Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/6d59d9-9daf-4fcb-8d05-13bcc752119a/1/WnDCpgjbrSvjejRivtrwEs5Vc-Y.roa
File: WnDCpgjbrSvjejRivtrwEs5Vc-Y.roa (raw, json)
Hash identifier: Mgt/zS9p/N9zdLg57joKfErUKzyQLAwVVwvbdzdnUU0=
Subject key identifier: 5A:70:C2:A6:08:DB:AD:2B:E3:7A:34:62:BE:DA:F0:12:CE:55:73:E6
Certificate issuer: /CN=b07ab922565e2b3e2cc63d485a55dd4fc41d357e
Certificate serial: 01840AB3A90FDF6E6D8CDC4767C522A69082
Authority key identifier: B0:7A:B9:22:56:5E:2B:3E:2C:C6:3D:48:5A:55:DD:4F:C4:1D:35:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sHq5IlZeKz4sxj1IWlXdT8QdNX4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/6d59d9-9daf-4fcb-8d05-13bcc752119a/1/WnDCpgjbrSvjejRivtrwEs5Vc-Y.roa
Signing time: Mon 24 Oct 2022 15:54:17 +0000
ROA not before: Mon 24 Oct 2022 15:54:17 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 150296
IP address blocks: 2a12:f8c2::/40 maxlen: 40
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:0a:b3:a9:0f:df:6e:6d:8c:dc:47:67:c5:22:a6:90:82
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b07ab922565e2b3e2cc63d485a55dd4fc41d357e
Validity
Not Before: Oct 24 15:54:17 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5a70c2a608dbad2be37a3462bedaf012ce5573e6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:e3:12:ec:55:3d:97:bf:88:3e:d5:34:19:82:
6f:bc:4f:27:23:20:bb:81:4b:c9:30:a2:90:5b:73:
f6:43:cc:cd:16:c4:79:0f:e9:8b:dd:25:62:3f:5d:
92:95:15:92:22:ec:17:41:4d:2e:e5:a7:ff:59:43:
3d:9d:57:27:61:4f:7b:0c:e1:cb:69:ef:c8:9b:bf:
1e:48:1d:22:11:99:e4:be:d1:6f:3b:80:ab:fd:8f:
3e:82:7b:b3:2a:95:3b:c5:e1:9b:52:41:a5:5c:1b:
e6:30:d6:b8:f4:09:b1:71:cd:dc:0c:28:d1:9c:5c:
91:d7:82:cb:f3:ea:eb:0f:ec:6d:39:48:bd:57:41:
76:38:f8:25:f0:37:c3:ae:c2:cb:eb:32:12:db:c5:
bf:75:19:07:53:7a:8d:13:26:e2:4f:ab:90:7a:71:
ad:c9:ba:9c:74:27:8c:39:46:0e:19:8c:60:d3:0f:
b5:d1:da:5f:77:03:24:73:d9:15:82:79:d8:b8:69:
c1:ca:fa:e7:9c:02:7f:5f:ff:ab:ff:f0:f2:8a:40:
b4:ca:04:d1:77:ac:33:98:ae:f7:de:1f:59:67:0c:
3e:dc:0f:52:63:8c:cb:a9:97:9e:21:22:84:3e:c9:
0e:75:ad:51:3b:64:a8:fd:e6:d9:10:06:00:7e:a8:
66:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:70:C2:A6:08:DB:AD:2B:E3:7A:34:62:BE:DA:F0:12:CE:55:73:E6
X509v3 Authority Key Identifier:
keyid:B0:7A:B9:22:56:5E:2B:3E:2C:C6:3D:48:5A:55:DD:4F:C4:1D:35:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sHq5IlZeKz4sxj1IWlXdT8QdNX4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/6d59d9-9daf-4fcb-8d05-13bcc752119a/1/WnDCpgjbrSvjejRivtrwEs5Vc-Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/6d59d9-9daf-4fcb-8d05-13bcc752119a/1/sHq5IlZeKz4sxj1IWlXdT8QdNX4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:f8c2::/40
Signature Algorithm: sha256WithRSAEncryption
9a:d4:60:35:09:62:cd:75:c6:92:dc:9c:c6:41:bd:14:3d:7c:
ac:fc:6f:dd:7a:53:8c:31:17:1b:ac:35:b9:92:d7:d0:05:b1:
fc:6e:88:10:9a:ab:f6:4f:4b:10:b0:b6:5c:a7:b7:59:59:24:
e6:18:d4:83:6c:a3:9a:48:6e:46:47:bd:51:9c:89:d0:d4:aa:
c9:6b:f4:34:77:ad:79:64:b7:7e:ea:16:f9:4e:40:49:e2:75:
bf:36:0f:f3:e8:0a:db:1a:bc:c0:91:e6:05:3a:57:cf:1c:3b:
6f:cf:25:f3:30:b7:3d:22:f5:0e:c2:00:37:4d:01:e4:87:4c:
3e:23:be:db:b9:61:42:e4:af:3c:b3:7f:d2:50:be:a3:9c:93:
d3:27:6f:53:fa:6e:b6:92:ee:91:cf:bd:7a:a4:7c:3f:39:3c:
5e:48:33:30:e2:23:b7:3a:9e:91:0f:b3:2e:a0:55:2f:db:c0:
4a:3a:76:26:e8:39:ae:4b:d4:fe:81:55:a9:44:5d:06:cb:14:
5f:00:46:86:24:06:4a:03:da:c5:4c:93:00:02:0e:54:21:43:
b5:e6:2b:91:78:09:54:a2:c0:35:6f:de:43:ca:de:30:27:78:
03:58:16:53:f7:7c:00:2f:a7:15:7f:0c:ea:42:9a:65:53:be:
c6:63:11:2b
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYQKs6kP325tjNxHZ8UippCCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIwN2FiOTIyNTY1ZTJiM2UyY2M2M2Q0ODVhNTVkZDRmYzQx
ZDM1N2UwHhcNMjIxMDI0MTU1NDE3WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YTcwYzJhNjA4ZGJhZDJiZTM3YTM0NjJiZWRhZjAxMmNlNTU3M2U2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo+MS7FU9l7+IPtU0GYJvvE8nIyC7
gUvJMKKQW3P2Q8zNFsR5D+mL3SViP12SlRWSIuwXQU0u5af/WUM9nVcnYU97DOHL
ae/Im78eSB0iEZnkvtFvO4Cr/Y8+gnuzKpU7xeGbUkGlXBvmMNa49Amxcc3cDCjR
nFyR14LL8+rrD+xtOUi9V0F2OPgl8DfDrsLL6zIS28W/dRkHU3qNEybiT6uQenGt
ybqcdCeMOUYOGYxg0w+10dpfdwMkc9kVgnnYuGnByvrnnAJ/X/+r//DyikC0ygTR
d6wzmK733h9ZZww+3A9SY4zLqZeeISKEPskOda1RO2So/ebZEAYAfqhmfwIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFFpwwqYI260r43o0Yr7a8BLOVXPmMB8GA1UdIwQY
MBaAFLB6uSJWXis+LMY9SFpV3U/EHTV+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc0hxNUlsWmVLejRzeGoxSVdsWGRUOFFkTlg0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS82ZDU5ZDktOWRhZi00ZmNiLThkMDUt
MTNiY2M3NTIxMTlhLzEvV25EQ3BnamJyU3ZqZWpSaXZ0cndFczVWYy1ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS82ZDU5ZDktOWRhZi00ZmNiLThkMDUtMTNiY2M3NTIxMTlh
LzEvc0hxNUlsWmVLejRzeGoxSVdsWGRUOFFkTlg0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYAKhL4wgAw
DQYJKoZIhvcNAQELBQADggEBAJrUYDUJYs11xpLcnMZBvRQ9fKz8b916U4wxFxus
NbmS19AFsfxuiBCaq/ZPSxCwtlynt1lZJOYY1INso5pIbkZHvVGcidDUqslr9DR3
rXlkt37qFvlOQEnidb82D/PoCtsavMCR5gU6V88cO2/PJfMwtz0i9Q7CADdNAeSH
TD4jvtu5YULkrzyzf9JQvqOck9Mnb1P6braS7pHPvXqkfD85PF5IMzDiI7c6npEP
sy6gVS/bwEo6diboOa5L1P6BValEXQbLFF8ARoYkBkoD2sVMkwACDlQhQ7XmK5F4
CVSiwDVv3kPK3jAneANYFlP3fAAvpxV/DOpCmmVTvsZjESs=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:02 2024 by rpki-client on console-fra.rpki-client.org