Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/6d59d9-9daf-4fcb-8d05-13bcc752119a/1/UMqspn_HYvf1d3t4ltXDO7vT19Y.roa
File: UMqspn_HYvf1d3t4ltXDO7vT19Y.roa (raw, json)
Hash identifier: s1AOPzMVAWTLMMVScgDfDDL4IPT5mrKBMCYsAFT7GRU=
Subject key identifier: 50:CA:AC:A6:7F:C7:62:F7:F5:77:7B:78:96:D5:C3:3B:BB:D3:D7:D6
Certificate issuer: /CN=b07ab922565e2b3e2cc63d485a55dd4fc41d357e
Certificate serial: 018FADA59BDC94C37DEDD5998C24A5296964
Authority key identifier: B0:7A:B9:22:56:5E:2B:3E:2C:C6:3D:48:5A:55:DD:4F:C4:1D:35:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sHq5IlZeKz4sxj1IWlXdT8QdNX4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/6d59d9-9daf-4fcb-8d05-13bcc752119a/1/UMqspn_HYvf1d3t4ltXDO7vT19Y.roa
Signing time: Sat 25 May 2024 02:47:42 +0000
ROA not before: Sat 25 May 2024 02:47:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 9743
IP address blocks: 2a12:f8c0::/32 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:ad:a5:9b:dc:94:c3:7d:ed:d5:99:8c:24:a5:29:69:64
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b07ab922565e2b3e2cc63d485a55dd4fc41d357e
Validity
Not Before: May 25 02:47:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=50caaca67fc762f7f5777b7896d5c33bbbd3d7d6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:c2:c3:8c:1b:d8:62:bd:1f:20:b5:04:96:d6:
44:3d:8a:e1:4c:c1:3e:11:09:ed:84:be:45:43:f3:
3d:a1:1d:42:4e:41:2d:d6:8f:dd:4d:87:ca:f7:4c:
ce:41:4d:a3:98:6a:9a:79:14:74:fb:d9:c2:f8:8c:
d7:66:2f:92:27:45:96:70:de:95:d3:94:62:d9:8a:
6a:bd:02:c5:52:d7:4c:55:37:4b:1b:01:77:fd:4c:
55:f2:9e:42:fd:a4:64:a5:6e:e8:d5:0d:d5:7e:70:
86:ba:15:96:0a:c3:cf:c0:b0:4c:d6:84:ff:41:94:
40:a2:f5:27:3b:64:60:b0:fc:dd:ca:e8:33:53:77:
cd:9e:7d:d5:47:94:2c:94:30:51:d0:02:52:7d:39:
b5:05:11:24:22:95:5e:29:78:bf:c9:31:f9:7b:c2:
1d:b9:3a:27:0c:8f:59:81:88:d7:6b:78:67:2e:99:
7a:17:f5:cb:cf:47:13:8e:bb:60:e3:87:ad:89:33:
3a:55:a0:35:ac:f2:18:dc:15:a2:ca:f4:0d:ff:99:
37:2c:dc:2f:35:76:12:f0:b4:97:69:d6:64:4e:8c:
93:ae:fb:a8:3b:2b:a5:a4:9d:f3:60:f3:c4:3a:a0:
d6:dd:2c:9f:ae:f3:61:24:f8:9a:1f:88:de:f5:14:
3c:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:CA:AC:A6:7F:C7:62:F7:F5:77:7B:78:96:D5:C3:3B:BB:D3:D7:D6
X509v3 Authority Key Identifier:
keyid:B0:7A:B9:22:56:5E:2B:3E:2C:C6:3D:48:5A:55:DD:4F:C4:1D:35:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sHq5IlZeKz4sxj1IWlXdT8QdNX4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/6d59d9-9daf-4fcb-8d05-13bcc752119a/1/UMqspn_HYvf1d3t4ltXDO7vT19Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/6d59d9-9daf-4fcb-8d05-13bcc752119a/1/sHq5IlZeKz4sxj1IWlXdT8QdNX4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:f8c0::/32
Signature Algorithm: sha256WithRSAEncryption
43:b6:cd:cb:4b:20:0d:12:52:6d:c6:cd:f8:bb:88:88:63:06:
03:32:2b:62:7e:d1:1f:8f:5c:23:96:8e:55:63:4c:6c:ae:0d:
46:d5:7a:3a:41:98:26:62:8f:ec:22:23:4a:19:03:04:4f:c2:
0a:89:df:34:1f:c0:fd:1e:00:a2:31:45:40:17:56:f3:d9:23:
5e:d6:e9:ad:31:ed:6e:37:f0:2e:0c:58:7c:b2:63:7d:cf:f0:
49:c6:0b:a2:a0:4c:70:e5:ee:46:ee:a5:28:c0:cf:d1:92:5d:
60:37:01:41:03:cc:07:36:9b:d4:38:b5:11:24:7d:74:d3:99:
72:72:cd:70:a9:2c:8c:07:9d:bd:f2:7b:94:15:ec:1f:0c:d5:
e8:57:6d:82:a6:4d:10:c3:5a:38:3d:4c:31:9f:5d:06:96:f1:
47:3b:eb:73:85:e4:c3:15:66:a8:7f:35:02:0a:19:13:b7:d2:
2a:3a:da:11:91:89:13:50:c0:d9:bc:34:20:ab:f2:ab:a3:1a:
48:58:76:6c:c3:2e:a0:27:ef:ef:e1:38:a1:85:67:cf:d1:4d:
0f:9c:32:1e:c4:ab:5b:2f:0d:cd:ae:11:ab:d4:ca:d3:c8:f3:
a9:3b:b9:35:e1:15:22:14:9e:bc:65:06:52:99:ad:7a:2e:1d:
2a:54:55:6b
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAY+tpZvclMN97dWZjCSlKWlkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIwN2FiOTIyNTY1ZTJiM2UyY2M2M2Q0ODVhNTVkZDRmYzQx
ZDM1N2UwHhcNMjQwNTI1MDI0NzQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MGNhYWNhNjdmYzc2MmY3ZjU3NzdiNzg5NmQ1YzMzYmJiZDNkN2Q2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxcLDjBvYYr0fILUEltZEPYrhTME+
EQnthL5FQ/M9oR1CTkEt1o/dTYfK90zOQU2jmGqaeRR0+9nC+IzXZi+SJ0WWcN6V
05Ri2YpqvQLFUtdMVTdLGwF3/UxV8p5C/aRkpW7o1Q3VfnCGuhWWCsPPwLBM1oT/
QZRAovUnO2RgsPzdyugzU3fNnn3VR5QslDBR0AJSfTm1BREkIpVeKXi/yTH5e8Id
uTonDI9ZgYjXa3hnLpl6F/XLz0cTjrtg44etiTM6VaA1rPIY3BWiyvQN/5k3LNwv
NXYS8LSXadZkToyTrvuoOyulpJ3zYPPEOqDW3SyfrvNhJPiaH4je9RQ8zwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFFDKrKZ/x2L39Xd7eJbVwzu709fWMB8GA1UdIwQY
MBaAFLB6uSJWXis+LMY9SFpV3U/EHTV+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc0hxNUlsWmVLejRzeGoxSVdsWGRUOFFkTlg0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS82ZDU5ZDktOWRhZi00ZmNiLThkMDUt
MTNiY2M3NTIxMTlhLzEvVU1xc3BuX0hZdmYxZDN0NGx0WERPN3ZUMTlZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS82ZDU5ZDktOWRhZi00ZmNiLThkMDUtMTNiY2M3NTIxMTlh
LzEvc0hxNUlsWmVLejRzeGoxSVdsWGRUOFFkTlg0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKhL4wDAN
BgkqhkiG9w0BAQsFAAOCAQEAQ7bNy0sgDRJSbcbN+LuIiGMGAzIrYn7RH49cI5aO
VWNMbK4NRtV6OkGYJmKP7CIjShkDBE/CConfNB/A/R4AojFFQBdW89kjXtbprTHt
bjfwLgxYfLJjfc/wScYLoqBMcOXuRu6lKMDP0ZJdYDcBQQPMBzab1Di1ESR9dNOZ
cnLNcKksjAedvfJ7lBXsHwzV6FdtgqZNEMNaOD1MMZ9dBpbxRzvrc4XkwxVmqH81
AgoZE7fSKjraEZGJE1DA2bw0IKvyq6MaSFh2bMMuoCfv7+E4oYVnz9FND5wyHsSr
Wy8Nza4Rq9TK08jzqTu5NeEVIhSevGUGUpmtei4dKlRVaw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:00:55 2024 by rpki-client on console-ams.rpki-client.org