Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/6d59d9-9daf-4fcb-8d05-13bcc752119a/1/F5xuQG8GeThByeL8CUVMTx5SNUQ.roa
File: F5xuQG8GeThByeL8CUVMTx5SNUQ.roa (raw, json)
Hash identifier: 3m4J23y142Vx4BwU+nw68/yTRlO4ht2BWmkXJ3U5b/A=
Subject key identifier: 17:9C:6E:40:6F:06:79:38:41:C9:E2:FC:09:45:4C:4F:1E:52:35:44
Certificate issuer: /CN=b07ab922565e2b3e2cc63d485a55dd4fc41d357e
Certificate serial: 0188E326943722AC3FF47ECDDFC05DE778B6
Authority key identifier: B0:7A:B9:22:56:5E:2B:3E:2C:C6:3D:48:5A:55:DD:4F:C4:1D:35:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sHq5IlZeKz4sxj1IWlXdT8QdNX4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/6d59d9-9daf-4fcb-8d05-13bcc752119a/1/F5xuQG8GeThByeL8CUVMTx5SNUQ.roa
Signing time: Thu 22 Jun 2023 12:48:56 +0000
ROA not before: Thu 22 Jun 2023 12:48:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204214
IP address blocks: 2a12:f8c1:300::/40 maxlen: 48
2a12:f8c1::/32 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:e3:26:94:37:22:ac:3f:f4:7e:cd:df:c0:5d:e7:78:b6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b07ab922565e2b3e2cc63d485a55dd4fc41d357e
Validity
Not Before: Jun 22 12:48:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=179c6e406f06793841c9e2fc09454c4f1e523544
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:0f:37:ba:c2:cd:96:aa:f6:e1:b8:db:14:22:
4f:f7:82:e5:98:3d:04:47:b6:99:0b:b5:36:7a:a6:
d7:ef:dc:9e:e9:65:fc:99:db:81:55:f3:82:54:0b:
d4:b6:d0:b9:0a:f6:71:5c:d6:71:ad:52:44:94:a2:
32:cb:cc:ff:60:2f:1e:cd:e8:2d:89:71:de:c9:ec:
7c:e7:bd:16:c4:44:25:c4:ae:66:17:49:ba:10:fe:
fa:0d:26:be:c7:64:38:d9:d1:3d:e0:46:e4:07:96:
18:85:b6:25:99:d1:c9:a8:68:c4:90:24:9d:f1:63:
07:7d:34:47:48:fc:1d:5d:e5:3f:82:96:a6:60:53:
31:e8:dc:ba:bb:14:58:dd:b7:9c:03:51:21:79:43:
d8:52:49:1e:c9:66:5a:4e:92:f1:b5:55:b0:84:4b:
c1:64:eb:4a:43:bb:d3:3d:e5:4f:b1:39:61:a0:c0:
de:6a:b7:f6:ba:52:61:13:33:4b:df:23:30:14:5c:
d8:16:b3:8a:53:a1:62:fb:49:4e:f8:b2:6f:25:71:
48:7c:21:27:6e:74:d6:39:a2:e5:73:3b:4a:1c:f1:
80:4e:71:9b:da:31:10:eb:10:45:58:cf:a2:cb:90:
09:ac:06:d4:7d:7a:15:0b:c0:f7:d4:07:a3:c4:98:
31:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:9C:6E:40:6F:06:79:38:41:C9:E2:FC:09:45:4C:4F:1E:52:35:44
X509v3 Authority Key Identifier:
keyid:B0:7A:B9:22:56:5E:2B:3E:2C:C6:3D:48:5A:55:DD:4F:C4:1D:35:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sHq5IlZeKz4sxj1IWlXdT8QdNX4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/6d59d9-9daf-4fcb-8d05-13bcc752119a/1/F5xuQG8GeThByeL8CUVMTx5SNUQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/6d59d9-9daf-4fcb-8d05-13bcc752119a/1/sHq5IlZeKz4sxj1IWlXdT8QdNX4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:f8c1::/32
Signature Algorithm: sha256WithRSAEncryption
24:15:da:cb:69:17:fb:7b:c0:d9:15:a3:5e:a6:b9:65:f9:2a:
8c:39:10:40:f1:aa:8c:8a:d9:65:f3:8c:20:01:d6:88:bd:6b:
3e:71:c2:0f:ad:40:38:86:0f:3b:ae:c9:94:ef:b5:5f:38:7b:
0c:0a:6c:d5:d4:97:2d:5a:c9:09:e9:f6:5a:7b:73:da:b8:fa:
41:34:61:0c:7a:e1:69:92:3f:8a:ce:c4:f1:5c:3f:8f:8d:75:
4b:1a:ab:1f:51:32:f2:2c:f7:b7:7f:7d:73:6e:7b:50:3a:15:
28:58:19:11:3d:a2:18:29:3e:27:d4:37:61:cd:4b:3f:89:13:
ac:8a:5f:13:cb:c1:19:1b:5f:cd:ba:1c:af:aa:5b:05:d2:98:
c0:f0:34:b9:ad:df:02:d5:ef:72:76:5e:db:3f:a4:a5:40:f6:
e8:e5:cd:27:62:30:69:56:0a:f9:b4:2f:d1:7c:44:ab:91:9b:
bb:60:b3:3f:a8:5f:67:3b:ff:3a:26:d4:8a:3f:3b:b9:fb:28:
46:de:9f:bf:3e:d3:53:13:50:66:65:3a:cd:96:1a:fb:ce:4c:
61:18:8b:92:a5:02:a2:02:66:97:a9:da:dc:ca:8b:76:01:3f:
2d:8e:8a:5b:5c:cf:0e:47:ee:e1:a7:b4:ae:65:55:55:d7:eb:
ca:95:7f:96
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYjjJpQ3Iqw/9H7N38Bd53i2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIwN2FiOTIyNTY1ZTJiM2UyY2M2M2Q0ODVhNTVkZDRmYzQx
ZDM1N2UwHhcNMjMwNjIyMTI0ODU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNzljNmU0MDZmMDY3OTM4NDFjOWUyZmMwOTQ1NGM0ZjFlNTIzNTQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsw83usLNlqr24bjbFCJP94LlmD0E
R7aZC7U2eqbX79ye6WX8mduBVfOCVAvUttC5CvZxXNZxrVJElKIyy8z/YC8ezegt
iXHeyex8570WxEQlxK5mF0m6EP76DSa+x2Q42dE94EbkB5YYhbYlmdHJqGjEkCSd
8WMHfTRHSPwdXeU/gpamYFMx6Ny6uxRY3becA1EheUPYUkkeyWZaTpLxtVWwhEvB
ZOtKQ7vTPeVPsTlhoMDearf2ulJhEzNL3yMwFFzYFrOKU6Fi+0lO+LJvJXFIfCEn
bnTWOaLlcztKHPGATnGb2jEQ6xBFWM+iy5AJrAbUfXoVC8D31AejxJgxWQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFBecbkBvBnk4Qcni/AlFTE8eUjVEMB8GA1UdIwQY
MBaAFLB6uSJWXis+LMY9SFpV3U/EHTV+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc0hxNUlsWmVLejRzeGoxSVdsWGRUOFFkTlg0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS82ZDU5ZDktOWRhZi00ZmNiLThkMDUt
MTNiY2M3NTIxMTlhLzEvRjV4dVFHOEdlVGhCeWVMOENVVk1UeDVTTlVRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS82ZDU5ZDktOWRhZi00ZmNiLThkMDUtMTNiY2M3NTIxMTlh
LzEvc0hxNUlsWmVLejRzeGoxSVdsWGRUOFFkTlg0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKhL4wTAN
BgkqhkiG9w0BAQsFAAOCAQEAJBXay2kX+3vA2RWjXqa5ZfkqjDkQQPGqjIrZZfOM
IAHWiL1rPnHCD61AOIYPO67JlO+1Xzh7DAps1dSXLVrJCen2Wntz2rj6QTRhDHrh
aZI/is7E8Vw/j411SxqrH1Ey8iz3t399c257UDoVKFgZET2iGCk+J9Q3Yc1LP4kT
rIpfE8vBGRtfzbocr6pbBdKYwPA0ua3fAtXvcnZe2z+kpUD26OXNJ2IwaVYK+bQv
0XxEq5Gbu2CzP6hfZzv/OibUij87ufsoRt6fvz7TUxNQZmU6zZYa+85MYRiLkqUC
ogJml6na3MqLdgE/LY6KW1zPDkfu4ae0rmVVVdfrypV/lg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:00:55 2024 by rpki-client on console-ams.rpki-client.org