Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/6d59d9-9daf-4fcb-8d05-13bcc752119a/1/OiZl_Sd1a720VItdimc04afqbQk.roa
File: OiZl_Sd1a720VItdimc04afqbQk.roa (raw, json)
Hash identifier: avfjV8cIG4Ywi/FEwOkDdmSYXdq6djssb8XPjDetCHY=
Subject key identifier: 3A:26:65:FD:27:75:6B:BD:B4:54:8B:5D:8A:67:34:E1:A7:EA:6D:09
Certificate issuer: /CN=b07ab922565e2b3e2cc63d485a55dd4fc41d357e
Certificate serial: 01878D36F447CBF5330BAA2AF18442D1E9DA
Authority key identifier: B0:7A:B9:22:56:5E:2B:3E:2C:C6:3D:48:5A:55:DD:4F:C4:1D:35:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sHq5IlZeKz4sxj1IWlXdT8QdNX4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/6d59d9-9daf-4fcb-8d05-13bcc752119a/1/OiZl_Sd1a720VItdimc04afqbQk.roa
Signing time: Mon 17 Apr 2023 03:16:41 +0000
ROA not before: Mon 17 Apr 2023 03:16:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 63796
IP address blocks: 2a12:f8c1:2::/48 maxlen: 48
2a12:f8c1:3::/48 maxlen: 48
2a12:f8c1:1::/48 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:8d:36:f4:47:cb:f5:33:0b:aa:2a:f1:84:42:d1:e9:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b07ab922565e2b3e2cc63d485a55dd4fc41d357e
Validity
Not Before: Apr 17 03:16:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3a2665fd27756bbdb4548b5d8a6734e1a7ea6d09
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:73:30:87:64:dc:5e:9b:18:cf:67:7b:00:b4:
3a:41:62:e7:8c:f4:cf:9f:87:71:d6:a0:b7:c8:95:
1c:4b:fa:d1:b1:84:d1:6f:90:b1:86:86:c5:eb:ce:
33:8c:a1:e5:fc:95:70:b3:6d:f2:92:58:e3:ee:cd:
0f:77:48:30:e9:48:d5:80:4f:1e:19:3f:41:4f:71:
6a:af:4e:1b:17:f9:a3:e4:30:04:e5:ea:82:7a:14:
ca:34:5d:88:ea:25:fc:8c:85:fc:ca:be:58:c6:c4:
32:88:42:76:90:21:ac:bc:e7:51:e7:72:73:3e:d4:
4d:9b:fa:cd:7f:46:f5:3d:67:31:35:d0:b5:3b:c8:
f0:1b:c0:47:c0:b4:08:d1:a3:97:d1:d4:72:86:80:
0c:68:6f:d3:51:7e:40:bf:9b:b0:92:aa:f0:0b:7d:
6d:32:6d:dd:9e:55:8a:36:cf:e0:da:af:c9:79:2a:
2e:f8:fa:3e:f6:cd:d7:f9:ea:1a:99:f7:b9:91:62:
c6:68:5e:e0:4e:77:ab:db:1d:7f:80:9a:2a:1c:38:
c5:f9:4a:90:07:63:9a:5b:6b:43:cc:86:5b:b7:34:
99:4d:10:49:94:eb:da:dc:e2:b6:01:6c:9c:bf:97:
67:22:43:9e:c5:12:31:31:8a:ef:10:02:04:58:d4:
67:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:26:65:FD:27:75:6B:BD:B4:54:8B:5D:8A:67:34:E1:A7:EA:6D:09
X509v3 Authority Key Identifier:
keyid:B0:7A:B9:22:56:5E:2B:3E:2C:C6:3D:48:5A:55:DD:4F:C4:1D:35:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sHq5IlZeKz4sxj1IWlXdT8QdNX4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/6d59d9-9daf-4fcb-8d05-13bcc752119a/1/OiZl_Sd1a720VItdimc04afqbQk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/6d59d9-9daf-4fcb-8d05-13bcc752119a/1/sHq5IlZeKz4sxj1IWlXdT8QdNX4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:f8c1:1::-2a12:f8c1:3:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
94:0c:bc:29:18:f0:05:92:02:f9:36:42:31:b6:37:39:89:27:
a9:40:00:cc:47:58:69:df:29:c8:17:a7:1f:8c:49:3c:14:a2:
a2:b3:e1:ea:12:e0:30:77:85:2d:ba:29:55:31:0f:25:81:35:
e6:b6:46:3f:43:30:61:77:1d:6e:d1:f9:80:42:39:8c:5f:95:
47:62:65:be:9d:2e:0e:96:11:1e:d9:cc:32:e0:ba:8c:e8:b6:
8b:f5:d8:17:6b:cb:0c:1b:34:a8:8d:8d:04:75:0e:02:1f:4d:
ab:30:e7:c7:a6:63:ee:31:7a:48:43:96:80:f1:95:b3:02:a6:
d8:13:19:fe:de:0c:cc:d5:86:ee:4b:d9:90:68:70:8c:e1:28:
36:98:ee:1b:26:73:dd:b4:7c:f3:e6:8c:89:c4:c2:f8:df:82:
9f:9c:5d:5d:47:de:fd:d4:ae:cc:d9:4a:b6:7c:68:1b:a9:da:
9d:b7:7f:0a:63:cd:d5:ac:dc:31:c3:ce:c4:d6:ca:fa:7d:00:
42:b1:d1:df:c9:03:ba:a0:08:f9:ff:4b:26:a6:e5:fe:88:57:
80:0f:bb:bc:f8:c9:4a:a2:65:ae:53:e9:b7:53:d0:0d:5e:e9:
99:86:e2:78:e4:b7:72:0a:74:ef:10:0b:30:37:0f:a0:21:eb:
68:a2:5f:84
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYeNNvRHy/UzC6oq8YRC0enaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIwN2FiOTIyNTY1ZTJiM2UyY2M2M2Q0ODVhNTVkZDRmYzQx
ZDM1N2UwHhcNMjMwNDE3MDMxNjQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYTI2NjVmZDI3NzU2YmJkYjQ1NDhiNWQ4YTY3MzRlMWE3ZWE2ZDA5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh3Mwh2TcXpsYz2d7ALQ6QWLnjPTP
n4dx1qC3yJUcS/rRsYTRb5CxhobF684zjKHl/JVws23ykljj7s0Pd0gw6UjVgE8e
GT9BT3Fqr04bF/mj5DAE5eqCehTKNF2I6iX8jIX8yr5YxsQyiEJ2kCGsvOdR53Jz
PtRNm/rNf0b1PWcxNdC1O8jwG8BHwLQI0aOX0dRyhoAMaG/TUX5Av5uwkqrwC31t
Mm3dnlWKNs/g2q/JeSou+Po+9s3X+eoamfe5kWLGaF7gTner2x1/gJoqHDjF+UqQ
B2OaW2tDzIZbtzSZTRBJlOva3OK2AWycv5dnIkOexRIxMYrvEAIEWNRnBQIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFDomZf0ndWu9tFSLXYpnNOGn6m0JMB8GA1UdIwQY
MBaAFLB6uSJWXis+LMY9SFpV3U/EHTV+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc0hxNUlsWmVLejRzeGoxSVdsWGRUOFFkTlg0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS82ZDU5ZDktOWRhZi00ZmNiLThkMDUt
MTNiY2M3NTIxMTlhLzEvT2labF9TZDFhNzIwVkl0ZGltYzA0YWZxYlFrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS82ZDU5ZDktOWRhZi00ZmNiLThkMDUtMTNiY2M3NTIxMTlh
LzEvc0hxNUlsWmVLejRzeGoxSVdsWGRUOFFkTlg0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAAjAUMBIDBwAqEvjB
AAEDBwIqEvjBAAAwDQYJKoZIhvcNAQELBQADggEBAJQMvCkY8AWSAvk2QjG2NzmJ
J6lAAMxHWGnfKcgXpx+MSTwUoqKz4eoS4DB3hS26KVUxDyWBNea2Rj9DMGF3HW7R
+YBCOYxflUdiZb6dLg6WER7ZzDLguozotov12BdrywwbNKiNjQR1DgIfTasw58em
Y+4xekhDloDxlbMCptgTGf7eDMzVhu5L2ZBocIzhKDaY7hsmc920fPPmjInEwvjf
gp+cXV1H3v3UrszZSrZ8aBup2p23fwpjzdWs3DHDzsTWyvp9AEKx0d/JA7qgCPn/
Syam5f6IV4APu7z4yUqiZa5T6bdT0A1e6ZmG4njkt3IKdO8QCzA3D6Ah62iiX4Q=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:00:55 2024 by rpki-client on console-ams.rpki-client.org