Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/6d59d9-9daf-4fcb-8d05-13bcc752119a/1/pkaBYAqQflt0b4KmZau2Qt1E7EY.roa
File: pkaBYAqQflt0b4KmZau2Qt1E7EY.roa (raw, json)
Hash identifier: ZsgWH964daaElAdxRzErYtIdSU6HE/c2zKXFgSiaPf0=
Subject key identifier: A6:46:81:60:0A:90:7E:5B:74:6F:82:A6:65:AB:B6:42:DD:44:EC:46
Certificate issuer: /CN=b07ab922565e2b3e2cc63d485a55dd4fc41d357e
Certificate serial: 01880AFCA5525479DC896EFCED59BC9C7F83
Authority key identifier: B0:7A:B9:22:56:5E:2B:3E:2C:C6:3D:48:5A:55:DD:4F:C4:1D:35:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sHq5IlZeKz4sxj1IWlXdT8QdNX4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/6d59d9-9daf-4fcb-8d05-13bcc752119a/1/pkaBYAqQflt0b4KmZau2Qt1E7EY.roa
Signing time: Thu 11 May 2023 13:25:09 +0000
ROA not before: Thu 11 May 2023 13:25:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 198924
IP address blocks: 2a12:f8c2:700::/40 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:0a:fc:a5:52:54:79:dc:89:6e:fc:ed:59:bc:9c:7f:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b07ab922565e2b3e2cc63d485a55dd4fc41d357e
Validity
Not Before: May 11 13:25:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a64681600a907e5b746f82a665abb642dd44ec46
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:da:a3:f6:2f:3a:76:44:51:07:88:0f:8a:e1:
61:6d:db:c6:ae:89:b9:8c:6b:35:17:da:bc:5d:1b:
dd:89:e9:e3:fc:b3:10:11:4b:97:84:fd:6c:aa:6d:
d7:ac:f4:79:8f:0d:d2:43:02:53:91:9c:26:dc:c5:
08:b3:6e:7f:4f:c8:16:ca:df:3a:a1:d6:4e:18:67:
75:e3:18:2b:92:0b:d5:72:41:91:64:99:5f:24:dd:
1f:4f:4e:c1:1b:d1:3f:b3:ec:62:86:da:ba:4b:16:
d3:2f:7c:f7:e4:08:1a:29:15:8f:61:da:c7:e6:fc:
b8:ed:42:8b:9f:64:f0:a1:3a:a6:cd:d6:84:70:10:
f4:e5:80:76:a2:ad:ea:22:b8:15:0c:c4:26:70:51:
a1:17:25:ce:72:75:c0:b2:cb:c6:78:c8:af:21:71:
3b:76:04:04:bf:8e:54:ff:d4:8c:af:31:ec:6c:ad:
1f:5b:32:c1:f7:43:29:ee:45:72:77:9c:e2:a8:71:
db:12:30:f1:47:98:28:a2:26:e7:01:dc:89:0f:39:
6b:5d:cf:a5:f5:b0:d9:57:89:7f:62:49:10:67:83:
b2:7b:57:b0:f7:db:be:81:c2:70:1e:56:8f:37:f8:
1b:fb:43:6c:ef:5e:fe:b8:8d:fe:f6:2c:c3:1d:2a:
7f:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:46:81:60:0A:90:7E:5B:74:6F:82:A6:65:AB:B6:42:DD:44:EC:46
X509v3 Authority Key Identifier:
keyid:B0:7A:B9:22:56:5E:2B:3E:2C:C6:3D:48:5A:55:DD:4F:C4:1D:35:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sHq5IlZeKz4sxj1IWlXdT8QdNX4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/6d59d9-9daf-4fcb-8d05-13bcc752119a/1/pkaBYAqQflt0b4KmZau2Qt1E7EY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/6d59d9-9daf-4fcb-8d05-13bcc752119a/1/sHq5IlZeKz4sxj1IWlXdT8QdNX4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:f8c2:700::/40
Signature Algorithm: sha256WithRSAEncryption
ab:34:1c:37:5f:3d:30:76:60:c6:42:c7:f8:47:f8:30:e7:f0:
9e:34:40:6a:6e:ac:45:f5:62:75:a1:cf:61:65:e3:c5:1e:80:
81:41:d1:ce:1e:11:2f:80:c0:75:6e:23:2f:6a:95:ef:37:d4:
43:f3:6e:4c:b4:10:59:2a:45:f8:9e:55:ed:42:0e:9d:1b:89:
84:df:8f:83:b1:aa:f0:70:2a:9d:73:c3:76:12:4a:02:53:f7:
68:5b:20:a3:ee:32:3c:32:b8:85:b3:24:48:6c:7e:15:0b:ce:
89:58:90:7e:37:84:81:5a:be:24:24:30:75:f1:91:dc:cb:6d:
cd:ff:01:62:4d:d9:94:eb:f4:8b:7f:d7:c8:4f:23:2b:5f:79:
c0:8e:a0:73:9e:c2:17:26:98:f8:8b:06:e4:9d:a2:ab:d4:10:
bb:fe:d7:3f:cc:80:08:33:f3:e9:cf:3e:1d:73:18:89:5b:b6:
d9:65:88:ab:2b:5e:29:01:9f:3d:42:fd:19:03:fe:cb:2d:3b:
0f:a7:31:91:ea:c1:95:f5:e6:3e:64:73:43:27:e7:42:6c:f2:
df:df:33:7a:2e:15:28:25:41:a9:19:19:72:2d:f2:e2:97:ea:
28:8e:e2:ff:fe:dd:2f:20:b1:4d:6a:41:90:d4:7d:38:89:d8:
e7:b4:30:af
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYgK/KVSVHnciW787Vm8nH+DMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIwN2FiOTIyNTY1ZTJiM2UyY2M2M2Q0ODVhNTVkZDRmYzQx
ZDM1N2UwHhcNMjMwNTExMTMyNTA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNjQ2ODE2MDBhOTA3ZTViNzQ2ZjgyYTY2NWFiYjY0MmRkNDRlYzQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhtqj9i86dkRRB4gPiuFhbdvGrom5
jGs1F9q8XRvdienj/LMQEUuXhP1sqm3XrPR5jw3SQwJTkZwm3MUIs25/T8gWyt86
odZOGGd14xgrkgvVckGRZJlfJN0fT07BG9E/s+xihtq6SxbTL3z35AgaKRWPYdrH
5vy47UKLn2TwoTqmzdaEcBD05YB2oq3qIrgVDMQmcFGhFyXOcnXAssvGeMivIXE7
dgQEv45U/9SMrzHsbK0fWzLB90Mp7kVyd5ziqHHbEjDxR5gooibnAdyJDzlrXc+l
9bDZV4l/YkkQZ4Oye1ew99u+gcJwHlaPN/gb+0Ns717+uI3+9izDHSp/7QIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFKZGgWAKkH5bdG+CpmWrtkLdROxGMB8GA1UdIwQY
MBaAFLB6uSJWXis+LMY9SFpV3U/EHTV+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc0hxNUlsWmVLejRzeGoxSVdsWGRUOFFkTlg0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS82ZDU5ZDktOWRhZi00ZmNiLThkMDUt
MTNiY2M3NTIxMTlhLzEvcGthQllBcVFmbHQwYjRLbVphdTJRdDFFN0VZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS82ZDU5ZDktOWRhZi00ZmNiLThkMDUtMTNiY2M3NTIxMTlh
LzEvc0hxNUlsWmVLejRzeGoxSVdsWGRUOFFkTlg0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYAKhL4wgcw
DQYJKoZIhvcNAQELBQADggEBAKs0HDdfPTB2YMZCx/hH+DDn8J40QGpurEX1YnWh
z2Fl48UegIFB0c4eES+AwHVuIy9qle831EPzbky0EFkqRfieVe1CDp0biYTfj4Ox
qvBwKp1zw3YSSgJT92hbIKPuMjwyuIWzJEhsfhULzolYkH43hIFaviQkMHXxkdzL
bc3/AWJN2ZTr9It/18hPIytfecCOoHOewhcmmPiLBuSdoqvUELv+1z/MgAgz8+nP
Ph1zGIlbttlliKsrXikBnz1C/RkD/sstOw+nMZHqwZX15j5kc0Mn50Js8t/fM3ou
FSglQakZGXIt8uKX6iiO4v/+3S8gsU1qQZDUfTiJ2Oe0MK8=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:00:55 2024 by rpki-client on console-ams.rpki-client.org