Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/6d59d9-9daf-4fcb-8d05-13bcc752119a/1/JNudvvrvoSke4z3zLzIyNoSaZIw.roa
File: JNudvvrvoSke4z3zLzIyNoSaZIw.roa (raw, json)
Hash identifier: fEGCwI5CbMkDpApKrlKNpgkwgQakVlOfbbJG/RkTaSg=
Subject key identifier: 24:DB:9D:BE:FA:EF:A1:29:1E:E3:3D:F3:2F:32:32:36:84:9A:64:8C
Certificate issuer: /CN=b07ab922565e2b3e2cc63d485a55dd4fc41d357e
Certificate serial: 018225A2356D5B79C6C92E220CADC1FE6772
Authority key identifier: B0:7A:B9:22:56:5E:2B:3E:2C:C6:3D:48:5A:55:DD:4F:C4:1D:35:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sHq5IlZeKz4sxj1IWlXdT8QdNX4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/6d59d9-9daf-4fcb-8d05-13bcc752119a/1/JNudvvrvoSke4z3zLzIyNoSaZIw.roa
Signing time: Fri 22 Jul 2022 11:19:23 +0000
ROA not before: Fri 22 Jul 2022 11:19:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 204089
IP address blocks: 2a12:f8c1:f8c1::/48 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:25:a2:35:6d:5b:79:c6:c9:2e:22:0c:ad:c1:fe:67:72
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b07ab922565e2b3e2cc63d485a55dd4fc41d357e
Validity
Not Before: Jul 22 11:19:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=24db9dbefaefa1291ee33df32f323236849a648c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:fe:15:13:39:4d:f4:28:c6:89:25:fa:be:78:
45:65:fc:f0:95:c7:e1:a2:b3:d5:6f:13:70:60:08:
6e:11:10:a9:9b:60:9a:25:55:f7:13:15:99:f1:8a:
e4:37:fe:fe:d2:09:9d:e0:33:cb:6b:dd:bc:92:1a:
c9:f7:0b:e5:b2:81:bc:d8:1d:ae:50:00:c2:f8:1c:
52:db:fc:7f:a0:33:db:b2:42:56:88:91:bf:7b:2f:
5b:21:b9:85:fd:24:8d:e7:d6:b1:b4:83:2d:32:a3:
bf:07:34:28:1d:da:35:89:c1:8b:ec:86:a8:f5:9e:
bb:b0:b2:84:db:77:69:b3:44:80:08:98:3b:f8:24:
37:2e:d7:3d:aa:8d:d0:d2:e0:1c:23:99:fc:14:68:
08:f9:87:db:62:d5:01:9c:70:d2:d9:28:44:f5:b2:
e1:42:a7:b7:fb:70:6c:3a:e4:77:18:dd:ff:f4:bf:
43:7e:fc:c9:26:f3:23:2c:c9:9e:ca:15:ff:4a:7b:
a4:84:4d:e7:c0:69:72:b6:fe:f1:32:d4:c7:be:25:
72:06:a8:38:dc:1b:15:cb:dc:26:5b:a5:ca:c9:8b:
16:da:48:68:d9:20:9e:9a:85:1a:e8:6d:00:f6:3d:
c3:e0:b1:30:bf:33:49:8a:dc:26:45:97:64:4e:84:
87:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:DB:9D:BE:FA:EF:A1:29:1E:E3:3D:F3:2F:32:32:36:84:9A:64:8C
X509v3 Authority Key Identifier:
keyid:B0:7A:B9:22:56:5E:2B:3E:2C:C6:3D:48:5A:55:DD:4F:C4:1D:35:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sHq5IlZeKz4sxj1IWlXdT8QdNX4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/6d59d9-9daf-4fcb-8d05-13bcc752119a/1/JNudvvrvoSke4z3zLzIyNoSaZIw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/6d59d9-9daf-4fcb-8d05-13bcc752119a/1/sHq5IlZeKz4sxj1IWlXdT8QdNX4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:f8c1:f8c1::/48
Signature Algorithm: sha256WithRSAEncryption
3b:ab:bd:d5:73:b1:34:5d:b5:5b:97:14:2a:ee:7d:f6:2a:37:
86:a9:66:95:5a:cf:6f:bf:70:44:2a:ec:89:94:00:a5:af:1e:
82:38:f5:97:b0:c8:b0:ba:6d:fc:eb:12:d0:a8:81:7d:49:d0:
01:19:5a:6c:9c:b5:d3:2d:ae:24:69:79:35:9c:66:19:2a:67:
fb:dd:d0:2e:ef:56:2d:f9:b4:63:7c:ca:90:c2:b5:c4:12:b8:
a7:fb:31:2c:3a:c7:ed:b5:39:de:c8:76:ab:8d:3f:d7:10:2b:
f6:7e:02:7b:6c:fa:21:c3:0d:5d:0d:af:7b:f5:4a:15:bc:93:
81:56:f2:63:08:06:3c:6a:56:b3:7f:ce:50:03:a5:e3:a0:bb:
bf:a8:65:f8:f2:5c:10:b4:f5:9a:d9:17:52:ef:1c:4b:5f:d9:
d6:76:00:0d:a9:04:c5:f0:91:88:b6:44:74:b5:1a:12:c0:6b:
c4:28:66:f5:e5:00:e0:aa:ea:92:f2:6f:c0:87:7a:b8:4d:f8:
8d:99:bf:bb:2c:ae:39:23:1f:af:79:53:84:b1:b8:91:41:22:
ed:1f:3b:76:c7:4d:fc:81:ef:b5:6c:5a:91:1d:08:52:7f:1d:
5e:1d:20:0e:a4:85:fa:c1:7f:a1:86:82:24:9c:44:a2:94:fb:
4e:e2:87:db
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYIlojVtW3nGyS4iDK3B/mdyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIwN2FiOTIyNTY1ZTJiM2UyY2M2M2Q0ODVhNTVkZDRmYzQx
ZDM1N2UwHhcNMjIwNzIyMTExOTIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNGRiOWRiZWZhZWZhMTI5MWVlMzNkZjMyZjMyMzIzNjg0OWE2NDhjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw/4VEzlN9CjGiSX6vnhFZfzwlcfh
orPVbxNwYAhuERCpm2CaJVX3ExWZ8YrkN/7+0gmd4DPLa928khrJ9wvlsoG82B2u
UADC+BxS2/x/oDPbskJWiJG/ey9bIbmF/SSN59axtIMtMqO/BzQoHdo1icGL7Iao
9Z67sLKE23dps0SACJg7+CQ3Ltc9qo3Q0uAcI5n8FGgI+YfbYtUBnHDS2ShE9bLh
Qqe3+3BsOuR3GN3/9L9DfvzJJvMjLMmeyhX/SnukhE3nwGlytv7xMtTHviVyBqg4
3BsVy9wmW6XKyYsW2kho2SCemoUa6G0A9j3D4LEwvzNJitwmRZdkToSHDwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFCTbnb7676EpHuM98y8yMjaEmmSMMB8GA1UdIwQY
MBaAFLB6uSJWXis+LMY9SFpV3U/EHTV+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc0hxNUlsWmVLejRzeGoxSVdsWGRUOFFkTlg0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS82ZDU5ZDktOWRhZi00ZmNiLThkMDUt
MTNiY2M3NTIxMTlhLzEvSk51ZHZ2cnZvU2tlNHozekx6SXlOb1NhWkl3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS82ZDU5ZDktOWRhZi00ZmNiLThkMDUtMTNiY2M3NTIxMTlh
LzEvc0hxNUlsWmVLejRzeGoxSVdsWGRUOFFkTlg0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKhL4wfjB
MA0GCSqGSIb3DQEBCwUAA4IBAQA7q73Vc7E0XbVblxQq7n32KjeGqWaVWs9vv3BE
KuyJlAClrx6COPWXsMiwum386xLQqIF9SdABGVpsnLXTLa4kaXk1nGYZKmf73dAu
71Yt+bRjfMqQwrXEErin+zEsOsfttTneyHarjT/XECv2fgJ7bPohww1dDa979UoV
vJOBVvJjCAY8alazf85QA6XjoLu/qGX48lwQtPWa2RdS7xxLX9nWdgANqQTF8JGI
tkR0tRoSwGvEKGb15QDgquqS8m/Ah3q4TfiNmb+7LK45Ix+veVOEsbiRQSLtHzt2
x038ge+1bFqRHQhSfx1eHSAOpIX6wX+hhoIknESilPtO4ofb
-----END CERTIFICATE-----
Generated at Fri Apr 11 21:13:25 2025 by rpki-client