Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/6d59d9-9daf-4fcb-8d05-13bcc752119a/1/TtVYJ1CMDtAVq97q7HgF65LU3go.roa
File: TtVYJ1CMDtAVq97q7HgF65LU3go.roa (raw, json)
Hash identifier: SK/1GeI5hhZf3ZBJazYlf+Vh0geZDNKodq1aCXBCnCo=
Subject key identifier: 4E:D5:58:27:50:8C:0E:D0:15:AB:DE:EA:EC:78:05:EB:92:D4:DE:0A
Certificate issuer: /CN=b07ab922565e2b3e2cc63d485a55dd4fc41d357e
Certificate serial: 01857039AB2BB128CD5BCAC758A5C7CB7A4E
Authority key identifier: B0:7A:B9:22:56:5E:2B:3E:2C:C6:3D:48:5A:55:DD:4F:C4:1D:35:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sHq5IlZeKz4sxj1IWlXdT8QdNX4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/6d59d9-9daf-4fcb-8d05-13bcc752119a/1/TtVYJ1CMDtAVq97q7HgF65LU3go.roa
Signing time: Mon 02 Jan 2023 02:05:05 +0000
ROA not before: Mon 02 Jan 2023 02:05:05 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 51847
IP address blocks: 2a12:f8c1:50::/44 maxlen: 44
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:39:ab:2b:b1:28:cd:5b:ca:c7:58:a5:c7:cb:7a:4e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b07ab922565e2b3e2cc63d485a55dd4fc41d357e
Validity
Not Before: Jan 2 02:05:05 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4ed55827508c0ed015abdeeaec7805eb92d4de0a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:4b:11:45:45:40:e7:49:fd:c8:a4:3b:37:4f:
86:7b:61:ae:1e:e9:cd:cf:30:a1:1f:5f:b0:40:24:
1b:38:32:0f:4b:29:59:c7:73:63:1b:be:95:b3:05:
8d:0b:81:89:ca:85:2c:be:24:e7:2d:da:21:ec:e2:
0b:63:46:fc:b0:21:17:f8:03:b4:44:81:d1:3c:42:
26:d2:b5:19:18:d7:07:c7:30:0c:ef:7f:6d:2e:fc:
1d:ea:b4:8f:7b:df:92:c0:48:a3:20:61:1a:2d:32:
e3:2c:b3:34:a5:3f:b3:a8:62:64:1c:fe:fd:a8:33:
50:76:e1:9a:40:28:b5:dc:bd:bf:3e:5b:35:59:9a:
ca:d2:c9:ac:40:5c:43:43:40:a1:48:6e:e5:dc:04:
9c:2d:34:a5:ff:8b:76:e2:c1:e1:ed:55:11:07:73:
0e:66:1b:ad:10:9a:97:dc:82:81:5d:d4:34:08:c7:
4c:0b:55:5b:7a:c4:18:04:d3:16:a0:5e:84:72:b0:
bf:a1:44:7b:73:32:ca:18:ce:e2:0b:01:a2:ba:f2:
61:1e:e0:a7:39:b4:bc:2c:53:48:f7:fd:cf:7f:c0:
07:1a:f0:98:76:cf:07:63:37:da:20:21:71:1e:e8:
50:15:f8:e2:a9:a4:d1:a6:3a:ff:31:38:5c:73:96:
97:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:D5:58:27:50:8C:0E:D0:15:AB:DE:EA:EC:78:05:EB:92:D4:DE:0A
X509v3 Authority Key Identifier:
keyid:B0:7A:B9:22:56:5E:2B:3E:2C:C6:3D:48:5A:55:DD:4F:C4:1D:35:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sHq5IlZeKz4sxj1IWlXdT8QdNX4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/6d59d9-9daf-4fcb-8d05-13bcc752119a/1/TtVYJ1CMDtAVq97q7HgF65LU3go.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/6d59d9-9daf-4fcb-8d05-13bcc752119a/1/sHq5IlZeKz4sxj1IWlXdT8QdNX4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:f8c1:50::/44
Signature Algorithm: sha256WithRSAEncryption
18:db:76:ae:a2:e2:22:9b:83:93:26:ac:42:1d:a1:bf:75:b4:
cc:36:db:59:a5:b7:12:48:67:05:b0:38:ba:b3:9e:82:5c:f6:
1a:49:b4:1f:e9:95:92:99:8c:cc:a8:8e:18:fa:f2:79:f0:4d:
b9:be:0e:4f:46:80:fb:82:80:94:3f:45:c0:6c:bb:a7:e8:81:
81:f1:ed:c3:f2:19:98:9c:0f:74:c9:e8:e5:4b:ff:a8:8e:b7:
35:50:d5:15:f6:f3:2e:4b:7b:89:cd:a4:09:3d:0d:72:be:e2:
f9:75:9e:96:32:d2:17:07:01:d8:20:b7:e7:3d:d1:19:51:d2:
b1:ff:4d:17:3d:83:0c:4c:24:40:86:df:7e:fd:e7:31:a7:1c:
31:9f:8f:85:72:9b:e3:8f:d6:18:71:26:86:37:1c:20:cb:e8:
a7:85:71:78:a2:83:59:c8:4d:dc:32:2a:cf:9b:be:e5:c4:57:
8d:e6:20:b4:54:c8:98:79:b0:02:07:d9:c5:6c:67:ec:03:0d:
ca:42:a5:67:09:ae:82:5b:ab:59:59:b0:3e:f9:b6:f3:79:2c:
d7:7e:c3:d2:9a:e9:22:df:93:f2:20:36:12:4d:83:18:1c:59:
16:25:12:41:f2:eb:00:66:5c:21:66:e9:1a:11:fd:e8:d2:0f:
ff:9d:77:6c
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVwOasrsSjNW8rHWKXHy3pOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIwN2FiOTIyNTY1ZTJiM2UyY2M2M2Q0ODVhNTVkZDRmYzQx
ZDM1N2UwHhcNMjMwMTAyMDIwNTA1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZWQ1NTgyNzUwOGMwZWQwMTVhYmRlZWFlYzc4MDVlYjkyZDRkZTBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsUsRRUVA50n9yKQ7N0+Ge2GuHunN
zzChH1+wQCQbODIPSylZx3NjG76VswWNC4GJyoUsviTnLdoh7OILY0b8sCEX+AO0
RIHRPEIm0rUZGNcHxzAM739tLvwd6rSPe9+SwEijIGEaLTLjLLM0pT+zqGJkHP79
qDNQduGaQCi13L2/Pls1WZrK0smsQFxDQ0ChSG7l3AScLTSl/4t24sHh7VURB3MO
ZhutEJqX3IKBXdQ0CMdMC1VbesQYBNMWoF6EcrC/oUR7czLKGM7iCwGiuvJhHuCn
ObS8LFNI9/3Pf8AHGvCYds8HYzfaICFxHuhQFfjiqaTRpjr/MThcc5aXYwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFE7VWCdQjA7QFave6ux4BeuS1N4KMB8GA1UdIwQY
MBaAFLB6uSJWXis+LMY9SFpV3U/EHTV+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc0hxNUlsWmVLejRzeGoxSVdsWGRUOFFkTlg0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS82ZDU5ZDktOWRhZi00ZmNiLThkMDUt
MTNiY2M3NTIxMTlhLzEvVHRWWUoxQ01EdEFWcTk3cTdIZ0Y2NUxVM2dvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS82ZDU5ZDktOWRhZi00ZmNiLThkMDUtMTNiY2M3NTIxMTlh
LzEvc0hxNUlsWmVLejRzeGoxSVdsWGRUOFFkTlg0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKhL4wQBQ
MA0GCSqGSIb3DQEBCwUAA4IBAQAY23auouIim4OTJqxCHaG/dbTMNttZpbcSSGcF
sDi6s56CXPYaSbQf6ZWSmYzMqI4Y+vJ58E25vg5PRoD7goCUP0XAbLun6IGB8e3D
8hmYnA90yejlS/+ojrc1UNUV9vMuS3uJzaQJPQ1yvuL5dZ6WMtIXBwHYILfnPdEZ
UdKx/00XPYMMTCRAht9+/ecxpxwxn4+Fcpvjj9YYcSaGNxwgy+inhXF4ooNZyE3c
MirPm77lxFeN5iC0VMiYebACB9nFbGfsAw3KQqVnCa6CW6tZWbA++bbzeSzXfsPS
muki35PyIDYSTYMYHFkWJRJB8usAZlwhZukaEf3o0g//nXds
-----END CERTIFICATE-----
Generated at Thu Mar 13 20:45:20 2025 by rpki-client