Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/6d59d9-9daf-4fcb-8d05-13bcc752119a/1/fihZfVnTeQMn73dbr9_D4k6VLoc.roa
File: fihZfVnTeQMn73dbr9_D4k6VLoc.roa (raw, json)
Hash identifier: Fr8opbiol5TgDDvilniMN/W7s0cIFYKldFNvQR20Cmw=
Subject key identifier: 7E:28:59:7D:59:D3:79:03:27:EF:77:5B:AF:DF:C3:E2:4E:95:2E:87
Certificate issuer: /CN=b07ab922565e2b3e2cc63d485a55dd4fc41d357e
Certificate serial: 018CC64B2737AAB4E5242C52177AB6C40A9C
Authority key identifier: B0:7A:B9:22:56:5E:2B:3E:2C:C6:3D:48:5A:55:DD:4F:C4:1D:35:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sHq5IlZeKz4sxj1IWlXdT8QdNX4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/6d59d9-9daf-4fcb-8d05-13bcc752119a/1/fihZfVnTeQMn73dbr9_D4k6VLoc.roa
Signing time: Mon 01 Jan 2024 18:31:03 +0000
ROA not before: Mon 01 Jan 2024 18:31:03 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 150006
IP address blocks: 2a12:f8c3:1000::/36 maxlen: 36
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4b:27:37:aa:b4:e5:24:2c:52:17:7a:b6:c4:0a:9c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b07ab922565e2b3e2cc63d485a55dd4fc41d357e
Validity
Not Before: Jan 1 18:31:03 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7e28597d59d3790327ef775bafdfc3e24e952e87
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:79:63:25:8a:5d:ca:f0:86:b4:70:ac:48:db:
13:27:41:38:7f:31:f4:49:7a:a6:6e:71:0c:c2:d9:
83:15:c2:34:90:24:78:d2:85:63:e4:6d:c1:c2:fb:
6e:13:0e:11:da:0e:af:83:08:06:14:73:e7:8d:92:
ba:98:9d:41:a8:c3:c3:dd:f6:be:68:9a:39:e3:6a:
a4:1b:42:fc:86:90:1f:e4:cf:c7:aa:e0:ea:d2:4e:
35:aa:c3:73:dd:07:78:5a:dd:0e:7f:c2:65:56:37:
36:d0:a7:4c:9b:9d:91:c2:96:4f:67:f9:55:84:01:
57:e7:67:4c:fe:d8:d5:9c:d0:fc:8b:7f:1c:6a:fe:
b5:50:d4:b7:f5:39:9d:10:e8:ca:8c:b6:9d:31:56:
4f:3c:d6:15:26:46:69:7d:69:a6:75:b9:c5:df:d3:
de:06:dd:61:fc:b5:07:13:7d:3e:eb:9e:c8:23:a1:
f0:e1:e6:e9:69:24:e5:81:ae:03:72:41:57:52:1f:
e0:d3:d7:37:25:e9:58:bb:05:08:6e:7d:7b:ab:7f:
09:25:fe:4d:ce:cf:19:df:ce:af:f0:fc:1a:92:cb:
3d:14:36:13:81:ba:40:e1:5b:49:2e:8e:c8:19:3f:
28:4c:52:e1:db:cf:7d:d0:42:c2:4c:0d:ac:7a:fe:
c5:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:28:59:7D:59:D3:79:03:27:EF:77:5B:AF:DF:C3:E2:4E:95:2E:87
X509v3 Authority Key Identifier:
keyid:B0:7A:B9:22:56:5E:2B:3E:2C:C6:3D:48:5A:55:DD:4F:C4:1D:35:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sHq5IlZeKz4sxj1IWlXdT8QdNX4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/6d59d9-9daf-4fcb-8d05-13bcc752119a/1/fihZfVnTeQMn73dbr9_D4k6VLoc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/6d59d9-9daf-4fcb-8d05-13bcc752119a/1/sHq5IlZeKz4sxj1IWlXdT8QdNX4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:f8c3:1000::/36
Signature Algorithm: sha256WithRSAEncryption
80:0a:29:5b:c4:7e:ab:be:db:40:98:9a:aa:cb:07:c3:b2:ab:
6e:5d:9e:7a:da:11:bd:d7:e7:be:d3:0f:26:69:d5:cf:8b:2a:
80:92:f2:9a:c5:82:05:f1:18:fd:d9:70:ba:01:e6:47:b8:11:
e5:f4:ca:2a:38:07:61:20:90:79:be:da:f6:d4:3e:34:f2:2e:
88:8d:7f:7e:ff:d8:00:4b:f5:15:75:68:99:2e:62:e0:a3:8b:
ce:e4:4b:6a:d1:cb:ea:4b:63:48:2e:a2:90:8b:08:0f:8d:a4:
7d:1d:cb:b3:b5:44:dd:51:c0:a5:58:57:30:9f:cf:09:e2:30:
17:2a:d4:a6:17:08:53:ec:16:fb:76:ac:33:a4:35:ab:7c:85:
98:09:6a:33:c5:19:30:fb:14:2b:69:9c:86:b4:49:28:1f:bf:
65:ff:17:61:4c:25:eb:2b:c2:0d:a3:a0:8d:8a:a8:75:a9:90:
d3:8b:ab:88:ca:44:87:51:94:24:e2:4f:58:c1:06:f9:bc:04:
51:89:97:2f:76:13:67:a2:d3:f0:7c:f3:56:7b:40:89:07:33:
85:65:d6:4a:88:84:26:38:60:03:db:07:0d:e7:03:f9:98:fc:
a8:e0:97:80:0a:66:fb:09:4a:c1:f2:1d:79:1b:7e:f3:1f:0e:
51:61:4f:c2
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYzGSyc3qrTlJCxSF3q2xAqcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIwN2FiOTIyNTY1ZTJiM2UyY2M2M2Q0ODVhNTVkZDRmYzQx
ZDM1N2UwHhcNMjQwMTAxMTgzMTAzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZTI4NTk3ZDU5ZDM3OTAzMjdlZjc3NWJhZmRmYzNlMjRlOTUyZTg3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgHljJYpdyvCGtHCsSNsTJ0E4fzH0
SXqmbnEMwtmDFcI0kCR40oVj5G3BwvtuEw4R2g6vgwgGFHPnjZK6mJ1BqMPD3fa+
aJo542qkG0L8hpAf5M/HquDq0k41qsNz3Qd4Wt0Of8JlVjc20KdMm52RwpZPZ/lV
hAFX52dM/tjVnND8i38cav61UNS39TmdEOjKjLadMVZPPNYVJkZpfWmmdbnF39Pe
Bt1h/LUHE30+657II6Hw4ebpaSTlga4DckFXUh/g09c3JelYuwUIbn17q38JJf5N
zs8Z386v8Pwakss9FDYTgbpA4VtJLo7IGT8oTFLh28990ELCTA2sev7FoQIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFH4oWX1Z03kDJ+93W6/fw+JOlS6HMB8GA1UdIwQY
MBaAFLB6uSJWXis+LMY9SFpV3U/EHTV+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc0hxNUlsWmVLejRzeGoxSVdsWGRUOFFkTlg0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS82ZDU5ZDktOWRhZi00ZmNiLThkMDUt
MTNiY2M3NTIxMTlhLzEvZmloWmZWblRlUU1uNzNkYnI5X0Q0azZWTG9jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS82ZDU5ZDktOWRhZi00ZmNiLThkMDUtMTNiY2M3NTIxMTlh
LzEvc0hxNUlsWmVLejRzeGoxSVdsWGRUOFFkTlg0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYEKhL4wxAw
DQYJKoZIhvcNAQELBQADggEBAIAKKVvEfqu+20CYmqrLB8Oyq25dnnraEb3X577T
DyZp1c+LKoCS8prFggXxGP3ZcLoB5ke4EeX0yio4B2EgkHm+2vbUPjTyLoiNf37/
2ABL9RV1aJkuYuCji87kS2rRy+pLY0guopCLCA+NpH0dy7O1RN1RwKVYVzCfzwni
MBcq1KYXCFPsFvt2rDOkNat8hZgJajPFGTD7FCtpnIa0SSgfv2X/F2FMJesrwg2j
oI2KqHWpkNOLq4jKRIdRlCTiT1jBBvm8BFGJly92E2ei0/B881Z7QIkHM4Vl1kqI
hCY4YAPbBw3nA/mY/Kjgl4AKZvsJSsHyHXkbfvMfDlFhT8I=
-----END CERTIFICATE-----
Generated at Thu Mar 13 20:10:52 2025 by rpki-client