Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/6d59d9-9daf-4fcb-8d05-13bcc752119a/1/_UR3kIVbzoOVSyF7dHFZ9xdEAAs.roa
File: _UR3kIVbzoOVSyF7dHFZ9xdEAAs.roa (raw, json)
Hash identifier: H9Mga7fEdQNF0A0ZMKOWL1KzpiXD8ux2U1BJ2n443Ok=
Subject key identifier: FD:44:77:90:85:5B:CE:83:95:4B:21:7B:74:71:59:F7:17:44:00:0B
Certificate issuer: /CN=b07ab922565e2b3e2cc63d485a55dd4fc41d357e
Certificate serial: 01857039AA6EC9012DC305FB4EDEA0A8AE03
Authority key identifier: B0:7A:B9:22:56:5E:2B:3E:2C:C6:3D:48:5A:55:DD:4F:C4:1D:35:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sHq5IlZeKz4sxj1IWlXdT8QdNX4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/6d59d9-9daf-4fcb-8d05-13bcc752119a/1/_UR3kIVbzoOVSyF7dHFZ9xdEAAs.roa
Signing time: Mon 02 Jan 2023 02:05:05 +0000
ROA not before: Mon 02 Jan 2023 02:05:05 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 23470
IP address blocks: 2a12:f8c2:200::/40 maxlen: 40
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:39:aa:6e:c9:01:2d:c3:05:fb:4e:de:a0:a8:ae:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b07ab922565e2b3e2cc63d485a55dd4fc41d357e
Validity
Not Before: Jan 2 02:05:05 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fd447790855bce83954b217b747159f71744000b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:3b:b8:fa:2d:1a:19:d3:a7:ab:a2:e1:6e:03:
3c:f4:58:ab:ed:c0:af:72:e3:80:68:cf:95:08:b1:
fe:aa:24:83:57:0f:20:30:c7:64:46:6d:8e:bc:4b:
9b:9d:c6:9d:13:da:f1:ef:65:12:7f:4e:48:0f:64:
be:16:80:8b:14:ef:bf:d0:57:80:08:ae:f9:19:44:
ac:f5:bf:57:69:83:64:9a:4f:2a:60:42:d9:7f:46:
6c:17:6a:24:3b:33:d1:82:66:04:64:7c:00:66:a5:
9a:4e:eb:83:e2:5a:f6:84:56:00:0c:41:67:a5:cf:
0b:ac:70:a2:94:9e:5c:36:e7:22:42:b2:75:49:be:
09:9b:14:97:9d:c4:79:59:5e:85:aa:11:52:f2:13:
37:a0:04:81:a2:e4:d4:c1:28:f5:c0:e6:7c:99:f2:
97:3c:97:63:3a:82:d7:9e:a0:f3:e2:ef:05:72:c5:
ae:2f:57:cf:8d:02:1e:20:29:94:0f:7d:f0:b9:3f:
da:15:d5:b8:1a:fd:4c:73:c4:e1:42:93:a6:5d:9f:
61:87:ee:38:85:0b:18:8b:b4:26:ff:f9:ff:db:85:
9c:20:13:a3:3b:00:4f:53:e8:79:1c:73:e5:44:3b:
8e:72:8f:6b:34:f0:5d:52:67:54:05:bd:f2:f0:6d:
cc:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:44:77:90:85:5B:CE:83:95:4B:21:7B:74:71:59:F7:17:44:00:0B
X509v3 Authority Key Identifier:
keyid:B0:7A:B9:22:56:5E:2B:3E:2C:C6:3D:48:5A:55:DD:4F:C4:1D:35:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sHq5IlZeKz4sxj1IWlXdT8QdNX4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/6d59d9-9daf-4fcb-8d05-13bcc752119a/1/_UR3kIVbzoOVSyF7dHFZ9xdEAAs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/6d59d9-9daf-4fcb-8d05-13bcc752119a/1/sHq5IlZeKz4sxj1IWlXdT8QdNX4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:f8c2:200::/40
Signature Algorithm: sha256WithRSAEncryption
33:20:70:b0:e4:3f:88:bc:bc:4e:64:cf:7e:9a:b7:53:ee:b1:
4a:c6:06:61:02:b2:58:03:bd:8b:e9:74:13:32:45:51:93:6b:
0d:f3:85:ff:1b:83:32:d5:cc:4a:7b:ef:5e:fd:37:0c:51:72:
23:ee:9b:f1:8e:9b:be:22:91:c0:d9:c5:87:d4:8e:bd:07:2d:
52:2d:8c:37:e6:a1:e4:a5:ab:b7:30:a9:ea:a9:36:c2:ae:8a:
f8:bf:0f:ec:f8:eb:1e:57:1d:1a:40:f0:a2:50:fa:4c:17:73:
4b:14:e4:43:54:73:d6:e4:33:96:8b:62:96:0e:d0:48:d8:ca:
b6:fb:af:05:65:ac:f4:6b:12:5c:59:62:cb:35:66:16:b8:db:
cb:5e:e1:a0:78:40:99:b8:c8:52:ed:b2:f2:f9:95:52:93:40:
46:2c:9b:72:3c:23:e3:15:ac:b6:52:37:e8:76:9d:36:a3:6a:
3c:f6:ce:72:39:ab:e9:80:17:06:d9:f1:54:a1:d3:a4:e9:21:
bb:a5:b4:23:e0:bf:bc:5d:86:6a:81:f4:40:0c:d6:96:cd:fb:
cd:cc:ad:21:a2:9a:6b:27:0d:d6:62:25:59:0f:f7:cc:d6:17:
04:0c:ac:71:c5:8c:75:d2:66:e6:ba:d1:88:d4:d7:f4:33:39:
70:f0:86:cc
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYVwOapuyQEtwwX7Tt6gqK4DMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIwN2FiOTIyNTY1ZTJiM2UyY2M2M2Q0ODVhNTVkZDRmYzQx
ZDM1N2UwHhcNMjMwMTAyMDIwNTA1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZDQ0Nzc5MDg1NWJjZTgzOTU0YjIxN2I3NDcxNTlmNzE3NDQwMDBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuTu4+i0aGdOnq6LhbgM89Fir7cCv
cuOAaM+VCLH+qiSDVw8gMMdkRm2OvEubncadE9rx72USf05ID2S+FoCLFO+/0FeA
CK75GUSs9b9XaYNkmk8qYELZf0ZsF2okOzPRgmYEZHwAZqWaTuuD4lr2hFYADEFn
pc8LrHCilJ5cNuciQrJ1Sb4JmxSXncR5WV6FqhFS8hM3oASBouTUwSj1wOZ8mfKX
PJdjOoLXnqDz4u8FcsWuL1fPjQIeICmUD33wuT/aFdW4Gv1Mc8ThQpOmXZ9hh+44
hQsYi7Qm//n/24WcIBOjOwBPU+h5HHPlRDuOco9rNPBdUmdUBb3y8G3MYQIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFP1Ed5CFW86DlUshe3RxWfcXRAALMB8GA1UdIwQY
MBaAFLB6uSJWXis+LMY9SFpV3U/EHTV+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc0hxNUlsWmVLejRzeGoxSVdsWGRUOFFkTlg0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS82ZDU5ZDktOWRhZi00ZmNiLThkMDUt
MTNiY2M3NTIxMTlhLzEvX1VSM2tJVmJ6b09WU3lGN2RIRlo5eGRFQUFzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS82ZDU5ZDktOWRhZi00ZmNiLThkMDUtMTNiY2M3NTIxMTlh
LzEvc0hxNUlsWmVLejRzeGoxSVdsWGRUOFFkTlg0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYAKhL4wgIw
DQYJKoZIhvcNAQELBQADggEBADMgcLDkP4i8vE5kz36at1PusUrGBmECslgDvYvp
dBMyRVGTaw3zhf8bgzLVzEp77179NwxRciPum/GOm74ikcDZxYfUjr0HLVItjDfm
oeSlq7cwqeqpNsKuivi/D+z46x5XHRpA8KJQ+kwXc0sU5ENUc9bkM5aLYpYO0EjY
yrb7rwVlrPRrElxZYss1Zha428te4aB4QJm4yFLtsvL5lVKTQEYsm3I8I+MVrLZS
N+h2nTajajz2znI5q+mAFwbZ8VSh06TpIbultCPgv7xdhmqB9EAM1pbN+83MrSGi
mmsnDdZiJVkP98zWFwQMrHHFjHXSZua60YjU1/QzOXDwhsw=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:02 2024 by rpki-client on console-fra.rpki-client.org