Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/ee9ddc-acd0-481d-8c0b-788b46e10497/1/UVvXCsPfXc2CMcOiu-Ig4FoZ7IM.roa
File: UVvXCsPfXc2CMcOiu-Ig4FoZ7IM.roa (raw, json)
Hash identifier: co3zgxTkD3W/GbFClkJbXO4NXpdK9cjdpVpDC+byN3E=
Subject key identifier: 51:5B:D7:0A:C3:DF:5D:CD:82:31:C3:A2:BB:E2:20:E0:5A:19:EC:83
Certificate issuer: /CN=aa8093354e565ac4838a51f47d2769769c66944e
Certificate serial: 013987
Authority key identifier: AA:80:93:35:4E:56:5A:C4:83:8A:51:F4:7D:27:69:76:9C:66:94:4E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qoCTNU5WWsSDilH0fSdpdpxmlE4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/ee9ddc-acd0-481d-8c0b-788b46e10497/1/UVvXCsPfXc2CMcOiu-Ig4FoZ7IM.roa
Signing time: Tue 05 Apr 2022 12:30:18 +0000
ROA not before: Tue 05 Apr 2022 12:30:18 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 174
IP address blocks: 2a12:b3c0::/29 maxlen: 29
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 80263 (0x13987)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa8093354e565ac4838a51f47d2769769c66944e
Validity
Not Before: Apr 5 12:30:18 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=515bd70ac3df5dcd8231c3a2bbe220e05a19ec83
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:5c:27:48:6c:3a:73:c7:66:d9:63:b0:a3:ab:
e8:56:8c:8d:57:18:2e:5a:3b:4b:34:f5:a4:95:eb:
28:d1:c4:00:32:0f:4e:99:87:c9:73:fe:df:2a:96:
f3:f7:f8:b5:22:80:bf:99:4c:8e:0e:f2:3f:93:91:
48:74:72:27:51:a1:dd:31:53:39:32:8d:07:6f:65:
28:df:26:d6:ad:75:28:57:bf:74:73:01:d5:6d:6e:
87:0c:0e:dd:da:d8:46:d6:46:3d:5b:ad:8c:5c:83:
3b:8e:7d:d6:29:21:30:c4:ed:69:64:49:2a:23:8c:
82:51:78:fb:e9:b7:cd:fc:58:6f:9e:b0:e8:5a:25:
b6:8f:20:09:9e:32:01:2b:02:3c:db:2f:92:51:a7:
f1:1d:52:cc:4d:0a:49:89:c5:9e:6e:9c:e4:42:c2:
5b:3d:b2:79:7e:4e:28:18:0f:25:10:03:b0:f8:b3:
f7:d9:82:1b:92:6d:7e:ea:a0:de:a8:20:4d:57:35:
42:74:a3:aa:a1:08:d9:41:eb:5a:06:63:df:43:7a:
88:c1:b7:7d:25:58:19:ef:d0:ef:3a:ab:41:3f:bc:
77:24:6b:ab:08:84:79:b2:ff:1c:e6:3e:64:0f:df:
89:fc:f9:62:85:04:d0:77:88:38:69:f3:b6:78:db:
b0:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:5B:D7:0A:C3:DF:5D:CD:82:31:C3:A2:BB:E2:20:E0:5A:19:EC:83
X509v3 Authority Key Identifier:
keyid:AA:80:93:35:4E:56:5A:C4:83:8A:51:F4:7D:27:69:76:9C:66:94:4E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qoCTNU5WWsSDilH0fSdpdpxmlE4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/ee9ddc-acd0-481d-8c0b-788b46e10497/1/UVvXCsPfXc2CMcOiu-Ig4FoZ7IM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/ee9ddc-acd0-481d-8c0b-788b46e10497/1/qoCTNU5WWsSDilH0fSdpdpxmlE4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:b3c0::/29
Signature Algorithm: sha256WithRSAEncryption
9e:11:53:93:9c:24:71:c2:4a:d0:62:c7:10:76:d3:18:93:af:
ac:5b:50:8b:36:a5:39:44:09:b2:51:00:eb:fd:65:18:4a:50:
b4:16:31:f2:22:8b:cc:45:14:ec:50:45:43:f2:4b:6b:5f:18:
f8:fc:89:ca:08:18:b5:b9:4b:81:ba:d8:f4:c6:d6:a3:f1:be:
44:78:e2:2e:74:7d:ed:51:0f:11:b2:bd:03:11:4e:17:2d:49:
4b:3a:c6:f2:c5:c8:69:a7:d6:5e:7e:91:32:1e:0c:b5:db:84:
34:13:1a:cc:1d:80:b1:e3:89:4e:30:c6:dd:a9:87:b3:d4:67:
b7:df:b9:00:61:e3:19:da:9f:41:81:5a:bc:93:f8:9d:a0:72:
a1:e5:39:96:57:66:1c:59:65:3a:46:29:7a:ef:6b:41:ae:c8:
ca:2e:37:ee:d6:2c:b5:61:b2:ce:3e:1e:16:3b:08:6d:63:37:
07:5d:46:c0:29:d2:c7:1d:9f:f2:c1:bb:18:6f:89:7e:5e:a0:
29:f1:93:81:e2:8f:47:ff:a1:23:91:ac:ba:45:44:fa:60:d1:
3c:9e:48:b5:e5:59:1e:dc:e1:ff:c6:29:3a:55:3e:17:5e:dc:
5f:a9:a3:ec:dd:5c:20:62:11:22:8d:a0:53:15:61:0a:a1:f7:
8a:35:91:04
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIDATmHMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGFh
ODA5MzM1NGU1NjVhYzQ4MzhhNTFmNDdkMjc2OTc2OWM2Njk0NGUwHhcNMjIwNDA1
MTIzMDE4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyg1MTViZDcwYWMzZGY1
ZGNkODIzMWMzYTJiYmUyMjBlMDVhMTllYzgzMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAuFwnSGw6c8dm2WOwo6voVoyNVxguWjtLNPWkleso0cQAMg9O
mYfJc/7fKpbz9/i1IoC/mUyODvI/k5FIdHInUaHdMVM5Mo0Hb2Uo3ybWrXUoV790
cwHVbW6HDA7d2thG1kY9W62MXIM7jn3WKSEwxO1pZEkqI4yCUXj76bfN/FhvnrDo
WiW2jyAJnjIBKwI82y+SUafxHVLMTQpJicWebpzkQsJbPbJ5fk4oGA8lEAOw+LP3
2YIbkm1+6qDeqCBNVzVCdKOqoQjZQetaBmPfQ3qIwbd9JVgZ79DvOqtBP7x3JGur
CIR5sv8c5j5kD9+J/PlihQTQd4g4afO2eNuwbQIDAQABo4ICCjCCAgYwHQYDVR0O
BBYEFFFb1wrD313NgjHDorviIOBaGeyDMB8GA1UdIwQYMBaAFKqAkzVOVlrEg4pR
9H0naXacZpROMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
cW9DVE5VNVdXc1NEaWxIMGZTZHBkcHhtbEU0LmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC8yYS9lZTlkZGMtYWNkMC00ODFkLThjMGItNzg4YjQ2ZTEwNDk3LzEv
VVZ2WENzUGZYYzJDTWNPaXUtSWc0Rm9aN0lNLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS9l
ZTlkZGMtYWNkMC00ODFkLThjMGItNzg4YjQ2ZTEwNDk3LzEvcW9DVE5VNVdXc1NE
aWxIMGZTZHBkcHhtbEU0LmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCAG
CCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhKzwDANBgkqhkiG9w0BAQsFAAOC
AQEAnhFTk5wkccJK0GLHEHbTGJOvrFtQizalOUQJslEA6/1lGEpQtBYx8iKLzEUU
7FBFQ/JLa18Y+PyJyggYtblLgbrY9MbWo/G+RHjiLnR97VEPEbK9AxFOFy1JSzrG
8sXIaafWXn6RMh4MtduENBMazB2AseOJTjDG3amHs9Rnt9+5AGHjGdqfQYFavJP4
naByoeU5lldmHFllOkYpeu9rQa7Iyi437tYstWGyzj4eFjsIbWM3B11GwCnSxx2f
8sG7GG+Jfl6gKfGTgeKPR/+hI5GsukVE+mDRPJ5IteVZHtzh/8YpOlU+F17cX6mj
7N1cIGIRIo2gUxVhCqH3ijWRBA==
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:31:41 2025 by rpki-client