Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6b/913e12-f5ed-46f4-982c-52dedddee393/1/gscNWN6fg8dfjBZHQQjc40yBap8.roa
File: gscNWN6fg8dfjBZHQQjc40yBap8.roa (raw, json)
Hash identifier: 8m0oUF7MbjdPgw7H2wY6ig1IMdEY5GFDm6jYk4ob/Ps=
Subject key identifier: 82:C7:0D:58:DE:9F:83:C7:5F:8C:16:47:41:08:DC:E3:4C:81:6A:9F
Certificate issuer: /CN=7a8746a76cda8369009d28941ef156239c6a63a1
Certificate serial: 0194221F48753E169AA32CFCB26B59544FD3
Authority key identifier: 7A:87:46:A7:6C:DA:83:69:00:9D:28:94:1E:F1:56:23:9C:6A:63:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eodGp2zag2kAnSiUHvFWI5xqY6E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6b/913e12-f5ed-46f4-982c-52dedddee393/1/gscNWN6fg8dfjBZHQQjc40yBap8.roa
Signing time: Wed 01 Jan 2025 13:47:42 +0000
ROA not before: Wed 01 Jan 2025 13:47:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 8426
IP address blocks: 217.161.12.0/23 maxlen: 23
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:1f:48:75:3e:16:9a:a3:2c:fc:b2:6b:59:54:4f:d3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7a8746a76cda8369009d28941ef156239c6a63a1
Validity
Not Before: Jan 1 13:47:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=82c70d58de9f83c75f8c16474108dce34c816a9f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ed:64:2f:cd:41:b6:03:2c:6e:2c:81:9c:4a:72:
c0:3d:6b:5b:bd:d2:63:f5:a7:c2:f1:a3:5e:9e:e6:
a4:cb:bb:20:43:07:14:1f:9d:42:6f:5f:d0:c2:eb:
c5:16:8f:ae:01:3f:b1:f1:10:62:2a:74:64:2a:64:
ee:79:a4:74:60:4b:b8:2c:ac:25:3c:08:54:f2:3e:
74:cc:16:c8:2c:02:da:13:dc:6c:c4:a8:a5:7a:3b:
97:16:83:98:9b:30:12:0d:e6:1e:d6:66:fb:9b:23:
e9:2a:b4:60:8e:78:50:84:53:a7:e0:31:ce:d5:25:
dc:15:15:2a:6e:7d:63:33:39:e1:0a:aa:ff:04:0e:
e8:21:63:c8:15:a0:cc:eb:a4:0c:d7:2b:d2:52:18:
7a:41:2b:89:eb:f6:a6:7a:18:3d:22:cf:c8:5f:a9:
47:78:7a:a7:bb:7d:cf:41:16:0e:c4:c2:e6:a2:46:
94:e5:ac:2d:25:02:75:1a:f9:ea:0d:37:0b:b8:bd:
a6:ae:7d:3e:04:7b:ec:7a:d7:ab:50:da:e0:2d:54:
d5:4c:f2:a5:ce:b9:72:db:b9:9f:e6:69:34:c6:92:
09:9f:2c:3b:f4:44:f1:50:a8:a6:d8:3b:fa:5a:8d:
83:c5:89:ca:90:ae:24:80:02:bc:a0:48:98:d8:28:
9e:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:C7:0D:58:DE:9F:83:C7:5F:8C:16:47:41:08:DC:E3:4C:81:6A:9F
X509v3 Authority Key Identifier:
keyid:7A:87:46:A7:6C:DA:83:69:00:9D:28:94:1E:F1:56:23:9C:6A:63:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eodGp2zag2kAnSiUHvFWI5xqY6E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/913e12-f5ed-46f4-982c-52dedddee393/1/gscNWN6fg8dfjBZHQQjc40yBap8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/913e12-f5ed-46f4-982c-52dedddee393/1/eodGp2zag2kAnSiUHvFWI5xqY6E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.161.12.0/23
Signature Algorithm: sha256WithRSAEncryption
97:94:d4:68:fd:95:61:62:31:02:27:69:ee:50:a4:04:66:eb:
c7:52:3a:5d:b0:ef:0f:47:38:9c:8c:f1:b7:19:25:cf:db:30:
82:f8:30:f0:e5:30:45:9e:ca:12:1f:8b:ef:29:93:49:49:f1:
83:18:6c:41:3b:c7:90:22:73:5a:85:5f:7c:1e:b3:65:eb:5e:
ed:2b:7e:5d:a6:33:79:59:aa:d0:1d:f2:98:77:43:7a:a1:d6:
af:04:8c:c5:fc:36:27:eb:f8:87:0b:7b:54:d2:8f:29:98:b2:
29:ce:9e:32:54:40:53:cd:68:8e:f9:9b:e3:ae:c4:1a:cc:d4:
86:37:c5:28:17:fb:53:e1:bd:18:2d:08:20:22:96:43:54:4a:
e0:b4:61:d1:03:b0:1f:83:78:b0:b4:53:af:cd:2b:72:8f:02:
45:64:6d:1d:47:84:b6:4f:1a:2a:05:61:cb:11:3b:d4:e3:09:
c2:b0:dc:04:da:3c:26:e9:43:46:b6:ea:11:a2:26:48:5f:4e:
d3:9b:ef:50:2f:0a:d7:11:77:eb:d1:0f:7d:d2:ab:e0:c6:2d:
54:46:31:f1:a8:0c:d4:94:0a:d5:2e:d2:f9:6c:82:88:b6:a1:
8e:f0:a3:bf:7e:5e:18:b8:0a:3f:16:08:0a:92:06:dc:be:f1:
ff:20:b1:34
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQiH0h1Phaaoyz8smtZVE/TMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhODc0NmE3NmNkYTgzNjkwMDlkMjg5NDFlZjE1NjIzOWM2
YTYzYTEwHhcNMjUwMTAxMTM0NzQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MmM3MGQ1OGRlOWY4M2M3NWY4YzE2NDc0MTA4ZGNlMzRjODE2YTlmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7WQvzUG2AyxuLIGcSnLAPWtbvdJj
9afC8aNenuaky7sgQwcUH51Cb1/QwuvFFo+uAT+x8RBiKnRkKmTueaR0YEu4LKwl
PAhU8j50zBbILALaE9xsxKilejuXFoOYmzASDeYe1mb7myPpKrRgjnhQhFOn4DHO
1SXcFRUqbn1jMznhCqr/BA7oIWPIFaDM66QM1yvSUhh6QSuJ6/amehg9Is/IX6lH
eHqnu33PQRYOxMLmokaU5awtJQJ1GvnqDTcLuL2mrn0+BHvseterUNrgLVTVTPKl
zrly27mf5mk0xpIJnyw79ETxUKim2Dv6Wo2DxYnKkK4kgAK8oEiY2CietwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFILHDVjen4PHX4wWR0EI3ONMgWqfMB8GA1UdIwQY
MBaAFHqHRqds2oNpAJ0olB7xViOcamOhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZW9kR3AyemFnMmtBblNpVUh2RldJNXhxWTZFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yi85MTNlMTItZjVlZC00NmY0LTk4MmMt
NTJkZWRkZGVlMzkzLzEvZ3NjTldONmZnOGRmakJaSFFRamM0MHlCYXA4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yi85MTNlMTItZjVlZC00NmY0LTk4MmMtNTJkZWRkZGVlMzkz
LzEvZW9kR3AyemFnMmtBblNpVUh2RldJNXhxWTZFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQB2aEMMA0G
CSqGSIb3DQEBCwUAA4IBAQCXlNRo/ZVhYjECJ2nuUKQEZuvHUjpdsO8PRzicjPG3
GSXP2zCC+DDw5TBFnsoSH4vvKZNJSfGDGGxBO8eQInNahV98HrNl617tK35dpjN5
WarQHfKYd0N6odavBIzF/DYn6/iHC3tU0o8pmLIpzp4yVEBTzWiO+ZvjrsQazNSG
N8UoF/tT4b0YLQggIpZDVErgtGHRA7Afg3iwtFOvzStyjwJFZG0dR4S2TxoqBWHL
ETvU4wnCsNwE2jwm6UNGtuoRoiZIX07Tm+9QLwrXEXfr0Q990qvgxi1URjHxqAzU
lArVLtL5bIKItqGO8KO/fl4YuAo/FggKkgbcvvH/ILE0
-----END CERTIFICATE-----
Generated at Sun Apr 20 05:00:30 2025 by rpki-client