Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/e104ab-e146-458b-b45f-d3e98e639aca/1/gGXHmM9_5grI8k6vmokRXQdEd5k.roa
File: gGXHmM9_5grI8k6vmokRXQdEd5k.roa (raw, json)
Hash identifier: +FfU/jVU7dYPEKr1ppitmaGDubz1I5ILb57PNg0nC+M=
Subject key identifier: 80:65:C7:98:CF:7F:E6:0A:C8:F2:4E:AF:9A:89:11:5D:07:44:77:99
Certificate issuer: /CN=515cbdbd16a6e868e99675bc29180268c258f0fb
Certificate serial: 01856ED4CDF8E7A4A0093C7A3B81E13E0DF4
Authority key identifier: 51:5C:BD:BD:16:A6:E8:68:E9:96:75:BC:29:18:02:68:C2:58:F0:FB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UVy9vRam6GjplnW8KRgCaMJY8Ps.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/19/e104ab-e146-458b-b45f-d3e98e639aca/1/gGXHmM9_5grI8k6vmokRXQdEd5k.roa
Signing time: Sun 01 Jan 2023 19:35:18 +0000
ROA not before: Sun 01 Jan 2023 19:35:18 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211575
IP address blocks: 2001:678:f60::/48 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:d4:cd:f8:e7:a4:a0:09:3c:7a:3b:81:e1:3e:0d:f4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=515cbdbd16a6e868e99675bc29180268c258f0fb
Validity
Not Before: Jan 1 19:35:18 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8065c798cf7fe60ac8f24eaf9a89115d07447799
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:7a:a9:22:00:c5:a5:2b:32:9a:be:73:ec:37:
6c:58:60:5b:53:55:ae:e3:af:7f:6f:bd:26:21:3a:
c4:92:d3:b0:d9:25:a7:3f:1e:6b:13:f9:cd:47:4b:
03:37:c1:8e:b9:6c:d6:b0:78:8c:d8:d8:50:08:08:
48:f1:11:87:71:98:21:99:7b:4c:28:95:cd:d9:da:
81:42:49:ca:f5:f1:54:5b:cb:7f:75:c9:96:9a:3a:
9f:c3:01:ad:4f:28:b4:0a:71:b6:e0:c5:e2:a3:fe:
e8:1c:8e:0a:84:e8:c6:21:db:96:2b:9f:a5:c2:fa:
74:c7:92:6b:de:7c:85:22:d7:2f:1c:03:5b:1f:78:
a2:61:4c:93:e4:04:ed:75:c7:5a:44:cc:ca:5f:31:
ee:e7:f2:4e:9a:b3:41:0f:8c:af:f2:d1:19:52:7d:
22:b1:45:c9:1b:c3:a8:a1:f7:73:cf:46:69:72:c7:
14:3b:02:0e:fb:d5:b7:92:fc:19:67:3a:35:94:ed:
24:ff:c2:62:64:02:cd:aa:cd:3f:1d:e7:63:7b:10:
8f:99:85:39:98:7e:1e:77:2f:ea:85:4a:b1:7d:42:
c9:a5:e8:ba:8b:2e:71:d3:7e:fd:05:36:72:1c:ec:
ed:93:71:52:5b:f5:ff:91:97:e1:d7:3c:90:80:be:
bc:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:65:C7:98:CF:7F:E6:0A:C8:F2:4E:AF:9A:89:11:5D:07:44:77:99
X509v3 Authority Key Identifier:
keyid:51:5C:BD:BD:16:A6:E8:68:E9:96:75:BC:29:18:02:68:C2:58:F0:FB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UVy9vRam6GjplnW8KRgCaMJY8Ps.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/e104ab-e146-458b-b45f-d3e98e639aca/1/gGXHmM9_5grI8k6vmokRXQdEd5k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/19/e104ab-e146-458b-b45f-d3e98e639aca/1/UVy9vRam6GjplnW8KRgCaMJY8Ps.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:678:f60::/48
Signature Algorithm: sha256WithRSAEncryption
7a:01:db:7c:c4:13:52:09:36:d2:88:92:98:19:11:74:54:29:
ef:fe:ba:e1:7b:48:8a:2a:cd:09:a2:28:ed:74:60:e9:2b:07:
ca:d3:7d:6b:c2:31:39:f1:21:4e:32:92:6f:be:f4:6f:83:5d:
b7:7d:35:46:39:6e:3c:5e:e6:c5:bc:af:9d:07:14:87:22:c4:
a6:1f:ce:df:44:84:c3:41:d2:b3:89:16:48:80:ee:b0:93:67:
d9:18:be:36:53:da:5a:cb:46:93:ce:06:88:b9:0a:1c:0a:ae:
ce:5d:66:2b:85:c6:e4:b6:46:78:0f:41:04:1d:9b:bc:2a:ce:
82:d7:d3:63:95:21:c3:9e:7e:0a:1c:f4:ba:99:12:64:cf:98:
3a:d9:96:c3:01:2e:d0:72:c4:84:26:92:33:e3:23:05:56:74:
8e:ae:e4:01:79:65:3d:7c:30:74:4b:a0:7b:a8:a6:f4:ad:88:
4e:02:86:87:12:ba:47:1d:18:06:51:ed:d1:4b:3a:1b:69:30:
56:72:4f:ce:ee:eb:d9:47:a4:dd:82:b5:7c:76:31:d8:4a:be:
47:32:ba:17:53:27:88:10:b0:7c:ef:43:1f:77:0a:3d:e7:38:
bb:2e:3c:9d:fd:55:da:3a:23:2e:e3:1f:c8:2c:d9:93:dc:dd:
09:ec:d6:ca
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVu1M3456SgCTx6O4HhPg30MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUxNWNiZGJkMTZhNmU4NjhlOTk2NzViYzI5MTgwMjY4YzI1
OGYwZmIwHhcNMjMwMTAxMTkzNTE4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MDY1Yzc5OGNmN2ZlNjBhYzhmMjRlYWY5YTg5MTE1ZDA3NDQ3Nzk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg3qpIgDFpSsymr5z7DdsWGBbU1Wu
469/b70mITrEktOw2SWnPx5rE/nNR0sDN8GOuWzWsHiM2NhQCAhI8RGHcZghmXtM
KJXN2dqBQknK9fFUW8t/dcmWmjqfwwGtTyi0CnG24MXio/7oHI4KhOjGIduWK5+l
wvp0x5Jr3nyFItcvHANbH3iiYUyT5ATtdcdaRMzKXzHu5/JOmrNBD4yv8tEZUn0i
sUXJG8Ooofdzz0ZpcscUOwIO+9W3kvwZZzo1lO0k/8JiZALNqs0/HedjexCPmYU5
mH4edy/qhUqxfULJpei6iy5x0379BTZyHOztk3FSW/X/kZfh1zyQgL68/QIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFIBlx5jPf+YKyPJOr5qJEV0HRHeZMB8GA1UdIwQY
MBaAFFFcvb0Wpuho6ZZ1vCkYAmjCWPD7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVVZ5OXZSYW02R2pwbG5XOEtSZ0NhTUpZOFBzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOS9lMTA0YWItZTE0Ni00NThiLWI0NWYt
ZDNlOThlNjM5YWNhLzEvZ0dYSG1NOV81Z3JJOGs2dm1va1JYUWRFZDVrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOS9lMTA0YWItZTE0Ni00NThiLWI0NWYtZDNlOThlNjM5YWNh
LzEvVVZ5OXZSYW02R2pwbG5XOEtSZ0NhTUpZOFBzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGeA9g
MA0GCSqGSIb3DQEBCwUAA4IBAQB6Adt8xBNSCTbSiJKYGRF0VCnv/rrhe0iKKs0J
oijtdGDpKwfK031rwjE58SFOMpJvvvRvg123fTVGOW48XubFvK+dBxSHIsSmH87f
RITDQdKziRZIgO6wk2fZGL42U9pay0aTzgaIuQocCq7OXWYrhcbktkZ4D0EEHZu8
Ks6C19NjlSHDnn4KHPS6mRJkz5g62ZbDAS7QcsSEJpIz4yMFVnSOruQBeWU9fDB0
S6B7qKb0rYhOAoaHErpHHRgGUe3RSzobaTBWck/O7uvZR6TdgrV8djHYSr5HMroX
UyeIELB870Mfdwo95zi7Ljyd/VXaOiMu4x/ILNmT3N0J7NbK
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:39:01 2025 by rpki-client