Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/6d59d9-9daf-4fcb-8d05-13bcc752119a/1/GH2VE2XNjvZ6890Dx0uOovjvUGE.roa
File: GH2VE2XNjvZ6890Dx0uOovjvUGE.roa (raw, json)
Hash identifier: yfdhUiMhgWAELsM/RcuSajyIaj8VR9kRSYrIDGD+/Q4=
Subject key identifier: 18:7D:95:13:65:CD:8E:F6:7A:F3:DD:03:C7:4B:8E:A2:F8:EF:50:61
Certificate issuer: /CN=b07ab922565e2b3e2cc63d485a55dd4fc41d357e
Certificate serial: 018FADA59C96EAC340E2A3B5A4E98D8D3AEB
Authority key identifier: B0:7A:B9:22:56:5E:2B:3E:2C:C6:3D:48:5A:55:DD:4F:C4:1D:35:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sHq5IlZeKz4sxj1IWlXdT8QdNX4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/6d59d9-9daf-4fcb-8d05-13bcc752119a/1/GH2VE2XNjvZ6890Dx0uOovjvUGE.roa
Signing time: Sat 25 May 2024 02:47:42 +0000
ROA not before: Sat 25 May 2024 02:47:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 10104
IP address blocks: 2a12:f8c0::/32 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:ad:a5:9c:96:ea:c3:40:e2:a3:b5:a4:e9:8d:8d:3a:eb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b07ab922565e2b3e2cc63d485a55dd4fc41d357e
Validity
Not Before: May 25 02:47:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=187d951365cd8ef67af3dd03c74b8ea2f8ef5061
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:a2:9e:3d:98:93:47:ee:ca:ff:f2:79:bd:a2:
d9:d1:f5:c2:6a:14:06:b2:07:86:d9:80:4f:1b:c7:
e3:12:9e:9b:15:fe:62:55:89:9b:d0:dc:82:12:59:
68:5a:7d:32:41:94:e0:19:fa:9c:6d:f7:c6:7b:27:
84:8d:97:72:a1:0b:41:db:2e:1e:ea:01:a2:ec:f5:
61:23:e8:e5:b4:ba:df:19:ef:a9:c6:77:21:5a:58:
3c:17:8e:41:54:c1:15:53:86:e8:4f:b0:10:5d:56:
b0:a6:11:43:d0:fa:98:05:a3:55:f5:48:05:f3:0d:
58:97:79:ea:06:7d:63:94:e0:62:83:19:fd:6c:97:
49:33:de:61:36:29:67:64:3b:85:88:22:9b:90:e1:
00:39:ba:66:3b:8c:bc:46:d9:dc:52:3b:de:94:92:
2f:ff:c9:42:de:c9:fa:f1:98:6e:42:bb:39:c8:f6:
41:9d:f2:4d:b2:e0:70:3d:40:da:de:4b:54:d8:da:
61:e5:a9:d8:ce:d3:8a:7f:49:a4:eb:c9:b6:ba:f4:
60:db:69:42:62:98:5b:df:43:b7:50:eb:27:99:9f:
8e:2f:67:cf:6b:d2:65:d8:e5:03:51:35:36:eb:3e:
a2:e2:d5:61:c9:a1:af:54:e7:bd:4c:20:f0:61:4f:
1e:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:7D:95:13:65:CD:8E:F6:7A:F3:DD:03:C7:4B:8E:A2:F8:EF:50:61
X509v3 Authority Key Identifier:
keyid:B0:7A:B9:22:56:5E:2B:3E:2C:C6:3D:48:5A:55:DD:4F:C4:1D:35:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sHq5IlZeKz4sxj1IWlXdT8QdNX4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/6d59d9-9daf-4fcb-8d05-13bcc752119a/1/GH2VE2XNjvZ6890Dx0uOovjvUGE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/6d59d9-9daf-4fcb-8d05-13bcc752119a/1/sHq5IlZeKz4sxj1IWlXdT8QdNX4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:f8c0::/32
Signature Algorithm: sha256WithRSAEncryption
6b:16:99:e7:62:89:40:80:a9:8c:6b:8e:45:a5:ac:7a:e8:e8:
75:5c:db:86:b6:4f:22:0c:e1:b2:2d:a3:ac:c6:6c:6e:80:bd:
4a:31:91:68:98:b3:b1:ea:4e:f9:3d:70:77:de:4b:e3:70:bb:
42:4b:e9:43:6a:57:fa:b8:97:42:53:9e:9e:86:04:f5:03:b0:
c7:22:4a:53:85:29:7c:61:6a:13:78:ad:d4:a9:30:60:c2:12:
f2:f6:95:e7:a3:2e:0e:cb:57:97:06:36:02:07:b5:7b:38:1c:
c4:aa:20:6f:c1:91:20:ed:ad:e4:35:4f:2b:40:34:cc:3d:a7:
54:09:5d:00:cb:bf:67:67:20:7d:ed:ce:17:e6:d2:f4:1c:66:
61:fd:9e:5a:75:9a:ba:9f:ab:31:55:b4:46:fc:16:f4:f4:b6:
c2:c5:74:c0:42:dc:05:f1:cd:ee:0c:a8:1e:5b:58:78:bc:6c:
7a:98:01:14:a1:41:42:28:88:37:f5:75:38:9d:38:61:10:9c:
9d:b4:49:64:00:02:a3:28:a2:45:b6:9f:5e:cf:61:2b:27:d9:
b3:82:13:a6:1c:7c:37:21:5f:e4:8c:1c:1e:6d:f7:d3:a3:75:
60:92:95:8d:20:92:00:a2:b3:3e:3c:28:99:f5:38:7a:24:2c:
66:64:c8:2f
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAY+tpZyW6sNA4qO1pOmNjTrrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIwN2FiOTIyNTY1ZTJiM2UyY2M2M2Q0ODVhNTVkZDRmYzQx
ZDM1N2UwHhcNMjQwNTI1MDI0NzQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxODdkOTUxMzY1Y2Q4ZWY2N2FmM2RkMDNjNzRiOGVhMmY4ZWY1MDYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiqKePZiTR+7K//J5vaLZ0fXCahQG
sgeG2YBPG8fjEp6bFf5iVYmb0NyCElloWn0yQZTgGfqcbffGeyeEjZdyoQtB2y4e
6gGi7PVhI+jltLrfGe+pxnchWlg8F45BVMEVU4boT7AQXVawphFD0PqYBaNV9UgF
8w1Yl3nqBn1jlOBigxn9bJdJM95hNilnZDuFiCKbkOEAObpmO4y8RtncUjvelJIv
/8lC3sn68ZhuQrs5yPZBnfJNsuBwPUDa3ktU2Nph5anYztOKf0mk68m2uvRg22lC
Yphb30O3UOsnmZ+OL2fPa9Jl2OUDUTU26z6i4tVhyaGvVOe9TCDwYU8etQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFBh9lRNlzY72evPdA8dLjqL471BhMB8GA1UdIwQY
MBaAFLB6uSJWXis+LMY9SFpV3U/EHTV+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc0hxNUlsWmVLejRzeGoxSVdsWGRUOFFkTlg0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS82ZDU5ZDktOWRhZi00ZmNiLThkMDUt
MTNiY2M3NTIxMTlhLzEvR0gyVkUyWE5qdlo2ODkwRHgwdU9vdmp2VUdFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS82ZDU5ZDktOWRhZi00ZmNiLThkMDUtMTNiY2M3NTIxMTlh
LzEvc0hxNUlsWmVLejRzeGoxSVdsWGRUOFFkTlg0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKhL4wDAN
BgkqhkiG9w0BAQsFAAOCAQEAaxaZ52KJQICpjGuORaWseujodVzbhrZPIgzhsi2j
rMZsboC9SjGRaJizsepO+T1wd95L43C7QkvpQ2pX+riXQlOenoYE9QOwxyJKU4Up
fGFqE3it1KkwYMIS8vaV56MuDstXlwY2Age1ezgcxKogb8GRIO2t5DVPK0A0zD2n
VAldAMu/Z2cgfe3OF+bS9BxmYf2eWnWaup+rMVW0RvwW9PS2wsV0wELcBfHN7gyo
HltYeLxsepgBFKFBQiiIN/V1OJ04YRCcnbRJZAACoyiiRbafXs9hKyfZs4ITphx8
NyFf5IwcHm3306N1YJKVjSCSAKKzPjwomfU4eiQsZmTILw==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:19:02 2025 by rpki-client