Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/6d59d9-9daf-4fcb-8d05-13bcc752119a/1/XR6VUr8bgeFDqId4KNrst3EnTnU.roa
File: XR6VUr8bgeFDqId4KNrst3EnTnU.roa (raw, json)
Hash identifier: oSkR4gitdds6w1fDkkbepsR9F9PwVhOBH072Ua+L+T8=
Subject key identifier: 5D:1E:95:52:BF:1B:81:E1:43:A8:87:78:28:DA:EC:B7:71:27:4E:75
Certificate issuer: /CN=b07ab922565e2b3e2cc63d485a55dd4fc41d357e
Certificate serial: 0183156635650806F15597FE07FF526DAE12
Authority key identifier: B0:7A:B9:22:56:5E:2B:3E:2C:C6:3D:48:5A:55:DD:4F:C4:1D:35:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sHq5IlZeKz4sxj1IWlXdT8QdNX4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/6d59d9-9daf-4fcb-8d05-13bcc752119a/1/XR6VUr8bgeFDqId4KNrst3EnTnU.roa
Signing time: Wed 07 Sep 2022 00:42:43 +0000
ROA not before: Wed 07 Sep 2022 00:42:43 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 210590
IP address blocks: 2a12:f8c1:100::/40 maxlen: 40
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:15:66:35:65:08:06:f1:55:97:fe:07:ff:52:6d:ae:12
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b07ab922565e2b3e2cc63d485a55dd4fc41d357e
Validity
Not Before: Sep 7 00:42:43 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5d1e9552bf1b81e143a8877828daecb771274e75
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:c1:76:0e:9e:06:30:c0:be:73:86:14:11:60:
0a:b1:92:1c:04:5a:51:44:1f:2a:51:55:4e:7a:f9:
c9:b2:fc:a3:e6:10:82:49:15:3c:d9:6c:f2:f2:0c:
9f:a1:d2:50:26:99:7f:8b:a2:42:c9:29:3d:7a:3f:
3c:1c:98:63:3d:73:08:63:31:6f:fc:36:94:1c:5f:
29:c5:45:d3:e6:a5:4b:04:ad:35:99:2d:7c:ab:87:
a7:47:02:2d:08:39:38:e0:4c:15:60:e7:46:0b:f0:
ec:a7:1c:60:0d:f3:cb:1c:78:d8:22:0b:ad:f4:8e:
db:7e:f3:01:cc:7d:6e:fa:ad:1a:1d:cd:41:27:d7:
c3:a0:2f:b4:a4:1d:89:bf:57:93:02:5a:e0:4b:44:
7f:e7:d9:49:e9:e0:3b:1e:0e:3d:e2:9f:55:5e:77:
f6:b8:9c:15:62:d6:03:4f:a6:23:e0:74:09:24:77:
78:c4:42:e4:ba:47:ce:d3:46:c2:84:41:c6:b9:ee:
da:f2:ab:39:28:b8:0e:4c:6d:d6:83:9f:70:ed:c9:
e4:43:ba:6e:29:b7:cd:23:c1:30:ca:33:da:42:97:
20:0e:19:98:bc:4d:7f:01:93:8c:eb:ba:d1:5b:9a:
bc:f7:f8:58:bc:06:e0:18:27:82:29:f9:cd:d9:52:
07:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:1E:95:52:BF:1B:81:E1:43:A8:87:78:28:DA:EC:B7:71:27:4E:75
X509v3 Authority Key Identifier:
keyid:B0:7A:B9:22:56:5E:2B:3E:2C:C6:3D:48:5A:55:DD:4F:C4:1D:35:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sHq5IlZeKz4sxj1IWlXdT8QdNX4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/6d59d9-9daf-4fcb-8d05-13bcc752119a/1/XR6VUr8bgeFDqId4KNrst3EnTnU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/6d59d9-9daf-4fcb-8d05-13bcc752119a/1/sHq5IlZeKz4sxj1IWlXdT8QdNX4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:f8c1:100::/40
Signature Algorithm: sha256WithRSAEncryption
55:7a:8d:81:5e:3f:d3:4e:2d:f6:c7:51:7a:df:38:11:ed:00:
cc:1d:ad:8b:8d:dc:f5:d0:15:a6:0b:4a:1f:eb:c4:1d:83:f4:
97:5a:e7:66:38:b5:2f:b6:04:16:f8:23:36:69:9d:5c:ce:51:
f2:1b:6b:d9:58:a0:2b:b6:8d:8e:84:df:b9:71:3d:a2:74:5f:
73:7e:b9:f0:47:17:bb:ff:a8:c6:61:3f:85:82:13:b6:a4:64:
89:70:9c:d8:d8:d5:1f:db:c9:1a:dd:aa:b6:e4:8d:fd:0f:9d:
e6:91:54:cf:b4:0e:ca:b5:b6:8a:00:ae:4f:99:b7:c2:34:c3:
8d:3a:26:10:99:4b:bd:9e:f6:9a:94:9f:47:68:79:f0:11:73:
86:91:ec:d8:1f:19:5c:26:58:18:e8:ec:e8:99:e9:5b:74:26:
b4:40:3a:2b:27:d9:48:82:37:5d:3e:1f:cf:46:95:d0:1e:e0:
ba:f6:32:a6:69:9a:24:ea:65:1a:5c:8b:22:62:7a:9a:ee:cf:
60:6b:87:7a:6d:7c:a6:bb:a7:95:46:05:63:9d:03:af:ef:a3:
15:9b:e6:99:ff:a8:a0:6d:e5:62:e2:db:48:3f:8e:f8:8a:e4:
7b:9f:16:4a:3a:66:a9:fa:68:55:88:e4:af:e5:33:97:b1:a4:
c8:fd:e0:e7
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYMVZjVlCAbxVZf+B/9Sba4SMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIwN2FiOTIyNTY1ZTJiM2UyY2M2M2Q0ODVhNTVkZDRmYzQx
ZDM1N2UwHhcNMjIwOTA3MDA0MjQzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZDFlOTU1MmJmMWI4MWUxNDNhODg3NzgyOGRhZWNiNzcxMjc0ZTc1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmMF2Dp4GMMC+c4YUEWAKsZIcBFpR
RB8qUVVOevnJsvyj5hCCSRU82Wzy8gyfodJQJpl/i6JCySk9ej88HJhjPXMIYzFv
/DaUHF8pxUXT5qVLBK01mS18q4enRwItCDk44EwVYOdGC/DspxxgDfPLHHjYIgut
9I7bfvMBzH1u+q0aHc1BJ9fDoC+0pB2Jv1eTAlrgS0R/59lJ6eA7Hg494p9VXnf2
uJwVYtYDT6Yj4HQJJHd4xELkukfO00bChEHGue7a8qs5KLgOTG3Wg59w7cnkQ7pu
KbfNI8EwyjPaQpcgDhmYvE1/AZOM67rRW5q89/hYvAbgGCeCKfnN2VIHdwIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFF0elVK/G4HhQ6iHeCja7LdxJ051MB8GA1UdIwQY
MBaAFLB6uSJWXis+LMY9SFpV3U/EHTV+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc0hxNUlsWmVLejRzeGoxSVdsWGRUOFFkTlg0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS82ZDU5ZDktOWRhZi00ZmNiLThkMDUt
MTNiY2M3NTIxMTlhLzEvWFI2VlVyOGJnZUZEcUlkNEtOcnN0M0VuVG5VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS82ZDU5ZDktOWRhZi00ZmNiLThkMDUtMTNiY2M3NTIxMTlh
LzEvc0hxNUlsWmVLejRzeGoxSVdsWGRUOFFkTlg0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYAKhL4wQEw
DQYJKoZIhvcNAQELBQADggEBAFV6jYFeP9NOLfbHUXrfOBHtAMwdrYuN3PXQFaYL
Sh/rxB2D9Jda52Y4tS+2BBb4IzZpnVzOUfIba9lYoCu2jY6E37lxPaJ0X3N+ufBH
F7v/qMZhP4WCE7akZIlwnNjY1R/byRrdqrbkjf0PneaRVM+0Dsq1tooArk+Zt8I0
w406JhCZS72e9pqUn0doefARc4aR7NgfGVwmWBjo7OiZ6Vt0JrRAOisn2UiCN10+
H89GldAe4Lr2MqZpmiTqZRpciyJiepruz2Brh3ptfKa7p5VGBWOdA6/voxWb5pn/
qKBt5WLi20g/jviK5HufFko6Zqn6aFWI5K/lM5expMj94Oc=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:36:56 2025 by rpki-client