Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/6d59d9-9daf-4fcb-8d05-13bcc752119a/1/EwtDmjiL1F82W5qlSCvEG9Hx8Xw.roa
File: EwtDmjiL1F82W5qlSCvEG9Hx8Xw.roa (raw, json)
Hash identifier: un6TZeKEwRpO2ObSq21e3/DkSsZVeki6UNB9Y8VlgzQ=
Subject key identifier: 13:0B:43:9A:38:8B:D4:5F:36:5B:9A:A5:48:2B:C4:1B:D1:F1:F1:7C
Certificate issuer: /CN=b07ab922565e2b3e2cc63d485a55dd4fc41d357e
Certificate serial: 0188A988C451523D4533A9ABD1B35571F725
Authority key identifier: B0:7A:B9:22:56:5E:2B:3E:2C:C6:3D:48:5A:55:DD:4F:C4:1D:35:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sHq5IlZeKz4sxj1IWlXdT8QdNX4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/6d59d9-9daf-4fcb-8d05-13bcc752119a/1/EwtDmjiL1F82W5qlSCvEG9Hx8Xw.roa
Signing time: Sun 11 Jun 2023 08:18:12 +0000
ROA not before: Sun 11 Jun 2023 08:18:12 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 150298
IP address blocks: 2a12:f8c1:200::/40 maxlen: 40
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:a9:88:c4:51:52:3d:45:33:a9:ab:d1:b3:55:71:f7:25
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b07ab922565e2b3e2cc63d485a55dd4fc41d357e
Validity
Not Before: Jun 11 08:18:12 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=130b439a388bd45f365b9aa5482bc41bd1f1f17c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:29:0d:37:e5:02:65:76:22:1b:52:c7:41:3c:
3f:2d:28:b7:9c:31:9b:6c:d7:0a:46:59:ee:a8:11:
db:50:95:95:5d:03:11:d4:7b:b2:84:f6:b6:ce:db:
2b:ea:6c:7a:8a:3b:7f:45:22:a8:6d:b2:c1:4f:e0:
ab:80:79:e8:b2:ef:9d:38:a9:18:30:a3:53:5b:ab:
69:f1:c0:e3:9e:40:43:1d:c0:2e:31:1e:ba:c9:11:
be:68:16:c2:94:1a:6e:a3:7d:93:b1:ba:52:08:b2:
2c:da:51:6f:09:be:08:9d:77:ad:1f:17:9e:b2:74:
72:36:50:a2:77:2e:cc:5c:c8:17:c1:93:f6:ec:f3:
ae:1c:8d:6b:c5:1a:6b:82:94:3c:69:e5:bb:ad:af:
e1:ef:2b:45:ce:8c:f9:e8:eb:b0:52:ae:c1:cc:65:
78:11:b7:38:f6:1b:a1:b8:14:77:db:10:66:61:53:
cb:3e:2b:b6:b8:cb:17:1b:db:c4:5f:ad:b9:91:90:
f7:d5:02:d4:3c:04:af:d6:af:dc:fe:3c:df:93:e7:
ad:84:d8:e1:1a:66:3f:a1:ef:11:a0:12:f8:6c:10:
a9:ff:99:5c:01:4e:4f:44:3d:61:6a:bf:c6:97:76:
5f:13:4b:a7:a9:4f:65:c9:40:a8:2d:ac:16:0f:cc:
c5:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
13:0B:43:9A:38:8B:D4:5F:36:5B:9A:A5:48:2B:C4:1B:D1:F1:F1:7C
X509v3 Authority Key Identifier:
keyid:B0:7A:B9:22:56:5E:2B:3E:2C:C6:3D:48:5A:55:DD:4F:C4:1D:35:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sHq5IlZeKz4sxj1IWlXdT8QdNX4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/6d59d9-9daf-4fcb-8d05-13bcc752119a/1/EwtDmjiL1F82W5qlSCvEG9Hx8Xw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/6d59d9-9daf-4fcb-8d05-13bcc752119a/1/sHq5IlZeKz4sxj1IWlXdT8QdNX4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:f8c1:200::/40
Signature Algorithm: sha256WithRSAEncryption
14:95:c0:ae:f7:bc:02:dd:72:23:46:b2:5a:29:03:39:39:49:
38:09:eb:0d:ce:0f:21:79:08:ae:a1:3d:ff:b5:06:68:ac:e1:
11:d5:33:f0:c5:76:a3:33:97:f3:9e:77:83:9f:c7:ce:af:4e:
68:5a:2f:ca:7f:3f:8d:89:90:39:25:9c:75:04:c4:ab:3b:2f:
ce:ab:07:66:a3:16:bb:99:c9:77:20:84:75:e1:25:24:87:8f:
bb:89:4d:86:09:7f:89:11:24:6a:0f:59:91:39:4d:2b:d2:10:
0f:ca:ea:df:85:d5:e7:8b:a5:97:4e:0c:9d:75:77:14:99:70:
79:44:5b:1e:66:03:f0:80:6b:12:8d:96:ef:05:f9:ea:cf:d3:
65:b0:e2:4d:ab:ec:f4:00:c5:8f:5e:d1:74:a3:87:06:f8:0e:
b6:b2:f9:98:c1:80:5d:e1:0b:0c:d2:fd:16:79:c8:8d:a8:22:
f5:6d:1b:3e:c5:2f:54:f3:68:8b:d5:f2:c7:e0:f8:c4:89:56:
bd:1c:b8:57:6c:2c:ab:97:19:42:42:30:c3:9d:c0:75:97:44:
0a:a9:39:cf:96:82:61:b8:4b:bb:d4:4e:19:33:38:2d:99:0a:
db:52:e5:e5:d3:74:3a:36:c8:39:c9:eb:1b:67:d9:1e:42:b7:
51:22:89:01
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYipiMRRUj1FM6mr0bNVcfclMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIwN2FiOTIyNTY1ZTJiM2UyY2M2M2Q0ODVhNTVkZDRmYzQx
ZDM1N2UwHhcNMjMwNjExMDgxODEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMzBiNDM5YTM4OGJkNDVmMzY1YjlhYTU0ODJiYzQxYmQxZjFmMTdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnSkNN+UCZXYiG1LHQTw/LSi3nDGb
bNcKRlnuqBHbUJWVXQMR1HuyhPa2ztsr6mx6ijt/RSKobbLBT+CrgHnosu+dOKkY
MKNTW6tp8cDjnkBDHcAuMR66yRG+aBbClBpuo32TsbpSCLIs2lFvCb4InXetHxee
snRyNlCidy7MXMgXwZP27POuHI1rxRprgpQ8aeW7ra/h7ytFzoz56OuwUq7BzGV4
Ebc49huhuBR32xBmYVPLPiu2uMsXG9vEX625kZD31QLUPASv1q/c/jzfk+ethNjh
GmY/oe8RoBL4bBCp/5lcAU5PRD1har/Gl3ZfE0unqU9lyUCoLawWD8zFAQIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFBMLQ5o4i9RfNluapUgrxBvR8fF8MB8GA1UdIwQY
MBaAFLB6uSJWXis+LMY9SFpV3U/EHTV+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc0hxNUlsWmVLejRzeGoxSVdsWGRUOFFkTlg0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS82ZDU5ZDktOWRhZi00ZmNiLThkMDUt
MTNiY2M3NTIxMTlhLzEvRXd0RG1qaUwxRjgyVzVxbFNDdkVHOUh4OFh3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS82ZDU5ZDktOWRhZi00ZmNiLThkMDUtMTNiY2M3NTIxMTlh
LzEvc0hxNUlsWmVLejRzeGoxSVdsWGRUOFFkTlg0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYAKhL4wQIw
DQYJKoZIhvcNAQELBQADggEBABSVwK73vALdciNGslopAzk5STgJ6w3ODyF5CK6h
Pf+1Bmis4RHVM/DFdqMzl/Oed4Ofx86vTmhaL8p/P42JkDklnHUExKs7L86rB2aj
FruZyXcghHXhJSSHj7uJTYYJf4kRJGoPWZE5TSvSEA/K6t+F1eeLpZdODJ11dxSZ
cHlEWx5mA/CAaxKNlu8F+erP02Ww4k2r7PQAxY9e0XSjhwb4Dray+ZjBgF3hCwzS
/RZ5yI2oIvVtGz7FL1TzaIvV8sfg+MSJVr0cuFdsLKuXGUJCMMOdwHWXRAqpOc+W
gmG4S7vUThkzOC2ZCttS5eXTdDo2yDnJ6xtn2R5Ct1EiiQE=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:15:13 2025 by rpki-client