Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/6d59d9-9daf-4fcb-8d05-13bcc752119a/1/d9h87XjrAwZBMsjp6j7NThyXA1k.roa
File: d9h87XjrAwZBMsjp6j7NThyXA1k.roa (raw, json)
Hash identifier: RGQfxPxWK4dCZpoLAT1HYnJX0CVo2sT+3RNDMaZdCfk=
Subject key identifier: 77:D8:7C:ED:78:EB:03:06:41:32:C8:E9:EA:3E:CD:4E:1C:97:03:59
Certificate issuer: /CN=b07ab922565e2b3e2cc63d485a55dd4fc41d357e
Certificate serial: 018563F6E013931B33EE187158B6B42FC203
Authority key identifier: B0:7A:B9:22:56:5E:2B:3E:2C:C6:3D:48:5A:55:DD:4F:C4:1D:35:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sHq5IlZeKz4sxj1IWlXdT8QdNX4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/6d59d9-9daf-4fcb-8d05-13bcc752119a/1/d9h87XjrAwZBMsjp6j7NThyXA1k.roa
Signing time: Fri 30 Dec 2022 16:56:41 +0000
ROA not before: Fri 30 Dec 2022 16:56:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 201801
IP address blocks: 2a12:f8c1:40::/44 maxlen: 44
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:63:f6:e0:13:93:1b:33:ee:18:71:58:b6:b4:2f:c2:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b07ab922565e2b3e2cc63d485a55dd4fc41d357e
Validity
Not Before: Dec 30 16:56:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=77d87ced78eb03064132c8e9ea3ecd4e1c970359
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:4c:2b:ae:80:c0:7c:b0:6c:ad:cc:ce:b8:a1:
50:e1:8c:76:2a:47:4f:c7:38:9c:b4:75:c6:1c:59:
ba:b0:eb:07:8e:e0:8a:8b:1b:66:c7:6d:3a:88:c5:
22:dd:17:a4:3a:b5:4b:c6:b8:be:c9:5f:66:0d:17:
cb:9d:e7:a2:69:a4:df:be:a6:61:2d:e7:7a:0f:88:
84:c8:70:e8:c2:a3:77:a7:9b:75:84:19:79:95:c6:
fa:8e:42:78:2f:69:37:d1:07:1b:8f:92:ec:d1:d9:
a0:b4:b6:81:e3:32:42:7a:11:33:2b:b6:d1:c7:96:
e8:09:0b:1b:12:7e:98:6d:38:3e:32:6b:b7:d5:6e:
59:58:76:9f:37:3b:db:63:9d:da:f8:0e:05:0b:f3:
14:f1:06:d3:d1:d7:87:ee:9d:51:b2:61:b3:a6:05:
ba:1d:15:fd:22:bd:d8:66:60:95:99:56:43:1e:68:
6f:99:af:b6:e1:d0:75:ca:26:e8:fd:14:73:d3:29:
d1:45:75:1a:dc:e0:d8:cd:ac:2a:c7:1e:82:9c:3a:
3d:ed:b5:40:58:1d:ed:82:6d:78:bf:ff:6a:ee:39:
04:d3:2c:e9:15:b1:d4:0e:b0:3c:c5:67:db:a1:92:
04:00:5c:5e:b3:63:78:67:db:dc:cd:c9:87:4a:ce:
08:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:D8:7C:ED:78:EB:03:06:41:32:C8:E9:EA:3E:CD:4E:1C:97:03:59
X509v3 Authority Key Identifier:
keyid:B0:7A:B9:22:56:5E:2B:3E:2C:C6:3D:48:5A:55:DD:4F:C4:1D:35:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sHq5IlZeKz4sxj1IWlXdT8QdNX4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/6d59d9-9daf-4fcb-8d05-13bcc752119a/1/d9h87XjrAwZBMsjp6j7NThyXA1k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/6d59d9-9daf-4fcb-8d05-13bcc752119a/1/sHq5IlZeKz4sxj1IWlXdT8QdNX4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:f8c1:40::/44
Signature Algorithm: sha256WithRSAEncryption
1b:e7:1b:5d:46:0e:d9:3d:bb:d9:cd:e8:95:d9:c5:3e:67:29:
96:74:e1:aa:e1:b0:5d:a7:93:15:34:96:b9:db:57:d9:d6:45:
a3:67:e1:6b:c1:ff:c7:c7:d5:ac:7b:45:8d:f2:e0:da:87:59:
68:53:84:28:0a:99:71:40:c8:c2:8e:38:03:ac:bd:10:1d:ab:
54:6d:28:bb:2b:e0:57:ca:f2:9a:98:ad:e4:a7:ba:05:53:39:
7c:6e:91:0e:0a:b5:6a:76:4e:9b:c5:27:41:a2:d4:82:ee:98:
63:35:f4:ea:aa:45:4d:3a:06:53:b0:07:c6:a2:7f:ef:58:d1:
98:7f:19:4a:ff:7a:30:74:4e:36:b9:2c:a5:66:3f:fe:5f:07:
90:e1:f6:ba:12:c0:61:a5:07:f1:b8:e3:3b:a3:32:6f:6a:00:
16:02:c5:ba:22:32:3d:4f:e8:b2:63:f7:f4:a1:6a:aa:af:da:
cf:0f:7f:a0:d1:6f:4f:02:69:67:da:88:fe:39:c7:5f:2a:c4:
d8:1e:25:53:9b:a4:b5:a5:50:0a:63:c4:b1:2e:28:92:a2:36:
68:26:06:b9:c0:6c:6c:9e:47:b0:66:15:fd:e6:1a:9e:a7:d9:
8e:7c:6b:e9:6e:c4:37:3f:a0:66:56:65:0f:53:c3:1f:70:ca:
61:4a:9f:d7
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVj9uATkxsz7hhxWLa0L8IDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIwN2FiOTIyNTY1ZTJiM2UyY2M2M2Q0ODVhNTVkZDRmYzQx
ZDM1N2UwHhcNMjIxMjMwMTY1NjQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3N2Q4N2NlZDc4ZWIwMzA2NDEzMmM4ZTllYTNlY2Q0ZTFjOTcwMzU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAokwrroDAfLBsrczOuKFQ4Yx2KkdP
xzictHXGHFm6sOsHjuCKixtmx206iMUi3RekOrVLxri+yV9mDRfLneeiaaTfvqZh
Led6D4iEyHDowqN3p5t1hBl5lcb6jkJ4L2k30Qcbj5Ls0dmgtLaB4zJCehEzK7bR
x5boCQsbEn6YbTg+Mmu31W5ZWHafNzvbY53a+A4FC/MU8QbT0deH7p1RsmGzpgW6
HRX9Ir3YZmCVmVZDHmhvma+24dB1yibo/RRz0ynRRXUa3ODYzawqxx6CnDo97bVA
WB3tgm14v/9q7jkE0yzpFbHUDrA8xWfboZIEAFxes2N4Z9vczcmHSs4IOQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFHfYfO146wMGQTLI6eo+zU4clwNZMB8GA1UdIwQY
MBaAFLB6uSJWXis+LMY9SFpV3U/EHTV+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc0hxNUlsWmVLejRzeGoxSVdsWGRUOFFkTlg0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS82ZDU5ZDktOWRhZi00ZmNiLThkMDUt
MTNiY2M3NTIxMTlhLzEvZDloODdYanJBd1pCTXNqcDZqN05UaHlYQTFrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS82ZDU5ZDktOWRhZi00ZmNiLThkMDUtMTNiY2M3NTIxMTlh
LzEvc0hxNUlsWmVLejRzeGoxSVdsWGRUOFFkTlg0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKhL4wQBA
MA0GCSqGSIb3DQEBCwUAA4IBAQAb5xtdRg7ZPbvZzeiV2cU+ZymWdOGq4bBdp5MV
NJa521fZ1kWjZ+Frwf/Hx9Wse0WN8uDah1loU4QoCplxQMjCjjgDrL0QHatUbSi7
K+BXyvKamK3kp7oFUzl8bpEOCrVqdk6bxSdBotSC7phjNfTqqkVNOgZTsAfGon/v
WNGYfxlK/3owdE42uSylZj/+XweQ4fa6EsBhpQfxuOM7ozJvagAWAsW6IjI9T+iy
Y/f0oWqqr9rPD3+g0W9PAmln2oj+OcdfKsTYHiVTm6S1pVAKY8SxLiiSojZoJga5
wGxsnkewZhX95hqep9mOfGvpbsQ3P6BmVmUPU8MfcMphSp/X
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:00:55 2024 by rpki-client on console-ams.rpki-client.org