Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/0b709f-53ab-49c9-8b83-5ae957f2cdbb/1/sSOHrWplhn1bCO3WYEG1WA_-Y5c.roa
File: sSOHrWplhn1bCO3WYEG1WA_-Y5c.roa (raw, json)
Hash identifier: HDagSE/XHeUsW1/16iqiTPBBDgjfjaNm9EcrwK8ZIIc=
Subject key identifier: B1:23:87:AD:6A:65:86:7D:5B:08:ED:D6:60:41:B5:58:0F:FE:63:97
Certificate issuer: /CN=cb6927b169e3d0f5cb94b343381992f48536c855
Certificate serial: 01C733
Authority key identifier: CB:69:27:B1:69:E3:D0:F5:CB:94:B3:43:38:19:92:F4:85:36:C8:55
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/y2knsWnj0PXLlLNDOBmS9IU2yFU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/0b709f-53ab-49c9-8b83-5ae957f2cdbb/1/sSOHrWplhn1bCO3WYEG1WA_-Y5c.roa
Signing time: Fri 04 Mar 2022 15:59:56 +0000
ROA not before: Fri 04 Mar 2022 15:59:56 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 50113
IP address blocks: 2a12:6c40::/29 maxlen: 29
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 116531 (0x1c733)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cb6927b169e3d0f5cb94b343381992f48536c855
Validity
Not Before: Mar 4 15:59:56 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b12387ad6a65867d5b08edd66041b5580ffe6397
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:d6:09:ae:33:af:ee:3a:68:a8:00:1d:b4:df:
a4:ec:6e:ef:f0:03:29:36:2b:20:5d:8b:5a:f5:cf:
91:02:87:54:55:22:03:c8:50:b2:30:87:3a:67:59:
86:be:9d:c1:7b:bb:40:e9:a0:46:1d:6e:4d:28:db:
8c:dc:65:1c:0c:31:56:bf:47:5b:ba:a9:11:b9:12:
2b:85:bb:09:20:5a:2d:14:a7:41:cb:3b:47:78:ef:
91:a3:4b:7f:b9:91:33:c3:31:c3:04:53:29:c7:7e:
b4:30:7a:ae:36:b8:78:07:60:4a:60:b6:13:28:19:
81:a0:df:6e:f8:d9:13:37:c2:57:de:a2:54:23:cc:
ef:47:88:d4:c0:13:bb:0d:32:d9:f1:96:60:33:a6:
f8:21:d0:5c:7d:4c:21:e6:50:87:49:72:6d:6e:78:
2b:d0:67:ef:ab:b0:33:fa:5f:fa:41:27:59:22:22:
15:9c:9d:7a:c4:ca:5b:4f:38:69:b8:a7:cb:d9:aa:
95:8e:7c:2b:52:ba:8b:5d:0e:ba:ff:9b:6f:03:46:
8a:62:bd:76:aa:bb:ed:2e:87:67:8f:d2:29:5a:b7:
84:1e:16:00:28:67:35:65:47:bd:29:d4:b6:9a:e8:
13:44:3b:7a:a7:e6:af:37:ab:51:24:5c:46:a2:a1:
87:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:23:87:AD:6A:65:86:7D:5B:08:ED:D6:60:41:B5:58:0F:FE:63:97
X509v3 Authority Key Identifier:
keyid:CB:69:27:B1:69:E3:D0:F5:CB:94:B3:43:38:19:92:F4:85:36:C8:55
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/y2knsWnj0PXLlLNDOBmS9IU2yFU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/0b709f-53ab-49c9-8b83-5ae957f2cdbb/1/sSOHrWplhn1bCO3WYEG1WA_-Y5c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/0b709f-53ab-49c9-8b83-5ae957f2cdbb/1/y2knsWnj0PXLlLNDOBmS9IU2yFU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:6c40::/29
Signature Algorithm: sha256WithRSAEncryption
d4:a7:ae:b3:33:19:03:93:86:22:9f:8e:31:e7:a5:08:31:ed:
b5:64:94:62:85:cb:d8:50:e2:d4:2d:ee:4a:31:14:c0:21:af:
4e:b5:00:79:c1:51:fa:99:35:1f:57:a7:97:70:ff:5a:eb:a3:
61:27:8e:90:8e:9f:9f:66:dc:bc:a5:f6:96:81:9a:e6:cc:b3:
9f:75:5c:df:32:fc:42:63:50:33:2f:ca:b8:2b:27:b6:72:cb:
55:2f:c5:eb:f0:8c:fc:33:91:be:88:42:06:80:3a:87:62:bb:
02:c2:84:f2:ea:8b:60:39:ea:34:c9:49:52:72:cf:4f:45:71:
2a:bf:99:bb:52:ca:4c:ea:a3:be:cd:3e:8b:9e:30:ce:07:67:
57:a8:3f:cc:ae:3e:76:fe:ca:ee:5d:62:3c:23:1d:1a:95:92:
65:60:90:3c:b4:55:dd:a4:4e:f0:c6:7f:78:3d:77:a1:bd:9f:
91:ea:24:55:25:7b:34:43:60:8f:c9:ff:9e:81:cd:c5:d7:92:
26:83:81:72:f4:57:31:9c:a4:6b:6b:92:a3:89:24:25:ce:1a:
74:f0:f1:ba:98:5f:0a:c1:55:6b:d5:66:c9:b7:3b:33:82:91:
92:b7:e6:a0:15:6a:7c:26:00:a1:10:3e:52:35:1d:af:f8:49:
26:e0:cb:7f
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIDAcczMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGNi
NjkyN2IxNjllM2QwZjVjYjk0YjM0MzM4MTk5MmY0ODUzNmM4NTUwHhcNMjIwMzA0
MTU1OTU2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyhiMTIzODdhZDZhNjU4
NjdkNWIwOGVkZDY2MDQxYjU1ODBmZmU2Mzk3MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAsNYJrjOv7jpoqAAdtN+k7G7v8AMpNisgXYta9c+RAodUVSID
yFCyMIc6Z1mGvp3Be7tA6aBGHW5NKNuM3GUcDDFWv0dbuqkRuRIrhbsJIFotFKdB
yztHeO+Ro0t/uZEzwzHDBFMpx360MHquNrh4B2BKYLYTKBmBoN9u+NkTN8JX3qJU
I8zvR4jUwBO7DTLZ8ZZgM6b4IdBcfUwh5lCHSXJtbngr0Gfvq7Az+l/6QSdZIiIV
nJ16xMpbTzhpuKfL2aqVjnwrUrqLXQ66/5tvA0aKYr12qrvtLodnj9IpWreEHhYA
KGc1ZUe9KdS2mugTRDt6p+avN6tRJFxGoqGHdwIDAQABo4ICCjCCAgYwHQYDVR0O
BBYEFLEjh61qZYZ9Wwjt1mBBtVgP/mOXMB8GA1UdIwQYMBaAFMtpJ7Fp49D1y5Sz
QzgZkvSFNshVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
eTJrbnNXbmowUFhMbExORE9CbVM5SVUyeUZVLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC8xMC8wYjcwOWYtNTNhYi00OWM5LThiODMtNWFlOTU3ZjJjZGJiLzEv
c1NPSHJXcGxobjFiQ08zV1lFRzFXQV8tWTVjLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC8w
YjcwOWYtNTNhYi00OWM5LThiODMtNWFlOTU3ZjJjZGJiLzEveTJrbnNXbmowUFhM
bExORE9CbVM5SVUyeUZVLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCAG
CCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhJsQDANBgkqhkiG9w0BAQsFAAOC
AQEA1KeuszMZA5OGIp+OMeelCDHttWSUYoXL2FDi1C3uSjEUwCGvTrUAecFR+pk1
H1enl3D/WuujYSeOkI6fn2bcvKX2loGa5syzn3Vc3zL8QmNQMy/KuCsntnLLVS/F
6/CM/DORvohCBoA6h2K7AsKE8uqLYDnqNMlJUnLPT0VxKr+Zu1LKTOqjvs0+i54w
zgdnV6g/zK4+dv7K7l1iPCMdGpWSZWCQPLRV3aRO8MZ/eD13ob2fkeokVSV7NENg
j8n/noHNxdeSJoOBcvRXMZyka2uSo4kkJc4adPDxuphfCsFVa9Vmybc7M4KRkrfm
oBVqfCYAoRA+UjUdr/hJJuDLfw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:53:49 2024 by rpki-client on console-ams.rpki-client.org