Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/6d59d9-9daf-4fcb-8d05-13bcc752119a/1/_JETG29rChic745gYnv5SwlHaTM.roa
File: _JETG29rChic745gYnv5SwlHaTM.roa (raw, json)
Hash identifier: B8ZQrxkpND3GciUgg3zCyT1nC/4m7ez7rNAh1svMjSc=
Subject key identifier: FC:91:13:1B:6F:6B:0A:18:9C:EF:8E:60:62:7B:F9:4B:09:47:69:33
Certificate issuer: /CN=b07ab922565e2b3e2cc63d485a55dd4fc41d357e
Certificate serial: 0186212A5DB197681CD0B331A7C8D4624927
Authority key identifier: B0:7A:B9:22:56:5E:2B:3E:2C:C6:3D:48:5A:55:DD:4F:C4:1D:35:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sHq5IlZeKz4sxj1IWlXdT8QdNX4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/6d59d9-9daf-4fcb-8d05-13bcc752119a/1/_JETG29rChic745gYnv5SwlHaTM.roa
Signing time: Sun 05 Feb 2023 10:41:09 +0000
ROA not before: Sun 05 Feb 2023 10:41:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 201801
IP address blocks: 2a12:f8c1:40::/44 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:21:2a:5d:b1:97:68:1c:d0:b3:31:a7:c8:d4:62:49:27
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b07ab922565e2b3e2cc63d485a55dd4fc41d357e
Validity
Not Before: Feb 5 10:41:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fc91131b6f6b0a189cef8e60627bf94b09476933
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:82:30:8d:7d:fc:81:a3:c7:ca:d3:f8:d2:88:
49:71:d5:27:96:06:ca:c2:80:8f:b0:57:0a:7b:96:
a1:7c:b4:2e:c5:3b:46:0e:be:de:53:2b:fb:87:6f:
db:8f:a3:fa:c2:79:78:4d:56:ee:df:84:2e:ae:8c:
a9:c5:20:8f:2d:43:b3:5d:10:2e:2e:48:79:d3:91:
9e:81:42:f3:cd:20:1a:fa:8e:d8:ad:76:5d:90:61:
8d:d9:71:d8:54:09:10:02:2e:90:eb:3e:df:cf:ee:
6d:b4:ba:3f:33:f8:8e:29:58:5e:32:5e:2d:19:51:
6d:d4:65:07:ac:99:70:c0:eb:cd:1f:92:49:2c:dd:
f0:54:00:dc:bb:94:69:bc:5e:52:87:97:dd:0d:0f:
0f:20:c3:4c:c4:e6:86:71:2a:ad:00:cd:7f:bf:b8:
5d:11:87:d5:17:82:e8:e7:cb:c4:a4:0f:b2:03:34:
bb:e5:fc:0c:7b:a8:2e:cf:57:d9:f3:09:b1:4b:07:
65:98:b4:c5:88:fa:89:71:87:b5:fb:e9:77:ef:3e:
39:aa:38:f4:71:ee:f2:a6:6f:34:5d:56:37:22:97:
da:78:30:1e:b3:0c:4f:63:ee:93:ab:9c:f1:be:01:
1b:1e:96:01:2c:61:4f:d4:e9:d4:1a:06:8b:9f:a7:
e4:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FC:91:13:1B:6F:6B:0A:18:9C:EF:8E:60:62:7B:F9:4B:09:47:69:33
X509v3 Authority Key Identifier:
keyid:B0:7A:B9:22:56:5E:2B:3E:2C:C6:3D:48:5A:55:DD:4F:C4:1D:35:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sHq5IlZeKz4sxj1IWlXdT8QdNX4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/6d59d9-9daf-4fcb-8d05-13bcc752119a/1/_JETG29rChic745gYnv5SwlHaTM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/6d59d9-9daf-4fcb-8d05-13bcc752119a/1/sHq5IlZeKz4sxj1IWlXdT8QdNX4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:f8c1:40::/44
Signature Algorithm: sha256WithRSAEncryption
0a:e2:23:23:a7:5f:db:e3:8c:0b:e9:44:c5:97:ba:95:45:e9:
f3:8a:de:bc:49:5f:5a:9d:d6:ab:b1:b3:2c:bc:f3:2f:61:26:
e5:1b:a7:32:38:28:d1:f4:a3:5f:0f:aa:bf:49:04:43:ad:ba:
ff:71:31:bd:38:b9:6b:82:e5:1d:28:80:95:be:7c:9c:c3:fe:
a0:29:6c:d5:05:20:fc:4b:19:fd:3f:ff:d5:e9:1c:bf:92:72:
85:90:ff:78:f2:97:c1:e3:c6:29:18:11:2d:03:ac:a6:ac:ee:
bc:34:c8:78:42:d8:40:f5:19:a4:56:22:d6:f9:74:c2:79:e9:
93:72:a0:cc:f9:eb:31:8b:18:c0:cc:ce:2f:4b:65:f5:55:13:
6c:ca:59:03:7d:e8:f2:c8:fc:99:ec:43:1f:b8:b2:93:87:11:
94:fd:03:7e:65:30:7a:6d:1b:97:c3:9c:97:58:64:99:52:75:
e3:57:cd:bd:e2:a1:fc:9a:2c:0d:ee:39:9c:3b:30:fb:ab:53:
58:5a:e7:97:8f:16:bf:4b:99:fa:7f:8f:ed:02:6f:60:4f:a9:
62:2c:7a:f1:69:7c:8a:b1:a6:cd:30:ca:88:a3:62:c7:37:35:
c2:d7:52:19:97:30:79:fb:b9:ef:4b:d6:59:bb:85:ea:61:ad:
b6:84:ce:78
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYYhKl2xl2gc0LMxp8jUYkknMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIwN2FiOTIyNTY1ZTJiM2UyY2M2M2Q0ODVhNTVkZDRmYzQx
ZDM1N2UwHhcNMjMwMjA1MTA0MTA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYzkxMTMxYjZmNmIwYTE4OWNlZjhlNjA2MjdiZjk0YjA5NDc2OTMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuYIwjX38gaPHytP40ohJcdUnlgbK
woCPsFcKe5ahfLQuxTtGDr7eUyv7h2/bj6P6wnl4TVbu34QuroypxSCPLUOzXRAu
Lkh505GegULzzSAa+o7YrXZdkGGN2XHYVAkQAi6Q6z7fz+5ttLo/M/iOKVheMl4t
GVFt1GUHrJlwwOvNH5JJLN3wVADcu5RpvF5Sh5fdDQ8PIMNMxOaGcSqtAM1/v7hd
EYfVF4Lo58vEpA+yAzS75fwMe6guz1fZ8wmxSwdlmLTFiPqJcYe1++l37z45qjj0
ce7ypm80XVY3IpfaeDAeswxPY+6Tq5zxvgEbHpYBLGFP1OnUGgaLn6fkoQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFPyRExtvawoYnO+OYGJ7+UsJR2kzMB8GA1UdIwQY
MBaAFLB6uSJWXis+LMY9SFpV3U/EHTV+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc0hxNUlsWmVLejRzeGoxSVdsWGRUOFFkTlg0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS82ZDU5ZDktOWRhZi00ZmNiLThkMDUt
MTNiY2M3NTIxMTlhLzEvX0pFVEcyOXJDaGljNzQ1Z1ludjVTd2xIYVRNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS82ZDU5ZDktOWRhZi00ZmNiLThkMDUtMTNiY2M3NTIxMTlh
LzEvc0hxNUlsWmVLejRzeGoxSVdsWGRUOFFkTlg0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKhL4wQBA
MA0GCSqGSIb3DQEBCwUAA4IBAQAK4iMjp1/b44wL6UTFl7qVRenzit68SV9andar
sbMsvPMvYSblG6cyOCjR9KNfD6q/SQRDrbr/cTG9OLlrguUdKICVvnycw/6gKWzV
BSD8Sxn9P//V6Ry/knKFkP948pfB48YpGBEtA6ymrO68NMh4QthA9RmkViLW+XTC
eemTcqDM+esxixjAzM4vS2X1VRNsylkDfejyyPyZ7EMfuLKThxGU/QN+ZTB6bRuX
w5yXWGSZUnXjV8294qH8miwN7jmcOzD7q1NYWueXjxa/S5n6f4/tAm9gT6liLHrx
aXyKsabNMMqIo2LHNzXC11IZlzB5+7nvS9ZZu4XqYa22hM54
-----END CERTIFICATE-----
Generated at Fri Apr 11 21:27:19 2025 by rpki-client