Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/6d59d9-9daf-4fcb-8d05-13bcc752119a/1/XCCRe6gr2YGHXT7xYoyBygEO4MM.roa
File: XCCRe6gr2YGHXT7xYoyBygEO4MM.roa (raw, json)
Hash identifier: f2SLxjRHN6sE5UQYVyVwMWrzSW7j0R/T6avUPHlAlnA=
Subject key identifier: 5C:20:91:7B:A8:2B:D9:81:87:5D:3E:F1:62:8C:81:CA:01:0E:E0:C3
Certificate issuer: /CN=b07ab922565e2b3e2cc63d485a55dd4fc41d357e
Certificate serial: 0183698D8ED714D56E6C16B353554E83E2A9
Authority key identifier: B0:7A:B9:22:56:5E:2B:3E:2C:C6:3D:48:5A:55:DD:4F:C4:1D:35:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sHq5IlZeKz4sxj1IWlXdT8QdNX4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/6d59d9-9daf-4fcb-8d05-13bcc752119a/1/XCCRe6gr2YGHXT7xYoyBygEO4MM.roa
Signing time: Fri 23 Sep 2022 08:53:48 +0000
ROA not before: Fri 23 Sep 2022 08:53:48 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 150325
IP address blocks: 2a12:f8c1:10::/44 maxlen: 44
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:69:8d:8e:d7:14:d5:6e:6c:16:b3:53:55:4e:83:e2:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b07ab922565e2b3e2cc63d485a55dd4fc41d357e
Validity
Not Before: Sep 23 08:53:48 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5c20917ba82bd981875d3ef1628c81ca010ee0c3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:01:63:4a:7e:4e:66:88:d0:6c:b7:9c:26:d2:
a2:ff:7c:8c:5c:bd:87:07:d2:ee:04:fb:6a:a0:f9:
6a:cd:3e:f9:bf:50:49:80:6d:6c:98:86:c1:ea:51:
21:b4:14:5a:a8:39:f1:0a:35:34:99:a6:fa:11:85:
fd:ed:e9:cf:26:7f:97:5b:49:59:7f:23:99:a7:96:
7e:c3:89:04:83:dc:00:e0:48:34:63:46:7a:04:94:
3d:f1:e3:4e:ef:31:d0:56:13:f7:c8:bc:84:f9:d8:
57:c3:db:a9:0e:b6:03:b8:95:7e:01:a1:08:c3:c2:
24:c5:51:b8:e0:41:2f:44:81:d7:7f:1c:9f:44:fa:
c6:c3:c2:71:a8:90:99:62:fd:5c:d7:2b:bc:62:9d:
26:ce:3a:99:b7:87:53:32:83:76:d9:86:61:67:71:
f3:a8:c3:15:6d:ca:a7:4a:c7:aa:40:60:3f:ac:6b:
16:b1:19:ae:d9:b8:71:c5:71:c7:df:3e:3f:83:b3:
f0:d7:a4:c2:93:e8:e2:77:c6:c8:3d:d0:a1:08:7d:
53:04:b1:f6:19:8e:37:dd:fd:24:40:46:6d:1b:83:
58:96:d9:1e:a1:d6:68:28:41:0f:f3:5c:da:d0:f3:
54:5f:c5:92:78:3a:47:3e:e0:52:35:13:3e:03:fb:
42:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:20:91:7B:A8:2B:D9:81:87:5D:3E:F1:62:8C:81:CA:01:0E:E0:C3
X509v3 Authority Key Identifier:
keyid:B0:7A:B9:22:56:5E:2B:3E:2C:C6:3D:48:5A:55:DD:4F:C4:1D:35:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sHq5IlZeKz4sxj1IWlXdT8QdNX4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/6d59d9-9daf-4fcb-8d05-13bcc752119a/1/XCCRe6gr2YGHXT7xYoyBygEO4MM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/6d59d9-9daf-4fcb-8d05-13bcc752119a/1/sHq5IlZeKz4sxj1IWlXdT8QdNX4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:f8c1:10::/44
Signature Algorithm: sha256WithRSAEncryption
17:77:79:e0:e4:64:4d:61:8f:31:29:1f:b8:df:e5:da:99:2a:
c2:14:26:0c:c7:f9:16:60:ff:1c:32:52:73:44:57:2d:01:74:
25:d2:72:f8:08:6a:c4:74:33:5f:2f:f4:ed:73:d5:45:af:6c:
db:2b:fb:8d:67:c6:89:7e:70:cb:d4:47:4c:24:db:b9:f7:0c:
7a:fa:d4:06:ed:41:77:6b:35:1e:58:94:fd:6c:60:cb:3a:f0:
d3:a1:87:a0:91:37:81:f6:63:e6:de:b4:62:1d:41:0a:b0:5b:
28:b6:c1:8e:c8:99:af:d0:cd:27:2f:36:ba:76:e5:55:39:88:
c0:ce:93:93:20:0a:87:c2:33:a4:7e:3d:91:e5:03:b6:b1:20:
d4:a1:7a:94:fd:f9:e9:ff:07:11:a7:1f:de:db:e6:6f:7d:ed:
57:b1:89:f7:da:68:0b:a0:d4:ad:17:1f:77:8a:21:b0:a6:88:
24:45:ee:95:fc:39:f0:8e:29:c6:75:6a:69:c4:4b:04:b1:40:
34:bb:a8:67:e1:49:33:ad:cb:6b:58:91:b7:37:3c:43:e3:22:
7c:a5:b0:af:38:8d:4c:56:87:1e:35:12:33:84:0b:0c:ff:36:
90:42:2b:86:6a:3a:4f:69:8a:18:ff:7e:54:cf:aa:b3:1b:da:
2f:63:0a:85
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYNpjY7XFNVubBazU1VOg+KpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIwN2FiOTIyNTY1ZTJiM2UyY2M2M2Q0ODVhNTVkZDRmYzQx
ZDM1N2UwHhcNMjIwOTIzMDg1MzQ4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YzIwOTE3YmE4MmJkOTgxODc1ZDNlZjE2MjhjODFjYTAxMGVlMGMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtgFjSn5OZojQbLecJtKi/3yMXL2H
B9LuBPtqoPlqzT75v1BJgG1smIbB6lEhtBRaqDnxCjU0mab6EYX97enPJn+XW0lZ
fyOZp5Z+w4kEg9wA4Eg0Y0Z6BJQ98eNO7zHQVhP3yLyE+dhXw9upDrYDuJV+AaEI
w8IkxVG44EEvRIHXfxyfRPrGw8JxqJCZYv1c1yu8Yp0mzjqZt4dTMoN22YZhZ3Hz
qMMVbcqnSseqQGA/rGsWsRmu2bhxxXHH3z4/g7Pw16TCk+jid8bIPdChCH1TBLH2
GY433f0kQEZtG4NYltkeodZoKEEP81za0PNUX8WSeDpHPuBSNRM+A/tCMwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFFwgkXuoK9mBh10+8WKMgcoBDuDDMB8GA1UdIwQY
MBaAFLB6uSJWXis+LMY9SFpV3U/EHTV+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc0hxNUlsWmVLejRzeGoxSVdsWGRUOFFkTlg0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS82ZDU5ZDktOWRhZi00ZmNiLThkMDUt
MTNiY2M3NTIxMTlhLzEvWENDUmU2Z3IyWUdIWFQ3eFlveUJ5Z0VPNE1NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS82ZDU5ZDktOWRhZi00ZmNiLThkMDUtMTNiY2M3NTIxMTlh
LzEvc0hxNUlsWmVLejRzeGoxSVdsWGRUOFFkTlg0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKhL4wQAQ
MA0GCSqGSIb3DQEBCwUAA4IBAQAXd3ng5GRNYY8xKR+43+XamSrCFCYMx/kWYP8c
MlJzRFctAXQl0nL4CGrEdDNfL/Ttc9VFr2zbK/uNZ8aJfnDL1EdMJNu59wx6+tQG
7UF3azUeWJT9bGDLOvDToYegkTeB9mPm3rRiHUEKsFsotsGOyJmv0M0nLza6duVV
OYjAzpOTIAqHwjOkfj2R5QO2sSDUoXqU/fnp/wcRpx/e2+Zvfe1XsYn32mgLoNSt
Fx93iiGwpogkRe6V/DnwjinGdWppxEsEsUA0u6hn4UkzrctrWJG3NzxD4yJ8pbCv
OI1MVoceNRIzhAsM/zaQQiuGajpPaYoY/35Uz6qzG9ovYwqF
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:36:05 2025 by rpki-client