Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/6d59d9-9daf-4fcb-8d05-13bcc752119a/1/1-tVlGE3J0cpHNLmdDS5zD-qYhs0.roa
File: 1-tVlGE3J0cpHNLmdDS5zD-qYhs0.roa (raw, json)
Hash identifier: zfRw56YqfgoFSAzn/J/bWx7TmVsPcgaQSKsYxU3zHdY=
Subject key identifier: FA:D5:65:18:4D:C9:D1:CA:47:34:B9:9D:0D:2E:73:0F:EA:98:86:CD
Certificate issuer: /CN=b07ab922565e2b3e2cc63d485a55dd4fc41d357e
Certificate serial: 01881E89D46B7EB547B8D39982387BD910CB
Authority key identifier: B0:7A:B9:22:56:5E:2B:3E:2C:C6:3D:48:5A:55:DD:4F:C4:1D:35:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sHq5IlZeKz4sxj1IWlXdT8QdNX4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/6d59d9-9daf-4fcb-8d05-13bcc752119a/1/1-tVlGE3J0cpHNLmdDS5zD-qYhs0.roa
Signing time: Mon 15 May 2023 08:32:09 +0000
ROA not before: Mon 15 May 2023 08:32:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204214
IP address blocks: 2a12:f8c1:300::/40 maxlen: 48
2a12:f8c1::/48 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:1e:89:d4:6b:7e:b5:47:b8:d3:99:82:38:7b:d9:10:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b07ab922565e2b3e2cc63d485a55dd4fc41d357e
Validity
Not Before: May 15 08:32:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fad565184dc9d1ca4734b99d0d2e730fea9886cd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:c9:f7:35:e7:e5:c7:b7:a0:e8:64:5d:7c:a0:
47:c0:3a:22:eb:1c:f9:56:2c:25:40:10:56:8c:4a:
6c:a1:97:8e:39:dd:4d:b5:f5:ee:a6:76:9d:b4:08:
bf:68:bd:31:e0:64:73:a1:0e:49:5e:22:92:49:1a:
2b:4d:af:3f:05:e8:99:a8:bb:8f:78:92:92:18:51:
84:19:33:57:79:8d:ed:d6:70:91:b5:1d:8f:48:02:
b1:62:8f:aa:af:da:02:ee:1f:92:77:29:99:79:a3:
5b:a9:3a:35:4c:54:47:07:12:4b:34:e6:a3:13:e1:
7c:89:3f:9a:2c:6c:a8:21:56:43:4f:8d:c1:d3:09:
4a:d8:9c:5a:a8:5f:98:ce:c4:52:2c:ae:5e:90:9b:
c4:1e:0a:3a:16:0b:0d:52:6c:c8:1a:6a:a5:ec:60:
d8:aa:9b:b2:02:8a:59:4e:df:8a:57:d2:4d:e3:b1:
0e:e5:dd:e5:19:21:e7:c3:a2:30:62:c8:5d:63:43:
54:70:a9:3a:90:7c:c0:25:a8:b9:be:29:fe:57:bc:
7f:91:04:b0:72:50:11:1a:55:e8:81:2d:f2:ce:73:
33:41:e6:92:4d:d8:54:3e:1b:88:ce:29:aa:56:b5:
4e:37:49:5e:eb:fe:95:e7:4f:73:a7:f4:e8:4d:8e:
3e:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:D5:65:18:4D:C9:D1:CA:47:34:B9:9D:0D:2E:73:0F:EA:98:86:CD
X509v3 Authority Key Identifier:
keyid:B0:7A:B9:22:56:5E:2B:3E:2C:C6:3D:48:5A:55:DD:4F:C4:1D:35:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sHq5IlZeKz4sxj1IWlXdT8QdNX4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/6d59d9-9daf-4fcb-8d05-13bcc752119a/1/1-tVlGE3J0cpHNLmdDS5zD-qYhs0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/6d59d9-9daf-4fcb-8d05-13bcc752119a/1/sHq5IlZeKz4sxj1IWlXdT8QdNX4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:f8c1::/48
2a12:f8c1:300::/40
Signature Algorithm: sha256WithRSAEncryption
79:32:ff:ce:8f:38:46:d5:3b:ff:0a:cf:43:72:82:c3:06:af:
6f:5a:67:d4:41:b0:9e:b9:02:86:d8:35:ba:d7:e8:74:df:9f:
6c:a8:be:6d:a2:11:62:64:2e:b8:11:9e:f0:c3:a3:06:3f:0b:
17:3d:b9:81:32:20:f2:8e:8a:69:44:68:d9:e4:9b:9d:ae:04:
d0:f6:20:02:ab:e3:f8:7d:36:65:a0:78:86:fd:36:32:b0:96:
71:d8:71:38:f3:6f:26:93:11:79:ad:84:b5:54:9d:23:4c:fe:
a0:24:93:ec:b6:b0:72:0a:62:70:ef:5b:10:33:d0:e8:17:c1:
6c:76:ec:38:29:5c:ba:fc:d5:f9:00:3a:80:df:de:9e:d9:c3:
9c:a8:fa:3c:6c:86:15:0e:0e:71:3a:6a:f4:e2:7c:a8:ba:c6:
76:b4:69:de:5c:1f:a6:b4:50:f7:11:b7:77:19:d8:1a:c4:e5:
ba:30:f0:31:9e:27:75:9a:92:0c:e6:55:12:1b:fd:fe:af:82:
08:23:3f:a1:07:e7:0b:f1:6c:1c:a1:b0:07:0c:9c:91:e1:03:
0e:d1:30:16:04:00:8d:5d:ec:6d:d7:46:b2:b5:1d:20:46:9b:
e2:9a:24:26:52:90:22:a6:aa:e4:00:bb:6b:f5:ed:aa:39:5a:
2c:25:a4:05
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYgeidRrfrVHuNOZgjh72RDLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIwN2FiOTIyNTY1ZTJiM2UyY2M2M2Q0ODVhNTVkZDRmYzQx
ZDM1N2UwHhcNMjMwNTE1MDgzMjA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYWQ1NjUxODRkYzlkMWNhNDczNGI5OWQwZDJlNzMwZmVhOTg4NmNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAosn3Neflx7eg6GRdfKBHwDoi6xz5
ViwlQBBWjEpsoZeOOd1NtfXupnadtAi/aL0x4GRzoQ5JXiKSSRorTa8/BeiZqLuP
eJKSGFGEGTNXeY3t1nCRtR2PSAKxYo+qr9oC7h+SdymZeaNbqTo1TFRHBxJLNOaj
E+F8iT+aLGyoIVZDT43B0wlK2JxaqF+YzsRSLK5ekJvEHgo6FgsNUmzIGmql7GDY
qpuyAopZTt+KV9JN47EO5d3lGSHnw6IwYshdY0NUcKk6kHzAJai5vin+V7x/kQSw
clARGlXogS3yznMzQeaSTdhUPhuIzimqVrVON0le6/6V509zp/ToTY4+5QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFPrVZRhNydHKRzS5nQ0ucw/qmIbNMB8GA1UdIwQY
MBaAFLB6uSJWXis+LMY9SFpV3U/EHTV+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc0hxNUlsWmVLejRzeGoxSVdsWGRUOFFkTlg0LmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS82ZDU5ZDktOWRhZi00ZmNiLThkMDUt
MTNiY2M3NTIxMTlhLzEvMS10VmxHRTNKMGNwSE5MbWREUzV6RC1xWWhzMC5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMmUvNmQ1OWQ5LTlkYWYtNGZjYi04ZDA1LTEzYmNjNzUyMTE5
YS8xL3NIcTVJbFplS3o0c3hqMUlXbFhkVDhRZE5YNC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAqBggrBgEFBQcBBwEB/wQbMBkwFwQCAAIwEQMHACoS+MEA
AAMGACoS+MEDMA0GCSqGSIb3DQEBCwUAA4IBAQB5Mv/OjzhG1Tv/Cs9DcoLDBq9v
WmfUQbCeuQKG2DW61+h0359sqL5tohFiZC64EZ7ww6MGPwsXPbmBMiDyjoppRGjZ
5JudrgTQ9iACq+P4fTZloHiG/TYysJZx2HE4828mkxF5rYS1VJ0jTP6gJJPstrBy
CmJw71sQM9DoF8Fsduw4KVy6/NX5ADqA396e2cOcqPo8bIYVDg5xOmr04nyousZ2
tGneXB+mtFD3Ebd3GdgaxOW6MPAxnid1mpIM5lUSG/3+r4IIIz+hB+cL8WwcobAH
DJyR4QMO0TAWBACNXext10aytR0gRpvimiQmUpAipqrkALtr9e2qOVosJaQF
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:02 2024 by rpki-client on console-fra.rpki-client.org