Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/6d59d9-9daf-4fcb-8d05-13bcc752119a/1/_ku1ppqvJ-VOhlD48zWvX_YzGb0.roa
File: _ku1ppqvJ-VOhlD48zWvX_YzGb0.roa (raw, json)
Hash identifier: C6c25nygaLWcjwbldZ6GfU3Yg9oDPyE7wWQ0DYpVlHc=
Subject key identifier: FE:4B:B5:A6:9A:AF:27:E5:4E:86:50:F8:F3:35:AF:5F:F6:33:19:BD
Certificate issuer: /CN=b07ab922565e2b3e2cc63d485a55dd4fc41d357e
Certificate serial: 018703E4509678E0892C0F01DB160BAD014D
Authority key identifier: B0:7A:B9:22:56:5E:2B:3E:2C:C6:3D:48:5A:55:DD:4F:C4:1D:35:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sHq5IlZeKz4sxj1IWlXdT8QdNX4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/6d59d9-9daf-4fcb-8d05-13bcc752119a/1/_ku1ppqvJ-VOhlD48zWvX_YzGb0.roa
Signing time: Tue 21 Mar 2023 11:18:27 +0000
ROA not before: Tue 21 Mar 2023 11:18:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 51847
IP address blocks: 2a12:f8c1:60::/44 maxlen: 44
2a12:f8c1:50::/44 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:03:e4:50:96:78:e0:89:2c:0f:01:db:16:0b:ad:01:4d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b07ab922565e2b3e2cc63d485a55dd4fc41d357e
Validity
Not Before: Mar 21 11:18:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fe4bb5a69aaf27e54e8650f8f335af5ff63319bd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:f8:a3:21:b9:82:9b:65:01:15:20:b2:c1:80:
3e:63:eb:97:c0:52:1e:c9:f1:da:17:d5:20:d4:4d:
32:f0:93:06:63:c6:79:a4:3d:11:8e:77:6c:1c:e1:
27:0a:ad:71:44:b3:ec:af:74:03:08:83:cc:50:01:
45:76:6b:32:2f:a3:3f:3b:12:55:b1:c4:aa:f5:22:
02:c5:ee:ad:d3:97:cb:f6:a8:2a:fd:b7:10:31:9a:
22:e2:a6:71:b4:52:2e:b1:54:6c:d8:de:7b:bb:af:
b6:5a:9c:6f:e6:6e:2c:31:fa:d9:bb:49:4e:72:09:
74:a1:55:c9:c6:f5:50:b1:6d:a6:10:5b:a8:bc:ca:
61:23:21:21:e0:8c:18:81:16:f9:cc:6c:5c:d3:d4:
61:f7:7b:05:36:db:83:18:e3:14:45:24:dc:de:8b:
54:c0:11:73:bb:4d:14:9e:4a:33:ee:2c:d6:ff:55:
06:88:69:cf:98:8e:69:5e:8d:66:17:40:9a:54:03:
d5:ad:d1:0a:ac:ed:ee:8e:35:cd:e3:30:fe:50:0d:
00:bb:df:b4:fc:69:d1:7a:5b:4f:27:59:18:03:93:
62:e6:1a:52:70:d7:a4:26:79:a1:72:28:37:71:2a:
c1:45:0c:93:4c:17:36:6a:8a:de:32:20:cc:b0:5e:
ab:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:4B:B5:A6:9A:AF:27:E5:4E:86:50:F8:F3:35:AF:5F:F6:33:19:BD
X509v3 Authority Key Identifier:
keyid:B0:7A:B9:22:56:5E:2B:3E:2C:C6:3D:48:5A:55:DD:4F:C4:1D:35:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sHq5IlZeKz4sxj1IWlXdT8QdNX4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/6d59d9-9daf-4fcb-8d05-13bcc752119a/1/_ku1ppqvJ-VOhlD48zWvX_YzGb0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/6d59d9-9daf-4fcb-8d05-13bcc752119a/1/sHq5IlZeKz4sxj1IWlXdT8QdNX4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:f8c1:50::-2a12:f8c1:6f:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
ab:5f:aa:79:ba:8a:c8:a1:69:cb:93:c9:e9:5e:6a:06:f3:f7:
bd:76:ea:c5:4f:a4:38:6d:ae:57:8b:f6:22:ff:22:c2:46:3e:
5e:be:8e:83:6d:35:af:17:40:9e:72:19:2d:35:8d:f3:ce:d0:
81:3d:49:ca:a7:69:d9:ec:0d:26:03:d1:66:33:ac:3c:76:fb:
a7:34:84:6d:ca:48:02:bb:b5:b3:2b:a1:e2:1f:ff:ff:92:a5:
0f:2f:fb:6b:95:35:bb:9d:71:76:ac:2f:6a:a4:47:1b:24:55:
9d:0d:28:52:fe:ca:da:d2:52:18:9b:d1:51:d0:24:1d:de:7c:
c1:be:76:bc:0d:9a:da:54:1c:63:67:15:7c:77:84:c7:9a:2d:
8c:55:70:50:f8:1d:19:4b:f6:cf:a8:ab:8e:84:c4:ec:01:2e:
69:a9:84:da:ee:46:ca:dd:61:ee:6c:56:c7:1b:33:e6:64:fe:
c3:30:f4:e7:70:3b:fd:36:25:ee:e2:e3:1e:a0:8c:db:51:88:
0b:54:58:33:ec:6c:4b:27:4b:59:fd:ec:1d:37:43:83:55:79:
f6:fb:45:be:8d:8a:c2:57:f8:c1:56:a9:ad:0e:8c:b9:d5:58:
53:c7:4e:9c:27:5d:78:b5:1b:99:42:83:77:ef:19:07:6a:15:
0d:57:fb:28
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYcD5FCWeOCJLA8B2xYLrQFNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIwN2FiOTIyNTY1ZTJiM2UyY2M2M2Q0ODVhNTVkZDRmYzQx
ZDM1N2UwHhcNMjMwMzIxMTExODI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZTRiYjVhNjlhYWYyN2U1NGU4NjUwZjhmMzM1YWY1ZmY2MzMxOWJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo/ijIbmCm2UBFSCywYA+Y+uXwFIe
yfHaF9Ug1E0y8JMGY8Z5pD0RjndsHOEnCq1xRLPsr3QDCIPMUAFFdmsyL6M/OxJV
scSq9SICxe6t05fL9qgq/bcQMZoi4qZxtFIusVRs2N57u6+2Wpxv5m4sMfrZu0lO
cgl0oVXJxvVQsW2mEFuovMphIyEh4IwYgRb5zGxc09Rh93sFNtuDGOMURSTc3otU
wBFzu00Unkoz7izW/1UGiGnPmI5pXo1mF0CaVAPVrdEKrO3ujjXN4zD+UA0Au9+0
/GnReltPJ1kYA5Ni5hpScNekJnmhcig3cSrBRQyTTBc2aoreMiDMsF6rtQIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFP5LtaaaryflToZQ+PM1r1/2Mxm9MB8GA1UdIwQY
MBaAFLB6uSJWXis+LMY9SFpV3U/EHTV+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc0hxNUlsWmVLejRzeGoxSVdsWGRUOFFkTlg0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS82ZDU5ZDktOWRhZi00ZmNiLThkMDUt
MTNiY2M3NTIxMTlhLzEvX2t1MXBwcXZKLVZPaGxENDh6V3ZYX1l6R2IwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS82ZDU5ZDktOWRhZi00ZmNiLThkMDUtMTNiY2M3NTIxMTlh
LzEvc0hxNUlsWmVLejRzeGoxSVdsWGRUOFFkTlg0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAAjAUMBIDBwQqEvjB
AFADBwQqEvjBAGAwDQYJKoZIhvcNAQELBQADggEBAKtfqnm6isihacuTyeleagbz
97126sVPpDhtrleL9iL/IsJGPl6+joNtNa8XQJ5yGS01jfPO0IE9ScqnadnsDSYD
0WYzrDx2+6c0hG3KSAK7tbMroeIf//+SpQ8v+2uVNbudcXasL2qkRxskVZ0NKFL+
ytrSUhib0VHQJB3efMG+drwNmtpUHGNnFXx3hMeaLYxVcFD4HRlL9s+oq46ExOwB
LmmphNruRsrdYe5sVscbM+Zk/sMw9OdwO/02Je7i4x6gjNtRiAtUWDPsbEsnS1n9
7B03Q4NVefb7Rb6NisJX+MFWqa0OjLnVWFPHTpwnXXi1G5lCg3fvGQdqFQ1X+yg=
-----END CERTIFICATE-----
Generated at Fri Apr 11 21:29:09 2025 by rpki-client