Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/6d59d9-9daf-4fcb-8d05-13bcc752119a/1/ZpWBpeakjSNyJbI5AWZOCwMcJt4.roa
File: ZpWBpeakjSNyJbI5AWZOCwMcJt4.roa (raw, json)
Hash identifier: 28cTovq6rP56oFKBTtUGKMQYQo8nOcIhq281p9p3+oA=
Subject key identifier: 66:95:81:A5:E6:A4:8D:23:72:25:B2:39:01:66:4E:0B:03:1C:26:DE
Certificate issuer: /CN=b07ab922565e2b3e2cc63d485a55dd4fc41d357e
Certificate serial: 01857039AEB85DEE34A0FCEBE5ECE94865B1
Authority key identifier: B0:7A:B9:22:56:5E:2B:3E:2C:C6:3D:48:5A:55:DD:4F:C4:1D:35:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sHq5IlZeKz4sxj1IWlXdT8QdNX4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/6d59d9-9daf-4fcb-8d05-13bcc752119a/1/ZpWBpeakjSNyJbI5AWZOCwMcJt4.roa
Signing time: Mon 02 Jan 2023 02:05:06 +0000
ROA not before: Mon 02 Jan 2023 02:05:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 150325
IP address blocks: 2a12:f8c1:10::/44 maxlen: 44
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:39:ae:b8:5d:ee:34:a0:fc:eb:e5:ec:e9:48:65:b1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b07ab922565e2b3e2cc63d485a55dd4fc41d357e
Validity
Not Before: Jan 2 02:05:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=669581a5e6a48d237225b23901664e0b031c26de
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:79:a4:e7:e1:96:69:ec:9b:08:4a:19:cb:23:
36:35:3d:5e:fb:0d:12:26:03:21:58:73:9e:26:43:
21:ad:37:08:1d:dd:91:46:f3:74:43:ab:7a:e4:d6:
2c:91:a2:84:b6:1d:a1:99:87:ee:f9:8b:a1:f2:19:
42:70:90:d3:33:0e:67:22:92:99:ad:9f:36:5b:5e:
e0:e0:b4:bf:e6:3a:5c:17:8c:47:1b:19:a6:e7:1d:
9e:6d:05:ac:a8:39:2e:c0:b4:f5:3d:54:c5:2e:db:
89:fd:6a:b3:e5:4a:a8:6a:bc:c3:ab:c5:47:74:ca:
2d:70:38:3a:97:81:39:25:34:dd:c7:dd:73:8b:48:
0a:b8:4b:b8:0e:a7:91:1b:b8:c5:c4:cb:6b:bb:46:
d9:e3:38:95:b9:8e:1d:a5:0c:b4:04:d1:ef:f4:2c:
d5:e8:35:07:43:77:66:87:e9:58:65:05:d6:11:18:
29:1d:28:56:d5:0b:7b:50:88:d9:44:0b:c5:84:c2:
33:02:33:73:4b:98:a7:e2:b0:1f:b0:a1:25:1e:cc:
91:9c:03:59:8b:9f:f7:45:e3:19:b6:ca:ec:a3:e7:
0a:88:0c:50:38:d5:85:24:6c:e1:82:85:f8:17:aa:
18:17:e5:2b:20:be:21:ed:e6:3f:90:f7:b0:38:c8:
94:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:95:81:A5:E6:A4:8D:23:72:25:B2:39:01:66:4E:0B:03:1C:26:DE
X509v3 Authority Key Identifier:
keyid:B0:7A:B9:22:56:5E:2B:3E:2C:C6:3D:48:5A:55:DD:4F:C4:1D:35:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sHq5IlZeKz4sxj1IWlXdT8QdNX4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/6d59d9-9daf-4fcb-8d05-13bcc752119a/1/ZpWBpeakjSNyJbI5AWZOCwMcJt4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/6d59d9-9daf-4fcb-8d05-13bcc752119a/1/sHq5IlZeKz4sxj1IWlXdT8QdNX4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:f8c1:10::/44
Signature Algorithm: sha256WithRSAEncryption
b9:71:b3:1d:c5:dc:32:6d:11:f6:d1:7c:24:41:e4:85:65:c7:
ab:dd:5b:7d:5b:e8:68:3e:5e:83:97:57:26:d6:93:23:a7:62:
f8:65:9a:3d:a5:87:d0:ec:22:ef:41:3e:5a:a9:1c:2c:c3:5a:
16:78:9f:cb:eb:30:58:1e:8e:61:4c:82:7a:e9:6a:07:4d:e5:
85:1c:ec:96:52:87:af:9f:b2:ff:50:4b:ff:4d:4b:40:e9:dd:
3c:af:36:8e:dd:70:45:ff:d7:ad:72:cc:26:c5:3d:6e:11:5d:
cd:9d:bf:17:59:94:f6:38:25:9e:9d:b7:29:6f:c6:65:22:e1:
82:54:a1:84:a9:f1:3a:a4:10:d2:f7:d9:ad:5e:55:e8:7c:2c:
ef:98:85:46:22:04:50:49:87:b3:3b:18:36:58:14:8d:15:3c:
7a:a3:9f:6b:52:5c:bc:2c:6b:d6:83:d4:89:86:1f:69:c5:6d:
eb:b7:36:27:3e:b0:a6:df:23:10:fc:66:9a:b8:c0:39:1b:88:
7b:ec:f1:ca:3b:5a:f5:e7:b9:59:01:37:65:06:96:d0:e6:ef:
16:56:d3:38:16:48:eb:cb:e9:cc:8f:5b:59:59:68:24:d0:f0:
7a:42:f7:2f:c4:b3:36:aa:bf:25:81:fb:06:66:5a:a8:90:a3:
39:48:46:4a
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVwOa64Xe40oPzr5ezpSGWxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIwN2FiOTIyNTY1ZTJiM2UyY2M2M2Q0ODVhNTVkZDRmYzQx
ZDM1N2UwHhcNMjMwMTAyMDIwNTA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2Njk1ODFhNWU2YTQ4ZDIzNzIyNWIyMzkwMTY2NGUwYjAzMWMyNmRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn3mk5+GWaeybCEoZyyM2NT1e+w0S
JgMhWHOeJkMhrTcIHd2RRvN0Q6t65NYskaKEth2hmYfu+Yuh8hlCcJDTMw5nIpKZ
rZ82W17g4LS/5jpcF4xHGxmm5x2ebQWsqDkuwLT1PVTFLtuJ/Wqz5UqoarzDq8VH
dMotcDg6l4E5JTTdx91zi0gKuEu4DqeRG7jFxMtru0bZ4ziVuY4dpQy0BNHv9CzV
6DUHQ3dmh+lYZQXWERgpHShW1Qt7UIjZRAvFhMIzAjNzS5in4rAfsKElHsyRnANZ
i5/3ReMZtsrso+cKiAxQONWFJGzhgoX4F6oYF+UrIL4h7eY/kPewOMiUdwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFGaVgaXmpI0jciWyOQFmTgsDHCbeMB8GA1UdIwQY
MBaAFLB6uSJWXis+LMY9SFpV3U/EHTV+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc0hxNUlsWmVLejRzeGoxSVdsWGRUOFFkTlg0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS82ZDU5ZDktOWRhZi00ZmNiLThkMDUt
MTNiY2M3NTIxMTlhLzEvWnBXQnBlYWtqU055SmJJNUFXWk9Dd01jSnQ0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS82ZDU5ZDktOWRhZi00ZmNiLThkMDUtMTNiY2M3NTIxMTlh
LzEvc0hxNUlsWmVLejRzeGoxSVdsWGRUOFFkTlg0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKhL4wQAQ
MA0GCSqGSIb3DQEBCwUAA4IBAQC5cbMdxdwybRH20XwkQeSFZcer3Vt9W+hoPl6D
l1cm1pMjp2L4ZZo9pYfQ7CLvQT5aqRwsw1oWeJ/L6zBYHo5hTIJ66WoHTeWFHOyW
Uoevn7L/UEv/TUtA6d08rzaO3XBF/9etcswmxT1uEV3Nnb8XWZT2OCWenbcpb8Zl
IuGCVKGEqfE6pBDS99mtXlXofCzvmIVGIgRQSYezOxg2WBSNFTx6o59rUly8LGvW
g9SJhh9pxW3rtzYnPrCm3yMQ/GaauMA5G4h77PHKO1r157lZATdlBpbQ5u8WVtM4
Fkjry+nMj1tZWWgk0PB6QvcvxLM2qr8lgfsGZlqokKM5SEZK
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:02 2024 by rpki-client on console-fra.rpki-client.org