Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/6d59d9-9daf-4fcb-8d05-13bcc752119a/1/Go0AzVzjLq5bBi1BfWcTBtOsqtk.roa
File: Go0AzVzjLq5bBi1BfWcTBtOsqtk.roa (raw, json)
Hash identifier: o5mWH25W5kGzM+hEAvFz++7W8cpUn6PqdvzBFOSGgUk=
Subject key identifier: 1A:8D:00:CD:5C:E3:2E:AE:5B:06:2D:41:7D:67:13:06:D3:AC:AA:D9
Certificate issuer: /CN=b07ab922565e2b3e2cc63d485a55dd4fc41d357e
Certificate serial: 023BC7
Authority key identifier: B0:7A:B9:22:56:5E:2B:3E:2C:C6:3D:48:5A:55:DD:4F:C4:1D:35:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sHq5IlZeKz4sxj1IWlXdT8QdNX4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/6d59d9-9daf-4fcb-8d05-13bcc752119a/1/Go0AzVzjLq5bBi1BfWcTBtOsqtk.roa
Signing time: Fri 20 May 2022 05:32:30 +0000
ROA not before: Fri 20 May 2022 05:32:30 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 211481
IP address blocks: 2a12:f8c0::/29 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 146375 (0x23bc7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b07ab922565e2b3e2cc63d485a55dd4fc41d357e
Validity
Not Before: May 20 05:32:30 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=1a8d00cd5ce32eae5b062d417d671306d3acaad9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:61:14:e4:24:45:7c:e2:3d:19:e7:a5:2b:85:
cc:e5:a4:91:0c:23:a1:05:0d:25:10:50:33:79:39:
7a:50:d9:e1:f1:8c:9b:72:bc:20:41:a1:50:70:05:
ba:b8:18:73:5d:d1:45:42:4a:30:a8:0b:2c:a5:3a:
95:5d:3e:79:73:72:90:f7:26:16:02:42:90:af:43:
9b:42:6f:0b:89:ab:b3:f2:da:c3:d3:d0:13:ed:bc:
d1:2f:89:19:a2:c4:54:15:89:13:96:a4:57:39:c2:
81:02:b3:ef:2a:4a:4a:75:14:0a:9a:6a:36:8a:7f:
81:07:a2:58:60:2f:fd:81:b6:21:1f:f8:4e:83:b1:
39:fd:9e:cd:27:f8:75:74:66:40:5b:e5:e4:c8:e5:
09:ac:bd:e1:fd:3d:04:10:31:db:b6:8b:f2:56:a5:
44:24:81:10:a5:33:7a:79:ea:7e:1c:8f:26:a8:aa:
2f:de:c7:19:40:d2:32:e9:6c:d6:78:93:a0:1c:4f:
c1:03:4b:ba:21:1d:e2:b4:be:18:60:e4:e6:24:ba:
f5:a2:b0:a4:af:f5:48:59:2f:a6:66:a6:e6:d9:03:
39:a4:be:7f:bc:45:6b:80:cc:53:f7:dc:23:2e:f2:
3e:69:63:89:5f:5e:dd:29:51:06:f4:ed:8d:11:ff:
40:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:8D:00:CD:5C:E3:2E:AE:5B:06:2D:41:7D:67:13:06:D3:AC:AA:D9
X509v3 Authority Key Identifier:
keyid:B0:7A:B9:22:56:5E:2B:3E:2C:C6:3D:48:5A:55:DD:4F:C4:1D:35:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sHq5IlZeKz4sxj1IWlXdT8QdNX4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/6d59d9-9daf-4fcb-8d05-13bcc752119a/1/Go0AzVzjLq5bBi1BfWcTBtOsqtk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/6d59d9-9daf-4fcb-8d05-13bcc752119a/1/sHq5IlZeKz4sxj1IWlXdT8QdNX4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:f8c0::/29
Signature Algorithm: sha256WithRSAEncryption
44:69:70:64:40:e4:3b:68:c8:dd:a5:78:ff:85:b8:11:5c:a0:
05:70:22:53:94:55:9d:de:8a:70:27:43:7c:f2:a8:86:cc:0a:
9b:d0:bd:c9:e6:ca:55:7a:01:0a:7f:9d:d4:09:e1:0f:cd:ca:
89:9a:65:19:18:d6:95:98:d7:64:84:a7:50:58:f3:8f:36:57:
be:b3:65:93:11:dd:04:33:2b:25:73:93:bb:17:76:2a:e5:a0:
c3:a3:7d:15:fe:18:dd:34:27:e1:0a:56:83:e9:fe:7e:9c:2f:
4d:d2:50:00:5c:57:70:c2:9d:4f:e3:57:97:b8:e2:fd:10:b1:
e8:58:49:84:b8:4b:50:36:1e:ce:72:a2:d9:2c:bd:96:aa:92:
a8:e4:16:6b:c3:0e:ab:dd:e1:f9:61:f5:d3:07:a9:22:5c:04:
4d:67:37:52:f8:a5:4e:68:df:ff:56:20:d8:76:0b:35:61:bb:
84:2b:2d:69:44:0d:05:d1:72:c4:06:cd:58:c5:b1:57:26:99:
4c:f3:4b:0c:06:65:d0:0b:5f:20:5c:a4:b3:e6:0d:e7:b1:8d:
b6:6a:b8:7b:98:3e:09:86:e4:9f:91:3b:77:5c:7c:49:89:56:
63:ee:98:3f:7c:8d:ba:2e:78:21:ef:c9:f1:1e:1b:bc:81:6b:
d7:23:08:82
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIDAjvHMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGIw
N2FiOTIyNTY1ZTJiM2UyY2M2M2Q0ODVhNTVkZDRmYzQxZDM1N2UwHhcNMjIwNTIw
MDUzMjMwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEygxYThkMDBjZDVjZTMy
ZWFlNWIwNjJkNDE3ZDY3MTMwNmQzYWNhYWQ5MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAlmEU5CRFfOI9GeelK4XM5aSRDCOhBQ0lEFAzeTl6UNnh8Yyb
crwgQaFQcAW6uBhzXdFFQkowqAsspTqVXT55c3KQ9yYWAkKQr0ObQm8Liauz8trD
09AT7bzRL4kZosRUFYkTlqRXOcKBArPvKkpKdRQKmmo2in+BB6JYYC/9gbYhH/hO
g7E5/Z7NJ/h1dGZAW+XkyOUJrL3h/T0EEDHbtovyVqVEJIEQpTN6eep+HI8mqKov
3scZQNIy6WzWeJOgHE/BA0u6IR3itL4YYOTmJLr1orCkr/VIWS+mZqbm2QM5pL5/
vEVrgMxT99wjLvI+aWOJX17dKVEG9O2NEf9ApQIDAQABo4ICCjCCAgYwHQYDVR0O
BBYEFBqNAM1c4y6uWwYtQX1nEwbTrKrZMB8GA1UdIwQYMBaAFLB6uSJWXis+LMY9
SFpV3U/EHTV+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
c0hxNUlsWmVLejRzeGoxSVdsWGRUOFFkTlg0LmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC8yZS82ZDU5ZDktOWRhZi00ZmNiLThkMDUtMTNiY2M3NTIxMTlhLzEv
R28wQXpWempMcTViQmkxQmZXY1RCdE9zcXRrLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS82
ZDU5ZDktOWRhZi00ZmNiLThkMDUtMTNiY2M3NTIxMTlhLzEvc0hxNUlsWmVLejRz
eGoxSVdsWGRUOFFkTlg0LmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCAG
CCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhL4wDANBgkqhkiG9w0BAQsFAAOC
AQEARGlwZEDkO2jI3aV4/4W4EVygBXAiU5RVnd6KcCdDfPKohswKm9C9yebKVXoB
Cn+d1AnhD83KiZplGRjWlZjXZISnUFjzjzZXvrNlkxHdBDMrJXOTuxd2KuWgw6N9
Ff4Y3TQn4QpWg+n+fpwvTdJQAFxXcMKdT+NXl7ji/RCx6FhJhLhLUDYeznKi2Sy9
lqqSqOQWa8MOq93h+WH10wepIlwETWc3UvilTmjf/1Yg2HYLNWG7hCstaUQNBdFy
xAbNWMWxVyaZTPNLDAZl0AtfIFyks+YN57GNtmq4e5g+CYbkn5E7d1x8SYlWY+6Y
P3yNui54Ie/J8R4bvIFr1yMIgg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:02 2024 by rpki-client on console-fra.rpki-client.org