Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/6d59d9-9daf-4fcb-8d05-13bcc752119a/1/f6ac5ZJfgpXqVGQ5m9wDnr19Df4.roa
File: f6ac5ZJfgpXqVGQ5m9wDnr19Df4.roa (raw, json)
Hash identifier: uGZiSKWQCGHAG40mHrNVxIbUvUEc6ntY0JxiJHEtb68=
Subject key identifier: 7F:A6:9C:E5:92:5F:82:95:EA:54:64:39:9B:DC:03:9E:BD:7D:0D:FE
Certificate issuer: /CN=b07ab922565e2b3e2cc63d485a55dd4fc41d357e
Certificate serial: 018CC64B250AF3A508FAF32F098A7B057077
Authority key identifier: B0:7A:B9:22:56:5E:2B:3E:2C:C6:3D:48:5A:55:DD:4F:C4:1D:35:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sHq5IlZeKz4sxj1IWlXdT8QdNX4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/6d59d9-9daf-4fcb-8d05-13bcc752119a/1/f6ac5ZJfgpXqVGQ5m9wDnr19Df4.roa
Signing time: Mon 01 Jan 2024 18:31:02 +0000
ROA not before: Mon 01 Jan 2024 18:31:02 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 63796
IP address blocks: 2a12:f8c1:2::/48 maxlen: 48
2a12:f8c3:4000::/36 maxlen: 36
2a12:f8c1:3::/48 maxlen: 48
2a12:f8c1:1::/48 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4b:25:0a:f3:a5:08:fa:f3:2f:09:8a:7b:05:70:77
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b07ab922565e2b3e2cc63d485a55dd4fc41d357e
Validity
Not Before: Jan 1 18:31:02 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7fa69ce5925f8295ea5464399bdc039ebd7d0dfe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:c6:a8:59:1f:b4:02:15:82:91:9c:83:5e:10:
27:9e:f8:c9:d8:c5:36:67:0d:34:79:7b:c5:f7:30:
1c:df:64:9a:05:48:c1:b7:6e:1c:e8:0d:45:17:47:
fa:80:bf:0c:49:45:20:07:87:7f:b2:ad:07:2c:9e:
99:b9:18:b6:e9:ba:62:63:25:a5:f4:0f:c3:c4:bd:
41:6e:62:e4:2e:4f:4e:4c:94:a9:f0:d0:90:7c:19:
8d:28:f2:39:b7:62:65:fd:86:10:af:06:b8:ef:1c:
4d:7d:81:92:0d:e3:09:b1:5b:08:8d:3f:f7:68:df:
0d:da:f7:76:73:9c:94:3e:92:92:42:98:af:81:86:
fc:09:75:a4:93:fa:5a:b4:ad:9c:6e:e5:77:4a:a3:
34:06:bd:05:47:0a:15:11:7a:0a:bd:cf:06:1a:f4:
8e:60:78:7d:6d:32:17:71:68:67:ec:11:27:e3:e4:
79:f1:57:c4:3d:20:d4:f9:d6:b7:46:36:98:08:1b:
0b:12:47:0e:98:de:87:15:0e:7a:4f:8d:4d:e5:8d:
64:10:cb:b8:2f:9c:df:c9:9d:d8:01:c8:c2:69:f1:
f6:9b:a4:a7:49:01:7b:26:2a:0d:4e:bf:de:2f:ef:
34:ab:b4:74:f9:6d:13:fc:a4:84:78:28:db:9c:5c:
37:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:A6:9C:E5:92:5F:82:95:EA:54:64:39:9B:DC:03:9E:BD:7D:0D:FE
X509v3 Authority Key Identifier:
keyid:B0:7A:B9:22:56:5E:2B:3E:2C:C6:3D:48:5A:55:DD:4F:C4:1D:35:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sHq5IlZeKz4sxj1IWlXdT8QdNX4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/6d59d9-9daf-4fcb-8d05-13bcc752119a/1/f6ac5ZJfgpXqVGQ5m9wDnr19Df4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/6d59d9-9daf-4fcb-8d05-13bcc752119a/1/sHq5IlZeKz4sxj1IWlXdT8QdNX4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:f8c1:1::-2a12:f8c1:3:ffff:ffff:ffff:ffff:ffff
2a12:f8c3:4000::/36
Signature Algorithm: sha256WithRSAEncryption
91:0e:12:ae:e7:d2:b2:8e:ea:bb:07:d7:51:93:f6:3a:b7:63:
41:d3:86:61:60:80:b5:78:72:13:26:ba:48:74:3c:5c:73:73:
b6:2c:f7:65:00:32:bd:1e:d2:80:b3:33:74:4a:d9:72:96:42:
c4:32:1b:c2:27:35:89:01:5b:f8:c2:c8:f2:00:b0:fc:22:e5:
43:90:ec:e4:dd:e4:47:8d:55:05:8f:91:70:64:64:a5:76:f6:
fb:9e:dd:dc:b9:fa:7c:69:0c:d5:8e:dd:d6:b8:80:bb:07:29:
b4:26:d7:03:6c:1d:dc:09:95:aa:05:ad:35:31:62:e2:13:62:
0d:a3:79:a2:8c:94:b3:3f:3e:d9:fd:f1:f1:92:0e:a7:b9:b1:
bb:56:78:17:a3:8a:72:b8:77:21:6a:56:3f:a7:8a:8a:4a:bb:
f4:a5:a2:e0:e3:76:3a:7e:48:0d:fa:eb:af:87:ca:2e:64:f0:
35:45:99:9f:8c:a9:2a:a4:c4:b9:22:8b:b8:5e:8d:14:6a:b3:
65:7e:39:c0:20:e2:41:ea:33:df:be:3e:a1:06:9c:e0:be:b6:
12:13:28:98:53:41:d5:b5:31:5f:6b:34:5c:ae:48:6b:af:5e:
67:b7:3f:c5:6d:30:1e:8f:c0:a8:cf:71:11:97:df:82:41:a7:
69:7a:b3:24
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAYzGSyUK86UI+vMvCYp7BXB3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIwN2FiOTIyNTY1ZTJiM2UyY2M2M2Q0ODVhNTVkZDRmYzQx
ZDM1N2UwHhcNMjQwMTAxMTgzMTAyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZmE2OWNlNTkyNWY4Mjk1ZWE1NDY0Mzk5YmRjMDM5ZWJkN2QwZGZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAycaoWR+0AhWCkZyDXhAnnvjJ2MU2
Zw00eXvF9zAc32SaBUjBt24c6A1FF0f6gL8MSUUgB4d/sq0HLJ6ZuRi26bpiYyWl
9A/DxL1BbmLkLk9OTJSp8NCQfBmNKPI5t2Jl/YYQrwa47xxNfYGSDeMJsVsIjT/3
aN8N2vd2c5yUPpKSQpivgYb8CXWkk/patK2cbuV3SqM0Br0FRwoVEXoKvc8GGvSO
YHh9bTIXcWhn7BEn4+R58VfEPSDU+da3RjaYCBsLEkcOmN6HFQ56T41N5Y1kEMu4
L5zfyZ3YAcjCafH2m6SnSQF7JioNTr/eL+80q7R0+W0T/KSEeCjbnFw3ZwIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFH+mnOWSX4KV6lRkOZvcA569fQ3+MB8GA1UdIwQY
MBaAFLB6uSJWXis+LMY9SFpV3U/EHTV+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc0hxNUlsWmVLejRzeGoxSVdsWGRUOFFkTlg0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS82ZDU5ZDktOWRhZi00ZmNiLThkMDUt
MTNiY2M3NTIxMTlhLzEvZjZhYzVaSmZncFhxVkdRNW05d0RucjE5RGY0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS82ZDU5ZDktOWRhZi00ZmNiLThkMDUtMTNiY2M3NTIxMTlh
LzEvc0hxNUlsWmVLejRzeGoxSVdsWGRUOFFkTlg0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAiBAIAAjAcMBIDBwAqEvjB
AAEDBwIqEvjBAAADBgQqEvjDQDANBgkqhkiG9w0BAQsFAAOCAQEAkQ4SrufSso7q
uwfXUZP2OrdjQdOGYWCAtXhyEya6SHQ8XHNztiz3ZQAyvR7SgLMzdErZcpZCxDIb
wic1iQFb+MLI8gCw/CLlQ5Ds5N3kR41VBY+RcGRkpXb2+57d3Ln6fGkM1Y7d1riA
uwcptCbXA2wd3AmVqgWtNTFi4hNiDaN5ooyUsz8+2f3x8ZIOp7mxu1Z4F6OKcrh3
IWpWP6eKikq79KWi4ON2On5IDfrrr4fKLmTwNUWZn4ypKqTEuSKLuF6NFGqzZX45
wCDiQeoz374+oQac4L62EhMomFNB1bUxX2s0XK5Ia69eZ7c/xW0wHo/AqM9xEZff
gkGnaXqzJA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:00:55 2024 by rpki-client on console-ams.rpki-client.org