Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/6d59d9-9daf-4fcb-8d05-13bcc752119a/1/acxYphWbrzDaqgKoH15-JRT_-C4.roa
File: acxYphWbrzDaqgKoH15-JRT_-C4.roa (raw, json)
Hash identifier: Z8aEqptkkrYAMZeNCdZXXYj9PLrarkU7zJxWVdZ6+sk=
Subject key identifier: 69:CC:58:A6:15:9B:AF:30:DA:AA:02:A8:1F:5E:7E:25:14:FF:F8:2E
Certificate issuer: /CN=b07ab922565e2b3e2cc63d485a55dd4fc41d357e
Certificate serial: 018315F3335B549167A6DB995E38CF5CCDC2
Authority key identifier: B0:7A:B9:22:56:5E:2B:3E:2C:C6:3D:48:5A:55:DD:4F:C4:1D:35:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sHq5IlZeKz4sxj1IWlXdT8QdNX4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/6d59d9-9daf-4fcb-8d05-13bcc752119a/1/acxYphWbrzDaqgKoH15-JRT_-C4.roa
Signing time: Wed 07 Sep 2022 03:16:43 +0000
ROA not before: Wed 07 Sep 2022 03:16:43 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 150298
IP address blocks: 2a12:f8c1:200::/40 maxlen: 40
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:15:f3:33:5b:54:91:67:a6:db:99:5e:38:cf:5c:cd:c2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b07ab922565e2b3e2cc63d485a55dd4fc41d357e
Validity
Not Before: Sep 7 03:16:43 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=69cc58a6159baf30daaa02a81f5e7e2514fff82e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:b8:40:41:be:00:5f:ea:57:77:96:92:3f:61:
a1:3e:b7:33:6f:8e:06:66:31:f2:91:de:80:1c:52:
5c:f3:83:bd:b6:f7:1b:b7:1e:c5:ae:64:82:16:bd:
5c:a7:43:a5:63:bc:f6:11:3b:4c:c5:99:33:10:13:
cb:e1:02:1f:e0:c7:71:63:f0:83:5a:ee:8f:d2:ef:
f3:26:ad:37:18:2f:cf:91:d3:4f:b3:79:42:27:14:
70:39:16:9b:85:82:d0:11:3e:88:38:d6:c2:7d:71:
fd:81:57:4b:df:c1:58:48:ba:11:0d:24:43:96:1d:
f9:c5:90:be:37:56:6e:37:83:81:ce:c9:c0:c6:60:
65:a5:a4:93:35:ff:0a:6e:d7:7a:6f:93:cb:6a:e4:
76:a2:21:52:25:30:bd:99:70:d4:c0:de:0a:d8:8e:
89:33:3a:1c:55:dd:e0:08:e0:4d:09:7f:95:bb:fd:
64:ed:30:3e:6d:59:df:32:f5:0b:53:a4:8f:8e:17:
ed:c5:43:f4:89:9c:bb:e0:c8:05:99:2f:d3:c8:e3:
58:ad:5c:12:30:9f:1b:e8:34:b4:07:79:ef:a8:b2:
08:d4:61:60:25:1a:c3:c9:d6:98:69:f2:84:e7:6d:
5f:85:26:19:05:f1:84:34:f8:16:9e:f6:39:0f:dc:
aa:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:CC:58:A6:15:9B:AF:30:DA:AA:02:A8:1F:5E:7E:25:14:FF:F8:2E
X509v3 Authority Key Identifier:
keyid:B0:7A:B9:22:56:5E:2B:3E:2C:C6:3D:48:5A:55:DD:4F:C4:1D:35:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sHq5IlZeKz4sxj1IWlXdT8QdNX4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/6d59d9-9daf-4fcb-8d05-13bcc752119a/1/acxYphWbrzDaqgKoH15-JRT_-C4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/6d59d9-9daf-4fcb-8d05-13bcc752119a/1/sHq5IlZeKz4sxj1IWlXdT8QdNX4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:f8c1:200::/40
Signature Algorithm: sha256WithRSAEncryption
37:4c:1d:a6:2b:55:51:07:0a:e4:0a:b5:50:5c:cd:0a:79:f4:
cc:e9:2b:ae:25:f7:97:2a:f8:06:cb:ed:27:7f:57:f3:65:3f:
75:e8:03:1c:34:a5:4d:6e:bd:c0:95:bc:57:76:85:bb:58:99:
43:28:8e:7e:b1:ae:88:e5:e3:d4:61:6b:e8:1d:65:bc:6e:d3:
36:e9:b3:e4:3b:ed:97:9f:02:ae:8e:fc:cd:c8:51:c3:59:e4:
29:eb:2e:fd:e4:0a:78:54:32:c7:9f:e1:db:58:0d:f3:47:6a:
c8:1e:22:ce:8a:db:24:bb:ca:9a:0e:11:df:ff:5e:dc:5f:5f:
18:34:d6:01:ad:f0:1d:f4:3f:4b:f4:99:92:83:a6:59:e5:61:
43:dc:60:8f:23:69:82:18:fc:15:23:8e:46:de:ac:f1:ec:39:
93:48:2f:27:63:ac:d6:e4:a7:c5:c4:d0:f5:9a:c9:64:2c:8f:
18:14:b6:5a:22:8e:3a:78:b0:ec:df:81:7d:20:e4:0d:1a:fd:
6a:03:d3:67:41:69:34:da:fc:89:b7:7a:ed:ba:53:08:bf:05:
cf:70:47:70:76:a7:8f:f1:4e:c6:6f:1c:d3:f3:db:05:bc:e6:
f9:2e:a7:8b:72:ee:1e:9c:9f:a1:01:9e:99:d9:41:f0:c0:92:
c5:ed:7e:21
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYMV8zNbVJFnptuZXjjPXM3CMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIwN2FiOTIyNTY1ZTJiM2UyY2M2M2Q0ODVhNTVkZDRmYzQx
ZDM1N2UwHhcNMjIwOTA3MDMxNjQzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OWNjNThhNjE1OWJhZjMwZGFhYTAyYTgxZjVlN2UyNTE0ZmZmODJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAirhAQb4AX+pXd5aSP2GhPrczb44G
ZjHykd6AHFJc84O9tvcbtx7FrmSCFr1cp0OlY7z2ETtMxZkzEBPL4QIf4MdxY/CD
Wu6P0u/zJq03GC/PkdNPs3lCJxRwORabhYLQET6IONbCfXH9gVdL38FYSLoRDSRD
lh35xZC+N1ZuN4OBzsnAxmBlpaSTNf8Kbtd6b5PLauR2oiFSJTC9mXDUwN4K2I6J
MzocVd3gCOBNCX+Vu/1k7TA+bVnfMvULU6SPjhftxUP0iZy74MgFmS/TyONYrVwS
MJ8b6DS0B3nvqLII1GFgJRrDydaYafKE521fhSYZBfGENPgWnvY5D9yqRQIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFGnMWKYVm68w2qoCqB9efiUU//guMB8GA1UdIwQY
MBaAFLB6uSJWXis+LMY9SFpV3U/EHTV+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc0hxNUlsWmVLejRzeGoxSVdsWGRUOFFkTlg0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS82ZDU5ZDktOWRhZi00ZmNiLThkMDUt
MTNiY2M3NTIxMTlhLzEvYWN4WXBoV2JyekRhcWdLb0gxNS1KUlRfLUM0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS82ZDU5ZDktOWRhZi00ZmNiLThkMDUtMTNiY2M3NTIxMTlh
LzEvc0hxNUlsWmVLejRzeGoxSVdsWGRUOFFkTlg0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYAKhL4wQIw
DQYJKoZIhvcNAQELBQADggEBADdMHaYrVVEHCuQKtVBczQp59MzpK64l95cq+AbL
7Sd/V/NlP3XoAxw0pU1uvcCVvFd2hbtYmUMojn6xrojl49Rha+gdZbxu0zbps+Q7
7ZefAq6O/M3IUcNZ5CnrLv3kCnhUMsef4dtYDfNHasgeIs6K2yS7ypoOEd//Xtxf
Xxg01gGt8B30P0v0mZKDplnlYUPcYI8jaYIY/BUjjkberPHsOZNILydjrNbkp8XE
0PWayWQsjxgUtloijjp4sOzfgX0g5A0a/WoD02dBaTTa/Im3eu26Uwi/Bc9wR3B2
p4/xTsZvHNPz2wW85vkup4ty7h6cn6EBnpnZQfDAksXtfiE=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:00:55 2024 by rpki-client on console-ams.rpki-client.org