Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/GoHOUmXtxGB_TwSodVYY7UKxtNg.roa
File: GoHOUmXtxGB_TwSodVYY7UKxtNg.roa (raw, json)
Hash identifier: q3WbwroJN4IJi6qqjKFnp8hGD4zHrW42n2E8adZKzDk=
Subject key identifier: 1A:81:CE:52:65:ED:C4:60:7F:4F:04:A8:75:56:18:ED:42:B1:B4:D8
Certificate issuer: /CN=94166b704843d3d9754095c83a91b493828200a2
Certificate serial: 0AE76F68
Authority key identifier: 94:16:6B:70:48:43:D3:D9:75:40:95:C8:3A:91:B4:93:82:82:00:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lBZrcEhD09l1QJXIOpG0k4KCAKI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/GoHOUmXtxGB_TwSodVYY7UKxtNg.roa
Signing time: Thu 21 Apr 2022 06:38:20 +0000
ROA not before: Thu 21 Apr 2022 06:38:20 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 149163
IP address blocks: 185.149.12.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 182939496 (0xae76f68)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=94166b704843d3d9754095c83a91b493828200a2
Validity
Not Before: Apr 21 06:38:20 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=1a81ce5265edc4607f4f04a8755618ed42b1b4d8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:0f:29:07:ee:8d:62:e1:d9:89:27:4c:e9:63:
9e:22:9e:91:42:01:49:d5:65:9a:fc:51:d5:8e:53:
77:0b:8a:b6:41:59:74:45:f6:29:24:42:f6:3a:13:
0d:c5:bc:76:a7:7c:8d:9a:8a:96:40:5b:73:d1:0c:
0d:7b:a9:b6:b1:f3:fc:b4:34:be:51:97:7d:1e:91:
c7:c5:2b:5a:e4:b3:94:ea:bc:50:aa:65:83:7b:e7:
5f:93:0b:f0:5c:f1:97:d1:95:12:77:ee:45:1b:97:
04:c9:09:dc:6a:45:56:42:76:e2:91:48:6d:fe:ce:
76:d6:82:0d:31:32:8f:8d:55:a2:72:84:ca:b3:2e:
72:b4:d9:ef:ab:78:d3:3d:65:97:a9:41:8a:e3:db:
3c:1a:ea:0b:0b:c5:16:40:c5:a4:6d:20:ea:f8:1e:
f7:4c:9a:ac:86:e9:e6:62:87:b8:78:27:b0:14:15:
46:3f:02:cc:57:d4:bf:bb:26:ea:52:d2:e6:7d:a6:
33:5d:f4:b7:ee:cd:b8:c7:47:26:d5:81:70:5b:87:
1e:51:92:d7:dd:c1:2a:98:41:64:79:18:d3:1a:8b:
18:78:c1:f5:41:cc:d9:04:0f:7f:95:6f:b2:e4:81:
69:28:91:5c:3f:c7:c4:f7:43:14:d9:03:de:d9:15:
cd:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:81:CE:52:65:ED:C4:60:7F:4F:04:A8:75:56:18:ED:42:B1:B4:D8
X509v3 Authority Key Identifier:
keyid:94:16:6B:70:48:43:D3:D9:75:40:95:C8:3A:91:B4:93:82:82:00:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lBZrcEhD09l1QJXIOpG0k4KCAKI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/GoHOUmXtxGB_TwSodVYY7UKxtNg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/lBZrcEhD09l1QJXIOpG0k4KCAKI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.149.12.0/24
Signature Algorithm: sha256WithRSAEncryption
8f:cf:df:56:db:32:2f:a7:62:6d:39:5e:48:89:dc:a8:9c:22:
0d:5b:12:9e:c3:06:61:54:cb:5e:a4:6f:a4:60:18:d5:ab:17:
ab:72:cd:db:7b:82:a0:51:a0:79:66:75:12:64:88:61:7b:6c:
30:4e:b4:3c:d7:df:6f:62:a4:4d:9c:a6:53:6a:a3:f5:68:85:
d7:03:ab:eb:bb:9d:ad:09:dc:36:bc:9e:1f:99:e5:32:82:75:
6e:11:86:e6:49:86:dc:dd:39:21:0c:a8:b1:a7:8b:5e:f5:84:
1c:ea:c4:9a:3b:6f:b6:41:6b:81:9f:5c:3d:76:c2:5f:70:61:
bb:45:e3:cd:c1:c7:c4:cb:66:f6:62:ec:4d:cd:ba:75:50:51:
37:92:a1:da:98:d0:95:48:bf:74:fe:11:2a:41:04:2d:0c:64:
fa:12:38:90:b9:7d:d0:f2:85:bc:80:81:f7:9c:c4:85:e9:21:
7a:f7:2a:34:cd:78:da:ae:ce:7b:20:1d:92:95:f7:8d:4f:b3:
06:ae:4f:ef:d1:e2:85:cf:e1:19:0f:aa:09:6a:06:1a:b9:94:
72:08:4d:e0:9e:e4:05:e0:1d:82:e5:0a:8d:fe:0f:4a:09:6d:
16:4f:b1:03:e1:ca:9e:6e:13:bd:7d:37:b3:bc:6d:13:4a:ea:
69:41:f6:03
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIECudvaDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
NDE2NmI3MDQ4NDNkM2Q5NzU0MDk1YzgzYTkxYjQ5MzgyODIwMGEyMB4XDTIyMDQy
MTA2MzgyMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMWE4MWNlNTI2NWVk
YzQ2MDdmNGYwNGE4NzU1NjE4ZWQ0MmIxYjRkODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAM8PKQfujWLh2YknTOljniKekUIBSdVlmvxR1Y5TdwuKtkFZ
dEX2KSRC9joTDcW8dqd8jZqKlkBbc9EMDXuptrHz/LQ0vlGXfR6Rx8UrWuSzlOq8
UKplg3vnX5ML8Fzxl9GVEnfuRRuXBMkJ3GpFVkJ24pFIbf7OdtaCDTEyj41VonKE
yrMucrTZ76t40z1ll6lBiuPbPBrqCwvFFkDFpG0g6vge90yarIbp5mKHuHgnsBQV
Rj8CzFfUv7sm6lLS5n2mM130t+7NuMdHJtWBcFuHHlGS193BKphBZHkY0xqLGHjB
9UHM2QQPf5VvsuSBaSiRXD/HxPdDFNkD3tkVzTkCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQagc5SZe3EYH9PBKh1VhjtQrG02DAfBgNVHSMEGDAWgBSUFmtwSEPT2XVA
lcg6kbSTgoIAojAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2xCWnJjRWhEMDlsMVFKWElPcEcwazRLQ0FLSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNjIvNDNmZjhmLWNkNTQtNGNmMS04YWFmLTRiZTE4ZWYxMjhiNC8x
L0dvSE9VbVh0eEdCX1R3U29kVllZN1VLeHROZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjIv
NDNmZjhmLWNkNTQtNGNmMS04YWFmLTRiZTE4ZWYxMjhiNC8xL2xCWnJjRWhEMDls
MVFKWElPcEcwazRLQ0FLSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALmVDDANBgkqhkiG9w0BAQsFAAOC
AQEAj8/fVtsyL6dibTleSIncqJwiDVsSnsMGYVTLXqRvpGAY1asXq3LN23uCoFGg
eWZ1EmSIYXtsME60PNffb2KkTZymU2qj9WiF1wOr67udrQncNryeH5nlMoJ1bhGG
5kmG3N05IQyosaeLXvWEHOrEmjtvtkFrgZ9cPXbCX3Bhu0XjzcHHxMtm9mLsTc26
dVBRN5Kh2pjQlUi/dP4RKkEELQxk+hI4kLl90PKFvICB95zEhekhevcqNM142q7O
eyAdkpX3jU+zBq5P79Hihc/hGQ+qCWoGGrmUcghN4J7kBeAdguUKjf4PSgltFk+x
A+HKnm4TvX03s7xtE0rqaUH2Aw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:14:25 2024 by rpki-client on console-ams.rpki-client.org