Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f8/0d903f-1831-4d03-aab4-81af7c657e05/1/dpFCdz0kWwWDI06YYTM_GUBOedg.roa
File: dpFCdz0kWwWDI06YYTM_GUBOedg.roa (raw, json)
Hash identifier: GjgvskpwOvvmoeOmTT9n+y3Tas6x4DYRZZsaumEHmq8=
Subject key identifier: 76:91:42:77:3D:24:5B:05:83:23:4E:98:61:33:3F:19:40:4E:79:D8
Certificate issuer: /CN=d123b8d462134667ec6a9d1e154e5c7f0596662c
Certificate serial: 0A182630
Authority key identifier: D1:23:B8:D4:62:13:46:67:EC:6A:9D:1E:15:4E:5C:7F:05:96:66:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0SO41GITRmfsap0eFU5cfwWWZiw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f8/0d903f-1831-4d03-aab4-81af7c657e05/1/dpFCdz0kWwWDI06YYTM_GUBOedg.roa
Signing time: Sat 01 Jan 2022 14:55:08 +0000
ROA not before: Sat 01 Jan 2022 14:55:08 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 48858
IP address blocks: 185.214.184.0/22 maxlen: 22
62.78.80.0/20 maxlen: 20
91.235.92.0/22 maxlen: 24
91.235.92.0/24 maxlen: 24
2a0b:9fc0::/48 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 169354800 (0xa182630)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d123b8d462134667ec6a9d1e154e5c7f0596662c
Validity
Not Before: Jan 1 14:55:08 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=769142773d245b0583234e9861333f19404e79d8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:3a:b0:13:11:08:0b:30:2b:0c:19:10:c6:d8:
39:6a:da:49:8b:4e:e8:c4:f2:a6:76:58:13:e4:55:
36:62:fb:73:56:a0:2a:15:83:d0:86:b5:cd:97:6c:
21:fd:6d:c4:35:59:a9:fd:23:04:6d:0a:a5:e7:f7:
52:95:77:6e:10:5a:4c:be:1a:1e:12:fd:1b:f2:42:
3d:aa:d5:1e:70:b6:13:ff:b6:40:95:6b:ea:94:e2:
88:8c:14:3b:22:7d:1a:3c:76:3e:23:67:c8:fe:89:
c6:f4:3b:9c:d3:91:c2:da:71:58:33:82:e6:b1:20:
1e:71:66:4a:b2:18:83:3a:2e:24:cf:ad:3c:a8:63:
91:d0:0b:f7:c2:4d:c8:71:11:cf:77:e7:44:85:45:
f8:90:19:89:cf:89:ca:d1:97:91:4b:50:14:82:2e:
c8:40:75:32:a4:1f:90:48:7c:cf:51:c9:cc:14:3b:
f8:e7:2a:9a:ac:4a:77:40:70:ce:19:4f:54:d9:9a:
41:d6:d4:c3:68:55:91:c6:62:e6:23:7e:3b:5a:2a:
7f:48:08:e6:84:45:f2:bb:21:bf:8d:69:4a:6f:e3:
b7:1d:30:da:ed:ab:93:44:17:09:79:6c:fe:0c:38:
20:e4:45:5f:94:da:6f:86:ef:ce:aa:6d:2a:bd:bb:
1c:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:91:42:77:3D:24:5B:05:83:23:4E:98:61:33:3F:19:40:4E:79:D8
X509v3 Authority Key Identifier:
keyid:D1:23:B8:D4:62:13:46:67:EC:6A:9D:1E:15:4E:5C:7F:05:96:66:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0SO41GITRmfsap0eFU5cfwWWZiw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/0d903f-1831-4d03-aab4-81af7c657e05/1/dpFCdz0kWwWDI06YYTM_GUBOedg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/0d903f-1831-4d03-aab4-81af7c657e05/1/0SO41GITRmfsap0eFU5cfwWWZiw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.78.80.0/20
91.235.92.0/22
185.214.184.0/22
IPv6:
2a0b:9fc0::/48
Signature Algorithm: sha256WithRSAEncryption
6c:23:be:f8:0d:25:92:fb:e2:42:6d:c8:aa:ad:6d:d5:dd:ae:
7e:46:a8:31:d0:a7:1d:fb:fb:19:66:14:f7:31:9d:d1:cd:6e:
4e:f7:6c:11:58:44:46:0d:16:e6:cd:6a:0b:ec:ea:96:d1:a4:
e7:aa:df:84:4f:dd:34:f5:15:cc:0f:fa:3f:72:28:e3:ef:5d:
5d:71:e4:37:6c:8a:9a:e3:d8:28:8c:af:cf:2b:2e:0f:d5:55:
06:64:a6:5f:14:30:5c:bd:06:c8:72:c9:90:c7:11:b6:7d:d0:
15:73:0d:c3:7d:10:3f:fc:22:5d:5b:12:43:83:9a:54:51:f0:
15:6f:18:cf:a4:8b:3a:dc:79:36:2d:80:53:d4:c1:dc:bb:d4:
6f:e9:3b:fd:c7:02:d5:2c:27:bf:29:17:a4:1f:2c:a2:d0:6d:
ae:2e:0c:cc:af:01:12:77:80:a1:57:31:56:28:19:11:f7:71:
ad:1c:21:bf:fe:7b:70:f1:0a:44:47:da:70:c7:a8:58:6c:50:
56:8f:ee:08:92:64:7a:3f:15:50:a4:71:81:d0:95:31:cc:8b:
33:36:85:96:a6:20:7d:f3:ef:a6:13:c1:0b:35:3d:af:ea:cd:
ad:90:bd:d2:08:18:40:42:c3:89:e9:26:2f:50:b3:71:7c:8f:
fd:15:b1:7f
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgIEChgmMDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
MTIzYjhkNDYyMTM0NjY3ZWM2YTlkMWUxNTRlNWM3ZjA1OTY2NjJjMB4XDTIyMDEw
MTE0NTUwOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNzY5MTQyNzczZDI0
NWIwNTgzMjM0ZTk4NjEzMzNmMTk0MDRlNzlkODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKg6sBMRCAswKwwZEMbYOWraSYtO6MTypnZYE+RVNmL7c1ag
KhWD0Ia1zZdsIf1txDVZqf0jBG0Kpef3UpV3bhBaTL4aHhL9G/JCParVHnC2E/+2
QJVr6pTiiIwUOyJ9Gjx2PiNnyP6JxvQ7nNORwtpxWDOC5rEgHnFmSrIYgzouJM+t
PKhjkdAL98JNyHERz3fnRIVF+JAZic+JytGXkUtQFIIuyEB1MqQfkEh8z1HJzBQ7
+OcqmqxKd0BwzhlPVNmaQdbUw2hVkcZi5iN+O1oqf0gI5oRF8rshv41pSm/jtx0w
2u2rk0QXCXls/gw4IORFX5Tab4bvzqptKr27HHMCAwEAAaOCAiYwggIiMB0GA1Ud
DgQWBBR2kUJ3PSRbBYMjTphhMz8ZQE552DAfBgNVHSMEGDAWgBTRI7jUYhNGZ+xq
nR4VTlx/BZZmLDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzBTTzQxR0lUUm1mc2FwMGVGVTVjZndXV1ppdy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZjgvMGQ5MDNmLTE4MzEtNGQwMy1hYWI0LTgxYWY3YzY1N2UwNS8x
L2RwRkNkejBrV3dXREkwNllZVE1fR1VCT2VkZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZjgv
MGQ5MDNmLTE4MzEtNGQwMy1hYWI0LTgxYWY3YzY1N2UwNS8xLzBTTzQxR0lUUm1m
c2FwMGVGVTVjZndXV1ppdy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA8
BggrBgEFBQcBBwEB/wQtMCswGAQCAAEwEgMEBD5OUAMEAlvrXAMEArnWuDAPBAIA
AjAJAwcAKgufwAAAMA0GCSqGSIb3DQEBCwUAA4IBAQBsI774DSWS++JCbciqrW3V
3a5+Rqgx0Kcd+/sZZhT3MZ3RzW5O92wRWERGDRbmzWoL7OqW0aTnqt+ET9009RXM
D/o/cijj711dceQ3bIqa49gojK/PKy4P1VUGZKZfFDBcvQbIcsmQxxG2fdAVcw3D
fRA//CJdWxJDg5pUUfAVbxjPpIs63Hk2LYBT1MHcu9Rv6Tv9xwLVLCe/KRekHyyi
0G2uLgzMrwESd4ChVzFWKBkR93GtHCG//ntw8QpER9pwx6hYbFBWj+4IkmR6PxVQ
pHGB0JUxzIszNoWWpiB98++mE8ELNT2v6s2tkL3SCBhAQsOJ6SYvULNxfI/9FbF/
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:57:08 2025 by rpki-client