Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/6d59d9-9daf-4fcb-8d05-13bcc752119a/1/Wgjmv9KluzHa5i_awU6ZYBKXpLo.roa
File: Wgjmv9KluzHa5i_awU6ZYBKXpLo.roa (raw, json)
Hash identifier: NtkYTuuy+26ppTfGy1E6aBGmvmgEMqyVebb+6swCXog=
Subject key identifier: 5A:08:E6:BF:D2:A5:BB:31:DA:E6:2F:DA:C1:4E:99:60:12:97:A4:BA
Certificate issuer: /CN=b07ab922565e2b3e2cc63d485a55dd4fc41d357e
Certificate serial: 018A2765D8126E6D5AF3CDE9239D0EC88281
Authority key identifier: B0:7A:B9:22:56:5E:2B:3E:2C:C6:3D:48:5A:55:DD:4F:C4:1D:35:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sHq5IlZeKz4sxj1IWlXdT8QdNX4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/6d59d9-9daf-4fcb-8d05-13bcc752119a/1/Wgjmv9KluzHa5i_awU6ZYBKXpLo.roa
Signing time: Thu 24 Aug 2023 11:55:00 +0000
ROA not before: Thu 24 Aug 2023 11:55:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 216414
IP address blocks: 2a12:f8c2:1000::/40 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:27:65:d8:12:6e:6d:5a:f3:cd:e9:23:9d:0e:c8:82:81
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b07ab922565e2b3e2cc63d485a55dd4fc41d357e
Validity
Not Before: Aug 24 11:55:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5a08e6bfd2a5bb31dae62fdac14e99601297a4ba
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:63:06:54:46:45:1b:4c:0e:5c:e9:29:21:70:
ad:14:4f:30:63:c0:96:75:3f:bf:62:be:e9:ab:26:
d2:a6:f2:a6:3a:4e:96:d4:3f:bc:76:21:f5:72:f4:
05:81:78:a5:11:14:ee:a7:9e:95:99:03:40:39:17:
2f:6e:35:21:83:24:51:7e:cc:64:0e:2c:96:12:34:
10:55:42:d4:32:87:6e:52:85:2b:f8:be:da:66:39:
11:03:2d:1c:83:dc:a4:e3:0a:e6:79:4f:ac:8d:ca:
b6:d6:d0:17:c0:b5:bc:af:6a:92:65:6d:fa:73:08:
59:e5:bc:97:7b:83:10:6b:81:88:7a:45:2c:77:34:
90:d9:fc:27:f8:8d:19:5b:6c:b4:68:b4:54:bd:6f:
c5:f0:79:5d:50:d4:5d:88:b0:d7:5b:20:f4:86:ac:
6e:2c:d2:18:d6:90:c1:69:43:4f:9b:04:6e:69:27:
d8:ba:dc:f1:10:05:5e:ad:c1:f3:5f:74:fc:cb:90:
c6:e8:61:18:b3:bb:60:dc:df:89:07:d9:0a:f4:44:
9c:3d:98:4f:a8:8e:fb:a8:84:54:30:e5:f3:b9:6e:
c8:17:5b:ec:b8:a5:cf:c6:f2:ce:ef:7c:a0:2e:a0:
ef:5a:55:a6:4e:61:f1:45:36:17:cf:82:0b:51:8e:
3e:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:08:E6:BF:D2:A5:BB:31:DA:E6:2F:DA:C1:4E:99:60:12:97:A4:BA
X509v3 Authority Key Identifier:
keyid:B0:7A:B9:22:56:5E:2B:3E:2C:C6:3D:48:5A:55:DD:4F:C4:1D:35:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sHq5IlZeKz4sxj1IWlXdT8QdNX4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/6d59d9-9daf-4fcb-8d05-13bcc752119a/1/Wgjmv9KluzHa5i_awU6ZYBKXpLo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/6d59d9-9daf-4fcb-8d05-13bcc752119a/1/sHq5IlZeKz4sxj1IWlXdT8QdNX4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:f8c2:1000::/40
Signature Algorithm: sha256WithRSAEncryption
26:8b:29:2c:d5:c7:eb:93:09:d9:9a:0a:50:8b:72:d1:8a:64:
ab:fc:d6:e7:9f:f1:11:01:29:5d:bc:dd:67:2d:39:10:6c:2c:
5e:58:77:d1:9b:92:8e:a0:4f:74:3f:ab:f8:3f:96:ae:90:d3:
88:11:ce:bd:0a:51:40:82:02:86:5e:bd:f3:c3:e6:36:6a:fa:
71:09:04:cb:d4:9d:b8:c7:e2:ee:ce:11:35:45:9a:cf:38:9e:
07:83:92:3f:88:8b:33:c4:ef:a3:32:f4:d5:aa:1f:6f:84:a9:
7e:fc:99:de:f0:23:7a:50:85:65:d6:de:86:77:74:18:90:3e:
dd:94:4d:a0:9d:26:34:58:8f:2a:e8:e5:a2:77:dd:25:7a:ac:
45:65:ed:8a:a7:a5:29:3f:30:75:c4:0b:34:2e:b5:9a:bf:3d:
e3:cc:c0:bb:41:03:46:1c:d7:45:fa:8d:9e:f2:62:d0:67:5f:
53:6e:4b:84:e6:42:81:5f:49:c8:6e:db:14:7a:8a:2b:10:1b:
a1:8c:38:6b:3f:ad:04:27:a2:c6:97:4d:62:2a:07:1e:96:bf:
d7:6d:f5:c0:64:8c:54:4f:fc:1c:b7:49:ed:48:fd:9d:8d:e0:
d2:c5:53:01:92:6b:6f:05:26:03:b3:7a:4b:de:3f:27:e5:78:
76:00:48:2a
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYonZdgSbm1a883pI50OyIKBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIwN2FiOTIyNTY1ZTJiM2UyY2M2M2Q0ODVhNTVkZDRmYzQx
ZDM1N2UwHhcNMjMwODI0MTE1NTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YTA4ZTZiZmQyYTViYjMxZGFlNjJmZGFjMTRlOTk2MDEyOTdhNGJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgWMGVEZFG0wOXOkpIXCtFE8wY8CW
dT+/Yr7pqybSpvKmOk6W1D+8diH1cvQFgXilERTup56VmQNAORcvbjUhgyRRfsxk
DiyWEjQQVULUModuUoUr+L7aZjkRAy0cg9yk4wrmeU+sjcq21tAXwLW8r2qSZW36
cwhZ5byXe4MQa4GIekUsdzSQ2fwn+I0ZW2y0aLRUvW/F8HldUNRdiLDXWyD0hqxu
LNIY1pDBaUNPmwRuaSfYutzxEAVercHzX3T8y5DG6GEYs7tg3N+JB9kK9EScPZhP
qI77qIRUMOXzuW7IF1vsuKXPxvLO73ygLqDvWlWmTmHxRTYXz4ILUY4+nwIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFFoI5r/Spbsx2uYv2sFOmWASl6S6MB8GA1UdIwQY
MBaAFLB6uSJWXis+LMY9SFpV3U/EHTV+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc0hxNUlsWmVLejRzeGoxSVdsWGRUOFFkTlg0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS82ZDU5ZDktOWRhZi00ZmNiLThkMDUt
MTNiY2M3NTIxMTlhLzEvV2dqbXY5S2x1ekhhNWlfYXdVNlpZQktYcExvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS82ZDU5ZDktOWRhZi00ZmNiLThkMDUtMTNiY2M3NTIxMTlh
LzEvc0hxNUlsWmVLejRzeGoxSVdsWGRUOFFkTlg0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYAKhL4whAw
DQYJKoZIhvcNAQELBQADggEBACaLKSzVx+uTCdmaClCLctGKZKv81uef8REBKV28
3WctORBsLF5Yd9Gbko6gT3Q/q/g/lq6Q04gRzr0KUUCCAoZevfPD5jZq+nEJBMvU
nbjH4u7OETVFms84ngeDkj+IizPE76My9NWqH2+EqX78md7wI3pQhWXW3oZ3dBiQ
Pt2UTaCdJjRYjyro5aJ33SV6rEVl7YqnpSk/MHXECzQutZq/PePMwLtBA0Yc10X6
jZ7yYtBnX1NuS4TmQoFfSchu2xR6iisQG6GMOGs/rQQnosaXTWIqBx6Wv9dt9cBk
jFRP/By3Se1I/Z2N4NLFUwGSa28FJgOzekvePyfleHYASCo=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:02 2024 by rpki-client on console-fra.rpki-client.org