Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/6d59d9-9daf-4fcb-8d05-13bcc752119a/1/pb97A8r-6mhrOAGt2i1jV7X-0f8.roa
File: pb97A8r-6mhrOAGt2i1jV7X-0f8.roa (raw, json)
Hash identifier: 6tfJsprAZqJecqia2kMNiax5NfcOj4p+22EnusAapWg=
Subject key identifier: A5:BF:7B:03:CA:FE:EA:68:6B:38:01:AD:DA:2D:63:57:B5:FE:D1:FF
Certificate issuer: /CN=b07ab922565e2b3e2cc63d485a55dd4fc41d357e
Certificate serial: 0184ACC6A5568D7F348254A5B9EB21A27828
Authority key identifier: B0:7A:B9:22:56:5E:2B:3E:2C:C6:3D:48:5A:55:DD:4F:C4:1D:35:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sHq5IlZeKz4sxj1IWlXdT8QdNX4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/6d59d9-9daf-4fcb-8d05-13bcc752119a/1/pb97A8r-6mhrOAGt2i1jV7X-0f8.roa
Signing time: Fri 25 Nov 2022 03:13:30 +0000
ROA not before: Fri 25 Nov 2022 03:13:30 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 150296
IP address blocks: 2a12:f8c1:30::/44 maxlen: 44
2a12:f8c2::/40 maxlen: 40
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:ac:c6:a5:56:8d:7f:34:82:54:a5:b9:eb:21:a2:78:28
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b07ab922565e2b3e2cc63d485a55dd4fc41d357e
Validity
Not Before: Nov 25 03:13:30 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a5bf7b03cafeea686b3801adda2d6357b5fed1ff
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:5e:68:79:ea:ac:0e:f9:df:ac:de:c3:36:b2:
a3:86:de:07:83:9e:14:6e:6a:ae:62:43:af:a7:70:
7a:9b:67:a5:74:91:97:66:46:fc:d2:55:6e:3e:b3:
27:be:9b:9b:52:0d:a7:eb:8a:f2:fd:24:29:67:d6:
53:83:04:70:de:39:a6:2d:49:50:f4:6e:c5:7f:b0:
f4:a5:47:94:ab:bc:3a:09:e5:ac:5b:d2:25:c1:c5:
7e:8d:cf:9f:ac:16:f0:2f:cd:29:2a:93:b1:6e:18:
08:57:67:e3:0c:c2:55:40:75:30:db:41:88:83:71:
ec:f1:a7:bd:da:58:92:39:d0:67:59:37:8a:da:06:
f9:af:38:df:d3:36:79:e7:d5:d4:29:22:d9:3f:ec:
d3:bd:8f:d3:7b:fb:50:30:34:79:0e:73:b6:5b:f3:
e9:cd:4e:97:54:ce:e6:b7:3d:4d:f7:3e:36:09:37:
c3:c6:8b:21:60:f4:e9:9a:11:e5:2d:b8:45:b2:3b:
1e:0d:91:d1:d0:2c:c8:2a:e6:93:c4:24:ec:6a:64:
d9:46:ca:92:d4:ff:6f:21:f0:b3:ee:b6:28:7a:5e:
e0:23:4d:64:1b:b1:62:fc:ab:d0:a7:28:dd:54:1e:
28:1f:b9:cf:d3:83:e2:71:19:4a:d4:06:20:34:69:
72:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:BF:7B:03:CA:FE:EA:68:6B:38:01:AD:DA:2D:63:57:B5:FE:D1:FF
X509v3 Authority Key Identifier:
keyid:B0:7A:B9:22:56:5E:2B:3E:2C:C6:3D:48:5A:55:DD:4F:C4:1D:35:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sHq5IlZeKz4sxj1IWlXdT8QdNX4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/6d59d9-9daf-4fcb-8d05-13bcc752119a/1/pb97A8r-6mhrOAGt2i1jV7X-0f8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/6d59d9-9daf-4fcb-8d05-13bcc752119a/1/sHq5IlZeKz4sxj1IWlXdT8QdNX4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:f8c1:30::/44
2a12:f8c2::/40
Signature Algorithm: sha256WithRSAEncryption
77:b2:8e:5b:24:f4:02:bf:ea:2d:bf:c6:80:e0:e8:cb:4d:9f:
66:88:b5:83:84:fe:2c:76:1d:33:35:fa:48:05:07:d4:74:b8:
65:15:99:8b:33:44:82:7e:59:a2:8e:55:90:76:21:36:18:b8:
05:10:f9:0a:70:0d:1f:78:f1:18:3b:24:1c:b6:c0:ca:60:65:
bc:02:2e:da:7a:30:5a:c1:eb:dc:23:54:1b:f0:71:25:e9:59:
19:9a:c7:fb:ca:dd:50:27:1f:86:77:a0:6f:8f:92:2f:c3:2e:
f5:88:c8:23:83:22:09:22:cf:b1:c5:0a:c9:23:74:b0:7c:17:
d0:38:2b:61:4f:40:6f:64:d4:36:10:0a:3e:b8:29:16:21:c6:
01:61:26:0d:93:89:81:59:1b:3d:f7:43:0e:62:db:54:fc:f2:
ae:55:c4:ab:b4:aa:78:5b:89:52:c7:a2:bb:95:92:8e:a6:e4:
5f:07:a9:6c:b3:d2:5b:6e:fc:b0:df:2e:cb:c8:0c:e1:5f:7d:
81:8e:9c:05:a3:81:6c:4e:dd:b8:2f:7f:c2:51:b4:62:df:63:
b5:93:6f:94:37:57:5d:bd:24:3e:aa:dd:0e:80:74:41:7c:4a:
b2:2f:77:f1:1d:df:8e:fc:05:9c:ed:12:6e:1c:95:c9:30:5e:
10:1f:a6:a7
-----BEGIN CERTIFICATE-----
MIIFCDCCA/CgAwIBAgISAYSsxqVWjX80glSlueshongoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIwN2FiOTIyNTY1ZTJiM2UyY2M2M2Q0ODVhNTVkZDRmYzQx
ZDM1N2UwHhcNMjIxMTI1MDMxMzMwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNWJmN2IwM2NhZmVlYTY4NmIzODAxYWRkYTJkNjM1N2I1ZmVkMWZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArF5oeeqsDvnfrN7DNrKjht4Hg54U
bmquYkOvp3B6m2eldJGXZkb80lVuPrMnvpubUg2n64ry/SQpZ9ZTgwRw3jmmLUlQ
9G7Ff7D0pUeUq7w6CeWsW9IlwcV+jc+frBbwL80pKpOxbhgIV2fjDMJVQHUw20GI
g3Hs8ae92liSOdBnWTeK2gb5rzjf0zZ559XUKSLZP+zTvY/Te/tQMDR5DnO2W/Pp
zU6XVM7mtz1N9z42CTfDxoshYPTpmhHlLbhFsjseDZHR0CzIKuaTxCTsamTZRsqS
1P9vIfCz7rYoel7gI01kG7Fi/KvQpyjdVB4oH7nP04PicRlK1AYgNGly5QIDAQAB
o4ICFDCCAhAwHQYDVR0OBBYEFKW/ewPK/upoazgBrdotY1e1/tH/MB8GA1UdIwQY
MBaAFLB6uSJWXis+LMY9SFpV3U/EHTV+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc0hxNUlsWmVLejRzeGoxSVdsWGRUOFFkTlg0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS82ZDU5ZDktOWRhZi00ZmNiLThkMDUt
MTNiY2M3NTIxMTlhLzEvcGI5N0E4ci02bWhyT0FHdDJpMWpWN1gtMGY4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS82ZDU5ZDktOWRhZi00ZmNiLThkMDUtMTNiY2M3NTIxMTlh
LzEvc0hxNUlsWmVLejRzeGoxSVdsWGRUOFFkTlg0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCoGCCsGAQUFBwEHAQH/BBswGTAXBAIAAjARAwcEKhL4wQAw
AwYAKhL4wgAwDQYJKoZIhvcNAQELBQADggEBAHeyjlsk9AK/6i2/xoDg6MtNn2aI
tYOE/ix2HTM1+kgFB9R0uGUVmYszRIJ+WaKOVZB2ITYYuAUQ+QpwDR948Rg7JBy2
wMpgZbwCLtp6MFrB69wjVBvwcSXpWRmax/vK3VAnH4Z3oG+Pki/DLvWIyCODIgki
z7HFCskjdLB8F9A4K2FPQG9k1DYQCj64KRYhxgFhJg2TiYFZGz33Qw5i21T88q5V
xKu0qnhbiVLHoruVko6m5F8HqWyz0ltu/LDfLsvIDOFffYGOnAWjgWxO3bgvf8JR
tGLfY7WTb5Q3V129JD6q3Q6AdEF8SrIvd/Ed3478BZztEm4clckwXhAfpqc=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:00:55 2024 by rpki-client on console-ams.rpki-client.org