Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/6d59d9-9daf-4fcb-8d05-13bcc752119a/1/TkxVFAqznTnYNLH_Qmri78csshY.roa
File: TkxVFAqznTnYNLH_Qmri78csshY.roa (raw, json)
Hash identifier: tbPZvrB4OTbNymqnouzrR5bkpoBMsPuMgcdRxyt2ghU=
Subject key identifier: 4E:4C:55:14:0A:B3:9D:39:D8:34:B1:FF:42:6A:E2:EF:C7:2C:B2:16
Certificate issuer: /CN=b07ab922565e2b3e2cc63d485a55dd4fc41d357e
Certificate serial: 0186514C7DBD515EAB655061BFE42EEC8E72
Authority key identifier: B0:7A:B9:22:56:5E:2B:3E:2C:C6:3D:48:5A:55:DD:4F:C4:1D:35:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sHq5IlZeKz4sxj1IWlXdT8QdNX4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/6d59d9-9daf-4fcb-8d05-13bcc752119a/1/TkxVFAqznTnYNLH_Qmri78csshY.roa
Signing time: Tue 14 Feb 2023 19:00:12 +0000
ROA not before: Tue 14 Feb 2023 19:00:12 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 51847
IP address blocks: 2a12:f8c1:50::/44 maxlen: 44
2a12:f8c1:60::/44 maxlen: 44
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:51:4c:7d:bd:51:5e:ab:65:50:61:bf:e4:2e:ec:8e:72
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b07ab922565e2b3e2cc63d485a55dd4fc41d357e
Validity
Not Before: Feb 14 19:00:12 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4e4c55140ab39d39d834b1ff426ae2efc72cb216
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:e2:c0:5d:05:77:5a:d1:bf:ec:d2:8a:c6:d2:
c1:d3:7b:e7:49:73:f0:be:16:77:dd:bc:c7:0e:37:
8f:41:82:41:dc:55:83:a5:77:eb:ac:20:e0:f5:0c:
9d:77:14:9f:7c:2b:e9:cf:c7:5c:01:32:3e:44:8e:
85:f9:49:e6:0d:99:e6:55:c9:0c:8f:20:b7:9f:da:
04:00:40:43:33:dd:96:79:83:f3:d9:a3:ac:ce:8b:
06:45:79:6e:3c:57:db:b4:1d:c5:b7:c1:16:a5:02:
a9:c5:4f:70:e0:98:08:ae:f7:14:dd:0d:57:e7:66:
77:d8:ac:34:70:d0:70:da:5b:d7:2b:97:5d:48:e5:
83:e0:77:f5:69:25:e6:c6:88:ab:1f:9b:ed:9c:48:
60:b8:50:38:c2:51:4c:84:35:fb:4e:b7:3c:f9:7f:
fa:b2:6a:a8:d7:ac:da:66:52:79:d0:89:63:af:31:
09:46:d3:eb:e9:5f:7f:ac:b3:25:ba:cf:26:6d:55:
41:5a:3e:e5:07:25:1d:68:fa:85:00:72:60:94:61:
97:4c:e5:25:5e:60:51:ea:64:6a:44:9e:5b:4a:53:
55:16:27:98:aa:a5:71:30:93:cc:47:50:03:fc:ab:
1f:91:27:74:f1:a9:7e:82:da:6a:4c:bc:d6:1a:91:
b5:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:4C:55:14:0A:B3:9D:39:D8:34:B1:FF:42:6A:E2:EF:C7:2C:B2:16
X509v3 Authority Key Identifier:
keyid:B0:7A:B9:22:56:5E:2B:3E:2C:C6:3D:48:5A:55:DD:4F:C4:1D:35:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sHq5IlZeKz4sxj1IWlXdT8QdNX4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/6d59d9-9daf-4fcb-8d05-13bcc752119a/1/TkxVFAqznTnYNLH_Qmri78csshY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/6d59d9-9daf-4fcb-8d05-13bcc752119a/1/sHq5IlZeKz4sxj1IWlXdT8QdNX4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:f8c1:50::-2a12:f8c1:6f:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
43:35:3f:24:bf:a2:90:17:45:2b:72:a8:ef:16:62:fd:75:ad:
24:53:5f:ca:9a:7f:3f:60:70:a5:84:01:3a:37:da:bc:13:82:
42:fd:97:19:04:22:fe:77:32:27:c1:d9:dc:c0:46:6e:d5:0b:
05:c1:1e:1e:14:d5:3a:12:b1:85:67:ce:92:c3:79:17:1f:33:
33:09:9e:43:4c:5c:10:c3:1d:20:e5:1d:7d:d4:96:85:ae:a5:
d6:32:3a:81:5b:cf:48:0e:d3:4b:95:08:4e:c6:0a:f4:7f:3c:
e4:38:ea:dc:e9:75:d4:f5:dd:46:7a:5d:e8:f6:aa:10:3b:05:
ae:87:aa:ca:0f:8a:6e:7a:3f:47:db:c2:bb:6e:25:82:92:72:
fa:28:0e:18:fa:17:bc:78:60:d9:e7:ef:bb:bb:eb:73:26:e8:
e7:4c:c7:d2:7d:26:0c:af:a0:31:62:ab:36:e0:a7:fc:ba:8d:
5d:98:1d:fc:94:04:2c:f4:3f:ed:18:5a:bc:c7:08:ca:5d:46:
7b:c4:25:aa:52:ac:51:f7:de:36:aa:ef:78:d9:c3:f3:40:88:
f1:5b:c3:6c:56:39:e7:49:41:d3:ba:ac:af:ed:c1:87:4b:61:
6d:a3:a6:7f:e3:4b:44:8f:c2:e4:17:78:c0:21:12:29:19:f3:
3d:67:51:6c
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYZRTH29UV6rZVBhv+Qu7I5yMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIwN2FiOTIyNTY1ZTJiM2UyY2M2M2Q0ODVhNTVkZDRmYzQx
ZDM1N2UwHhcNMjMwMjE0MTkwMDEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZTRjNTUxNDBhYjM5ZDM5ZDgzNGIxZmY0MjZhZTJlZmM3MmNiMjE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxOLAXQV3WtG/7NKKxtLB03vnSXPw
vhZ33bzHDjePQYJB3FWDpXfrrCDg9QyddxSffCvpz8dcATI+RI6F+UnmDZnmVckM
jyC3n9oEAEBDM92WeYPz2aOszosGRXluPFfbtB3Ft8EWpQKpxU9w4JgIrvcU3Q1X
52Z32Kw0cNBw2lvXK5ddSOWD4Hf1aSXmxoirH5vtnEhguFA4wlFMhDX7Trc8+X/6
smqo16zaZlJ50IljrzEJRtPr6V9/rLMlus8mbVVBWj7lByUdaPqFAHJglGGXTOUl
XmBR6mRqRJ5bSlNVFieYqqVxMJPMR1AD/KsfkSd08al+gtpqTLzWGpG1twIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFE5MVRQKs5052DSx/0Jq4u/HLLIWMB8GA1UdIwQY
MBaAFLB6uSJWXis+LMY9SFpV3U/EHTV+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc0hxNUlsWmVLejRzeGoxSVdsWGRUOFFkTlg0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS82ZDU5ZDktOWRhZi00ZmNiLThkMDUt
MTNiY2M3NTIxMTlhLzEvVGt4VkZBcXpuVG5ZTkxIX1Ftcmk3OGNzc2hZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS82ZDU5ZDktOWRhZi00ZmNiLThkMDUtMTNiY2M3NTIxMTlh
LzEvc0hxNUlsWmVLejRzeGoxSVdsWGRUOFFkTlg0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAAjAUMBIDBwQqEvjB
AFADBwQqEvjBAGAwDQYJKoZIhvcNAQELBQADggEBAEM1PyS/opAXRStyqO8WYv11
rSRTX8qafz9gcKWEATo32rwTgkL9lxkEIv53MifB2dzARm7VCwXBHh4U1ToSsYVn
zpLDeRcfMzMJnkNMXBDDHSDlHX3UloWupdYyOoFbz0gO00uVCE7GCvR/POQ46tzp
ddT13UZ6Xej2qhA7Ba6HqsoPim56P0fbwrtuJYKScvooDhj6F7x4YNnn77u763Mm
6OdMx9J9JgyvoDFiqzbgp/y6jV2YHfyUBCz0P+0YWrzHCMpdRnvEJapSrFH33jaq
73jZw/NAiPFbw2xWOedJQdO6rK/twYdLYW2jpn/jS0SPwuQXeMAhEikZ8z1nUWw=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:00:55 2024 by rpki-client on console-ams.rpki-client.org