Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/6d59d9-9daf-4fcb-8d05-13bcc752119a/1/IVaRa9V1CZS9x0M1IvrBl3hHagk.roa
File: IVaRa9V1CZS9x0M1IvrBl3hHagk.roa (raw, json)
Hash identifier: plzf7a5FAa9kIeu70fnXh9fdcrsCc9k85ZLtWAcTAwg=
Subject key identifier: 21:56:91:6B:D5:75:09:94:BD:C7:43:35:22:FA:C1:97:78:47:6A:09
Certificate issuer: /CN=b07ab922565e2b3e2cc63d485a55dd4fc41d357e
Certificate serial: 018563F6DF3C241DFC1EFD82F51DC6AA4602
Authority key identifier: B0:7A:B9:22:56:5E:2B:3E:2C:C6:3D:48:5A:55:DD:4F:C4:1D:35:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sHq5IlZeKz4sxj1IWlXdT8QdNX4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/6d59d9-9daf-4fcb-8d05-13bcc752119a/1/IVaRa9V1CZS9x0M1IvrBl3hHagk.roa
Signing time: Fri 30 Dec 2022 16:56:41 +0000
ROA not before: Fri 30 Dec 2022 16:56:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 51847
IP address blocks: 2a12:f8c1:50::/44 maxlen: 44
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:63:f6:df:3c:24:1d:fc:1e:fd:82:f5:1d:c6:aa:46:02
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b07ab922565e2b3e2cc63d485a55dd4fc41d357e
Validity
Not Before: Dec 30 16:56:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2156916bd5750994bdc7433522fac19778476a09
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:75:e3:71:c6:14:4e:f8:6e:ca:52:f7:f8:97:
ff:1f:8b:28:79:66:8f:20:93:f8:58:6d:0b:8a:ea:
09:83:c3:80:6b:86:83:e8:16:d6:ae:68:38:5f:0f:
ef:39:bd:10:86:d3:3b:11:30:fa:e3:be:15:d5:1c:
89:37:dc:bb:dd:46:82:4d:87:9b:bf:ad:52:d1:56:
81:cf:19:48:b1:74:e0:28:a3:1f:9f:9f:e4:cb:d8:
8f:ff:15:c2:42:0d:c3:cf:f9:55:3b:b5:11:fa:f8:
1c:b5:1b:41:16:84:da:35:ef:58:5f:7c:8c:88:93:
71:c3:a8:5a:74:ed:c5:96:94:cc:62:13:dc:0e:29:
e1:71:3d:b1:9f:be:4d:7f:33:a3:c7:aa:83:d3:67:
42:1d:52:86:a2:7d:7d:ab:c5:e9:9c:14:48:08:fb:
ba:53:10:52:35:1b:ac:0c:74:3f:e9:b4:33:65:bf:
37:9f:06:70:8f:ef:d9:8d:57:a6:d1:45:c9:73:24:
22:48:58:8a:c4:8e:2d:2a:58:60:3b:c6:09:fc:ac:
ea:ff:4e:1e:fc:bb:10:5d:04:8b:39:f9:97:52:75:
ee:66:de:28:ee:87:74:2b:8c:fc:ef:0c:0b:1f:f6:
f2:11:85:d3:cd:4c:3d:f5:1f:48:3a:d2:8c:50:20:
30:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:56:91:6B:D5:75:09:94:BD:C7:43:35:22:FA:C1:97:78:47:6A:09
X509v3 Authority Key Identifier:
keyid:B0:7A:B9:22:56:5E:2B:3E:2C:C6:3D:48:5A:55:DD:4F:C4:1D:35:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sHq5IlZeKz4sxj1IWlXdT8QdNX4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/6d59d9-9daf-4fcb-8d05-13bcc752119a/1/IVaRa9V1CZS9x0M1IvrBl3hHagk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/6d59d9-9daf-4fcb-8d05-13bcc752119a/1/sHq5IlZeKz4sxj1IWlXdT8QdNX4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:f8c1:50::/44
Signature Algorithm: sha256WithRSAEncryption
3a:8b:c8:f5:1c:66:0b:a1:fb:79:e3:ae:6d:28:59:f7:15:53:
21:3d:14:e5:de:b9:f0:dc:64:2f:ab:57:12:12:12:86:05:c6:
b4:52:5b:76:90:aa:18:03:91:8c:11:a1:60:32:62:7a:b2:46:
cb:8c:76:a6:72:bc:b7:c2:72:94:76:52:d4:de:cf:c3:c6:97:
3f:bf:30:5d:94:c6:34:99:6a:08:9d:08:cb:ca:4a:8b:93:a3:
4a:7b:dd:90:58:a8:59:d4:1d:2a:aa:df:8e:a1:3e:75:e8:1d:
02:55:67:c7:06:a1:52:b1:f3:e3:8c:78:ab:b6:87:16:c8:31:
c4:86:48:f7:8c:a0:b2:30:91:f5:cd:d6:76:12:5d:05:4a:8c:
c4:1f:9f:0e:ce:d1:d4:85:ca:df:a3:c5:c9:c6:cc:44:ae:5e:
b9:7c:f0:a4:23:5a:b3:75:66:2b:ec:5c:e4:1d:61:05:f0:d1:
91:32:38:1a:fe:a8:8b:b8:36:72:ed:40:79:8b:f9:fc:fc:23:
86:a6:4c:cd:5d:30:34:cb:66:6b:8c:bf:d1:48:f7:df:71:d2:
1d:36:58:74:69:e7:4a:99:30:f9:e4:e7:77:89:91:c3:30:06:
6b:69:a0:a0:5b:63:66:6b:5c:93:c6:50:e4:ac:17:bf:95:b4:
cc:19:d0:cd
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVj9t88JB38Hv2C9R3GqkYCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIwN2FiOTIyNTY1ZTJiM2UyY2M2M2Q0ODVhNTVkZDRmYzQx
ZDM1N2UwHhcNMjIxMjMwMTY1NjQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMTU2OTE2YmQ1NzUwOTk0YmRjNzQzMzUyMmZhYzE5Nzc4NDc2YTA5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw3XjccYUTvhuylL3+Jf/H4soeWaP
IJP4WG0LiuoJg8OAa4aD6BbWrmg4Xw/vOb0QhtM7ETD6474V1RyJN9y73UaCTYeb
v61S0VaBzxlIsXTgKKMfn5/ky9iP/xXCQg3Dz/lVO7UR+vgctRtBFoTaNe9YX3yM
iJNxw6hadO3FlpTMYhPcDinhcT2xn75NfzOjx6qD02dCHVKGon19q8XpnBRICPu6
UxBSNRusDHQ/6bQzZb83nwZwj+/ZjVem0UXJcyQiSFiKxI4tKlhgO8YJ/Kzq/04e
/LsQXQSLOfmXUnXuZt4o7od0K4z87wwLH/byEYXTzUw99R9IOtKMUCAwiwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFCFWkWvVdQmUvcdDNSL6wZd4R2oJMB8GA1UdIwQY
MBaAFLB6uSJWXis+LMY9SFpV3U/EHTV+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc0hxNUlsWmVLejRzeGoxSVdsWGRUOFFkTlg0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS82ZDU5ZDktOWRhZi00ZmNiLThkMDUt
MTNiY2M3NTIxMTlhLzEvSVZhUmE5VjFDWlM5eDBNMUl2ckJsM2hIYWdrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS82ZDU5ZDktOWRhZi00ZmNiLThkMDUtMTNiY2M3NTIxMTlh
LzEvc0hxNUlsWmVLejRzeGoxSVdsWGRUOFFkTlg0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKhL4wQBQ
MA0GCSqGSIb3DQEBCwUAA4IBAQA6i8j1HGYLoft5465tKFn3FVMhPRTl3rnw3GQv
q1cSEhKGBca0Ult2kKoYA5GMEaFgMmJ6skbLjHamcry3wnKUdlLU3s/Dxpc/vzBd
lMY0mWoInQjLykqLk6NKe92QWKhZ1B0qqt+OoT516B0CVWfHBqFSsfPjjHirtocW
yDHEhkj3jKCyMJH1zdZ2El0FSozEH58OztHUhcrfo8XJxsxErl65fPCkI1qzdWYr
7FzkHWEF8NGRMjga/qiLuDZy7UB5i/n8/COGpkzNXTA0y2ZrjL/RSPffcdIdNlh0
aedKmTD55Od3iZHDMAZraaCgW2Nma1yTxlDkrBe/lbTMGdDN
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:00:55 2024 by rpki-client on console-ams.rpki-client.org