Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/6d59d9-9daf-4fcb-8d05-13bcc752119a/1/csPrmPhuj4POYeBPlQpQH35hZyY.roa
File: csPrmPhuj4POYeBPlQpQH35hZyY.roa (raw, json)
Hash identifier: lSWaLX/xoV/1ycmqdfi9vOXIwZFbNfrEVcysFCr7T5k=
Subject key identifier: 72:C3:EB:98:F8:6E:8F:83:CE:61:E0:4F:95:0A:50:1F:7E:61:67:26
Certificate issuer: /CN=b07ab922565e2b3e2cc63d485a55dd4fc41d357e
Certificate serial: 018A829EFDB064FD86F98E9E4413CB473775
Authority key identifier: B0:7A:B9:22:56:5E:2B:3E:2C:C6:3D:48:5A:55:DD:4F:C4:1D:35:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sHq5IlZeKz4sxj1IWlXdT8QdNX4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/6d59d9-9daf-4fcb-8d05-13bcc752119a/1/csPrmPhuj4POYeBPlQpQH35hZyY.roa
Signing time: Mon 11 Sep 2023 05:02:52 +0000
ROA not before: Mon 11 Sep 2023 05:02:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 199108
IP address blocks: 2a12:f8c1:70::/44 maxlen: 44
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:82:9e:fd:b0:64:fd:86:f9:8e:9e:44:13:cb:47:37:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b07ab922565e2b3e2cc63d485a55dd4fc41d357e
Validity
Not Before: Sep 11 05:02:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=72c3eb98f86e8f83ce61e04f950a501f7e616726
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:aa:aa:e4:d2:1f:9b:1f:6b:c8:37:4c:7c:74:
e4:56:c6:4b:6e:17:b9:92:20:30:b1:86:9d:74:85:
c8:55:57:94:b9:5b:bf:16:ce:33:04:bd:57:f9:88:
fb:4a:77:e3:5e:fb:05:73:68:d0:dd:89:63:e1:22:
21:22:8f:99:c0:96:71:b5:a0:11:bd:28:c1:cd:c6:
1c:55:df:f8:69:77:48:f7:6c:4a:59:1b:67:b1:95:
f2:37:1f:91:d3:eb:57:e7:84:7c:56:95:11:3e:d2:
a5:0f:0d:90:7b:e0:ad:1f:f5:17:2c:23:67:0e:30:
6a:11:bc:52:86:6b:11:c2:0f:19:6a:bc:f8:94:f5:
19:79:66:51:29:b8:b5:e4:2b:ed:9d:34:f2:e6:ca:
99:81:8c:a9:a4:fd:27:ff:5c:44:f7:17:fe:73:a0:
75:c5:02:8f:c3:e0:c3:2d:b4:51:cc:b9:33:d0:6f:
72:18:b8:03:01:b4:03:d9:7b:2b:e5:7c:f2:10:2d:
1f:5f:79:06:ca:8c:ac:c3:fd:f4:d1:ea:08:24:67:
55:84:1d:3b:69:f5:7c:5b:e8:b9:bd:bf:51:af:f2:
3f:d9:21:ab:88:b1:3d:4a:47:c3:84:f4:0c:bf:bb:
ae:1e:c0:9e:e6:68:d2:0b:70:e7:db:37:91:5b:17:
58:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:C3:EB:98:F8:6E:8F:83:CE:61:E0:4F:95:0A:50:1F:7E:61:67:26
X509v3 Authority Key Identifier:
keyid:B0:7A:B9:22:56:5E:2B:3E:2C:C6:3D:48:5A:55:DD:4F:C4:1D:35:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sHq5IlZeKz4sxj1IWlXdT8QdNX4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/6d59d9-9daf-4fcb-8d05-13bcc752119a/1/csPrmPhuj4POYeBPlQpQH35hZyY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/6d59d9-9daf-4fcb-8d05-13bcc752119a/1/sHq5IlZeKz4sxj1IWlXdT8QdNX4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:f8c1:70::/44
Signature Algorithm: sha256WithRSAEncryption
b4:56:46:71:09:d7:f2:e3:ab:ab:dc:92:b4:b9:12:ef:84:90:
9c:c3:e0:0b:b8:40:41:08:25:4c:c1:9a:21:07:c5:39:ad:b1:
17:cb:a6:4e:5a:cf:f2:c8:e4:0b:b7:38:f8:2b:86:43:7d:1e:
6b:8a:eb:ff:d5:7e:38:31:59:b4:a7:35:e8:89:02:b5:54:77:
d8:e9:e8:bb:74:42:de:47:6b:3f:d5:b6:42:2c:46:0c:6a:49:
e7:cd:34:a5:2e:c6:2d:9c:ba:02:b6:0a:ae:98:4a:20:cb:d6:
6e:a7:28:51:e9:20:fd:39:14:f8:e8:5b:af:f7:de:c0:12:c1:
6e:a9:51:18:c1:cc:6d:bc:44:1a:02:74:76:ef:59:bb:78:03:
1e:f7:a0:b7:27:71:b3:5a:51:a4:a7:89:f0:69:c7:fe:80:0e:
3e:24:85:06:7f:f5:a2:d4:e8:47:f1:52:bd:96:98:b9:db:7d:
07:14:74:fd:da:83:a1:78:c4:c0:cd:b0:b6:55:88:79:76:46:
f9:1f:ce:b3:02:09:30:26:5d:14:99:21:d2:3e:71:27:26:ec:
00:93:c2:86:10:8c:07:fc:95:58:11:52:f8:98:6c:2b:0d:6e:
df:d1:8c:b1:17:56:94:19:05:af:db:c1:2f:2f:00:6d:6b:f4:
04:13:68:c3
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYqCnv2wZP2G+Y6eRBPLRzd1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIwN2FiOTIyNTY1ZTJiM2UyY2M2M2Q0ODVhNTVkZDRmYzQx
ZDM1N2UwHhcNMjMwOTExMDUwMjUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MmMzZWI5OGY4NmU4ZjgzY2U2MWUwNGY5NTBhNTAxZjdlNjE2NzI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvKqq5NIfmx9ryDdMfHTkVsZLbhe5
kiAwsYaddIXIVVeUuVu/Fs4zBL1X+Yj7SnfjXvsFc2jQ3Ylj4SIhIo+ZwJZxtaAR
vSjBzcYcVd/4aXdI92xKWRtnsZXyNx+R0+tX54R8VpURPtKlDw2Qe+CtH/UXLCNn
DjBqEbxShmsRwg8Zarz4lPUZeWZRKbi15CvtnTTy5sqZgYyppP0n/1xE9xf+c6B1
xQKPw+DDLbRRzLkz0G9yGLgDAbQD2Xsr5XzyEC0fX3kGyoysw/300eoIJGdVhB07
afV8W+i5vb9Rr/I/2SGriLE9SkfDhPQMv7uuHsCe5mjSC3Dn2zeRWxdYwQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFHLD65j4bo+DzmHgT5UKUB9+YWcmMB8GA1UdIwQY
MBaAFLB6uSJWXis+LMY9SFpV3U/EHTV+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc0hxNUlsWmVLejRzeGoxSVdsWGRUOFFkTlg0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS82ZDU5ZDktOWRhZi00ZmNiLThkMDUt
MTNiY2M3NTIxMTlhLzEvY3NQcm1QaHVqNFBPWWVCUGxRcFFIMzVoWnlZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS82ZDU5ZDktOWRhZi00ZmNiLThkMDUtMTNiY2M3NTIxMTlh
LzEvc0hxNUlsWmVLejRzeGoxSVdsWGRUOFFkTlg0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKhL4wQBw
MA0GCSqGSIb3DQEBCwUAA4IBAQC0VkZxCdfy46ur3JK0uRLvhJCcw+ALuEBBCCVM
wZohB8U5rbEXy6ZOWs/yyOQLtzj4K4ZDfR5riuv/1X44MVm0pzXoiQK1VHfY6ei7
dELeR2s/1bZCLEYMaknnzTSlLsYtnLoCtgqumEogy9ZupyhR6SD9ORT46Fuv997A
EsFuqVEYwcxtvEQaAnR271m7eAMe96C3J3GzWlGkp4nwacf+gA4+JIUGf/Wi1OhH
8VK9lpi5230HFHT92oOheMTAzbC2VYh5dkb5H86zAgkwJl0UmSHSPnEnJuwAk8KG
EIwH/JVYEVL4mGwrDW7f0YyxF1aUGQWv28EvLwBta/QEE2jD
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:00:55 2024 by rpki-client on console-ams.rpki-client.org