Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/GIC5pK_L0BheMM4MnqcBOQ7Lge0.roa
File: GIC5pK_L0BheMM4MnqcBOQ7Lge0.roa (raw, json)
Hash identifier: ehTNgS90rlpOmxH473lVrd0Me6pdqjR+x/M2hn1bQeA=
Subject key identifier: 18:80:B9:A4:AF:CB:D0:18:5E:30:CE:0C:9E:A7:01:39:0E:CB:81:ED
Certificate issuer: /CN=ccd76159bfd9e337523ee930f3df111d6bae7306
Certificate serial: 0182E3D3EAAA704488DAAEF981CE9A4909B8
Authority key identifier: CC:D7:61:59:BF:D9:E3:37:52:3E:E9:30:F3:DF:11:1D:6B:AE:73:06
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zNdhWb_Z4zdSPukw898RHWuucwY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/GIC5pK_L0BheMM4MnqcBOQ7Lge0.roa
Signing time: Sun 28 Aug 2022 09:41:32 +0000
ROA not before: Sun 28 Aug 2022 09:41:32 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 204084
IP address blocks: 2a07:cc40::/30 maxlen: 30
2a0d:34c0::/30 maxlen: 30
2a0d:6ec4::/30 maxlen: 30
2a0d:a3c4::/30 maxlen: 30
2a0d:6ec0::/30 maxlen: 30
2a0d:fcc4::/30 maxlen: 30
2a0d:b2c0::/30 maxlen: 30
2a0d:97c0::/30 maxlen: 30
2a0d:b2c4::/30 maxlen: 30
2a07:cc44::/30 maxlen: 30
2a0d:34c4::/30 maxlen: 30
2a0d:97c4::/30 maxlen: 30
2a0d:fcc0::/30 maxlen: 30
2a0d:6a40::/30 maxlen: 30
2a0d:9744::/30 maxlen: 30
2a0d:a3c0::/30 maxlen: 30
2a0d:7140::/30 maxlen: 30
2a0d:7144::/30 maxlen: 30
2a0d:f5c0::/30 maxlen: 30
2a0d:9740::/30 maxlen: 30
2a0d:6a44::/30 maxlen: 30
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:e3:d3:ea:aa:70:44:88:da:ae:f9:81:ce:9a:49:09:b8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ccd76159bfd9e337523ee930f3df111d6bae7306
Validity
Not Before: Aug 28 09:41:32 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=1880b9a4afcbd0185e30ce0c9ea701390ecb81ed
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:9b:9b:0c:71:88:c5:aa:ca:ad:00:c8:95:c1:
da:6c:73:81:cb:6d:0f:f0:46:13:d0:6d:2e:c7:90:
71:47:4f:fd:9e:e3:c1:70:85:db:f3:12:5d:3e:34:
1e:67:61:b9:ea:ed:cb:e5:98:a3:28:57:19:cf:7c:
80:de:0d:eb:36:81:5b:86:aa:31:04:01:9e:36:5a:
c7:19:ad:cc:1e:08:bd:ef:8d:ab:3b:5d:a4:20:26:
87:30:34:1d:b0:0a:02:1a:21:6e:4f:10:88:b8:e7:
83:11:1d:25:74:24:f0:69:7a:5f:ad:5d:46:a4:7c:
19:2e:80:4f:ed:be:ef:a0:e1:23:d1:8b:29:24:53:
2e:af:dc:bb:e8:f7:da:82:fa:b4:73:d6:aa:cc:21:
c8:97:df:f9:6b:b6:a0:b7:a1:3c:41:f1:bb:64:d4:
16:ea:9d:51:b0:14:06:fe:e6:f2:5c:87:80:bd:0c:
b7:10:82:7a:d9:2a:ef:29:3d:a4:73:bc:2e:46:70:
26:b0:04:a0:bd:30:59:07:28:a8:04:03:8e:58:80:
31:09:e7:c1:28:e4:33:7c:14:0f:cf:81:2f:74:60:
2c:a3:9e:b2:0d:05:53:51:8e:eb:3b:95:3e:e0:2e:
f6:54:12:1a:03:16:1e:b7:9c:ef:ef:da:a6:11:88:
4c:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:80:B9:A4:AF:CB:D0:18:5E:30:CE:0C:9E:A7:01:39:0E:CB:81:ED
X509v3 Authority Key Identifier:
keyid:CC:D7:61:59:BF:D9:E3:37:52:3E:E9:30:F3:DF:11:1D:6B:AE:73:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zNdhWb_Z4zdSPukw898RHWuucwY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/GIC5pK_L0BheMM4MnqcBOQ7Lge0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/zNdhWb_Z4zdSPukw898RHWuucwY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a07:cc40::/29
2a0d:34c0::/29
2a0d:6a40::/29
2a0d:6ec0::/29
2a0d:7140::/29
2a0d:9740::/29
2a0d:97c0::/29
2a0d:a3c0::/29
2a0d:b2c0::/29
2a0d:f5c0::/30
2a0d:fcc0::/29
Signature Algorithm: sha256WithRSAEncryption
c8:43:c9:9f:ef:dc:e9:50:d2:3d:9f:16:a3:44:93:6c:05:4c:
fd:51:4d:0a:a0:29:b9:69:10:bb:75:d6:57:a9:45:93:30:b8:
37:f3:88:79:a8:fc:a5:d8:28:32:1f:a0:fb:57:dc:ff:6b:b2:
36:49:59:4c:c4:db:e0:00:2f:6a:b8:db:6a:8d:88:1a:99:29:
0f:d8:1a:f7:2a:9f:8e:79:25:a2:a6:98:4d:9c:01:a6:cf:a5:
c7:db:52:89:61:cf:71:45:c1:d8:38:df:e7:11:ea:f3:4d:05:
c9:f7:07:d8:1e:4f:84:aa:c2:9f:d8:34:40:31:c6:14:81:3e:
92:83:34:8e:e0:80:6c:88:58:1a:1f:0e:61:1e:f3:a6:12:50:
31:be:d3:20:43:b0:b7:da:f2:dd:e0:df:a7:97:58:e4:9c:7b:
ab:cf:e7:59:e6:a6:b0:ec:1e:20:dd:40:60:20:d6:69:15:23:
66:44:86:b2:6e:40:51:ee:07:08:42:67:30:bb:e5:ac:c9:fd:
6b:1b:6d:ed:10:b8:57:84:0b:93:b5:31:fd:50:c3:9f:66:30:
04:04:3c:fe:4c:d7:31:f3:21:3a:d5:7c:08:d4:93:ea:1b:ec:
bd:45:28:e7:17:96:34:a4:9b:be:e9:7d:48:88:49:54:8f:0b:
45:64:14:47
-----BEGIN CERTIFICATE-----
MIIFRDCCBCygAwIBAgISAYLj0+qqcESI2q75gc6aSQm4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNjZDc2MTU5YmZkOWUzMzc1MjNlZTkzMGYzZGYxMTFkNmJh
ZTczMDYwHhcNMjIwODI4MDk0MTMyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxODgwYjlhNGFmY2JkMDE4NWUzMGNlMGM5ZWE3MDEzOTBlY2I4MWVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnJubDHGIxarKrQDIlcHabHOBy20P
8EYT0G0ux5BxR0/9nuPBcIXb8xJdPjQeZ2G56u3L5ZijKFcZz3yA3g3rNoFbhqox
BAGeNlrHGa3MHgi9742rO12kICaHMDQdsAoCGiFuTxCIuOeDER0ldCTwaXpfrV1G
pHwZLoBP7b7voOEj0YspJFMur9y76Pfagvq0c9aqzCHIl9/5a7agt6E8QfG7ZNQW
6p1RsBQG/ubyXIeAvQy3EIJ62SrvKT2kc7wuRnAmsASgvTBZByioBAOOWIAxCefB
KOQzfBQPz4EvdGAso56yDQVTUY7rO5U+4C72VBIaAxYet5zv79qmEYhMNwIDAQAB
o4ICUDCCAkwwHQYDVR0OBBYEFBiAuaSvy9AYXjDODJ6nATkOy4HtMB8GA1UdIwQY
MBaAFMzXYVm/2eM3Uj7pMPPfER1rrnMGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvek5kaFdiX1o0emRTUHVrdzg5OFJIV3V1Y3dZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MC9mNmFkYTEtN2U4YS00YjNlLWI3ZTgt
Zjg1ODlmNjgyNjkxLzEvR0lDNXBLX0wwQmhlTU00TW5xY0JPUTdMZ2UwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MC9mNmFkYTEtN2U4YS00YjNlLWI3ZTgtZjg1ODlmNjgyNjkx
LzEvek5kaFdiX1o0emRTUHVrdzg5OFJIV3V1Y3dZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGYGCCsGAQUFBwEHAQH/BFcwVTBTBAIAAjBNAwUDKgfMQAMF
AyoNNMADBQMqDWpAAwUDKg1uwAMFAyoNcUADBQMqDZdAAwUDKg2XwAMFAyoNo8AD
BQMqDbLAAwUCKg31wAMFAyoN/MAwDQYJKoZIhvcNAQELBQADggEBAMhDyZ/v3OlQ
0j2fFqNEk2wFTP1RTQqgKblpELt11lepRZMwuDfziHmo/KXYKDIfoPtX3P9rsjZJ
WUzE2+AAL2q422qNiBqZKQ/YGvcqn455JaKmmE2cAabPpcfbUolhz3FFwdg43+cR
6vNNBcn3B9geT4Sqwp/YNEAxxhSBPpKDNI7ggGyIWBofDmEe86YSUDG+0yBDsLfa
8t3g36eXWOSce6vP51nmprDsHiDdQGAg1mkVI2ZEhrJuQFHuBwhCZzC75azJ/Wsb
be0QuFeEC5O1Mf1Qw59mMAQEPP5M1zHzITrVfAjUk+ob7L1FKOcXljSkm77pfUiI
SVSPC0VkFEc=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:17 2024 by rpki-client on console-fra.rpki-client.org