Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/6d59d9-9daf-4fcb-8d05-13bcc752119a/1/SijEWmVMtzq3Cn-7J3n7EQQ86OE.roa
File: SijEWmVMtzq3Cn-7J3n7EQQ86OE.roa (raw, json)
Hash identifier: l96WpFEMNUxIf0dmfh+Tj68MPwcM0FR4Xf2Peof23HM=
Subject key identifier: 4A:28:C4:5A:65:4C:B7:3A:B7:0A:7F:BB:27:79:FB:11:04:3C:E8:E1
Certificate issuer: /CN=b07ab922565e2b3e2cc63d485a55dd4fc41d357e
Certificate serial: 01857039AF6C2736C94B0031841DA733EB4B
Authority key identifier: B0:7A:B9:22:56:5E:2B:3E:2C:C6:3D:48:5A:55:DD:4F:C4:1D:35:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sHq5IlZeKz4sxj1IWlXdT8QdNX4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/6d59d9-9daf-4fcb-8d05-13bcc752119a/1/SijEWmVMtzq3Cn-7J3n7EQQ86OE.roa
Signing time: Mon 02 Jan 2023 02:05:06 +0000
ROA not before: Mon 02 Jan 2023 02:05:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 201801
IP address blocks: 2a12:f8c1:40::/44 maxlen: 44
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:39:af:6c:27:36:c9:4b:00:31:84:1d:a7:33:eb:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b07ab922565e2b3e2cc63d485a55dd4fc41d357e
Validity
Not Before: Jan 2 02:05:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4a28c45a654cb73ab70a7fbb2779fb11043ce8e1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:a9:45:48:9a:12:84:d6:fe:77:ee:45:cb:e4:
43:dc:d3:93:0e:56:4a:3c:7d:41:03:8b:ee:77:28:
7b:8f:44:13:79:c5:c3:95:f8:26:31:51:ba:23:49:
fe:f2:89:4c:0f:c8:b1:99:15:5f:ca:3b:34:c0:02:
02:91:53:cc:a2:34:09:80:56:93:1c:ca:1b:5c:e7:
47:e1:c1:02:35:8a:89:cd:4b:90:78:ca:c6:49:a2:
d2:9e:19:28:b1:b8:aa:21:9e:1c:c7:ca:d6:2f:23:
ad:47:88:8d:fa:f8:b5:d9:74:30:fc:ef:18:36:f1:
b6:8b:72:4e:6c:fe:f4:8e:d6:e3:10:e9:3f:65:7e:
dd:31:90:4d:7d:19:a2:2c:dc:e3:b6:9d:29:60:c1:
8a:3b:5c:d9:df:4e:c5:fb:6e:23:c1:1d:53:21:94:
fe:a7:66:fe:c6:35:6e:25:3a:0e:b5:61:47:53:a9:
29:98:a9:30:6e:8c:a6:59:65:e1:18:6c:87:f2:2c:
af:b4:16:13:0f:ef:63:6f:20:02:63:e9:ce:55:99:
3b:92:33:04:78:63:3c:d9:37:f3:4b:89:ba:11:18:
eb:62:29:6d:46:1b:0d:21:5f:16:af:6a:3b:3d:6a:
de:88:9b:70:6e:d5:2d:5f:fc:e6:b8:38:e5:93:ce:
6d:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:28:C4:5A:65:4C:B7:3A:B7:0A:7F:BB:27:79:FB:11:04:3C:E8:E1
X509v3 Authority Key Identifier:
keyid:B0:7A:B9:22:56:5E:2B:3E:2C:C6:3D:48:5A:55:DD:4F:C4:1D:35:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sHq5IlZeKz4sxj1IWlXdT8QdNX4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/6d59d9-9daf-4fcb-8d05-13bcc752119a/1/SijEWmVMtzq3Cn-7J3n7EQQ86OE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/6d59d9-9daf-4fcb-8d05-13bcc752119a/1/sHq5IlZeKz4sxj1IWlXdT8QdNX4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:f8c1:40::/44
Signature Algorithm: sha256WithRSAEncryption
bc:14:46:01:ad:8e:83:98:43:73:ec:eb:3d:92:f5:de:fe:e3:
a5:d9:5c:bf:55:c8:64:50:2a:3c:27:b3:c0:86:d4:6a:51:02:
83:35:d5:64:d5:b4:c7:47:ef:81:56:a3:fa:7b:bc:4a:3d:0c:
1e:ad:af:a7:b4:2d:cf:47:34:44:5f:31:9b:18:54:7d:d7:41:
77:d4:95:97:5b:c3:bd:63:18:c2:f6:60:4a:54:cc:59:26:22:
90:7b:02:8a:e7:04:af:d5:89:0a:a4:75:48:c4:a6:bf:ae:43:
0d:46:f8:f5:9f:02:a8:c2:70:bd:15:5e:62:5e:d5:62:33:c7:
fb:9a:cb:5d:62:a7:e7:a3:f1:bc:13:da:ef:e0:bb:9f:43:24:
34:73:78:b6:96:7b:fa:1a:b5:4d:13:8a:4e:a2:ac:fb:5c:7d:
89:af:0a:eb:1b:e9:ad:ea:f7:c2:0e:9d:d3:f6:a5:9e:31:a1:
9c:c6:43:f2:93:c8:6e:f7:77:12:93:d3:7b:42:92:04:24:95:
8a:f4:39:24:3c:8b:ad:05:45:b6:65:c6:57:a0:e1:02:b3:50:
06:a3:5b:5d:cc:9e:e6:82:5e:3d:d6:6b:f6:54:fe:cc:a3:6a:
0b:70:06:4f:c5:b7:97:98:ea:66:8b:c7:66:42:32:5c:50:88:
5c:23:e6:10
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVwOa9sJzbJSwAxhB2nM+tLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIwN2FiOTIyNTY1ZTJiM2UyY2M2M2Q0ODVhNTVkZDRmYzQx
ZDM1N2UwHhcNMjMwMTAyMDIwNTA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YTI4YzQ1YTY1NGNiNzNhYjcwYTdmYmIyNzc5ZmIxMTA0M2NlOGUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgalFSJoShNb+d+5Fy+RD3NOTDlZK
PH1BA4vudyh7j0QTecXDlfgmMVG6I0n+8olMD8ixmRVfyjs0wAICkVPMojQJgFaT
HMobXOdH4cECNYqJzUuQeMrGSaLSnhkosbiqIZ4cx8rWLyOtR4iN+vi12XQw/O8Y
NvG2i3JObP70jtbjEOk/ZX7dMZBNfRmiLNzjtp0pYMGKO1zZ307F+24jwR1TIZT+
p2b+xjVuJToOtWFHU6kpmKkwboymWWXhGGyH8iyvtBYTD+9jbyACY+nOVZk7kjME
eGM82TfzS4m6ERjrYiltRhsNIV8Wr2o7PWreiJtwbtUtX/zmuDjlk85tWwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFEooxFplTLc6twp/uyd5+xEEPOjhMB8GA1UdIwQY
MBaAFLB6uSJWXis+LMY9SFpV3U/EHTV+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc0hxNUlsWmVLejRzeGoxSVdsWGRUOFFkTlg0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS82ZDU5ZDktOWRhZi00ZmNiLThkMDUt
MTNiY2M3NTIxMTlhLzEvU2lqRVdtVk10enEzQ24tN0ozbjdFUVE4Nk9FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS82ZDU5ZDktOWRhZi00ZmNiLThkMDUtMTNiY2M3NTIxMTlh
LzEvc0hxNUlsWmVLejRzeGoxSVdsWGRUOFFkTlg0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKhL4wQBA
MA0GCSqGSIb3DQEBCwUAA4IBAQC8FEYBrY6DmENz7Os9kvXe/uOl2Vy/VchkUCo8
J7PAhtRqUQKDNdVk1bTHR++BVqP6e7xKPQwera+ntC3PRzREXzGbGFR910F31JWX
W8O9YxjC9mBKVMxZJiKQewKK5wSv1YkKpHVIxKa/rkMNRvj1nwKownC9FV5iXtVi
M8f7mstdYqfno/G8E9rv4LufQyQ0c3i2lnv6GrVNE4pOoqz7XH2JrwrrG+mt6vfC
Dp3T9qWeMaGcxkPyk8hu93cSk9N7QpIEJJWK9DkkPIutBUW2ZcZXoOECs1AGo1td
zJ7mgl491mv2VP7Mo2oLcAZPxbeXmOpmi8dmQjJcUIhcI+YQ
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:00:55 2024 by rpki-client on console-ams.rpki-client.org