Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/6d59d9-9daf-4fcb-8d05-13bcc752119a/1/0LlWHR-EeVXJCeYtPtDPZUUbJoo.roa
File: 0LlWHR-EeVXJCeYtPtDPZUUbJoo.roa (raw, json)
Hash identifier: tkGTyztPEPp4rMRTAcuWvQdNBX8k/IPlipGdJEF3F7Y=
Subject key identifier: D0:B9:56:1D:1F:84:79:55:C9:09:E6:2D:3E:D0:CF:65:45:1B:26:8A
Certificate issuer: /CN=b07ab922565e2b3e2cc63d485a55dd4fc41d357e
Certificate serial: 018CC64B24263B130AD3B0AEC734A98428CB
Authority key identifier: B0:7A:B9:22:56:5E:2B:3E:2C:C6:3D:48:5A:55:DD:4F:C4:1D:35:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sHq5IlZeKz4sxj1IWlXdT8QdNX4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/6d59d9-9daf-4fcb-8d05-13bcc752119a/1/0LlWHR-EeVXJCeYtPtDPZUUbJoo.roa
Signing time: Mon 01 Jan 2024 18:31:02 +0000
ROA not before: Mon 01 Jan 2024 18:31:02 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 23470
IP address blocks: 2a12:f8c2:200::/40 maxlen: 40
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4b:24:26:3b:13:0a:d3:b0:ae:c7:34:a9:84:28:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b07ab922565e2b3e2cc63d485a55dd4fc41d357e
Validity
Not Before: Jan 1 18:31:02 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d0b9561d1f847955c909e62d3ed0cf65451b268a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:e5:9a:b7:ae:1d:c8:28:0a:9d:7a:7a:30:a9:
0f:7c:d0:83:3e:90:70:70:cb:04:ef:ad:59:74:6f:
46:c6:d2:12:e4:71:0e:47:0c:0d:d2:d2:78:99:fa:
49:8b:7e:58:e7:04:ee:27:71:df:fb:b6:e6:38:84:
20:c2:43:3c:46:f4:7c:31:1b:0b:d8:27:5c:97:c1:
d0:3a:2f:05:b0:ac:53:44:a2:32:35:c5:a4:9e:5f:
df:75:1f:97:f7:a8:12:06:b4:fe:49:e2:2b:af:63:
5d:46:3f:a9:2d:f6:ed:2e:de:1e:44:32:33:90:b4:
79:8f:13:bc:a9:2b:66:47:d7:08:3a:5f:8a:f3:53:
bf:ec:93:b8:36:30:5a:fd:18:70:4e:0f:cf:86:4a:
c0:50:1c:eb:22:82:ef:c8:9d:c8:dc:ca:33:50:45:
3e:bd:02:c4:57:44:bd:3c:96:fe:29:3c:d2:c8:aa:
9f:51:1b:b2:e4:e6:8f:6c:b5:4d:28:32:fb:8d:63:
48:2a:33:3c:80:10:4c:0c:50:ef:88:8f:04:d8:bf:
12:cc:c7:34:39:c0:35:50:da:b2:6f:71:05:0d:b7:
06:b0:00:47:4e:70:d4:c8:94:9d:6f:52:cd:28:57:
e9:df:e1:99:86:a4:87:b2:fc:a4:4e:6d:e5:42:ff:
aa:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:B9:56:1D:1F:84:79:55:C9:09:E6:2D:3E:D0:CF:65:45:1B:26:8A
X509v3 Authority Key Identifier:
keyid:B0:7A:B9:22:56:5E:2B:3E:2C:C6:3D:48:5A:55:DD:4F:C4:1D:35:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sHq5IlZeKz4sxj1IWlXdT8QdNX4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/6d59d9-9daf-4fcb-8d05-13bcc752119a/1/0LlWHR-EeVXJCeYtPtDPZUUbJoo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/6d59d9-9daf-4fcb-8d05-13bcc752119a/1/sHq5IlZeKz4sxj1IWlXdT8QdNX4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:f8c2:200::/40
Signature Algorithm: sha256WithRSAEncryption
91:f9:16:91:e6:df:ba:8e:e8:49:9b:59:7e:53:f9:07:7a:e3:
45:7f:cb:6b:8a:61:61:a7:14:77:e0:36:82:ff:50:f8:6f:c7:
ed:42:35:dd:f5:92:6c:29:13:08:c1:22:17:71:43:1e:11:23:
ea:b9:27:9e:88:90:42:9c:d5:e5:7b:81:3d:95:86:cb:7d:bc:
e8:14:a3:70:1c:b7:d4:58:ae:90:f1:a8:64:43:5a:49:e8:a6:
b6:c9:ea:16:91:61:dd:42:da:76:be:8e:61:47:db:25:0f:25:
9e:92:65:d0:5b:0b:7c:cc:c9:15:81:a9:96:4a:df:87:06:4b:
7e:2a:0a:91:82:29:22:7a:24:bb:b3:21:99:99:20:8d:3b:1f:
48:e8:c2:91:f3:ee:7b:aa:1f:d2:e1:36:ce:82:a7:27:c5:8c:
05:4c:e8:b8:43:38:97:c5:f8:67:ed:22:1b:6d:2c:c7:4b:ac:
c0:e8:36:e3:2f:3b:8c:d5:6a:da:e1:d3:2b:1d:48:68:72:5f:
a9:c7:b0:54:a3:cf:39:5e:f3:04:3f:ac:c2:e2:02:72:f4:e2:
d5:34:4a:89:db:de:39:d1:40:c7:b2:54:6e:45:7f:c2:07:e5:
e1:3c:ad:23:98:c3:10:12:29:4f:58:34:23:5f:53:ba:c5:78:
d0:5d:5b:75
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYzGSyQmOxMK07CuxzSphCjLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIwN2FiOTIyNTY1ZTJiM2UyY2M2M2Q0ODVhNTVkZDRmYzQx
ZDM1N2UwHhcNMjQwMTAxMTgzMTAyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMGI5NTYxZDFmODQ3OTU1YzkwOWU2MmQzZWQwY2Y2NTQ1MWIyNjhhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmuWat64dyCgKnXp6MKkPfNCDPpBw
cMsE761ZdG9GxtIS5HEORwwN0tJ4mfpJi35Y5wTuJ3Hf+7bmOIQgwkM8RvR8MRsL
2Cdcl8HQOi8FsKxTRKIyNcWknl/fdR+X96gSBrT+SeIrr2NdRj+pLfbtLt4eRDIz
kLR5jxO8qStmR9cIOl+K81O/7JO4NjBa/RhwTg/PhkrAUBzrIoLvyJ3I3MozUEU+
vQLEV0S9PJb+KTzSyKqfURuy5OaPbLVNKDL7jWNIKjM8gBBMDFDviI8E2L8SzMc0
OcA1UNqyb3EFDbcGsABHTnDUyJSdb1LNKFfp3+GZhqSHsvykTm3lQv+qVwIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFNC5Vh0fhHlVyQnmLT7Qz2VFGyaKMB8GA1UdIwQY
MBaAFLB6uSJWXis+LMY9SFpV3U/EHTV+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc0hxNUlsWmVLejRzeGoxSVdsWGRUOFFkTlg0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS82ZDU5ZDktOWRhZi00ZmNiLThkMDUt
MTNiY2M3NTIxMTlhLzEvMExsV0hSLUVlVlhKQ2VZdFB0RFBaVVViSm9vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS82ZDU5ZDktOWRhZi00ZmNiLThkMDUtMTNiY2M3NTIxMTlh
LzEvc0hxNUlsWmVLejRzeGoxSVdsWGRUOFFkTlg0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYAKhL4wgIw
DQYJKoZIhvcNAQELBQADggEBAJH5FpHm37qO6EmbWX5T+Qd640V/y2uKYWGnFHfg
NoL/UPhvx+1CNd31kmwpEwjBIhdxQx4RI+q5J56IkEKc1eV7gT2Vhst9vOgUo3Ac
t9RYrpDxqGRDWknoprbJ6haRYd1C2na+jmFH2yUPJZ6SZdBbC3zMyRWBqZZK34cG
S34qCpGCKSJ6JLuzIZmZII07H0jowpHz7nuqH9LhNs6CpyfFjAVM6LhDOJfF+Gft
IhttLMdLrMDoNuMvO4zVatrh0ysdSGhyX6nHsFSjzzle8wQ/rMLiAnL04tU0Sonb
3jnRQMeyVG5Ff8IH5eE8rSOYwxASKU9YNCNfU7rFeNBdW3U=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:00:55 2024 by rpki-client on console-ams.rpki-client.org