Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/6d59d9-9daf-4fcb-8d05-13bcc752119a/1/sj6Z894COfVteAMPYHazL-AkGeE.roa
File: sj6Z894COfVteAMPYHazL-AkGeE.roa (raw, json)
Hash identifier: ljCs8w/vS5tdkjTwSiAlrcdxlXbAFbczEKoQLR6C/q4=
Subject key identifier: B2:3E:99:F3:DE:02:39:F5:6D:78:03:0F:60:76:B3:2F:E0:24:19:E1
Certificate issuer: /CN=b07ab922565e2b3e2cc63d485a55dd4fc41d357e
Certificate serial: 01857039B04B65F08C7050F01B391477D969
Authority key identifier: B0:7A:B9:22:56:5E:2B:3E:2C:C6:3D:48:5A:55:DD:4F:C4:1D:35:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sHq5IlZeKz4sxj1IWlXdT8QdNX4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/6d59d9-9daf-4fcb-8d05-13bcc752119a/1/sj6Z894COfVteAMPYHazL-AkGeE.roa
Signing time: Mon 02 Jan 2023 02:05:06 +0000
ROA not before: Mon 02 Jan 2023 02:05:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204089
IP address blocks: 2a12:f8c1:f8c1::/48 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:39:b0:4b:65:f0:8c:70:50:f0:1b:39:14:77:d9:69
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b07ab922565e2b3e2cc63d485a55dd4fc41d357e
Validity
Not Before: Jan 2 02:05:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b23e99f3de0239f56d78030f6076b32fe02419e1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:43:74:37:b7:fd:0e:95:11:ca:fb:c6:51:43:
57:b0:27:be:d9:e3:2c:5c:b3:31:78:cc:14:84:04:
7a:47:14:19:2e:70:b2:08:2d:62:f0:c9:d1:fb:2d:
d7:20:4e:cb:ee:8e:b5:f2:46:6b:00:87:6e:f0:60:
12:d6:b7:85:65:48:33:a3:ec:50:58:97:fe:34:28:
c2:e5:12:12:0b:7b:f1:4f:85:24:11:af:37:0b:76:
66:85:81:64:f6:eb:4c:52:59:d1:b3:4a:7b:68:71:
6b:19:71:31:83:5f:35:33:b5:51:2d:e7:3d:fd:3e:
ea:f1:bb:d2:25:6d:f7:46:1f:56:d8:ee:d7:98:17:
73:cf:a3:dc:3b:50:ce:aa:96:98:c0:be:e9:e3:d0:
e5:9e:93:59:eb:97:84:bb:f3:df:6e:da:9b:b8:8c:
78:32:7c:fd:7e:50:eb:08:5b:d9:af:47:2f:76:5b:
95:af:a4:4f:a3:5d:77:4a:2e:05:1e:65:f3:e4:ca:
91:0b:45:a4:f1:ba:be:d9:d5:53:fd:75:c5:bb:7a:
cc:30:c5:16:0a:ca:2d:a5:1b:dc:57:96:ec:22:d5:
f2:c1:7c:cd:db:8e:9f:d0:0f:dd:a1:89:64:21:4b:
28:73:a6:c1:4a:69:01:90:46:ca:4f:31:0d:8e:3e:
54:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:3E:99:F3:DE:02:39:F5:6D:78:03:0F:60:76:B3:2F:E0:24:19:E1
X509v3 Authority Key Identifier:
keyid:B0:7A:B9:22:56:5E:2B:3E:2C:C6:3D:48:5A:55:DD:4F:C4:1D:35:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sHq5IlZeKz4sxj1IWlXdT8QdNX4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/6d59d9-9daf-4fcb-8d05-13bcc752119a/1/sj6Z894COfVteAMPYHazL-AkGeE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/6d59d9-9daf-4fcb-8d05-13bcc752119a/1/sHq5IlZeKz4sxj1IWlXdT8QdNX4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:f8c1:f8c1::/48
Signature Algorithm: sha256WithRSAEncryption
a8:7c:74:8d:c6:c9:5f:c7:67:93:ec:d0:69:38:53:dd:f5:ac:
bd:4a:7d:be:22:a7:9b:82:f6:58:5d:96:72:43:40:53:cd:c6:
7f:c3:c1:78:17:9d:97:1b:f3:89:86:28:7f:a7:c1:6c:17:91:
fa:c3:6b:92:51:ed:d8:53:9a:4c:22:ce:fc:a6:9d:12:89:07:
1b:5e:86:e9:29:66:9b:9e:20:ce:5b:82:7a:f2:ac:e2:b8:1d:
3e:a8:9d:ae:7a:00:ce:86:c8:f1:5b:57:a0:5d:b9:fb:6a:c0:
90:43:c5:82:b0:2c:59:4e:13:eb:c9:99:c8:45:c4:4a:02:3f:
35:b9:4e:8e:f1:b7:0f:d6:6e:f3:02:c3:c5:bc:fe:a2:fa:51:
14:c2:a5:e7:05:c9:83:19:0a:b3:72:55:7f:7d:e0:d2:47:c7:
0d:43:dc:17:1d:75:d1:e9:78:2b:8b:72:26:11:3e:dc:7e:34:
ef:7d:31:32:3d:cb:e5:6b:f1:2a:e0:0a:ba:d4:54:f9:33:c9:
d4:b0:ed:2a:c2:29:50:63:f1:bd:09:53:9d:96:27:39:99:7f:
bf:27:4a:a1:6e:38:bb:2e:cf:ef:39:46:3c:29:bb:bb:6e:c5:
cc:0e:99:76:3e:67:93:07:c0:8d:a4:a4:03:62:48:be:8f:e0:
d4:d5:34:d4
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVwObBLZfCMcFDwGzkUd9lpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIwN2FiOTIyNTY1ZTJiM2UyY2M2M2Q0ODVhNTVkZDRmYzQx
ZDM1N2UwHhcNMjMwMTAyMDIwNTA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMjNlOTlmM2RlMDIzOWY1NmQ3ODAzMGY2MDc2YjMyZmUwMjQxOWUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoEN0N7f9DpURyvvGUUNXsCe+2eMs
XLMxeMwUhAR6RxQZLnCyCC1i8MnR+y3XIE7L7o618kZrAIdu8GAS1reFZUgzo+xQ
WJf+NCjC5RISC3vxT4UkEa83C3ZmhYFk9utMUlnRs0p7aHFrGXExg181M7VRLec9
/T7q8bvSJW33Rh9W2O7XmBdzz6PcO1DOqpaYwL7p49DlnpNZ65eEu/PfbtqbuIx4
Mnz9flDrCFvZr0cvdluVr6RPo113Si4FHmXz5MqRC0Wk8bq+2dVT/XXFu3rMMMUW
CsotpRvcV5bsItXywXzN246f0A/doYlkIUsoc6bBSmkBkEbKTzENjj5UuQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFLI+mfPeAjn1bXgDD2B2sy/gJBnhMB8GA1UdIwQY
MBaAFLB6uSJWXis+LMY9SFpV3U/EHTV+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc0hxNUlsWmVLejRzeGoxSVdsWGRUOFFkTlg0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS82ZDU5ZDktOWRhZi00ZmNiLThkMDUt
MTNiY2M3NTIxMTlhLzEvc2o2Wjg5NENPZlZ0ZUFNUFlIYXpMLUFrR2VFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS82ZDU5ZDktOWRhZi00ZmNiLThkMDUtMTNiY2M3NTIxMTlh
LzEvc0hxNUlsWmVLejRzeGoxSVdsWGRUOFFkTlg0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKhL4wfjB
MA0GCSqGSIb3DQEBCwUAA4IBAQCofHSNxslfx2eT7NBpOFPd9ay9Sn2+IqebgvZY
XZZyQ0BTzcZ/w8F4F52XG/OJhih/p8FsF5H6w2uSUe3YU5pMIs78pp0SiQcbXobp
KWabniDOW4J68qziuB0+qJ2uegDOhsjxW1egXbn7asCQQ8WCsCxZThPryZnIRcRK
Aj81uU6O8bcP1m7zAsPFvP6i+lEUwqXnBcmDGQqzclV/feDSR8cNQ9wXHXXR6Xgr
i3ImET7cfjTvfTEyPcvla/Eq4Aq61FT5M8nUsO0qwilQY/G9CVOdlic5mX+/J0qh
bji7Ls/vOUY8Kbu7bsXMDpl2PmeTB8CNpKQDYki+j+DU1TTU
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:00:55 2024 by rpki-client on console-ams.rpki-client.org