZLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9mNi80YzlkNzMtZjgwNS00ZDcyLThhMzctYjgyYjBlZDJkMzIzLzEv
R3YtLUpzUUE0cWJtRTFtaHhhN1BJbUs3anU4LnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi80
YzlkNzMtZjgwNS00ZDcyLThhMzctYjgyYjBlZDJkMzIzLzEvWXIxc0s5OWg0ajZ2
NGozZUFXMjRzLUZaWDNZLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDUG
CCsGAQUFBwEHAQH/BCYwJDAiBAIAATAcMAwDBAZb2sADBABb2sIwDAMEAsMUBAME
AMMUBjANBgkqhkiG9w0BAQsFAAOCAQEAWjjnec4O955pFXvLvOjkVW6bt6BDPeXd
AncCRvEiKUa/hcnpHx1wbgFiTT7hlkgmGg+fQtfNU9Idc0WvnuScMVouQz2Y8sF/
hKAIwMKaQmkHrJADqZjZ9TLpQ60C7Lq/IaQC+MmFmH2jNVSy3F+GiM/PVJjueSqO
v9yJUUnPvFZP0lcbxvYW5lYmvR+4+pLeY3AzbiDqzvDaEw0Yf4UbQyAWwAn+7kbe
PuK9/ILT+YnAgRu7xWwpwhfA+6UTw1N3O4AvUNkfk//eeiU4a349NiQSRWF9O3Lc
Sb9g8qAJoot5Aba7eMrVrv7YUwqnxNUCp0luPYRYFWXrs5qpqG+CIg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:52:57 2024 by rpki-client on console-ams.rpki-client.org