Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/6d59d9-9daf-4fcb-8d05-13bcc752119a/1/h_TUYKsDkdVsLa5BMp8YZAdWyt4.roa
File: h_TUYKsDkdVsLa5BMp8YZAdWyt4.roa (raw, json)
Hash identifier: EfGZztMrGBlW/cIY3LLgvcTZlolslknwaU7MMRsHA7E=
Subject key identifier: 87:F4:D4:60:AB:03:91:D5:6C:2D:AE:41:32:9F:18:64:07:56:CA:DE
Certificate issuer: /CN=b07ab922565e2b3e2cc63d485a55dd4fc41d357e
Certificate serial: 07828E
Authority key identifier: B0:7A:B9:22:56:5E:2B:3E:2C:C6:3D:48:5A:55:DD:4F:C4:1D:35:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sHq5IlZeKz4sxj1IWlXdT8QdNX4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/6d59d9-9daf-4fcb-8d05-13bcc752119a/1/h_TUYKsDkdVsLa5BMp8YZAdWyt4.roa
Signing time: Sun 22 May 2022 04:16:29 +0000
ROA not before: Sun 22 May 2022 04:16:29 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 142418
IP address blocks: 2a12:f8c0::/29 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 492174 (0x7828e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b07ab922565e2b3e2cc63d485a55dd4fc41d357e
Validity
Not Before: May 22 04:16:29 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=87f4d460ab0391d56c2dae41329f18640756cade
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:92:ef:a2:2c:2b:d5:96:ba:46:05:fd:3f:d8:
38:ee:94:a7:7e:4c:56:e4:52:9e:47:52:46:f7:c9:
fa:b9:94:fe:ae:98:b1:42:e8:4a:66:eb:e4:ed:03:
0f:b2:32:b4:e6:85:f2:71:98:c1:e8:24:2d:19:4e:
0f:84:23:5e:0b:02:4e:fb:bb:b9:33:ed:6c:a1:43:
8a:fa:d8:0d:de:d2:2e:94:c6:26:c9:bb:f6:a9:c8:
9a:e5:7e:47:08:f0:4e:be:16:07:03:9b:66:45:c3:
69:96:25:36:c1:51:53:e4:81:91:cc:60:67:ce:bd:
78:25:20:85:64:d1:2b:86:c8:88:d2:8c:08:8e:42:
55:6d:37:88:2c:f9:c4:69:ef:22:70:fc:29:81:18:
af:45:93:8b:20:6c:71:c0:eb:55:0f:01:62:69:6c:
0b:ab:d8:19:55:3f:6d:cd:3b:8b:ec:37:37:c9:41:
45:77:06:fe:b4:be:bc:e9:1e:48:20:a7:8d:32:28:
8e:ef:7c:f8:25:04:22:7b:63:c6:81:54:73:cd:8a:
3c:99:9b:8c:6d:16:44:c4:8c:45:c0:af:1e:b2:9b:
83:12:ce:31:76:4a:87:6a:3f:9c:de:cd:5f:6d:bc:
c4:0a:da:64:3e:1d:47:ba:c5:05:fe:b8:c0:59:0e:
2a:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:F4:D4:60:AB:03:91:D5:6C:2D:AE:41:32:9F:18:64:07:56:CA:DE
X509v3 Authority Key Identifier:
keyid:B0:7A:B9:22:56:5E:2B:3E:2C:C6:3D:48:5A:55:DD:4F:C4:1D:35:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sHq5IlZeKz4sxj1IWlXdT8QdNX4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/6d59d9-9daf-4fcb-8d05-13bcc752119a/1/h_TUYKsDkdVsLa5BMp8YZAdWyt4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/6d59d9-9daf-4fcb-8d05-13bcc752119a/1/sHq5IlZeKz4sxj1IWlXdT8QdNX4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:f8c0::/29
Signature Algorithm: sha256WithRSAEncryption
ad:e6:92:8d:c8:d8:91:cf:e2:1b:8e:28:c3:08:64:c9:22:6d:
20:56:c3:10:a4:90:70:41:23:e6:bb:ce:75:20:4d:83:fb:1c:
1f:00:a2:3c:d0:fa:f9:b8:b9:0f:f9:7f:bf:c8:84:3a:e6:29:
63:19:1a:27:c8:da:e4:1b:5c:c7:8f:0e:7f:2e:a1:9b:ef:7e:
69:17:ab:1c:0c:15:77:57:ff:7c:d2:7a:9f:e7:18:b1:52:bf:
cf:36:09:e7:3b:58:e7:aa:7b:b9:6b:d1:38:2d:e2:31:86:d3:
38:f9:c0:d2:38:86:30:99:68:14:92:ed:97:ea:98:e9:a9:b5:
8c:e5:38:ed:34:f8:dc:9b:47:53:d1:fb:a4:2c:9a:a2:77:ef:
c2:6c:db:47:d9:3f:a7:fc:31:7f:98:53:ea:b9:3e:0e:67:df:
12:0c:53:02:53:1d:d2:06:f3:f6:14:fc:40:48:83:c4:f3:a1:
f4:dd:fd:81:4d:e1:04:7b:a8:38:8b:ad:31:d7:30:dd:7f:d9:
a8:40:c3:4b:96:7b:77:0b:bb:f1:34:8a:0a:3a:e0:38:a5:54:
71:59:0c:93:3b:1c:07:81:c7:cb:bc:3f:3e:ae:13:e9:f4:70:
ca:c8:3c:75:c5:40:49:6d:0a:98:a2:10:8f:03:99:95:e0:e0:
3d:b2:ca:29
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIDB4KOMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGIw
N2FiOTIyNTY1ZTJiM2UyY2M2M2Q0ODVhNTVkZDRmYzQxZDM1N2UwHhcNMjIwNTIy
MDQxNjI5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyg4N2Y0ZDQ2MGFiMDM5
MWQ1NmMyZGFlNDEzMjlmMTg2NDA3NTZjYWRlMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAuJLvoiwr1Za6RgX9P9g47pSnfkxW5FKeR1JG98n6uZT+rpix
QuhKZuvk7QMPsjK05oXycZjB6CQtGU4PhCNeCwJO+7u5M+1soUOK+tgN3tIulMYm
ybv2qcia5X5HCPBOvhYHA5tmRcNpliU2wVFT5IGRzGBnzr14JSCFZNErhsiI0owI
jkJVbTeILPnEae8icPwpgRivRZOLIGxxwOtVDwFiaWwLq9gZVT9tzTuL7Dc3yUFF
dwb+tL686R5IIKeNMiiO73z4JQQie2PGgVRzzYo8mZuMbRZExIxFwK8espuDEs4x
dkqHaj+c3s1fbbzECtpkPh1HusUF/rjAWQ4qgQIDAQABo4ICCjCCAgYwHQYDVR0O
BBYEFIf01GCrA5HVbC2uQTKfGGQHVsreMB8GA1UdIwQYMBaAFLB6uSJWXis+LMY9
SFpV3U/EHTV+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
c0hxNUlsWmVLejRzeGoxSVdsWGRUOFFkTlg0LmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC8yZS82ZDU5ZDktOWRhZi00ZmNiLThkMDUtMTNiY2M3NTIxMTlhLzEv
aF9UVVlLc0RrZFZzTGE1Qk1wOFlaQWRXeXQ0LnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS82
ZDU5ZDktOWRhZi00ZmNiLThkMDUtMTNiY2M3NTIxMTlhLzEvc0hxNUlsWmVLejRz
eGoxSVdsWGRUOFFkTlg0LmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCAG
CCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhL4wDANBgkqhkiG9w0BAQsFAAOC
AQEAreaSjcjYkc/iG44owwhkySJtIFbDEKSQcEEj5rvOdSBNg/scHwCiPND6+bi5
D/l/v8iEOuYpYxkaJ8ja5Btcx48Ofy6hm+9+aRerHAwVd1f/fNJ6n+cYsVK/zzYJ
5ztY56p7uWvROC3iMYbTOPnA0jiGMJloFJLtl+qY6am1jOU47TT43JtHU9H7pCya
onfvwmzbR9k/p/wxf5hT6rk+DmffEgxTAlMd0gbz9hT8QEiDxPOh9N39gU3hBHuo
OIutMdcw3X/ZqEDDS5Z7dwu78TSKCjrgOKVUcVkMkzscB4HHy7w/Pq4T6fRwysg8
dcVASW0KmKIQjwOZleDgPbLKKQ==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:35:19 2025 by rpki-client