Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/6d59d9-9daf-4fcb-8d05-13bcc752119a/1/HMGh15UYy0-zgcrnRHF8_ZwJGck.roa
File: HMGh15UYy0-zgcrnRHF8_ZwJGck.roa (raw, json)
Hash identifier: /aeqwTSeaEFWloLDA8c+isDajU7GaGuBRomkJnGgTVA=
Subject key identifier: 1C:C1:A1:D7:95:18:CB:4F:B3:81:CA:E7:44:71:7C:FD:9C:09:19:C9
Certificate issuer: /CN=b07ab922565e2b3e2cc63d485a55dd4fc41d357e
Certificate serial: 018CC64B246B6B4E9C7525163601DE27FF7E
Authority key identifier: B0:7A:B9:22:56:5E:2B:3E:2C:C6:3D:48:5A:55:DD:4F:C4:1D:35:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sHq5IlZeKz4sxj1IWlXdT8QdNX4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/6d59d9-9daf-4fcb-8d05-13bcc752119a/1/HMGh15UYy0-zgcrnRHF8_ZwJGck.roa
Signing time: Mon 01 Jan 2024 18:31:02 +0000
ROA not before: Mon 01 Jan 2024 18:31:02 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 51847
IP address blocks: 2a12:f8c1:50::/44 maxlen: 48
2a12:f8c1:60::/44 maxlen: 44
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4b:24:6b:6b:4e:9c:75:25:16:36:01:de:27:ff:7e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b07ab922565e2b3e2cc63d485a55dd4fc41d357e
Validity
Not Before: Jan 1 18:31:02 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1cc1a1d79518cb4fb381cae744717cfd9c0919c9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:bb:49:45:6e:b9:6a:90:98:14:c2:eb:6c:6b:
cd:02:e0:0f:f2:3f:4d:d4:cf:d0:ff:84:9c:e2:07:
eb:60:91:49:7c:91:f7:8f:49:43:f1:e8:43:f8:b9:
69:98:bd:d9:2e:ba:6c:8e:cb:ec:19:44:c1:5c:e5:
21:85:5c:9c:ed:b0:a2:7e:4e:cf:1e:de:cb:4c:cc:
5e:a5:8f:ca:56:77:9e:77:75:42:ea:d0:0f:3d:44:
99:2b:06:cb:c1:c5:30:46:ea:3d:8f:95:55:bc:6d:
eb:d9:3a:e0:28:2e:5e:7d:82:4e:83:0d:6e:d9:2e:
16:e5:31:68:2d:7e:34:ef:ee:8d:15:f5:2f:9d:95:
d6:70:27:03:8a:64:8d:79:99:d5:cc:22:de:ab:17:
1a:ff:3e:da:3d:04:9d:6d:5f:01:90:e4:4b:7e:d5:
2f:69:47:a3:2f:f2:29:f6:83:22:ec:65:6c:30:41:
18:ed:e8:af:cc:6c:77:59:44:b3:13:af:e6:74:50:
3a:6b:60:ae:f5:41:e5:a9:6a:67:f2:45:4a:5b:3e:
f5:40:68:c6:9f:0c:27:bc:ec:07:56:83:55:c8:21:
d2:ae:9d:f8:a8:f8:fa:92:27:a5:09:59:99:6c:5a:
2c:36:ec:63:d3:87:a6:4a:ac:14:84:ac:75:ab:3b:
83:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:C1:A1:D7:95:18:CB:4F:B3:81:CA:E7:44:71:7C:FD:9C:09:19:C9
X509v3 Authority Key Identifier:
keyid:B0:7A:B9:22:56:5E:2B:3E:2C:C6:3D:48:5A:55:DD:4F:C4:1D:35:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sHq5IlZeKz4sxj1IWlXdT8QdNX4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/6d59d9-9daf-4fcb-8d05-13bcc752119a/1/HMGh15UYy0-zgcrnRHF8_ZwJGck.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/6d59d9-9daf-4fcb-8d05-13bcc752119a/1/sHq5IlZeKz4sxj1IWlXdT8QdNX4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:f8c1:50::-2a12:f8c1:6f:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
b7:e6:66:e7:6f:11:08:bb:e1:37:ca:4d:c7:d0:d3:ee:39:39:
2d:8a:34:2f:8a:d4:4c:7d:2e:86:14:63:e8:5b:46:cd:34:c4:
35:00:7c:e4:7c:61:55:95:2b:30:cf:15:fc:61:16:c8:24:7d:
27:d7:8e:a8:4a:c5:a4:40:1b:b6:27:09:65:4e:f0:b2:ca:85:
0d:2f:d7:4f:e7:72:5a:af:1a:5a:02:f2:7d:ae:7e:6e:2f:4b:
96:a9:16:4b:55:09:79:66:e6:b7:a2:25:65:7f:53:0f:3c:35:
87:37:83:1c:f2:1b:99:ad:cf:c7:85:1c:ef:4d:4d:00:41:87:
d9:d6:5d:16:c4:d5:7d:e6:4f:1a:0e:cd:a4:63:8f:01:99:df:
a6:f6:05:93:27:6b:78:d4:8c:7d:cb:09:04:72:b7:69:fa:b5:
dd:c8:41:f8:b8:1f:b0:11:0a:e4:26:c1:27:ea:d8:bb:86:a3:
28:33:ce:eb:c4:38:c3:5e:9a:50:ce:94:e0:88:78:fb:dc:c6:
32:e5:6e:ed:a8:28:fc:a6:5c:88:f5:03:9c:23:f7:5f:57:1e:
0a:07:72:5a:5e:9b:ed:b3:1f:fe:78:10:a7:01:7d:4f:3f:a2:
dd:82:cb:73:79:ef:98:9f:85:2a:56:59:8e:0b:6f:8d:ea:e0:
ad:9d:e3:85
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYzGSyRra06cdSUWNgHeJ/9+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIwN2FiOTIyNTY1ZTJiM2UyY2M2M2Q0ODVhNTVkZDRmYzQx
ZDM1N2UwHhcNMjQwMTAxMTgzMTAyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxY2MxYTFkNzk1MThjYjRmYjM4MWNhZTc0NDcxN2NmZDljMDkxOWM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArrtJRW65apCYFMLrbGvNAuAP8j9N
1M/Q/4Sc4gfrYJFJfJH3j0lD8ehD+LlpmL3ZLrpsjsvsGUTBXOUhhVyc7bCifk7P
Ht7LTMxepY/KVneed3VC6tAPPUSZKwbLwcUwRuo9j5VVvG3r2TrgKC5efYJOgw1u
2S4W5TFoLX407+6NFfUvnZXWcCcDimSNeZnVzCLeqxca/z7aPQSdbV8BkORLftUv
aUejL/Ip9oMi7GVsMEEY7eivzGx3WUSzE6/mdFA6a2Cu9UHlqWpn8kVKWz71QGjG
nwwnvOwHVoNVyCHSrp34qPj6kielCVmZbFosNuxj04emSqwUhKx1qzuDYwIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFBzBodeVGMtPs4HK50RxfP2cCRnJMB8GA1UdIwQY
MBaAFLB6uSJWXis+LMY9SFpV3U/EHTV+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc0hxNUlsWmVLejRzeGoxSVdsWGRUOFFkTlg0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS82ZDU5ZDktOWRhZi00ZmNiLThkMDUt
MTNiY2M3NTIxMTlhLzEvSE1HaDE1VVl5MC16Z2NyblJIRjhfWndKR2NrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS82ZDU5ZDktOWRhZi00ZmNiLThkMDUtMTNiY2M3NTIxMTlh
LzEvc0hxNUlsWmVLejRzeGoxSVdsWGRUOFFkTlg0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAAjAUMBIDBwQqEvjB
AFADBwQqEvjBAGAwDQYJKoZIhvcNAQELBQADggEBALfmZudvEQi74TfKTcfQ0+45
OS2KNC+K1Ex9LoYUY+hbRs00xDUAfOR8YVWVKzDPFfxhFsgkfSfXjqhKxaRAG7Yn
CWVO8LLKhQ0v10/nclqvGloC8n2ufm4vS5apFktVCXlm5reiJWV/Uw88NYc3gxzy
G5mtz8eFHO9NTQBBh9nWXRbE1X3mTxoOzaRjjwGZ36b2BZMna3jUjH3LCQRyt2n6
td3IQfi4H7ARCuQmwSfq2LuGoygzzuvEOMNemlDOlOCIePvcxjLlbu2oKPymXIj1
A5wj919XHgoHclpem+2zH/54EKcBfU8/ot2Cy3N575ifhSpWWY4Lb43q4K2d44U=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:02 2024 by rpki-client on console-fra.rpki-client.org