Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/6d59d9-9daf-4fcb-8d05-13bcc752119a/1/Ch3AZ6lmFa_8WHzIx78_ZW7-LRE.roa
File: Ch3AZ6lmFa_8WHzIx78_ZW7-LRE.roa (raw, json)
Hash identifier: jQgY2ZGrjHnKAlhSDVACmQ8Ob2OTBxxSIzActgroMoo=
Subject key identifier: 0A:1D:C0:67:A9:66:15:AF:FC:58:7C:C8:C7:BF:3F:65:6E:FE:2D:11
Certificate issuer: /CN=b07ab922565e2b3e2cc63d485a55dd4fc41d357e
Certificate serial: 01883D4C840F7E9D0D2494F24D15ECEA818A
Authority key identifier: B0:7A:B9:22:56:5E:2B:3E:2C:C6:3D:48:5A:55:DD:4F:C4:1D:35:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sHq5IlZeKz4sxj1IWlXdT8QdNX4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/6d59d9-9daf-4fcb-8d05-13bcc752119a/1/Ch3AZ6lmFa_8WHzIx78_ZW7-LRE.roa
Signing time: Sun 21 May 2023 07:53:24 +0000
ROA not before: Sun 21 May 2023 07:53:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 151338
IP address blocks: 2a12:f8c1:40::/44 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:3d:4c:84:0f:7e:9d:0d:24:94:f2:4d:15:ec:ea:81:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b07ab922565e2b3e2cc63d485a55dd4fc41d357e
Validity
Not Before: May 21 07:53:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0a1dc067a96615affc587cc8c7bf3f656efe2d11
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:b4:1e:4a:ee:5f:76:2b:9c:e9:0b:0d:73:79:
36:c5:28:40:44:e2:38:38:f4:d3:a2:5f:21:27:73:
0d:ff:94:61:0b:ff:8f:e3:2c:8b:8c:9e:27:79:6e:
50:5d:d8:1c:b6:4e:eb:4b:15:d6:7b:52:85:cb:5e:
22:23:0d:d6:a2:32:49:72:47:a8:74:a2:53:c0:5e:
a6:9a:24:88:c8:39:11:e6:8c:09:0c:38:41:a1:60:
1c:71:98:16:d6:83:9d:68:ec:b4:46:cc:4f:8e:35:
53:4a:8b:66:32:68:26:0a:96:77:ce:76:26:04:e0:
e6:f5:b5:15:1a:d7:41:51:ab:31:40:2e:3f:9f:52:
4e:51:b7:28:fb:11:1f:02:de:91:dd:0f:f8:0d:b6:
d1:ae:bb:c3:7e:54:a1:7f:ac:df:46:a5:ac:e5:6c:
aa:ad:ed:c2:a0:f5:f5:d9:ba:be:3e:dd:60:d1:be:
ba:7d:31:e5:7c:99:83:f7:22:a0:c1:b4:ba:42:e0:
4b:a8:8a:6b:7e:66:f7:b2:cf:7e:19:53:48:22:9e:
75:80:0b:f5:58:b5:a1:6b:20:9b:ef:3f:ca:b3:37:
45:89:04:22:f7:28:54:8a:a3:80:e6:ff:63:53:ee:
ac:3a:3f:a1:86:26:e0:e6:d7:ff:5f:ef:7c:bc:dc:
44:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:1D:C0:67:A9:66:15:AF:FC:58:7C:C8:C7:BF:3F:65:6E:FE:2D:11
X509v3 Authority Key Identifier:
keyid:B0:7A:B9:22:56:5E:2B:3E:2C:C6:3D:48:5A:55:DD:4F:C4:1D:35:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sHq5IlZeKz4sxj1IWlXdT8QdNX4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/6d59d9-9daf-4fcb-8d05-13bcc752119a/1/Ch3AZ6lmFa_8WHzIx78_ZW7-LRE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/6d59d9-9daf-4fcb-8d05-13bcc752119a/1/sHq5IlZeKz4sxj1IWlXdT8QdNX4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:f8c1:40::/44
Signature Algorithm: sha256WithRSAEncryption
6d:6b:55:45:c0:eb:f5:08:d1:08:d2:b0:ff:61:4b:6a:f0:1d:
2d:d3:e8:e5:ff:7b:4d:42:78:b1:1e:84:6e:39:83:e0:bc:9a:
4d:2c:98:f7:3e:27:cf:6c:8d:21:7f:92:0c:f3:38:9c:a3:c4:
bc:32:29:05:31:00:6f:0c:8e:a7:9b:30:60:f3:6d:dc:16:36:
d7:78:0d:41:eb:2e:a8:a6:e9:26:d8:68:08:1f:43:c9:8c:ba:
54:85:92:d2:7c:22:b8:5b:e2:0f:df:1a:0b:1c:69:76:45:dc:
d3:01:16:94:c9:ea:99:2e:28:20:d7:55:63:c8:3a:83:29:f3:
f0:1b:a0:bd:73:ed:ba:06:63:02:77:1b:5a:47:63:30:b4:e8:
55:25:12:ec:92:57:fb:36:a1:3c:87:60:ed:57:0b:5e:f9:be:
61:fd:09:3c:93:a7:de:c6:f5:ae:8b:7d:05:d3:45:25:32:68:
0c:db:6f:6f:17:02:a6:74:41:09:cf:0b:b2:c7:9d:1d:61:ac:
5e:b9:ce:16:15:ca:04:fd:05:23:ab:78:2a:68:e1:68:87:15:
dd:c7:ef:0f:97:89:2c:38:2f:6a:ff:72:7c:f2:a9:31:54:65:
6b:70:3d:37:e5:c4:f2:9b:b3:de:56:d5:ef:4a:ca:a4:c8:da:
b0:27:1d:ae
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYg9TIQPfp0NJJTyTRXs6oGKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIwN2FiOTIyNTY1ZTJiM2UyY2M2M2Q0ODVhNTVkZDRmYzQx
ZDM1N2UwHhcNMjMwNTIxMDc1MzI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYTFkYzA2N2E5NjYxNWFmZmM1ODdjYzhjN2JmM2Y2NTZlZmUyZDExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx7QeSu5fdiuc6QsNc3k2xShAROI4
OPTTol8hJ3MN/5RhC/+P4yyLjJ4neW5QXdgctk7rSxXWe1KFy14iIw3WojJJckeo
dKJTwF6mmiSIyDkR5owJDDhBoWAccZgW1oOdaOy0RsxPjjVTSotmMmgmCpZ3znYm
BODm9bUVGtdBUasxQC4/n1JOUbco+xEfAt6R3Q/4DbbRrrvDflShf6zfRqWs5Wyq
re3CoPX12bq+Pt1g0b66fTHlfJmD9yKgwbS6QuBLqIprfmb3ss9+GVNIIp51gAv1
WLWhayCb7z/KszdFiQQi9yhUiqOA5v9jU+6sOj+hhibg5tf/X+98vNxElwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFAodwGepZhWv/Fh8yMe/P2Vu/i0RMB8GA1UdIwQY
MBaAFLB6uSJWXis+LMY9SFpV3U/EHTV+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc0hxNUlsWmVLejRzeGoxSVdsWGRUOFFkTlg0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS82ZDU5ZDktOWRhZi00ZmNiLThkMDUt
MTNiY2M3NTIxMTlhLzEvQ2gzQVo2bG1GYV84V0h6SXg3OF9aVzctTFJFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS82ZDU5ZDktOWRhZi00ZmNiLThkMDUtMTNiY2M3NTIxMTlh
LzEvc0hxNUlsWmVLejRzeGoxSVdsWGRUOFFkTlg0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKhL4wQBA
MA0GCSqGSIb3DQEBCwUAA4IBAQBta1VFwOv1CNEI0rD/YUtq8B0t0+jl/3tNQnix
HoRuOYPgvJpNLJj3PifPbI0hf5IM8zico8S8MikFMQBvDI6nmzBg823cFjbXeA1B
6y6opukm2GgIH0PJjLpUhZLSfCK4W+IP3xoLHGl2RdzTARaUyeqZLigg11VjyDqD
KfPwG6C9c+26BmMCdxtaR2MwtOhVJRLsklf7NqE8h2DtVwte+b5h/Qk8k6fexvWu
i30F00UlMmgM229vFwKmdEEJzwuyx50dYaxeuc4WFcoE/QUjq3gqaOFohxXdx+8P
l4ksOC9q/3J88qkxVGVrcD035cTym7PeVtXvSsqkyNqwJx2u
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:00:55 2024 by rpki-client on console-ams.rpki-client.org