Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/e55563-ccf7-4e79-a3e9-7adbd2136ac1/1/FXVuw9hls3j9__rhqA3fDfejiXw.roa
File: FXVuw9hls3j9__rhqA3fDfejiXw.roa (raw, json)
Hash identifier: VVAZoJld363zKszjzyyvez9PKEfrxg45jBuelw9Wu/0=
Subject key identifier: 15:75:6E:C3:D8:65:B3:78:FD:FF:FA:E1:A8:0D:DF:0D:F7:A3:89:7C
Certificate issuer: /CN=e39176c5a602527533c2b541406ae83f209e620c
Certificate serial: 0182D5272638ACF7848A34C6564A594ED287
Authority key identifier: E3:91:76:C5:A6:02:52:75:33:C2:B5:41:40:6A:E8:3F:20:9E:62:0C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/45F2xaYCUnUzwrVBQGroPyCeYgw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/e55563-ccf7-4e79-a3e9-7adbd2136ac1/1/FXVuw9hls3j9__rhqA3fDfejiXw.roa
Signing time: Thu 25 Aug 2022 13:18:08 +0000
ROA not before: Thu 25 Aug 2022 13:18:08 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 208256
IP address blocks: 2a12:1b40::/29 maxlen: 29
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:d5:27:26:38:ac:f7:84:8a:34:c6:56:4a:59:4e:d2:87
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e39176c5a602527533c2b541406ae83f209e620c
Validity
Not Before: Aug 25 13:18:08 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=15756ec3d865b378fdfffae1a80ddf0df7a3897c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:f5:f6:9a:6c:80:58:14:44:6e:78:e4:cb:65:
77:1a:20:31:9e:46:1f:be:e0:9d:27:35:99:f2:29:
b4:92:3d:fb:9b:8b:8b:7d:1e:8f:e9:f5:5f:7a:b8:
d8:47:82:9f:be:a4:b0:ab:16:c7:94:3b:e0:84:5a:
56:8c:05:3f:0d:99:bc:62:3b:ce:16:7f:16:4a:3c:
cf:8c:d4:d1:27:d3:3e:0e:ea:af:f5:2b:4c:82:7a:
92:a1:ab:88:34:a9:da:40:c0:19:49:81:84:a3:20:
44:40:87:15:8f:37:dd:a6:2f:e0:99:18:3a:b2:fb:
ef:2d:ba:b9:e1:8d:8e:20:02:a2:98:60:f2:10:d4:
55:32:d1:2f:20:e3:c4:6e:b5:5d:da:b1:0c:d7:b1:
16:f9:87:ee:10:9f:48:04:11:65:05:ce:dc:48:de:
9f:73:7d:57:a2:64:07:47:7e:5d:52:5a:b5:09:3e:
3a:bd:6c:3f:36:22:a8:8a:89:6b:42:95:62:25:16:
07:53:9e:fc:f3:12:3a:0d:35:2d:f7:90:64:59:82:
3b:07:bd:6b:d3:41:df:f1:87:7a:51:13:49:ed:35:
02:de:32:e1:13:ac:22:50:03:ba:04:a0:eb:6c:78:
c5:b3:0d:ff:28:0f:49:a3:4f:3e:7f:6b:6a:76:49:
f2:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
15:75:6E:C3:D8:65:B3:78:FD:FF:FA:E1:A8:0D:DF:0D:F7:A3:89:7C
X509v3 Authority Key Identifier:
keyid:E3:91:76:C5:A6:02:52:75:33:C2:B5:41:40:6A:E8:3F:20:9E:62:0C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/45F2xaYCUnUzwrVBQGroPyCeYgw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/e55563-ccf7-4e79-a3e9-7adbd2136ac1/1/FXVuw9hls3j9__rhqA3fDfejiXw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/e55563-ccf7-4e79-a3e9-7adbd2136ac1/1/45F2xaYCUnUzwrVBQGroPyCeYgw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:1b40::/29
Signature Algorithm: sha256WithRSAEncryption
76:97:f4:54:05:c6:6c:01:a7:62:2c:54:a2:c2:c9:44:c8:54:
19:48:d0:24:18:5a:65:af:e7:bc:2b:e8:10:78:cb:47:bc:77:
f8:2c:47:f2:86:d6:91:8f:dd:58:c1:9f:95:28:2c:ff:75:9b:
fc:b8:c8:8d:af:32:77:2a:ff:16:e5:33:b4:da:a3:99:9f:e1:
e2:64:8a:21:ee:20:dd:bf:f5:c9:86:00:2e:37:1e:ba:81:2f:
0a:73:a9:af:74:02:67:4e:2c:ff:80:e3:b0:e5:cd:70:50:93:
67:4e:11:32:a8:6d:e9:7a:71:c9:03:61:ca:12:fb:9c:35:9f:
86:3f:4c:bd:4c:94:d5:5e:9a:01:37:68:42:e8:68:1a:66:0f:
4e:35:34:33:6e:d6:8b:08:40:ab:24:4e:2e:40:00:f9:3d:80:
b9:41:89:75:5e:0c:ba:7a:79:ec:57:04:f2:48:76:bd:98:f4:
aa:33:24:79:70:a0:84:7a:9f:4b:ec:50:e3:24:a7:68:56:4e:
aa:25:c5:63:43:15:3b:d1:0e:25:e3:f2:0b:e9:78:b9:54:68:
ae:22:84:4e:80:13:6c:ac:c4:e8:ef:fc:02:f7:b1:77:42:e0:
55:24:1d:2f:50:f5:fb:6d:9c:a5:fe:f6:e5:e9:91:37:bb:dc:
af:aa:3e:b6
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYLVJyY4rPeEijTGVkpZTtKHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUzOTE3NmM1YTYwMjUyNzUzM2MyYjU0MTQwNmFlODNmMjA5
ZTYyMGMwHhcNMjIwODI1MTMxODA4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNTc1NmVjM2Q4NjViMzc4ZmRmZmZhZTFhODBkZGYwZGY3YTM4OTdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjPX2mmyAWBREbnjky2V3GiAxnkYf
vuCdJzWZ8im0kj37m4uLfR6P6fVferjYR4KfvqSwqxbHlDvghFpWjAU/DZm8YjvO
Fn8WSjzPjNTRJ9M+Duqv9StMgnqSoauINKnaQMAZSYGEoyBEQIcVjzfdpi/gmRg6
svvvLbq54Y2OIAKimGDyENRVMtEvIOPEbrVd2rEM17EW+YfuEJ9IBBFlBc7cSN6f
c31XomQHR35dUlq1CT46vWw/NiKoiolrQpViJRYHU5788xI6DTUt95BkWYI7B71r
00Hf8Yd6URNJ7TUC3jLhE6wiUAO6BKDrbHjFsw3/KA9Jo08+f2tqdknyjwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFBV1bsPYZbN4/f/64agN3w33o4l8MB8GA1UdIwQY
MBaAFOORdsWmAlJ1M8K1QUBq6D8gnmIMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNDVGMnhhWUNVblV6d3JWQlFHcm9QeUNlWWd3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9lNTU1NjMtY2NmNy00ZTc5LWEzZTkt
N2FkYmQyMTM2YWMxLzEvRlhWdXc5aGxzM2o5X19yaHFBM2ZEZmVqaVh3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9lNTU1NjMtY2NmNy00ZTc5LWEzZTktN2FkYmQyMTM2YWMx
LzEvNDVGMnhhWUNVblV6d3JWQlFHcm9QeUNlWWd3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhIbQDAN
BgkqhkiG9w0BAQsFAAOCAQEAdpf0VAXGbAGnYixUosLJRMhUGUjQJBhaZa/nvCvo
EHjLR7x3+CxH8obWkY/dWMGflSgs/3Wb/LjIja8ydyr/FuUztNqjmZ/h4mSKIe4g
3b/1yYYALjceuoEvCnOpr3QCZ04s/4DjsOXNcFCTZ04RMqht6XpxyQNhyhL7nDWf
hj9MvUyU1V6aATdoQuhoGmYPTjU0M27WiwhAqyROLkAA+T2AuUGJdV4Munp57FcE
8kh2vZj0qjMkeXCghHqfS+xQ4ySnaFZOqiXFY0MVO9EOJePyC+l4uVRoriKEToAT
bKzE6O/8Avexd0LgVSQdL1D1+22cpf725emRN7vcr6o+tg==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:49:43 2023 by rpki-client on console-ams.rpki-client.org