Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/6d59d9-9daf-4fcb-8d05-13bcc752119a/1/51o1EJEU1kAVVUGkSI5JNT6ENuo.roa
File: 51o1EJEU1kAVVUGkSI5JNT6ENuo.roa (raw, json)
Hash identifier: 92v0IzSTkbiZko0uES6szp82Cerv/UMy6srLblfxmlg=
Subject key identifier: E7:5A:35:10:91:14:D6:40:15:55:41:A4:48:8E:49:35:3E:84:36:EA
Certificate issuer: /CN=b07ab922565e2b3e2cc63d485a55dd4fc41d357e
Certificate serial: 018B094D9FAC4A67CB50EACAC7F81494198E
Authority key identifier: B0:7A:B9:22:56:5E:2B:3E:2C:C6:3D:48:5A:55:DD:4F:C4:1D:35:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sHq5IlZeKz4sxj1IWlXdT8QdNX4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/6d59d9-9daf-4fcb-8d05-13bcc752119a/1/51o1EJEU1kAVVUGkSI5JNT6ENuo.roa
Signing time: Sat 07 Oct 2023 08:42:43 +0000
ROA not before: Sat 07 Oct 2023 08:42:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 150006
IP address blocks: 2a12:f8c3:1000::/36 maxlen: 36
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:09:4d:9f:ac:4a:67:cb:50:ea:ca:c7:f8:14:94:19:8e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b07ab922565e2b3e2cc63d485a55dd4fc41d357e
Validity
Not Before: Oct 7 08:42:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e75a35109114d640155541a4488e49353e8436ea
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:94:06:74:03:3b:98:d6:aa:a6:04:b4:13:2d:
09:4e:11:a7:73:ee:6d:e3:da:48:54:02:89:a1:27:
45:9f:7f:ab:df:f8:09:74:67:9c:3b:53:19:45:72:
89:8a:0f:03:88:2e:b7:3b:65:8d:32:63:fb:29:e0:
05:a7:e0:61:8a:c1:d7:02:26:78:e3:f4:e7:a9:a4:
ea:42:8f:2c:81:19:ce:80:fa:d5:10:0d:c5:8e:63:
3d:13:90:62:36:95:e1:23:8a:42:99:d3:c7:63:f2:
b0:d6:a5:7d:8b:2b:96:69:c1:db:09:5f:24:37:9c:
6f:63:e8:8e:be:5d:db:89:93:62:7f:c2:7e:58:3c:
70:50:af:b6:81:0e:46:b7:d7:b9:da:ae:7e:a1:eb:
62:8f:bc:14:50:5f:a5:95:c4:5f:4e:eb:4f:94:04:
4a:95:8b:ce:c2:ea:06:3c:16:c9:42:70:fd:94:0d:
7c:ca:e3:c7:f7:32:40:a0:19:f1:e1:bc:16:77:28:
9f:05:c4:90:13:b4:dc:ba:5b:d9:14:09:33:b9:70:
bb:27:d0:fe:3d:c9:2d:67:b1:1c:96:30:78:a3:b3:
7f:8f:8d:b6:85:f6:3d:69:ea:db:37:17:21:80:77:
a6:d7:ad:d2:3e:77:12:08:3e:88:06:8d:28:8b:9e:
d6:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:5A:35:10:91:14:D6:40:15:55:41:A4:48:8E:49:35:3E:84:36:EA
X509v3 Authority Key Identifier:
keyid:B0:7A:B9:22:56:5E:2B:3E:2C:C6:3D:48:5A:55:DD:4F:C4:1D:35:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sHq5IlZeKz4sxj1IWlXdT8QdNX4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/6d59d9-9daf-4fcb-8d05-13bcc752119a/1/51o1EJEU1kAVVUGkSI5JNT6ENuo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/6d59d9-9daf-4fcb-8d05-13bcc752119a/1/sHq5IlZeKz4sxj1IWlXdT8QdNX4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:f8c3:1000::/36
Signature Algorithm: sha256WithRSAEncryption
0f:1d:36:3a:0a:a4:72:f5:78:e1:4b:89:8e:4d:1d:72:e4:44:
ca:75:4a:64:53:51:44:4d:c1:73:e4:ed:8e:ab:5c:d1:d3:19:
85:99:d8:20:64:4a:dd:ba:bc:11:44:d9:c2:6e:0a:b2:ee:e7:
3b:e9:cc:eb:5b:89:fb:a5:88:cb:e8:38:c4:21:89:77:7f:85:
35:57:08:a2:0b:3b:f0:bd:b3:d9:14:60:b3:4b:42:10:cc:58:
8c:79:25:fb:4b:c1:b2:29:c2:f6:4a:75:8c:8e:a1:4b:f5:4b:
44:dd:35:5f:b7:30:48:c7:12:29:2c:01:ea:e7:02:8a:b6:d2:
e2:d7:24:35:cd:d7:2e:90:38:88:d8:b1:92:69:95:de:09:02:
cb:6a:71:0e:2f:1a:1c:76:d3:6d:f4:91:49:d9:b5:fe:f1:4a:
c7:69:75:9b:bd:19:70:b9:33:36:09:3f:bd:b4:8c:1f:a7:94:
33:26:01:f3:a1:bc:1d:cb:be:d0:d6:76:d8:52:02:37:6d:72:
76:34:dd:e2:13:df:8e:46:bb:3f:ff:2d:90:3c:e4:72:17:eb:
93:67:d5:a7:f6:0c:a6:26:62:7f:ed:e5:d6:0e:bb:de:59:11:
4f:ae:a4:81:7b:24:83:f3:df:db:fd:e4:cc:fc:49:1c:b8:ea:
9a:fc:6d:0c
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYsJTZ+sSmfLUOrKx/gUlBmOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIwN2FiOTIyNTY1ZTJiM2UyY2M2M2Q0ODVhNTVkZDRmYzQx
ZDM1N2UwHhcNMjMxMDA3MDg0MjQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNzVhMzUxMDkxMTRkNjQwMTU1NTQxYTQ0ODhlNDkzNTNlODQzNmVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv5QGdAM7mNaqpgS0Ey0JThGnc+5t
49pIVAKJoSdFn3+r3/gJdGecO1MZRXKJig8DiC63O2WNMmP7KeAFp+BhisHXAiZ4
4/TnqaTqQo8sgRnOgPrVEA3FjmM9E5BiNpXhI4pCmdPHY/Kw1qV9iyuWacHbCV8k
N5xvY+iOvl3biZNif8J+WDxwUK+2gQ5Gt9e52q5+oetij7wUUF+llcRfTutPlARK
lYvOwuoGPBbJQnD9lA18yuPH9zJAoBnx4bwWdyifBcSQE7TculvZFAkzuXC7J9D+
PcktZ7EcljB4o7N/j422hfY9aerbNxchgHem163SPncSCD6IBo0oi57W1wIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFOdaNRCRFNZAFVVBpEiOSTU+hDbqMB8GA1UdIwQY
MBaAFLB6uSJWXis+LMY9SFpV3U/EHTV+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc0hxNUlsWmVLejRzeGoxSVdsWGRUOFFkTlg0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS82ZDU5ZDktOWRhZi00ZmNiLThkMDUt
MTNiY2M3NTIxMTlhLzEvNTFvMUVKRVUxa0FWVlVHa1NJNUpOVDZFTnVvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS82ZDU5ZDktOWRhZi00ZmNiLThkMDUtMTNiY2M3NTIxMTlh
LzEvc0hxNUlsWmVLejRzeGoxSVdsWGRUOFFkTlg0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYEKhL4wxAw
DQYJKoZIhvcNAQELBQADggEBAA8dNjoKpHL1eOFLiY5NHXLkRMp1SmRTUURNwXPk
7Y6rXNHTGYWZ2CBkSt26vBFE2cJuCrLu5zvpzOtbifuliMvoOMQhiXd/hTVXCKIL
O/C9s9kUYLNLQhDMWIx5JftLwbIpwvZKdYyOoUv1S0TdNV+3MEjHEiksAernAoq2
0uLXJDXN1y6QOIjYsZJpld4JAstqcQ4vGhx20230kUnZtf7xSsdpdZu9GXC5MzYJ
P720jB+nlDMmAfOhvB3LvtDWdthSAjdtcnY03eIT345Guz//LZA85HIX65Nn1af2
DKYmYn/t5dYOu95ZEU+upIF7JIPz39v95Mz8SRy46pr8bQw=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:00:55 2024 by rpki-client on console-ams.rpki-client.org