Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/99/3d6407-72da-4568-843f-37641e999b8d/1/Gcvchfk_zLMG0-QFMDJUBQR8wUQ.roa
File: Gcvchfk_zLMG0-QFMDJUBQR8wUQ.roa (raw, json)
Hash identifier: XdkG3Fr1nRVOSFGmCRz+EtbWV/jhmq7lM/+Wg0BSZXU=
Subject key identifier: 19:CB:DC:85:F9:3F:CC:B3:06:D3:E4:05:30:32:54:05:04:7C:C1:44
Certificate issuer: /CN=34f3891c7528e1c9ed08b2cbe3dc3607afb37a4c
Certificate serial: 013E53AC
Authority key identifier: 34:F3:89:1C:75:28:E1:C9:ED:08:B2:CB:E3:DC:36:07:AF:B3:7A:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NPOJHHUo4cntCLLL49w2B6-zekw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/99/3d6407-72da-4568-843f-37641e999b8d/1/Gcvchfk_zLMG0-QFMDJUBQR8wUQ.roa
Signing time: Sat 01 Jan 2022 10:55:48 +0000
ROA not before: Sat 01 Jan 2022 10:55:48 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 204790
IP address blocks: 2a11:a480::/29 maxlen: 29
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 20861868 (0x13e53ac)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=34f3891c7528e1c9ed08b2cbe3dc3607afb37a4c
Validity
Not Before: Jan 1 10:55:48 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=19cbdc85f93fccb306d3e40530325405047cc144
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:10:66:8b:65:19:ac:6a:6a:d7:bb:bc:16:d7:
c8:2d:60:ed:05:df:75:6c:64:29:18:33:cb:51:de:
aa:ba:59:09:1b:cb:8d:33:e3:5a:54:55:b7:ca:bc:
f6:46:26:0d:52:4c:1e:24:d6:f2:88:02:d7:bb:ff:
46:67:0a:d2:8a:72:5a:e2:25:78:51:65:88:bb:75:
c6:ce:a4:b1:f7:c6:43:db:71:15:b6:48:4e:9e:f1:
52:08:3b:58:45:c1:a0:07:6a:ec:44:0f:6b:36:0f:
c4:b0:fb:8c:82:1a:92:aa:0a:10:fd:4c:6a:ed:52:
2a:20:dc:ff:b1:fc:de:7e:5d:0a:38:00:38:7e:b8:
29:36:e3:76:de:35:57:b3:46:bf:88:1b:14:1d:90:
00:2c:f8:63:3b:c3:33:0f:ad:7a:72:91:a7:91:61:
a0:3d:7f:aa:73:60:52:ad:a9:6e:68:15:55:df:c0:
0d:09:f4:89:95:7e:81:28:ba:7f:a6:63:e3:2c:c5:
f1:29:50:be:7a:e1:42:ce:50:ee:90:a5:f6:47:5d:
42:9f:8b:17:43:16:a5:45:5b:49:1a:d8:db:aa:45:
42:3e:c1:0b:76:56:73:c3:c9:cf:8f:41:6f:8e:17:
e7:dd:fc:48:d9:18:86:36:cb:81:e7:de:11:b0:64:
9b:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:CB:DC:85:F9:3F:CC:B3:06:D3:E4:05:30:32:54:05:04:7C:C1:44
X509v3 Authority Key Identifier:
keyid:34:F3:89:1C:75:28:E1:C9:ED:08:B2:CB:E3:DC:36:07:AF:B3:7A:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NPOJHHUo4cntCLLL49w2B6-zekw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/3d6407-72da-4568-843f-37641e999b8d/1/Gcvchfk_zLMG0-QFMDJUBQR8wUQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/99/3d6407-72da-4568-843f-37641e999b8d/1/NPOJHHUo4cntCLLL49w2B6-zekw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:a480::/29
Signature Algorithm: sha256WithRSAEncryption
c4:b0:7d:89:f5:69:ac:6e:cd:d8:28:49:b2:14:e9:09:8a:d2:
fd:d0:67:bb:57:77:26:e6:aa:eb:2d:e4:ad:5d:70:fc:95:bf:
1a:7b:7c:b6:26:9f:1b:7b:7d:a0:da:d7:90:76:32:9a:e9:67:
3b:d9:d2:02:7a:b2:45:f7:f1:e7:26:4c:41:0d:5c:04:d5:f4:
9e:25:0e:f8:5e:5b:e1:c6:bc:1b:5e:50:29:b1:fd:02:e3:96:
dd:e5:10:be:5c:b2:50:4a:60:c4:83:5b:98:25:26:15:28:da:
3b:d2:f4:32:b5:a7:d1:d8:64:31:97:66:9c:1c:56:4d:0b:f2:
c1:63:dd:12:09:b3:44:2f:da:51:85:98:24:95:93:74:14:fb:
29:5c:58:7d:25:ca:48:bd:f1:a1:fa:4c:d7:7d:10:0e:c0:27:
d4:89:91:84:45:a3:c2:fd:d4:ca:c3:ac:1c:53:c0:78:0a:69:
aa:22:8c:1f:cd:bf:4f:78:82:cb:53:4e:67:9f:ae:92:13:f7:
d2:fc:75:64:3d:bd:39:43:bb:2e:09:a3:47:60:ae:b6:74:b5:
e8:36:5f:83:55:77:de:e7:b0:28:36:30:2d:d3:81:c6:b2:1a:
03:f9:3b:51:64:3e:d9:eb:a3:09:89:e9:27:a1:6f:e3:ef:81:
f3:d9:81:29
-----BEGIN CERTIFICATE-----
MIIE8DCCA9igAwIBAgIEAT5TrDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
NGYzODkxYzc1MjhlMWM5ZWQwOGIyY2JlM2RjMzYwN2FmYjM3YTRjMB4XDTIyMDEw
MTEwNTU0OFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMTljYmRjODVmOTNm
Y2NiMzA2ZDNlNDA1MzAzMjU0MDUwNDdjYzE0NDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAL4QZotlGaxqate7vBbXyC1g7QXfdWxkKRgzy1HeqrpZCRvL
jTPjWlRVt8q89kYmDVJMHiTW8ogC17v/RmcK0opyWuIleFFliLt1xs6ksffGQ9tx
FbZITp7xUgg7WEXBoAdq7EQPazYPxLD7jIIakqoKEP1Mau1SKiDc/7H83n5dCjgA
OH64KTbjdt41V7NGv4gbFB2QACz4YzvDMw+tenKRp5FhoD1/qnNgUq2pbmgVVd/A
DQn0iZV+gSi6f6Zj4yzF8SlQvnrhQs5Q7pCl9kddQp+LF0MWpUVbSRrY26pFQj7B
C3ZWc8PJz49Bb44X5938SNkYhjbLgefeEbBkm/cCAwEAAaOCAgowggIGMB0GA1Ud
DgQWBBQZy9yF+T/MswbT5AUwMlQFBHzBRDAfBgNVHSMEGDAWgBQ084kcdSjhye0I
ssvj3DYHr7N6TDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L05QT0pISFVvNGNudENMTEw0OXcyQjYtemVrdy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOTkvM2Q2NDA3LTcyZGEtNDU2OC04NDNmLTM3NjQxZTk5OWI4ZC8x
L0djdmNoZmtfekxNRzAtUUZNREpVQlFSOHdVUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOTkv
M2Q2NDA3LTcyZGEtNDU2OC04NDNmLTM3NjQxZTk5OWI4ZC8xL05QT0pISFVvNGNu
dENMTEw0OXcyQjYtemVrdy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAg
BggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFAyoRpIAwDQYJKoZIhvcNAQELBQAD
ggEBAMSwfYn1aaxuzdgoSbIU6QmK0v3QZ7tXdybmqust5K1dcPyVvxp7fLYmnxt7
faDa15B2MprpZzvZ0gJ6skX38ecmTEENXATV9J4lDvheW+HGvBteUCmx/QLjlt3l
EL5cslBKYMSDW5glJhUo2jvS9DK1p9HYZDGXZpwcVk0L8sFj3RIJs0Qv2lGFmCSV
k3QU+ylcWH0lyki98aH6TNd9EA7AJ9SJkYRFo8L91MrDrBxTwHgKaaoijB/Nv094
gstTTmefrpIT99L8dWQ9vTlDuy4Jo0dgrrZ0teg2X4NVd97nsCg2MC3TgcayGgP5
O1FkPtnrowmJ6Sehb+PvgfPZgSk=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:03:35 2023 by rpki-client on console-ams.rpki-client.org