Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ba/e8922d-b304-4188-bda6-dc6b1ff72c18/1/fglIhNsXtPP2oXyywg71mI4QCmg.roa
File: fglIhNsXtPP2oXyywg71mI4QCmg.roa (raw, json)
Hash identifier: U2SggFKQkHQOF9ZAVOsfC5w6120aUuSXKy7fyWAd43c=
Subject key identifier: 7E:09:48:84:DB:17:B4:F3:F6:A1:7C:B2:C2:0E:F5:98:8E:10:0A:68
Certificate issuer: /CN=1bf180eca4e4405e877a8b63923a7588d77e39d2
Certificate serial: 018E2009B31C6F7410665D36F612A4A02484
Authority key identifier: 1B:F1:80:EC:A4:E4:40:5E:87:7A:8B:63:92:3A:75:88:D7:7E:39:D2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/G_GA7KTkQF6Heotjkjp1iNd-OdI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ba/e8922d-b304-4188-bda6-dc6b1ff72c18/1/fglIhNsXtPP2oXyywg71mI4QCmg.roa
Signing time: Fri 08 Mar 2024 21:48:10 +0000
ROA not before: Fri 08 Mar 2024 21:48:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215697
IP address blocks: 2001:67c:c3c::/48 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:20:09:b3:1c:6f:74:10:66:5d:36:f6:12:a4:a0:24:84
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1bf180eca4e4405e877a8b63923a7588d77e39d2
Validity
Not Before: Mar 8 21:48:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7e094884db17b4f3f6a17cb2c20ef5988e100a68
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:4c:d9:5a:b4:c7:fd:62:52:14:a7:eb:10:93:
a9:8f:39:e7:e7:98:30:f3:28:2f:b8:09:6e:a7:b8:
80:26:54:67:41:5b:84:aa:75:4e:e4:2c:b4:b8:79:
20:92:fe:56:c6:d4:07:e8:0a:60:68:aa:b0:32:7b:
d3:06:fb:8f:b2:47:df:63:46:43:3d:37:31:c6:bf:
64:fe:f6:d8:3a:9b:c7:d1:2e:f8:e3:2a:ff:9a:2d:
ef:23:a9:2c:f9:c3:83:a2:0b:0b:ec:4c:a3:2f:f5:
b0:58:c7:88:d0:55:a4:b7:2a:e6:79:e9:d9:2d:fb:
ee:c0:6c:c0:2d:75:da:ae:54:58:2a:1a:18:dc:48:
c0:57:52:6a:dd:74:53:b0:c6:24:fd:eb:e5:40:37:
1c:29:10:0d:d2:dd:8e:40:39:f2:ae:12:ab:d0:f4:
d8:7d:ed:93:ce:35:4f:90:e1:d2:8d:75:e0:93:b8:
52:c3:6e:5e:61:03:2f:89:c1:68:82:6b:4d:5a:ee:
86:30:b7:03:58:e9:7f:8f:2b:a9:d9:e0:fa:79:0c:
62:0f:cf:d9:5b:cc:a9:e7:91:2f:7f:4e:81:c7:62:
20:50:09:31:af:ff:b0:51:e9:a6:cc:26:7e:83:f8:
34:50:08:26:d4:a3:e8:d9:5f:ed:f4:b6:f6:98:0b:
07:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:09:48:84:DB:17:B4:F3:F6:A1:7C:B2:C2:0E:F5:98:8E:10:0A:68
X509v3 Authority Key Identifier:
keyid:1B:F1:80:EC:A4:E4:40:5E:87:7A:8B:63:92:3A:75:88:D7:7E:39:D2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/G_GA7KTkQF6Heotjkjp1iNd-OdI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/e8922d-b304-4188-bda6-dc6b1ff72c18/1/fglIhNsXtPP2oXyywg71mI4QCmg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/e8922d-b304-4188-bda6-dc6b1ff72c18/1/G_GA7KTkQF6Heotjkjp1iNd-OdI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:c3c::/48
Signature Algorithm: sha256WithRSAEncryption
98:19:8d:7d:e7:58:50:49:88:c0:11:3a:b9:d7:10:d0:a2:d7:
50:65:15:b9:9c:b6:cc:8b:51:9f:cf:ae:bd:aa:ab:fe:10:bd:
34:d0:a0:dc:7b:27:ba:b1:ba:f3:86:a3:ee:d5:62:58:b0:0c:
b7:21:33:76:00:9d:e4:8b:88:b0:5c:10:d1:35:09:6b:8b:cd:
66:87:dc:f0:3b:2f:e9:3a:54:1a:90:a3:41:bc:84:0e:47:dc:
e4:0b:e7:a7:26:cb:84:1f:cd:3c:e8:3c:0c:dc:6b:c2:99:18:
7b:ad:40:5b:21:b1:63:fe:4d:b5:77:08:59:a4:59:5f:81:69:
74:89:ff:64:79:df:9b:f3:a5:8d:6c:cd:32:ba:22:12:11:0e:
55:4d:b0:94:03:bf:14:a8:28:f4:cf:cd:bf:0c:73:1a:28:ab:
ac:c9:89:11:ac:2f:42:20:98:16:51:17:0e:2b:46:c8:32:b6:
14:6f:fa:da:9b:53:41:1b:89:07:20:83:36:ee:97:aa:d7:9d:
d0:1e:ab:43:43:17:23:f0:f2:9b:e4:34:cd:19:9c:eb:cb:38:
0d:ca:cf:c4:b1:ca:c2:c8:0c:fb:e2:aa:04:40:3a:53:28:cc:
e4:13:60:ca:df:58:b1:f9:6c:34:45:6a:44:d6:f4:62:65:49:
e3:33:ee:f5
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAY4gCbMcb3QQZl029hKkoCSEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiZjE4MGVjYTRlNDQwNWU4NzdhOGI2MzkyM2E3NTg4ZDc3
ZTM5ZDIwHhcNMjQwMzA4MjE0ODEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZTA5NDg4NGRiMTdiNGYzZjZhMTdjYjJjMjBlZjU5ODhlMTAwYTY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjkzZWrTH/WJSFKfrEJOpjznn55gw
8ygvuAlup7iAJlRnQVuEqnVO5Cy0uHkgkv5WxtQH6ApgaKqwMnvTBvuPskffY0ZD
PTcxxr9k/vbYOpvH0S744yr/mi3vI6ks+cODogsL7EyjL/WwWMeI0FWktyrmeenZ
LfvuwGzALXXarlRYKhoY3EjAV1Jq3XRTsMYk/evlQDccKRAN0t2OQDnyrhKr0PTY
fe2TzjVPkOHSjXXgk7hSw25eYQMvicFogmtNWu6GMLcDWOl/jyup2eD6eQxiD8/Z
W8yp55Evf06Bx2IgUAkxr/+wUemmzCZ+g/g0UAgm1KPo2V/t9Lb2mAsHEwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFH4JSITbF7Tz9qF8ssIO9ZiOEApoMB8GA1UdIwQY
MBaAFBvxgOyk5EBeh3qLY5I6dYjXfjnSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR19HQTdLVGtRRjZIZW90amtqcDFpTmQtT2RJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYS9lODkyMmQtYjMwNC00MTg4LWJkYTYt
ZGM2YjFmZjcyYzE4LzEvZmdsSWhOc1h0UFAyb1h5eXdnNzFtSTRRQ21nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYS9lODkyMmQtYjMwNC00MTg4LWJkYTYtZGM2YjFmZjcyYzE4
LzEvR19HQTdLVGtRRjZIZW90amtqcDFpTmQtT2RJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGfAw8
MA0GCSqGSIb3DQEBCwUAA4IBAQCYGY1951hQSYjAETq51xDQotdQZRW5nLbMi1Gf
z669qqv+EL000KDceye6sbrzhqPu1WJYsAy3ITN2AJ3ki4iwXBDRNQlri81mh9zw
Oy/pOlQakKNBvIQOR9zkC+enJsuEH8086DwM3GvCmRh7rUBbIbFj/k21dwhZpFlf
gWl0if9ked+b86WNbM0yuiISEQ5VTbCUA78UqCj0z82/DHMaKKusyYkRrC9CIJgW
URcOK0bIMrYUb/ram1NBG4kHIIM27peq153QHqtDQxcj8PKb5DTNGZzryzgNys/E
scrCyAz74qoEQDpTKMzkE2DK31ix+Ww0RWpE1vRiZUnjM+71
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:40:50 2024 by rpki-client on console-ams.rpki-client.org