Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/6d59d9-9daf-4fcb-8d05-13bcc752119a/1/X65hS9xOCVv66h1KWxxbCLnNC-I.roa
File: X65hS9xOCVv66h1KWxxbCLnNC-I.roa (raw, json)
Hash identifier: mBwBTgt35m5+6UAQZFR0OAX5Smj7RL7Th+wNYE8Liyw=
Subject key identifier: 5F:AE:61:4B:DC:4E:09:5B:FA:EA:1D:4A:5B:1C:5B:08:B9:CD:0B:E2
Certificate issuer: /CN=b07ab922565e2b3e2cc63d485a55dd4fc41d357e
Certificate serial: 018E114BC2EA958FECC943A4D35DE2ACB5CE
Authority key identifier: B0:7A:B9:22:56:5E:2B:3E:2C:C6:3D:48:5A:55:DD:4F:C4:1D:35:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sHq5IlZeKz4sxj1IWlXdT8QdNX4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/6d59d9-9daf-4fcb-8d05-13bcc752119a/1/X65hS9xOCVv66h1KWxxbCLnNC-I.roa
Signing time: Wed 06 Mar 2024 01:06:01 +0000
ROA not before: Wed 06 Mar 2024 01:06:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 152586
IP address blocks: 2a12:f8c2:2000::/40 maxlen: 40
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:11:4b:c2:ea:95:8f:ec:c9:43:a4:d3:5d:e2:ac:b5:ce
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b07ab922565e2b3e2cc63d485a55dd4fc41d357e
Validity
Not Before: Mar 6 01:06:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5fae614bdc4e095bfaea1d4a5b1c5b08b9cd0be2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:1d:76:b5:e5:91:f9:43:40:d4:6c:0f:1b:38:
c5:68:3d:8d:5d:9f:48:47:c3:0b:68:89:d3:77:10:
84:85:c7:b0:aa:2b:d2:25:ba:7b:29:c0:37:aa:81:
4a:62:d2:9a:9e:08:91:c0:6a:52:dd:92:20:f2:b5:
cc:6b:75:8a:c6:e5:04:5a:90:8b:65:54:86:fa:09:
5e:c0:e2:4b:47:79:19:87:cb:1e:f5:85:80:1e:f4:
a6:53:f3:f2:e7:ec:9a:86:d1:4c:fe:e8:e8:47:2a:
3f:37:3c:33:5f:b8:bb:0f:74:7e:aa:6e:47:0b:37:
a4:05:b8:68:00:53:0b:ea:f9:29:c5:14:4c:ba:5c:
1d:ba:1a:a9:2b:ae:d8:4a:66:e0:55:15:25:e2:08:
c7:4f:97:04:b9:8a:10:de:23:47:c8:68:f6:23:1c:
cf:4a:67:e0:69:24:e6:3b:73:da:d2:a9:2f:3a:b5:
fa:6a:72:59:d2:e9:f6:1b:7c:7e:d1:44:72:21:a2:
e3:da:4c:ac:84:9d:3e:0c:5c:46:bb:fb:60:85:d5:
64:0c:a3:4f:2f:1f:a0:3e:d2:80:72:46:ac:1f:50:
96:6d:f9:e8:e9:a0:49:60:e1:52:47:a5:a2:4e:ac:
e2:50:54:da:35:07:d7:f4:4f:13:d6:33:d4:29:ea:
de:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:AE:61:4B:DC:4E:09:5B:FA:EA:1D:4A:5B:1C:5B:08:B9:CD:0B:E2
X509v3 Authority Key Identifier:
keyid:B0:7A:B9:22:56:5E:2B:3E:2C:C6:3D:48:5A:55:DD:4F:C4:1D:35:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sHq5IlZeKz4sxj1IWlXdT8QdNX4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/6d59d9-9daf-4fcb-8d05-13bcc752119a/1/X65hS9xOCVv66h1KWxxbCLnNC-I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/6d59d9-9daf-4fcb-8d05-13bcc752119a/1/sHq5IlZeKz4sxj1IWlXdT8QdNX4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:f8c2:2000::/40
Signature Algorithm: sha256WithRSAEncryption
58:bf:d7:c0:32:fa:33:fd:9a:b3:55:26:75:e6:6c:27:ac:41:
ca:47:23:dd:b2:d9:89:7f:95:5d:7b:fa:49:c2:f0:86:0d:72:
4c:4c:cf:8d:65:be:90:d1:3f:64:72:a4:e7:55:b3:91:07:bd:
d5:66:c0:d8:f0:3d:d6:d5:ba:04:01:a2:2b:71:9f:92:04:c6:
04:42:7e:3e:c1:93:93:1f:f9:a9:40:b5:63:72:34:08:e7:da:
54:5f:5b:f7:68:ea:3f:b8:86:6f:bd:b0:ae:45:75:80:dd:dd:
a4:bc:b6:ac:bf:3f:4e:34:c3:55:2d:4c:98:8d:29:c8:d8:70:
ff:f4:e8:f3:f3:23:e4:68:29:5d:0f:ce:ce:0d:67:79:bd:b6:
9d:fd:9f:31:58:b7:f9:17:9d:b1:61:43:51:86:55:40:fe:dc:
9a:a9:b3:96:cd:16:aa:e2:61:69:04:63:67:b0:c5:b4:13:78:
d1:3c:64:fe:6b:03:c4:43:d7:13:42:cb:1c:5c:c3:7e:77:32:
db:7d:db:c3:d7:73:dc:f9:2c:1a:8a:c9:2f:02:f6:59:ca:4b:
48:ab:b5:00:6f:63:86:19:e2:93:45:02:7f:a5:eb:95:a3:1e:
94:1b:4b:ff:d8:fc:bd:6f:73:74:65:33:d7:14:d9:e6:b5:58:
14:0b:99:0e
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAY4RS8LqlY/syUOk013irLXOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIwN2FiOTIyNTY1ZTJiM2UyY2M2M2Q0ODVhNTVkZDRmYzQx
ZDM1N2UwHhcNMjQwMzA2MDEwNjAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZmFlNjE0YmRjNGUwOTViZmFlYTFkNGE1YjFjNWIwOGI5Y2QwYmUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgh12teWR+UNA1GwPGzjFaD2NXZ9I
R8MLaInTdxCEhcewqivSJbp7KcA3qoFKYtKangiRwGpS3ZIg8rXMa3WKxuUEWpCL
ZVSG+glewOJLR3kZh8se9YWAHvSmU/Py5+yahtFM/ujoRyo/NzwzX7i7D3R+qm5H
CzekBbhoAFML6vkpxRRMulwduhqpK67YSmbgVRUl4gjHT5cEuYoQ3iNHyGj2IxzP
SmfgaSTmO3Pa0qkvOrX6anJZ0un2G3x+0URyIaLj2kyshJ0+DFxGu/tghdVkDKNP
Lx+gPtKAckasH1CWbfno6aBJYOFSR6WiTqziUFTaNQfX9E8T1jPUKereWQIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFF+uYUvcTglb+uodSlscWwi5zQviMB8GA1UdIwQY
MBaAFLB6uSJWXis+LMY9SFpV3U/EHTV+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc0hxNUlsWmVLejRzeGoxSVdsWGRUOFFkTlg0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS82ZDU5ZDktOWRhZi00ZmNiLThkMDUt
MTNiY2M3NTIxMTlhLzEvWDY1aFM5eE9DVnY2NmgxS1d4eGJDTG5OQy1JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS82ZDU5ZDktOWRhZi00ZmNiLThkMDUtMTNiY2M3NTIxMTlh
LzEvc0hxNUlsWmVLejRzeGoxSVdsWGRUOFFkTlg0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYAKhL4wiAw
DQYJKoZIhvcNAQELBQADggEBAFi/18Ay+jP9mrNVJnXmbCesQcpHI92y2Yl/lV17
+knC8IYNckxMz41lvpDRP2RypOdVs5EHvdVmwNjwPdbVugQBoitxn5IExgRCfj7B
k5Mf+alAtWNyNAjn2lRfW/do6j+4hm+9sK5FdYDd3aS8tqy/P040w1UtTJiNKcjY
cP/06PPzI+RoKV0Pzs4NZ3m9tp39nzFYt/kXnbFhQ1GGVUD+3Jqps5bNFqriYWkE
Y2ewxbQTeNE8ZP5rA8RD1xNCyxxcw353Mtt928PXc9z5LBqKyS8C9lnKS0irtQBv
Y4YZ4pNFAn+l65WjHpQbS//Y/L1vc3RlM9cU2ea1WBQLmQ4=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:02 2024 by rpki-client on console-fra.rpki-client.org