Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f9/23929a-b247-4f3b-9cd1-8b1f5becdda2/1/GsX7OmO8uyCefeNqhydvRHLGWO0.roa
File: GsX7OmO8uyCefeNqhydvRHLGWO0.roa (raw, json)
Hash identifier: SktE8fLylyR+A5ZJr7xh6nWYZvNJ7WvJRiCCI6NopI8=
Subject key identifier: 1A:C5:FB:3A:63:BC:BB:20:9E:7D:E3:6A:87:27:6F:44:72:C6:58:ED
Certificate issuer: /CN=e3c7c19f8d9b50ea60cce7498af0fd8c3908119e
Certificate serial: 01856C4A45E6BA3049FAD1020D36F740E84C
Authority key identifier: E3:C7:C1:9F:8D:9B:50:EA:60:CC:E7:49:8A:F0:FD:8C:39:08:11:9E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/48fBn42bUOpgzOdJivD9jDkIEZ4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f9/23929a-b247-4f3b-9cd1-8b1f5becdda2/1/GsX7OmO8uyCefeNqhydvRHLGWO0.roa
Signing time: Sun 01 Jan 2023 07:44:44 +0000
ROA not before: Sun 01 Jan 2023 07:44:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212238
IP address blocks: 2a12:1780::/29 maxlen: 29
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:4a:45:e6:ba:30:49:fa:d1:02:0d:36:f7:40:e8:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e3c7c19f8d9b50ea60cce7498af0fd8c3908119e
Validity
Not Before: Jan 1 07:44:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1ac5fb3a63bcbb209e7de36a87276f4472c658ed
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:16:d2:26:ae:50:be:2a:d5:a1:1b:fb:d3:2a:
1f:f1:99:ba:1c:4e:50:f9:ce:78:e6:6d:c0:f5:3c:
06:be:6d:92:5c:6d:80:c9:32:67:c3:06:76:0f:71:
4a:23:46:d2:91:dc:af:e5:d2:04:73:60:9e:2b:7a:
77:65:3d:22:2b:ca:f6:ae:19:0c:44:c8:f8:23:0f:
55:23:ed:26:e4:13:4a:4b:49:f3:cb:03:02:40:e9:
97:81:9e:bd:98:e5:76:b8:06:45:7d:36:07:25:c0:
1a:7b:c2:70:a6:63:dd:ac:96:6e:59:00:bf:9a:c4:
08:35:e2:12:88:0f:c9:a6:6a:e8:e7:1a:3e:fa:59:
e6:1d:77:1d:2a:5c:a6:54:5c:8e:bd:5b:d7:43:ec:
f8:da:ca:3d:54:3d:c2:c2:43:0e:48:f9:4a:1b:3e:
f2:1f:5b:a3:68:5f:94:62:fb:52:e0:30:d1:e6:93:
74:f5:c9:1a:b5:42:81:10:e6:6e:1c:9d:2b:31:d4:
6f:b0:8a:bf:fc:2b:5d:be:c2:b7:95:7d:56:a9:a6:
49:48:1e:73:f1:6b:c8:78:f3:c7:e4:7a:d2:90:f9:
eb:7d:22:f1:b7:61:f9:13:cc:78:b9:c7:cb:d8:0f:
5b:d5:31:d5:84:1e:47:54:fa:00:ac:96:09:db:88:
4f:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:C5:FB:3A:63:BC:BB:20:9E:7D:E3:6A:87:27:6F:44:72:C6:58:ED
X509v3 Authority Key Identifier:
keyid:E3:C7:C1:9F:8D:9B:50:EA:60:CC:E7:49:8A:F0:FD:8C:39:08:11:9E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/48fBn42bUOpgzOdJivD9jDkIEZ4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/23929a-b247-4f3b-9cd1-8b1f5becdda2/1/GsX7OmO8uyCefeNqhydvRHLGWO0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/23929a-b247-4f3b-9cd1-8b1f5becdda2/1/48fBn42bUOpgzOdJivD9jDkIEZ4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:1780::/29
Signature Algorithm: sha256WithRSAEncryption
ab:34:b2:e5:65:4b:f5:90:76:d9:b5:82:35:f4:84:b2:e8:a5:
18:94:5d:48:fa:63:b3:53:da:e0:43:a4:cc:3e:3e:bb:21:80:
29:70:61:21:3f:08:a3:cf:44:c9:84:c9:4a:ea:92:44:bb:dd:
0f:a7:bd:5c:c5:70:e4:24:6f:7f:4a:2e:3f:8d:e7:3e:e0:b0:
5e:64:e1:48:22:fc:a3:85:d1:01:d6:ec:99:cc:14:74:e9:31:
51:96:81:f3:3e:72:4f:b6:f1:31:e4:fc:41:c2:8b:7c:60:57:
c0:67:3a:d3:b4:94:80:e4:8a:48:23:c7:35:d4:4a:5f:b2:d4:
90:1d:c9:cf:0a:2d:3b:dd:1e:d8:89:12:ab:4a:d3:2f:96:cd:
1c:cf:35:9d:ad:c0:43:52:21:f2:c8:4b:79:9c:53:f9:1b:ad:
75:9d:fd:54:e7:9e:83:4f:53:5b:ca:cc:4a:1d:3e:25:b0:1f:
44:6f:c9:7d:a9:6b:a4:3b:82:e0:c9:85:b4:6f:54:6c:d5:7d:
1d:ee:dc:97:3b:9e:a3:d9:42:d4:d5:b2:c6:9c:32:25:f6:8e:
76:af:e5:97:aa:5d:d9:df:99:1d:5b:c0:b9:35:b1:62:5e:a1:
e4:7f:30:ce:64:e8:fb:61:20:ab:03:21:21:59:39:3c:a2:27:
1e:dd:84:39
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYVsSkXmujBJ+tECDTb3QOhMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUzYzdjMTlmOGQ5YjUwZWE2MGNjZTc0OThhZjBmZDhjMzkw
ODExOWUwHhcNMjMwMTAxMDc0NDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYWM1ZmIzYTYzYmNiYjIwOWU3ZGUzNmE4NzI3NmY0NDcyYzY1OGVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkBbSJq5QvirVoRv70yof8Zm6HE5Q
+c545m3A9TwGvm2SXG2AyTJnwwZ2D3FKI0bSkdyv5dIEc2CeK3p3ZT0iK8r2rhkM
RMj4Iw9VI+0m5BNKS0nzywMCQOmXgZ69mOV2uAZFfTYHJcAae8JwpmPdrJZuWQC/
msQINeISiA/Jpmro5xo++lnmHXcdKlymVFyOvVvXQ+z42so9VD3CwkMOSPlKGz7y
H1ujaF+UYvtS4DDR5pN09ckatUKBEOZuHJ0rMdRvsIq//CtdvsK3lX1WqaZJSB5z
8WvIePPH5HrSkPnrfSLxt2H5E8x4ucfL2A9b1THVhB5HVPoArJYJ24hPGQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFBrF+zpjvLsgnn3jaocnb0RyxljtMB8GA1UdIwQY
MBaAFOPHwZ+Nm1DqYMznSYrw/Yw5CBGeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNDhmQm40MmJVT3Bnek9kSml2RDlqRGtJRVo0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOS8yMzkyOWEtYjI0Ny00ZjNiLTljZDEt
OGIxZjViZWNkZGEyLzEvR3NYN09tTzh1eUNlZmVOcWh5ZHZSSExHV08wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOS8yMzkyOWEtYjI0Ny00ZjNiLTljZDEtOGIxZjViZWNkZGEy
LzEvNDhmQm40MmJVT3Bnek9kSml2RDlqRGtJRVo0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhIXgDAN
BgkqhkiG9w0BAQsFAAOCAQEAqzSy5WVL9ZB22bWCNfSEsuilGJRdSPpjs1Pa4EOk
zD4+uyGAKXBhIT8Io89EyYTJSuqSRLvdD6e9XMVw5CRvf0ouP43nPuCwXmThSCL8
o4XRAdbsmcwUdOkxUZaB8z5yT7bxMeT8QcKLfGBXwGc607SUgOSKSCPHNdRKX7LU
kB3JzwotO90e2IkSq0rTL5bNHM81na3AQ1Ih8shLeZxT+RutdZ39VOeeg09TW8rM
Sh0+JbAfRG/JfalrpDuC4MmFtG9UbNV9He7clzueo9lC1NWyxpwyJfaOdq/ll6pd
2d+ZHVvAuTWxYl6h5H8wzmTo+2EgqwMhIVk5PKInHt2EOQ==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:10:33 2023 by rpki-client on console-ams.rpki-client.org