Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/6d59d9-9daf-4fcb-8d05-13bcc752119a/1/gP--0X3i_FbOCIbTmpxx0ZAY_T0.roa
File: gP--0X3i_FbOCIbTmpxx0ZAY_T0.roa (raw, json)
Hash identifier: JMDYWsQuSjwe4Uwe85GoG2OeOQ/EnTl68jZGFUbLikI=
Subject key identifier: 80:FF:BE:D1:7D:E2:FC:56:CE:08:86:D3:9A:9C:71:D1:90:18:FD:3D
Certificate issuer: /CN=b07ab922565e2b3e2cc63d485a55dd4fc41d357e
Certificate serial: 018D8EE519D6DAAC72F34EFE89C7BAA4F870
Authority key identifier: B0:7A:B9:22:56:5E:2B:3E:2C:C6:3D:48:5A:55:DD:4F:C4:1D:35:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sHq5IlZeKz4sxj1IWlXdT8QdNX4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/6d59d9-9daf-4fcb-8d05-13bcc752119a/1/gP--0X3i_FbOCIbTmpxx0ZAY_T0.roa
Signing time: Fri 09 Feb 2024 17:23:15 +0000
ROA not before: Fri 09 Feb 2024 17:23:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 63801
IP address blocks: 2a12:f8c2:200::/40 maxlen: 40
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:8e:e5:19:d6:da:ac:72:f3:4e:fe:89:c7:ba:a4:f8:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b07ab922565e2b3e2cc63d485a55dd4fc41d357e
Validity
Not Before: Feb 9 17:23:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=80ffbed17de2fc56ce0886d39a9c71d19018fd3d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:7a:a4:4f:c9:36:c8:1b:95:05:3d:f8:9b:b2:
1f:d6:4a:df:51:b4:b0:cf:af:87:26:88:b1:d5:17:
e9:ff:30:2f:6a:83:3e:22:27:68:f7:a6:58:e6:44:
a0:64:5c:c3:16:37:4e:e3:a0:63:97:ee:12:cf:81:
2d:ca:00:00:f5:b4:de:51:42:7e:b3:08:0a:ea:de:
66:75:13:68:f3:7b:7d:5f:71:56:e4:1d:81:16:c1:
b5:98:3b:6b:be:b5:68:10:ac:11:4f:5a:22:ae:b3:
a1:c5:b3:a8:30:9f:d0:c9:f0:ce:e5:18:8c:67:03:
53:bc:60:6c:41:81:35:64:7d:07:63:88:3c:01:e4:
cf:66:c1:90:34:ba:ec:8e:19:2b:27:dd:cd:cb:46:
64:92:58:83:49:30:da:ab:3d:9e:b6:80:a1:fc:7f:
7a:e9:a2:70:b5:fd:80:fd:42:59:0d:62:ea:83:3a:
25:2a:39:36:2b:a9:06:ac:ea:8f:91:d8:e3:a2:a3:
77:6e:14:2b:c0:cc:a2:eb:9a:d3:1f:97:31:60:0e:
e7:84:de:df:f2:ba:51:88:88:92:15:68:e8:fc:66:
91:7b:d9:72:ce:9e:df:31:0c:1b:bf:3d:de:a1:5c:
02:17:af:d9:3d:b6:84:79:c1:8c:cb:5f:74:37:a6:
30:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:FF:BE:D1:7D:E2:FC:56:CE:08:86:D3:9A:9C:71:D1:90:18:FD:3D
X509v3 Authority Key Identifier:
keyid:B0:7A:B9:22:56:5E:2B:3E:2C:C6:3D:48:5A:55:DD:4F:C4:1D:35:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sHq5IlZeKz4sxj1IWlXdT8QdNX4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/6d59d9-9daf-4fcb-8d05-13bcc752119a/1/gP--0X3i_FbOCIbTmpxx0ZAY_T0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/6d59d9-9daf-4fcb-8d05-13bcc752119a/1/sHq5IlZeKz4sxj1IWlXdT8QdNX4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:f8c2:200::/40
Signature Algorithm: sha256WithRSAEncryption
2e:ca:1a:45:17:ae:48:e1:82:01:f1:d5:fe:52:a7:e5:02:22:
d3:ad:f7:fe:93:d6:2e:67:0a:88:f0:ac:f5:b0:ed:65:e0:69:
54:ca:af:27:80:63:c1:05:82:77:4a:4b:e5:0f:ec:00:e0:ce:
fc:d2:93:f4:ec:da:78:eb:dc:1c:d2:27:75:33:f8:8e:f9:e4:
de:41:2c:1b:25:f4:c9:6f:e9:94:af:04:67:df:dc:4f:b0:9b:
e2:b4:5e:22:ac:4d:1e:e9:1a:2b:37:ca:fc:32:fe:9d:45:ed:
12:c3:48:7b:d6:fb:5b:55:2b:00:94:b4:e6:fc:eb:54:d0:95:
01:ee:ea:b9:6e:1a:3e:ad:82:0f:b1:67:f2:1e:a2:ff:80:a7:
99:db:c9:ef:3b:9b:91:e0:50:8c:db:25:37:47:3a:4c:a5:44:
fc:51:80:14:c6:bc:6d:f0:d4:0b:cd:25:4a:99:6b:ef:12:f2:
0c:e2:64:87:99:b5:75:c9:56:b0:d3:6d:27:39:b2:1c:50:2b:
d1:8e:a5:3e:c2:95:60:69:24:d4:ea:f6:a3:dd:9f:1e:82:d3:
cb:4d:15:83:b1:95:3f:5d:16:88:a6:8d:30:fd:9e:75:63:6e:
50:02:27:07:a7:8d:cc:47:81:36:e7:aa:bf:6d:e5:c8:4b:fa:
4f:c0:9a:04
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAY2O5RnW2qxy807+ice6pPhwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIwN2FiOTIyNTY1ZTJiM2UyY2M2M2Q0ODVhNTVkZDRmYzQx
ZDM1N2UwHhcNMjQwMjA5MTcyMzE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MGZmYmVkMTdkZTJmYzU2Y2UwODg2ZDM5YTljNzFkMTkwMThmZDNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuXqkT8k2yBuVBT34m7If1krfUbSw
z6+HJoix1Rfp/zAvaoM+Iido96ZY5kSgZFzDFjdO46Bjl+4Sz4EtygAA9bTeUUJ+
swgK6t5mdRNo83t9X3FW5B2BFsG1mDtrvrVoEKwRT1oirrOhxbOoMJ/QyfDO5RiM
ZwNTvGBsQYE1ZH0HY4g8AeTPZsGQNLrsjhkrJ93Ny0ZkkliDSTDaqz2etoCh/H96
6aJwtf2A/UJZDWLqgzolKjk2K6kGrOqPkdjjoqN3bhQrwMyi65rTH5cxYA7nhN7f
8rpRiIiSFWjo/GaRe9lyzp7fMQwbvz3eoVwCF6/ZPbaEecGMy190N6YwLwIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFID/vtF94vxWzgiG05qccdGQGP09MB8GA1UdIwQY
MBaAFLB6uSJWXis+LMY9SFpV3U/EHTV+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc0hxNUlsWmVLejRzeGoxSVdsWGRUOFFkTlg0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS82ZDU5ZDktOWRhZi00ZmNiLThkMDUt
MTNiY2M3NTIxMTlhLzEvZ1AtLTBYM2lfRmJPQ0liVG1weHgwWkFZX1QwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS82ZDU5ZDktOWRhZi00ZmNiLThkMDUtMTNiY2M3NTIxMTlh
LzEvc0hxNUlsWmVLejRzeGoxSVdsWGRUOFFkTlg0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYAKhL4wgIw
DQYJKoZIhvcNAQELBQADggEBAC7KGkUXrkjhggHx1f5Sp+UCItOt9/6T1i5nCojw
rPWw7WXgaVTKryeAY8EFgndKS+UP7ADgzvzSk/Ts2njr3BzSJ3Uz+I755N5BLBsl
9Mlv6ZSvBGff3E+wm+K0XiKsTR7pGis3yvwy/p1F7RLDSHvW+1tVKwCUtOb861TQ
lQHu6rluGj6tgg+xZ/Ieov+Ap5nbye87m5HgUIzbJTdHOkylRPxRgBTGvG3w1AvN
JUqZa+8S8gziZIeZtXXJVrDTbSc5shxQK9GOpT7ClWBpJNTq9qPdnx6C08tNFYOx
lT9dFoimjTD9nnVjblACJwenjcxHgTbnqr9t5chL+k/AmgQ=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:00:55 2024 by rpki-client on console-ams.rpki-client.org