Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/6d59d9-9daf-4fcb-8d05-13bcc752119a/1/gho-GPnIpGIphYE-rQMN8N3RgA4.roa
File: gho-GPnIpGIphYE-rQMN8N3RgA4.roa (raw, json)
Hash identifier: 8mT5jCUAUo8cdAxSqek+Y31HASWH0wcE2Y24eDlGRxA=
Subject key identifier: 82:1A:3E:18:F9:C8:A4:62:29:85:81:3E:AD:03:0D:F0:DD:D1:80:0E
Certificate issuer: /CN=b07ab922565e2b3e2cc63d485a55dd4fc41d357e
Certificate serial: 01880AFCA46EF9FD3305A3F6C8D6C4D389A0
Authority key identifier: B0:7A:B9:22:56:5E:2B:3E:2C:C6:3D:48:5A:55:DD:4F:C4:1D:35:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sHq5IlZeKz4sxj1IWlXdT8QdNX4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/6d59d9-9daf-4fcb-8d05-13bcc752119a/1/gho-GPnIpGIphYE-rQMN8N3RgA4.roa
Signing time: Thu 11 May 2023 13:25:09 +0000
ROA not before: Thu 11 May 2023 13:25:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 63800
IP address blocks: 2a12:f8c2:700::/40 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:0a:fc:a4:6e:f9:fd:33:05:a3:f6:c8:d6:c4:d3:89:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b07ab922565e2b3e2cc63d485a55dd4fc41d357e
Validity
Not Before: May 11 13:25:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=821a3e18f9c8a4622985813ead030df0ddd1800e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:8a:7c:59:c4:1c:9f:a9:74:07:0f:86:0f:dc:
2c:a0:d2:fc:67:b6:a9:35:5c:b7:7b:54:b1:86:5f:
85:4c:76:d4:32:bc:d9:c5:38:13:11:18:d8:9c:39:
6b:0d:9b:20:8d:2c:a1:53:a7:7f:25:4d:53:e6:09:
80:c5:40:a3:dc:c4:b1:e1:fb:06:4e:2e:55:d2:f5:
b6:1f:3e:cd:16:0f:cc:62:22:ee:49:fb:31:3d:cc:
85:0e:f3:5a:bb:9c:23:eb:e7:71:c0:73:0a:93:92:
f3:be:23:c8:d9:61:14:88:2b:2e:37:96:cd:ce:e3:
ab:2f:5a:7d:d5:43:f2:19:fa:7a:0a:9f:f0:ab:a0:
e2:71:27:93:77:9b:e9:7a:02:d3:12:dd:a5:e7:8e:
0f:e7:3e:f1:b6:6b:b8:35:14:27:1c:42:10:49:6d:
1a:70:6f:12:65:7e:5c:03:51:07:72:82:9e:d2:46:
78:89:ce:8c:58:a1:ea:80:45:5c:24:40:b0:b2:c4:
08:25:25:31:c5:5f:27:9b:64:bf:ad:66:34:0b:4a:
6f:77:d0:27:d2:a6:53:5a:0c:ab:66:2f:55:96:86:
43:fa:08:d4:80:ce:ca:25:c0:4e:b0:e9:f5:15:1a:
fa:c9:4a:87:b9:9b:bf:94:8a:c7:72:b6:6f:51:e4:
4b:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:1A:3E:18:F9:C8:A4:62:29:85:81:3E:AD:03:0D:F0:DD:D1:80:0E
X509v3 Authority Key Identifier:
keyid:B0:7A:B9:22:56:5E:2B:3E:2C:C6:3D:48:5A:55:DD:4F:C4:1D:35:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sHq5IlZeKz4sxj1IWlXdT8QdNX4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/6d59d9-9daf-4fcb-8d05-13bcc752119a/1/gho-GPnIpGIphYE-rQMN8N3RgA4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/6d59d9-9daf-4fcb-8d05-13bcc752119a/1/sHq5IlZeKz4sxj1IWlXdT8QdNX4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:f8c2:700::/40
Signature Algorithm: sha256WithRSAEncryption
0a:7e:4a:c9:9d:7a:97:a4:69:89:38:13:2a:69:d2:cd:50:86:
5b:49:13:a5:cd:c6:0e:fb:27:7d:26:37:4f:82:8e:09:c9:ef:
6f:cf:ce:4e:d2:9d:4b:a4:6a:ae:61:cb:0b:ce:f5:1b:7d:94:
62:e5:53:c6:9e:67:53:bc:f8:dd:e7:39:a9:5f:63:42:0e:58:
3d:f4:fd:7e:f3:46:0e:7e:25:86:a0:db:b1:00:f5:63:bc:e5:
b4:e4:8e:a2:70:81:d2:03:db:1b:2a:ef:c7:a5:fb:19:2e:35:
93:3f:f3:d2:b5:c5:d4:89:d5:19:05:6c:7a:8f:e8:62:0d:7e:
bd:0e:e3:c4:bf:0b:0e:d4:ce:02:7f:e3:01:f7:c8:ce:2e:7b:
1b:a1:e5:30:5e:9e:94:81:0f:f0:ea:95:04:95:35:4a:95:a8:
d0:7e:ea:78:5f:fb:43:76:75:ae:4e:4a:4a:02:94:04:43:7e:
73:d3:76:ff:ef:59:a0:a7:0d:94:41:8d:9d:10:e2:37:58:29:
24:d3:e4:8a:4b:c6:66:ca:a8:6b:9f:1b:c2:53:86:ac:61:25:
b7:e6:4a:92:38:5b:ca:2b:0f:37:e9:ba:7b:1e:67:df:05:89:
b5:a6:da:36:b7:00:ef:c3:37:06:d4:62:cc:0c:71:97:c0:90:
c1:c4:40:43
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYgK/KRu+f0zBaP2yNbE04mgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIwN2FiOTIyNTY1ZTJiM2UyY2M2M2Q0ODVhNTVkZDRmYzQx
ZDM1N2UwHhcNMjMwNTExMTMyNTA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MjFhM2UxOGY5YzhhNDYyMjk4NTgxM2VhZDAzMGRmMGRkZDE4MDBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq4p8WcQcn6l0Bw+GD9wsoNL8Z7ap
NVy3e1Sxhl+FTHbUMrzZxTgTERjYnDlrDZsgjSyhU6d/JU1T5gmAxUCj3MSx4fsG
Ti5V0vW2Hz7NFg/MYiLuSfsxPcyFDvNau5wj6+dxwHMKk5LzviPI2WEUiCsuN5bN
zuOrL1p91UPyGfp6Cp/wq6DicSeTd5vpegLTEt2l544P5z7xtmu4NRQnHEIQSW0a
cG8SZX5cA1EHcoKe0kZ4ic6MWKHqgEVcJECwssQIJSUxxV8nm2S/rWY0C0pvd9An
0qZTWgyrZi9VloZD+gjUgM7KJcBOsOn1FRr6yUqHuZu/lIrHcrZvUeRLmwIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFIIaPhj5yKRiKYWBPq0DDfDd0YAOMB8GA1UdIwQY
MBaAFLB6uSJWXis+LMY9SFpV3U/EHTV+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc0hxNUlsWmVLejRzeGoxSVdsWGRUOFFkTlg0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS82ZDU5ZDktOWRhZi00ZmNiLThkMDUt
MTNiY2M3NTIxMTlhLzEvZ2hvLUdQbklwR0lwaFlFLXJRTU44TjNSZ0E0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS82ZDU5ZDktOWRhZi00ZmNiLThkMDUtMTNiY2M3NTIxMTlh
LzEvc0hxNUlsWmVLejRzeGoxSVdsWGRUOFFkTlg0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYAKhL4wgcw
DQYJKoZIhvcNAQELBQADggEBAAp+SsmdepekaYk4Eypp0s1QhltJE6XNxg77J30m
N0+CjgnJ72/Pzk7SnUukaq5hywvO9Rt9lGLlU8aeZ1O8+N3nOalfY0IOWD30/X7z
Rg5+JYag27EA9WO85bTkjqJwgdID2xsq78el+xkuNZM/89K1xdSJ1RkFbHqP6GIN
fr0O48S/Cw7UzgJ/4wH3yM4uexuh5TBenpSBD/DqlQSVNUqVqNB+6nhf+0N2da5O
SkoClARDfnPTdv/vWaCnDZRBjZ0Q4jdYKSTT5IpLxmbKqGufG8JThqxhJbfmSpI4
W8orDzfpunseZ98FibWm2ja3AO/DNwbUYswMcZfAkMHEQEM=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:02 2024 by rpki-client on console-fra.rpki-client.org