Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/0b709f-53ab-49c9-8b83-5ae957f2cdbb/1/057UiA3yLY9PAOHUPfOmjzfnlB4.roa
File: 057UiA3yLY9PAOHUPfOmjzfnlB4.roa (raw, json)
Hash identifier: tNaw8cWDVJKSG+3EOunDFpXhlJrjwpbfL3s+F5viYLA=
Subject key identifier: D3:9E:D4:88:0D:F2:2D:8F:4F:00:E1:D4:3D:F3:A6:8F:37:E7:94:1E
Certificate issuer: /CN=cb6927b169e3d0f5cb94b343381992f48536c855
Certificate serial: 1DFF96
Authority key identifier: CB:69:27:B1:69:E3:D0:F5:CB:94:B3:43:38:19:92:F4:85:36:C8:55
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/y2knsWnj0PXLlLNDOBmS9IU2yFU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/0b709f-53ab-49c9-8b83-5ae957f2cdbb/1/057UiA3yLY9PAOHUPfOmjzfnlB4.roa
Signing time: Tue 15 Mar 2022 11:07:26 +0000
ROA not before: Tue 15 Mar 2022 11:07:26 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 174
IP address blocks: 2a12:6c40::/29 maxlen: 29
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1965974 (0x1dff96)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cb6927b169e3d0f5cb94b343381992f48536c855
Validity
Not Before: Mar 15 11:07:26 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d39ed4880df22d8f4f00e1d43df3a68f37e7941e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:f9:ce:62:4e:ca:55:13:a1:73:d0:d3:33:2a:
ae:c5:3e:c8:64:96:c7:b3:94:ea:81:63:4d:36:05:
a4:cc:fa:ae:f1:7d:55:12:20:39:e3:0b:cf:9e:67:
d7:da:eb:1b:3c:e6:0f:a9:f5:6f:05:86:b5:9a:a9:
b0:eb:67:7d:3f:44:9f:29:f1:2a:ed:d3:4d:13:cf:
5c:ab:53:c5:f5:c7:9b:9c:27:66:ed:fa:d0:f3:80:
fe:c0:9d:2c:7a:16:17:06:8f:84:bc:e6:2c:39:ab:
a0:da:df:35:4b:53:cd:fe:bd:2e:02:91:39:ef:96:
69:8c:c5:1d:a8:81:a8:5d:8e:21:bf:f8:6e:b6:89:
98:50:9c:09:b4:80:97:6a:39:be:07:78:49:d8:c0:
12:55:96:fa:29:11:3b:71:ea:d1:eb:0a:1d:ba:24:
ab:36:6b:d0:e6:01:32:05:14:f5:93:a4:b2:f6:80:
39:53:d3:6b:9e:37:36:9f:46:18:4e:8f:8f:15:51:
2f:3e:ba:bc:78:18:aa:ea:a6:09:41:64:dc:60:44:
71:4e:36:d9:9e:93:a1:f9:22:60:3e:62:25:b8:b4:
99:63:55:a5:bb:63:b0:df:d0:67:3c:07:4f:7f:2c:
80:fd:9d:e2:5c:2a:50:74:07:7c:fe:82:13:4e:91:
3c:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:9E:D4:88:0D:F2:2D:8F:4F:00:E1:D4:3D:F3:A6:8F:37:E7:94:1E
X509v3 Authority Key Identifier:
keyid:CB:69:27:B1:69:E3:D0:F5:CB:94:B3:43:38:19:92:F4:85:36:C8:55
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/y2knsWnj0PXLlLNDOBmS9IU2yFU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/0b709f-53ab-49c9-8b83-5ae957f2cdbb/1/057UiA3yLY9PAOHUPfOmjzfnlB4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/0b709f-53ab-49c9-8b83-5ae957f2cdbb/1/y2knsWnj0PXLlLNDOBmS9IU2yFU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:6c40::/29
Signature Algorithm: sha256WithRSAEncryption
57:d3:90:a2:78:67:1b:d4:1b:57:46:46:c9:5c:72:18:14:a1:
09:06:0d:ce:97:41:5c:b1:63:03:3a:f0:26:1f:e6:e5:ec:7b:
82:af:04:92:b5:89:de:1b:1c:e7:39:ae:17:78:22:af:d0:2c:
9b:1d:67:f0:2c:a7:95:d6:07:e0:bb:b5:69:95:6a:4f:72:64:
30:d7:99:fb:03:90:77:02:8a:f4:1f:0f:97:35:1f:a2:74:94:
ae:bf:0d:88:31:b8:82:41:0f:7f:ff:0b:b6:8e:0a:7b:5d:9b:
e3:cc:61:3a:ed:5a:a9:0e:4b:82:43:97:b3:76:c6:1f:c4:57:
bf:43:86:4c:bb:a5:44:29:97:ab:cb:ff:f6:29:04:48:b1:5c:
fa:8a:41:b4:70:e8:38:8f:c8:da:4d:b3:fd:e6:03:99:c0:9a:
67:4a:7c:ad:18:0d:3d:45:72:8b:34:91:5d:33:75:ec:26:12:
24:6a:5e:00:ea:58:0b:16:97:d7:f4:bb:bf:29:a6:81:f1:a4:
97:66:e5:55:95:e6:e4:96:d8:9e:e2:79:43:82:45:92:ee:11:
99:af:7f:8d:11:e8:28:e7:26:ca:62:15:2d:f0:90:31:7b:c2:
5c:84:b9:54:94:6e:77:84:6e:92:d3:c8:cb:04:83:04:d7:ff:
9a:e7:93:4d
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIDHf+WMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGNi
NjkyN2IxNjllM2QwZjVjYjk0YjM0MzM4MTk5MmY0ODUzNmM4NTUwHhcNMjIwMzE1
MTEwNzI2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyhkMzllZDQ4ODBkZjIy
ZDhmNGYwMGUxZDQzZGYzYTY4ZjM3ZTc5NDFlMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEA2/nOYk7KVROhc9DTMyquxT7IZJbHs5TqgWNNNgWkzPqu8X1V
EiA54wvPnmfX2usbPOYPqfVvBYa1mqmw62d9P0SfKfEq7dNNE89cq1PF9cebnCdm
7frQ84D+wJ0sehYXBo+EvOYsOaug2t81S1PN/r0uApE575ZpjMUdqIGoXY4hv/hu
tomYUJwJtICXajm+B3hJ2MASVZb6KRE7cerR6woduiSrNmvQ5gEyBRT1k6Sy9oA5
U9Nrnjc2n0YYTo+PFVEvPrq8eBiq6qYJQWTcYERxTjbZnpOh+SJgPmIluLSZY1Wl
u2Ow39BnPAdPfyyA/Z3iXCpQdAd8/oITTpE8jwIDAQABo4ICCjCCAgYwHQYDVR0O
BBYEFNOe1IgN8i2PTwDh1D3zpo8355QeMB8GA1UdIwQYMBaAFMtpJ7Fp49D1y5Sz
QzgZkvSFNshVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
eTJrbnNXbmowUFhMbExORE9CbVM5SVUyeUZVLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC8xMC8wYjcwOWYtNTNhYi00OWM5LThiODMtNWFlOTU3ZjJjZGJiLzEv
MDU3VWlBM3lMWTlQQU9IVVBmT21qemZubEI0LnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC8w
YjcwOWYtNTNhYi00OWM5LThiODMtNWFlOTU3ZjJjZGJiLzEveTJrbnNXbmowUFhM
bExORE9CbVM5SVUyeUZVLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCAG
CCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhJsQDANBgkqhkiG9w0BAQsFAAOC
AQEAV9OQonhnG9QbV0ZGyVxyGBShCQYNzpdBXLFjAzrwJh/m5ex7gq8EkrWJ3hsc
5zmuF3gir9Asmx1n8CynldYH4Lu1aZVqT3JkMNeZ+wOQdwKK9B8PlzUfonSUrr8N
iDG4gkEPf/8Lto4Ke12b48xhOu1aqQ5LgkOXs3bGH8RXv0OGTLulRCmXq8v/9ikE
SLFc+opBtHDoOI/I2k2z/eYDmcCaZ0p8rRgNPUVyizSRXTN17CYSJGpeAOpYCxaX
1/S7vymmgfGkl2blVZXm5JbYnuJ5Q4JFku4Rma9/jRHoKOcmymIVLfCQMXvCXIS5
VJRud4RuktPIywSDBNf/mueTTQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:53:49 2024 by rpki-client on console-ams.rpki-client.org