Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/6d59d9-9daf-4fcb-8d05-13bcc752119a/1/58-H0vaWWu8rmoA5XrFUfSOYioY.roa
File: 58-H0vaWWu8rmoA5XrFUfSOYioY.roa (raw, json)
Hash identifier: NsJNQA06lXkorLXWzICmeTjnrr+GoGLQG8zpo4gPahI=
Subject key identifier: E7:CF:87:D2:F6:96:5A:EF:2B:9A:80:39:5E:B1:54:7D:23:98:8A:86
Certificate issuer: /CN=b07ab922565e2b3e2cc63d485a55dd4fc41d357e
Certificate serial: 018FADA59D22BABDBEBD0A6F33D7F77EDE04
Authority key identifier: B0:7A:B9:22:56:5E:2B:3E:2C:C6:3D:48:5A:55:DD:4F:C4:1D:35:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sHq5IlZeKz4sxj1IWlXdT8QdNX4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/6d59d9-9daf-4fcb-8d05-13bcc752119a/1/58-H0vaWWu8rmoA5XrFUfSOYioY.roa
Signing time: Sat 25 May 2024 02:47:43 +0000
ROA not before: Sat 25 May 2024 02:47:43 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60445
IP address blocks: 2a12:f8c0::/32 maxlen: 48
2a12:f8c1:100::/40 maxlen: 40
2a12:f8c2:300::/40 maxlen: 40
2a12:f8c2:400::/40 maxlen: 40
2a12:f8c2:500::/40 maxlen: 40
2a12:f8c2:600::/40 maxlen: 40
2a12:f8c3:2000::/36 maxlen: 36
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:ad:a5:9d:22:ba:bd:be:bd:0a:6f:33:d7:f7:7e:de:04
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b07ab922565e2b3e2cc63d485a55dd4fc41d357e
Validity
Not Before: May 25 02:47:43 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e7cf87d2f6965aef2b9a80395eb1547d23988a86
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:c9:70:2a:3b:64:98:a3:7b:2f:77:92:8c:8a:
a5:8b:03:a2:8c:eb:ef:70:67:96:cf:48:da:b1:58:
92:1e:e2:ce:c2:32:72:4d:e2:58:11:b0:4a:b7:8b:
33:59:1d:94:1b:ee:53:ac:fd:e8:1b:03:aa:48:89:
29:0a:5e:60:1a:d1:d5:3a:ae:da:9a:99:c5:7e:e3:
b4:e5:ca:fd:5f:1b:94:86:be:93:ef:35:c6:95:3e:
7a:46:42:d7:aa:e3:ca:5a:85:58:7f:01:3a:30:44:
da:0e:0e:f1:4c:30:41:12:e8:84:b8:62:f1:2b:f7:
56:41:3a:d1:74:24:93:87:e1:e2:92:d8:ec:8a:ae:
6c:8f:c5:25:13:2e:53:a3:ae:d3:81:e3:83:fb:38:
5c:f2:9b:f9:32:18:16:4e:15:82:c8:8a:0c:ea:41:
8f:ee:be:69:ea:25:cb:9a:6f:ae:a5:54:0a:0f:5d:
e9:df:79:f6:df:76:e4:77:31:28:14:71:50:02:fd:
83:d6:97:23:13:d7:29:c5:81:47:5f:14:23:09:f0:
2a:50:ec:bf:69:b1:95:9d:b3:89:78:9d:db:e1:79:
72:52:05:2e:3a:b1:ea:ba:a2:f8:f9:33:31:59:d3:
0f:bb:03:45:00:46:f4:a5:9b:9f:de:7e:4d:fb:29:
d2:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:CF:87:D2:F6:96:5A:EF:2B:9A:80:39:5E:B1:54:7D:23:98:8A:86
X509v3 Authority Key Identifier:
keyid:B0:7A:B9:22:56:5E:2B:3E:2C:C6:3D:48:5A:55:DD:4F:C4:1D:35:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sHq5IlZeKz4sxj1IWlXdT8QdNX4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/6d59d9-9daf-4fcb-8d05-13bcc752119a/1/58-H0vaWWu8rmoA5XrFUfSOYioY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/6d59d9-9daf-4fcb-8d05-13bcc752119a/1/sHq5IlZeKz4sxj1IWlXdT8QdNX4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:f8c0::/32
2a12:f8c1:100::/40
2a12:f8c2:300::-2a12:f8c2:6ff:ffff:ffff:ffff:ffff:ffff
2a12:f8c3:2000::/36
Signature Algorithm: sha256WithRSAEncryption
43:52:bb:67:45:03:f0:b0:f8:0a:2a:63:fb:15:f9:49:8c:3b:
a6:21:17:50:c7:63:11:2b:2e:6d:bb:70:6a:f9:fe:fe:3a:ca:
fb:e4:96:77:37:05:3c:72:a5:ab:9d:2f:92:7d:a6:59:b6:2f:
29:92:3f:a1:74:11:b1:9e:90:cf:6b:25:38:63:f4:ce:f7:c8:
ff:00:f4:09:d0:19:62:29:2b:c7:17:99:02:81:f4:cd:98:26:
dc:0e:c9:b9:9d:10:88:0f:5c:a2:d3:34:1c:6c:79:69:45:51:
32:93:02:da:5e:c3:a9:d2:3e:5c:66:14:ee:53:9e:8f:90:69:
14:f5:9b:1b:3b:72:77:29:b2:9b:8b:cf:cd:76:1e:38:c4:7d:
2d:11:78:9f:1b:a3:bd:37:73:0e:a9:d2:c4:f9:9b:0b:e3:0b:
13:d8:9d:4a:cf:a4:6b:50:45:cc:cf:73:0a:21:7e:69:33:6b:
be:7e:1f:11:19:6c:2a:34:55:4f:80:20:52:c1:ed:69:25:3b:
90:2a:1b:f7:55:79:84:db:31:07:cd:9d:f9:af:62:e0:5a:da:
9e:08:cc:25:af:cf:70:97:55:08:b7:08:bf:a8:f0:ff:22:39:
99:2a:e0:e4:55:e4:25:3b:5e:a1:82:1d:87:3f:d5:90:53:36:
f2:b0:86:05
-----BEGIN CERTIFICATE-----
MIIFIDCCBAigAwIBAgISAY+tpZ0iur2+vQpvM9f3ft4EMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIwN2FiOTIyNTY1ZTJiM2UyY2M2M2Q0ODVhNTVkZDRmYzQx
ZDM1N2UwHhcNMjQwNTI1MDI0NzQzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlN2NmODdkMmY2OTY1YWVmMmI5YTgwMzk1ZWIxNTQ3ZDIzOTg4YTg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuMlwKjtkmKN7L3eSjIqliwOijOvv
cGeWz0jasViSHuLOwjJyTeJYEbBKt4szWR2UG+5TrP3oGwOqSIkpCl5gGtHVOq7a
mpnFfuO05cr9XxuUhr6T7zXGlT56RkLXquPKWoVYfwE6METaDg7xTDBBEuiEuGLx
K/dWQTrRdCSTh+Hiktjsiq5sj8UlEy5To67TgeOD+zhc8pv5MhgWThWCyIoM6kGP
7r5p6iXLmm+upVQKD13p33n233bkdzEoFHFQAv2D1pcjE9cpxYFHXxQjCfAqUOy/
abGVnbOJeJ3b4XlyUgUuOrHquqL4+TMxWdMPuwNFAEb0pZuf3n5N+ynSBwIDAQAB
o4ICLDCCAigwHQYDVR0OBBYEFOfPh9L2llrvK5qAOV6xVH0jmIqGMB8GA1UdIwQY
MBaAFLB6uSJWXis+LMY9SFpV3U/EHTV+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc0hxNUlsWmVLejRzeGoxSVdsWGRUOFFkTlg0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS82ZDU5ZDktOWRhZi00ZmNiLThkMDUt
MTNiY2M3NTIxMTlhLzEvNTgtSDB2YVdXdThybW9BNVhyRlVmU09ZaW9ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS82ZDU5ZDktOWRhZi00ZmNiLThkMDUtMTNiY2M3NTIxMTlh
LzEvc0hxNUlsWmVLejRzeGoxSVdsWGRUOFFkTlg0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEIGCCsGAQUFBwEHAQH/BDMwMTAvBAIAAjApAwUAKhL4wAMG
ACoS+MEBMBADBgAqEvjCAwMGACoS+MIGAwYEKhL4wyAwDQYJKoZIhvcNAQELBQAD
ggEBAENSu2dFA/Cw+AoqY/sV+UmMO6YhF1DHYxErLm27cGr5/v46yvvklnc3BTxy
paudL5J9plm2LymSP6F0EbGekM9rJThj9M73yP8A9AnQGWIpK8cXmQKB9M2YJtwO
ybmdEIgPXKLTNBxseWlFUTKTAtpew6nSPlxmFO5Tno+QaRT1mxs7cncpspuLz812
HjjEfS0ReJ8bo703cw6p0sT5mwvjCxPYnUrPpGtQRczPcwohfmkza75+HxEZbCo0
VU+AIFLB7WklO5AqG/dVeYTbMQfNnfmvYuBa2p4IzCWvz3CXVQi3CL+o8P8iOZkq
4ORV5CU7XqGCHYc/1ZBTNvKwhgU=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:02 2024 by rpki-client on console-fra.rpki-client.org