Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/6d59d9-9daf-4fcb-8d05-13bcc752119a/1/K5ToSzwSsgXD_zOYV2v0ftkN8kw.roa
File: K5ToSzwSsgXD_zOYV2v0ftkN8kw.roa (raw, json)
Hash identifier: 8SlyS2GJdbRKPB8eXEFcFY2WEhE9ggaJQUTb4atpe54=
Subject key identifier: 2B:94:E8:4B:3C:12:B2:05:C3:FF:33:98:57:6B:F4:7E:D9:0D:F2:4C
Certificate issuer: /CN=b07ab922565e2b3e2cc63d485a55dd4fc41d357e
Certificate serial: 018A851043B13BB7B784256F04616F15A892
Authority key identifier: B0:7A:B9:22:56:5E:2B:3E:2C:C6:3D:48:5A:55:DD:4F:C4:1D:35:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sHq5IlZeKz4sxj1IWlXdT8QdNX4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/6d59d9-9daf-4fcb-8d05-13bcc752119a/1/K5ToSzwSsgXD_zOYV2v0ftkN8kw.roa
Signing time: Mon 11 Sep 2023 16:25:50 +0000
ROA not before: Mon 11 Sep 2023 16:25:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 199108
IP address blocks: 2a12:f8c1:70::/44 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:85:10:43:b1:3b:b7:b7:84:25:6f:04:61:6f:15:a8:92
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b07ab922565e2b3e2cc63d485a55dd4fc41d357e
Validity
Not Before: Sep 11 16:25:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2b94e84b3c12b205c3ff3398576bf47ed90df24c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:59:c5:13:9e:b5:0c:4b:07:72:41:98:cf:78:
00:2a:52:66:b5:3f:33:36:13:ef:55:bc:6d:0d:5e:
de:13:1d:ce:40:92:60:de:2e:7a:a0:0e:5e:e4:ed:
bf:33:c7:a1:a5:ee:e3:79:7b:1b:e6:05:8b:11:ab:
ae:b8:4f:18:7f:c3:44:f4:43:ea:f7:12:81:34:2a:
f6:1e:91:81:02:89:29:db:5e:78:bd:a1:b9:32:38:
56:f1:45:7a:77:18:54:a4:43:f7:05:18:f2:12:80:
53:46:b4:e2:d8:ac:35:95:8d:46:9d:13:69:18:ea:
5c:64:35:74:ae:1b:e7:35:3b:fc:01:50:4a:f6:ae:
04:db:9a:35:bb:73:92:87:d5:a3:30:54:44:72:d8:
cc:19:65:28:78:94:50:16:0a:d1:85:05:e3:55:28:
bd:dd:61:51:ad:d9:83:df:89:81:ea:72:2e:06:b7:
8d:97:6a:d0:1c:5c:55:5b:78:26:f8:84:75:92:52:
5e:d9:d4:38:86:ca:39:c7:88:f1:c5:7a:43:92:93:
12:bf:67:6d:20:d7:92:56:89:7d:03:bd:00:47:e9:
09:f6:c7:e8:f7:d8:99:cc:c4:b3:e4:e3:75:a3:44:
f3:54:fd:65:f0:f3:20:8b:0b:3f:d1:1d:76:9e:fb:
7a:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:94:E8:4B:3C:12:B2:05:C3:FF:33:98:57:6B:F4:7E:D9:0D:F2:4C
X509v3 Authority Key Identifier:
keyid:B0:7A:B9:22:56:5E:2B:3E:2C:C6:3D:48:5A:55:DD:4F:C4:1D:35:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sHq5IlZeKz4sxj1IWlXdT8QdNX4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/6d59d9-9daf-4fcb-8d05-13bcc752119a/1/K5ToSzwSsgXD_zOYV2v0ftkN8kw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/6d59d9-9daf-4fcb-8d05-13bcc752119a/1/sHq5IlZeKz4sxj1IWlXdT8QdNX4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:f8c1:70::/44
Signature Algorithm: sha256WithRSAEncryption
99:8c:7c:73:7e:8f:76:f6:ac:72:31:5e:2d:28:9a:43:a3:87:
08:d8:4b:f2:38:09:81:ba:93:3a:59:57:c0:64:59:aa:11:7c:
0d:f3:72:4f:d7:1d:4e:ed:4d:fe:b0:79:76:ba:0b:25:a8:e9:
f8:b4:20:15:70:85:72:5c:ef:b0:3a:89:da:55:c0:d7:3e:cf:
4b:0f:b1:38:cd:bd:22:6f:bd:80:84:21:61:cf:bb:af:c1:e9:
27:cd:57:e5:ba:30:1f:41:73:74:8d:a5:c9:a6:c8:f6:77:c4:
8e:65:7e:7a:24:cb:19:a3:e5:8c:39:5f:75:e2:b0:49:74:44:
1d:63:7b:f4:b5:8b:89:76:ff:db:8a:d3:1f:c6:c4:78:70:e8:
a4:97:94:94:a0:db:e7:ca:d0:3b:2b:97:ea:d9:90:88:5b:24:
d0:67:d8:23:c0:bc:21:d8:f2:c1:f0:bb:d6:c0:28:4b:8d:a7:
b2:87:06:93:d2:76:05:3a:b2:42:87:68:78:68:d0:79:16:e0:
a4:46:8d:d2:a9:87:84:33:dd:ff:f8:77:d2:51:1e:eb:22:ac:
79:bf:c3:0f:77:6f:59:d5:08:01:1e:2e:f8:80:79:7b:cf:13:
21:58:b9:97:cf:4d:26:70:bd:72:b6:3e:b1:13:29:ca:96:b2:
a9:e5:9a:7a
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYqFEEOxO7e3hCVvBGFvFaiSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIwN2FiOTIyNTY1ZTJiM2UyY2M2M2Q0ODVhNTVkZDRmYzQx
ZDM1N2UwHhcNMjMwOTExMTYyNTUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYjk0ZTg0YjNjMTJiMjA1YzNmZjMzOTg1NzZiZjQ3ZWQ5MGRmMjRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiFnFE561DEsHckGYz3gAKlJmtT8z
NhPvVbxtDV7eEx3OQJJg3i56oA5e5O2/M8ehpe7jeXsb5gWLEauuuE8Yf8NE9EPq
9xKBNCr2HpGBAokp2154vaG5MjhW8UV6dxhUpEP3BRjyEoBTRrTi2Kw1lY1GnRNp
GOpcZDV0rhvnNTv8AVBK9q4E25o1u3OSh9WjMFREctjMGWUoeJRQFgrRhQXjVSi9
3WFRrdmD34mB6nIuBreNl2rQHFxVW3gm+IR1klJe2dQ4hso5x4jxxXpDkpMSv2dt
INeSVol9A70AR+kJ9sfo99iZzMSz5ON1o0TzVP1l8PMgiws/0R12nvt6vwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFCuU6Es8ErIFw/8zmFdr9H7ZDfJMMB8GA1UdIwQY
MBaAFLB6uSJWXis+LMY9SFpV3U/EHTV+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc0hxNUlsWmVLejRzeGoxSVdsWGRUOFFkTlg0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS82ZDU5ZDktOWRhZi00ZmNiLThkMDUt
MTNiY2M3NTIxMTlhLzEvSzVUb1N6d1NzZ1hEX3pPWVYydjBmdGtOOGt3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS82ZDU5ZDktOWRhZi00ZmNiLThkMDUtMTNiY2M3NTIxMTlh
LzEvc0hxNUlsWmVLejRzeGoxSVdsWGRUOFFkTlg0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKhL4wQBw
MA0GCSqGSIb3DQEBCwUAA4IBAQCZjHxzfo929qxyMV4tKJpDo4cI2EvyOAmBupM6
WVfAZFmqEXwN83JP1x1O7U3+sHl2ugslqOn4tCAVcIVyXO+wOonaVcDXPs9LD7E4
zb0ib72AhCFhz7uvweknzVflujAfQXN0jaXJpsj2d8SOZX56JMsZo+WMOV914rBJ
dEQdY3v0tYuJdv/bitMfxsR4cOikl5SUoNvnytA7K5fq2ZCIWyTQZ9gjwLwh2PLB
8LvWwChLjaeyhwaT0nYFOrJCh2h4aNB5FuCkRo3SqYeEM93/+HfSUR7rIqx5v8MP
d29Z1QgBHi74gHl7zxMhWLmXz00mcL1ytj6xEynKlrKp5Zp6
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:00:55 2024 by rpki-client on console-ams.rpki-client.org