Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/6d59d9-9daf-4fcb-8d05-13bcc752119a/1/PuvnaJbjMgsg5fKSf7MSJ1Ff7iQ.roa
File: PuvnaJbjMgsg5fKSf7MSJ1Ff7iQ.roa (raw, json)
Hash identifier: cx44/KW77IYHdxzRWwJh4ssVhKo7PdLxKIp4sR0Dhaw=
Subject key identifier: 3E:EB:E7:68:96:E3:32:0B:20:E5:F2:92:7F:B3:12:27:51:5F:EE:24
Certificate issuer: /CN=b07ab922565e2b3e2cc63d485a55dd4fc41d357e
Certificate serial: 018A0E6EEDD888CD6D6BE4900FC71EAD655A
Authority key identifier: B0:7A:B9:22:56:5E:2B:3E:2C:C6:3D:48:5A:55:DD:4F:C4:1D:35:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sHq5IlZeKz4sxj1IWlXdT8QdNX4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/6d59d9-9daf-4fcb-8d05-13bcc752119a/1/PuvnaJbjMgsg5fKSf7MSJ1Ff7iQ.roa
Signing time: Sat 19 Aug 2023 15:34:25 +0000
ROA not before: Sat 19 Aug 2023 15:34:25 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 216447
IP address blocks: 2a12:f8c2:900::/40 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:0e:6e:ed:d8:88:cd:6d:6b:e4:90:0f:c7:1e:ad:65:5a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b07ab922565e2b3e2cc63d485a55dd4fc41d357e
Validity
Not Before: Aug 19 15:34:25 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3eebe76896e3320b20e5f2927fb31227515fee24
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:b6:0d:29:07:4e:2b:0d:af:6d:4e:10:83:12:
03:2c:d8:b8:7b:6d:de:eb:70:b1:b1:00:e2:04:d6:
af:c4:bf:6b:24:90:df:be:69:7f:d8:dc:a4:b3:0b:
5c:ee:2a:2d:fb:d5:7c:68:aa:6d:c8:19:ff:7b:65:
f3:b7:e5:c4:ec:5f:01:89:91:3d:8b:8a:6a:16:8c:
e1:b4:f0:d1:b5:47:9a:b7:b0:7b:11:fa:f7:b5:26:
ee:44:f4:f9:81:22:20:29:a3:23:84:17:df:9e:ba:
58:d9:32:c5:2e:db:72:62:f5:08:96:ed:61:a1:0a:
3d:e5:9b:13:3d:a4:49:6c:b0:31:bd:32:e7:c5:24:
ff:f2:9d:3f:68:88:ef:cd:6e:76:06:b7:79:9f:ff:
08:af:18:a6:88:e7:11:0e:cf:52:c0:40:11:d1:96:
da:d8:35:c9:4e:8d:9a:ec:d6:3e:69:89:c0:ea:21:
6f:55:a7:e7:bd:9b:de:32:1c:32:c0:1e:a2:bc:36:
cc:57:cc:1a:b9:34:e2:8a:58:4a:87:a4:c9:d3:6d:
9e:e5:17:83:d1:4c:5d:02:8f:99:bd:e7:b2:b3:7c:
10:30:3a:0b:36:04:e4:bf:1a:60:97:8d:90:37:83:
96:76:f0:26:d9:a8:51:4f:2e:b6:df:98:a3:19:78:
32:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:EB:E7:68:96:E3:32:0B:20:E5:F2:92:7F:B3:12:27:51:5F:EE:24
X509v3 Authority Key Identifier:
keyid:B0:7A:B9:22:56:5E:2B:3E:2C:C6:3D:48:5A:55:DD:4F:C4:1D:35:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sHq5IlZeKz4sxj1IWlXdT8QdNX4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/6d59d9-9daf-4fcb-8d05-13bcc752119a/1/PuvnaJbjMgsg5fKSf7MSJ1Ff7iQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/6d59d9-9daf-4fcb-8d05-13bcc752119a/1/sHq5IlZeKz4sxj1IWlXdT8QdNX4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:f8c2:900::/40
Signature Algorithm: sha256WithRSAEncryption
89:f6:2d:1f:f6:67:31:14:87:2e:d5:1c:a7:5a:c3:03:55:e1:
75:1e:57:5f:de:69:64:3d:63:08:d9:fa:d2:01:4f:bb:27:33:
0b:af:bc:cc:ef:7f:50:be:a8:45:e8:2f:1b:30:54:c5:93:ee:
be:0f:9c:78:0d:1e:d2:58:69:9d:6f:98:9c:5c:0f:66:93:b5:
b0:8b:6b:10:67:23:85:62:99:11:46:2c:58:8b:93:1f:05:1b:
ed:b5:b5:c4:1a:7c:33:bd:55:ec:aa:aa:ce:d0:b9:57:d8:b4:
2b:e2:6c:bf:d7:54:d7:f1:76:24:1c:60:86:60:51:cc:e5:b1:
23:93:44:77:63:20:d2:af:bf:a1:5a:40:d9:6f:f5:bc:7b:5d:
2a:2f:d8:4b:42:50:f5:2f:43:a1:23:13:0b:16:b5:0a:d2:36:
1d:65:7d:f5:18:ad:6e:4a:a3:86:a4:6d:2c:18:48:e7:11:2a:
f8:cd:c6:0b:87:59:aa:f6:b9:96:40:4c:4b:7f:35:84:fe:a0:
c4:fa:4a:6e:34:2a:fd:03:f1:0b:64:a0:20:db:b8:d1:91:63:
6f:60:be:6e:9b:08:84:48:48:05:48:5b:fb:38:49:8a:19:79:
dc:53:74:0b:21:13:b1:31:83:e9:46:6c:66:d5:97:fe:0d:13:
27:03:24:e2
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYoObu3YiM1ta+SQD8cerWVaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIwN2FiOTIyNTY1ZTJiM2UyY2M2M2Q0ODVhNTVkZDRmYzQx
ZDM1N2UwHhcNMjMwODE5MTUzNDI1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZWViZTc2ODk2ZTMzMjBiMjBlNWYyOTI3ZmIzMTIyNzUxNWZlZTI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoLYNKQdOKw2vbU4QgxIDLNi4e23e
63CxsQDiBNavxL9rJJDfvml/2Nykswtc7iot+9V8aKptyBn/e2Xzt+XE7F8BiZE9
i4pqFozhtPDRtUeat7B7Efr3tSbuRPT5gSIgKaMjhBffnrpY2TLFLttyYvUIlu1h
oQo95ZsTPaRJbLAxvTLnxST/8p0/aIjvzW52Brd5n/8IrximiOcRDs9SwEAR0Zba
2DXJTo2a7NY+aYnA6iFvVafnvZveMhwywB6ivDbMV8wauTTiilhKh6TJ022e5ReD
0UxdAo+Zveeys3wQMDoLNgTkvxpgl42QN4OWdvAm2ahRTy6235ijGXgybQIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFD7r52iW4zILIOXykn+zEidRX+4kMB8GA1UdIwQY
MBaAFLB6uSJWXis+LMY9SFpV3U/EHTV+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc0hxNUlsWmVLejRzeGoxSVdsWGRUOFFkTlg0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS82ZDU5ZDktOWRhZi00ZmNiLThkMDUt
MTNiY2M3NTIxMTlhLzEvUHV2bmFKYmpNZ3NnNWZLU2Y3TVNKMUZmN2lRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS82ZDU5ZDktOWRhZi00ZmNiLThkMDUtMTNiY2M3NTIxMTlh
LzEvc0hxNUlsWmVLejRzeGoxSVdsWGRUOFFkTlg0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYAKhL4wgkw
DQYJKoZIhvcNAQELBQADggEBAIn2LR/2ZzEUhy7VHKdawwNV4XUeV1/eaWQ9YwjZ
+tIBT7snMwuvvMzvf1C+qEXoLxswVMWT7r4PnHgNHtJYaZ1vmJxcD2aTtbCLaxBn
I4VimRFGLFiLkx8FG+21tcQafDO9Veyqqs7QuVfYtCvibL/XVNfxdiQcYIZgUczl
sSOTRHdjINKvv6FaQNlv9bx7XSov2EtCUPUvQ6EjEwsWtQrSNh1lffUYrW5Ko4ak
bSwYSOcRKvjNxguHWar2uZZATEt/NYT+oMT6Sm40Kv0D8QtkoCDbuNGRY29gvm6b
CIRISAVIW/s4SYoZedxTdAshE7Exg+lGbGbVl/4NEycDJOI=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:00:55 2024 by rpki-client on console-ams.rpki-client.org