Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/6d59d9-9daf-4fcb-8d05-13bcc752119a/1/D9iP53wofiYwEGkUG-6xwSBKFSQ.roa
File: D9iP53wofiYwEGkUG-6xwSBKFSQ.roa (raw, json)
Hash identifier: W/5Y8YziYeyLYDGEA5coa5siEH7Q+j/VHJwy1jqXuWs=
Subject key identifier: 0F:D8:8F:E7:7C:28:7E:26:30:10:69:14:1B:EE:B1:C1:20:4A:15:24
Certificate issuer: /CN=b07ab922565e2b3e2cc63d485a55dd4fc41d357e
Certificate serial: 018DF3EE2ABFFDC2219A3A758C0B80A73826
Authority key identifier: B0:7A:B9:22:56:5E:2B:3E:2C:C6:3D:48:5A:55:DD:4F:C4:1D:35:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sHq5IlZeKz4sxj1IWlXdT8QdNX4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/6d59d9-9daf-4fcb-8d05-13bcc752119a/1/D9iP53wofiYwEGkUG-6xwSBKFSQ.roa
Signing time: Thu 29 Feb 2024 08:14:48 +0000
ROA not before: Thu 29 Feb 2024 08:14:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 63801
IP address blocks: 2a12:f8c2:200::/40 maxlen: 40
2a12:f8c2:600::/40 maxlen: 40
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:f3:ee:2a:bf:fd:c2:21:9a:3a:75:8c:0b:80:a7:38:26
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b07ab922565e2b3e2cc63d485a55dd4fc41d357e
Validity
Not Before: Feb 29 08:14:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0fd88fe77c287e26301069141beeb1c1204a1524
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:53:af:c0:7a:75:82:84:9d:0d:7a:51:b8:66:
32:50:8e:2a:4d:eb:7c:38:f5:d5:68:4b:9b:aa:49:
de:35:b4:01:10:dc:23:8d:64:83:1d:11:74:1d:f2:
23:ee:dd:43:d0:71:59:da:cb:fc:f4:c6:41:11:f9:
f6:43:e6:7e:95:9c:f6:7d:33:21:1e:9a:98:9e:5d:
c1:a4:9b:a1:66:5d:e7:5f:8b:12:c5:ea:9d:85:2f:
d6:d4:53:40:03:a7:62:c6:cc:7d:07:e4:64:e1:55:
3c:b5:48:91:aa:0b:da:60:f9:8a:fc:d5:c1:3e:08:
73:33:1e:f9:45:ac:90:32:4b:4a:a6:36:a9:a1:76:
c1:a8:f8:b2:3a:25:ff:ff:41:a1:da:07:07:41:f3:
c6:b5:3b:0d:e9:64:6a:22:3b:73:51:bc:91:73:91:
98:cd:76:1a:52:e8:80:2f:61:94:22:5d:c6:29:f8:
f9:4c:a3:f5:23:74:50:9a:a5:a8:30:c6:9f:7b:a5:
29:49:cc:1e:af:0c:47:8a:69:0a:33:1d:9b:26:60:
98:f8:b8:d9:32:82:c3:dd:8f:9e:bc:5e:52:24:cd:
5b:10:8d:e3:50:69:2d:20:73:66:30:78:39:bd:42:
62:66:bc:38:2d:ad:11:06:4a:ae:0f:9c:4c:9f:c9:
ef:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:D8:8F:E7:7C:28:7E:26:30:10:69:14:1B:EE:B1:C1:20:4A:15:24
X509v3 Authority Key Identifier:
keyid:B0:7A:B9:22:56:5E:2B:3E:2C:C6:3D:48:5A:55:DD:4F:C4:1D:35:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sHq5IlZeKz4sxj1IWlXdT8QdNX4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/6d59d9-9daf-4fcb-8d05-13bcc752119a/1/D9iP53wofiYwEGkUG-6xwSBKFSQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/6d59d9-9daf-4fcb-8d05-13bcc752119a/1/sHq5IlZeKz4sxj1IWlXdT8QdNX4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:f8c2:200::/40
2a12:f8c2:600::/40
Signature Algorithm: sha256WithRSAEncryption
39:a7:ea:be:9e:4b:bd:15:f0:58:12:62:e0:f5:d2:72:7b:a5:
59:47:87:a9:18:b0:c1:da:8a:9c:49:51:17:c1:95:f1:9c:e4:
95:55:b5:d5:63:df:f5:09:70:9c:e0:30:b3:f8:ce:61:e0:bd:
4d:f0:3d:3d:93:53:86:41:e8:94:30:56:1b:c8:b6:d7:fe:d0:
49:80:20:b8:0a:21:66:4c:03:9e:96:2b:aa:7a:8f:8e:7e:b6:
40:b4:3d:61:e0:d9:d1:11:eb:f3:b0:b1:40:51:cb:58:ac:8a:
80:dd:1e:50:89:e6:6e:45:7b:d0:6d:c3:6b:80:60:d1:46:51:
4f:6a:5f:87:6f:b5:7d:d0:c0:bb:cf:d0:3a:68:22:5f:53:4b:
c3:7f:20:9e:db:7c:33:c8:86:00:e4:46:f7:42:55:df:f3:6d:
85:ed:e9:ce:8d:73:4f:53:7a:2d:2b:3b:cb:35:71:20:57:04:
b8:0d:28:be:c8:a0:cd:a6:50:9e:0d:c7:dd:22:b2:c2:ea:62:
db:1e:30:c3:81:f4:44:80:fd:6d:ea:37:f3:bf:56:b2:0d:ea:
f1:a0:c7:d0:d3:26:a3:87:ef:1b:f0:ca:83:28:ba:76:aa:43:
7a:36:8b:5b:a6:cc:f1:69:59:c4:23:48:ae:57:a9:90:19:9e:
f8:11:0a:60
-----BEGIN CERTIFICATE-----
MIIFBzCCA++gAwIBAgISAY3z7iq//cIhmjp1jAuApzgmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIwN2FiOTIyNTY1ZTJiM2UyY2M2M2Q0ODVhNTVkZDRmYzQx
ZDM1N2UwHhcNMjQwMjI5MDgxNDQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZmQ4OGZlNzdjMjg3ZTI2MzAxMDY5MTQxYmVlYjFjMTIwNGExNTI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgVOvwHp1goSdDXpRuGYyUI4qTet8
OPXVaEubqkneNbQBENwjjWSDHRF0HfIj7t1D0HFZ2sv89MZBEfn2Q+Z+lZz2fTMh
HpqYnl3BpJuhZl3nX4sSxeqdhS/W1FNAA6dixsx9B+Rk4VU8tUiRqgvaYPmK/NXB
PghzMx75RayQMktKpjapoXbBqPiyOiX//0Gh2gcHQfPGtTsN6WRqIjtzUbyRc5GY
zXYaUuiAL2GUIl3GKfj5TKP1I3RQmqWoMMafe6UpScwerwxHimkKMx2bJmCY+LjZ
MoLD3Y+evF5SJM1bEI3jUGktIHNmMHg5vUJiZrw4La0RBkquD5xMn8nvhQIDAQAB
o4ICEzCCAg8wHQYDVR0OBBYEFA/Yj+d8KH4mMBBpFBvuscEgShUkMB8GA1UdIwQY
MBaAFLB6uSJWXis+LMY9SFpV3U/EHTV+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc0hxNUlsWmVLejRzeGoxSVdsWGRUOFFkTlg0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS82ZDU5ZDktOWRhZi00ZmNiLThkMDUt
MTNiY2M3NTIxMTlhLzEvRDlpUDUzd29maVl3RUdrVUctNnh3U0JLRlNRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS82ZDU5ZDktOWRhZi00ZmNiLThkMDUtMTNiY2M3NTIxMTlh
LzEvc0hxNUlsWmVLejRzeGoxSVdsWGRUOFFkTlg0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCkGCCsGAQUFBwEHAQH/BBowGDAWBAIAAjAQAwYAKhL4wgID
BgAqEvjCBjANBgkqhkiG9w0BAQsFAAOCAQEAOafqvp5LvRXwWBJi4PXScnulWUeH
qRiwwdqKnElRF8GV8ZzklVW11WPf9QlwnOAws/jOYeC9TfA9PZNThkHolDBWG8i2
1/7QSYAguAohZkwDnpYrqnqPjn62QLQ9YeDZ0RHr87CxQFHLWKyKgN0eUInmbkV7
0G3Da4Bg0UZRT2pfh2+1fdDAu8/QOmgiX1NLw38gntt8M8iGAORG90JV3/Nthe3p
zo1zT1N6LSs7yzVxIFcEuA0ovsigzaZQng3H3SKywupi2x4ww4H0RID9beo3879W
sg3q8aDH0NMmo4fvG/DKgyi6dqpDejaLW6bM8WlZxCNIrlepkBme+BEKYA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:02 2024 by rpki-client on console-fra.rpki-client.org