Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/6d59d9-9daf-4fcb-8d05-13bcc752119a/1/wfDfp6EqPHmJ0bZu_zVY_xttggg.roa
File: wfDfp6EqPHmJ0bZu_zVY_xttggg.roa (raw, json)
Hash identifier: e9JW6c6Dhr40f7ygHcbmuZljWWQvmT9GoRbCwO0MBUA=
Subject key identifier: C1:F0:DF:A7:A1:2A:3C:79:89:D1:B6:6E:FF:35:58:FF:1B:6D:82:08
Certificate issuer: /CN=b07ab922565e2b3e2cc63d485a55dd4fc41d357e
Certificate serial: 01857039AD1436456F025976C74DB53774D7
Authority key identifier: B0:7A:B9:22:56:5E:2B:3E:2C:C6:3D:48:5A:55:DD:4F:C4:1D:35:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sHq5IlZeKz4sxj1IWlXdT8QdNX4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/6d59d9-9daf-4fcb-8d05-13bcc752119a/1/wfDfp6EqPHmJ0bZu_zVY_xttggg.roa
Signing time: Mon 02 Jan 2023 02:05:06 +0000
ROA not before: Mon 02 Jan 2023 02:05:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 150296
IP address blocks: 2a12:f8c1:30::/44 maxlen: 44
2a12:f8c2::/40 maxlen: 40
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:39:ad:14:36:45:6f:02:59:76:c7:4d:b5:37:74:d7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b07ab922565e2b3e2cc63d485a55dd4fc41d357e
Validity
Not Before: Jan 2 02:05:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c1f0dfa7a12a3c7989d1b66eff3558ff1b6d8208
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:95:7c:33:4c:83:f7:2b:50:27:8b:84:cd:50:
55:eb:c1:4a:8e:32:f8:66:d5:6a:2b:a2:8f:4b:3c:
d4:2f:b4:f6:e0:d2:5b:2d:1c:e5:15:82:cf:b5:b6:
7f:f4:ce:ce:42:ff:30:bf:73:40:12:70:7b:88:f9:
58:38:59:7e:5d:8d:c9:55:5d:31:5d:84:90:34:d8:
70:d7:64:6b:0f:b3:79:a6:2d:8f:e4:fa:0d:11:9d:
53:a3:24:a7:0a:4d:ed:21:55:15:92:8c:b1:1c:08:
2c:ae:b9:7d:39:e8:c2:59:ca:11:d2:9c:03:16:7e:
6d:c9:fc:6a:bf:fe:0b:34:69:39:86:e7:5a:67:8c:
c3:be:84:3e:ab:cc:b0:aa:21:e4:31:72:49:3c:f8:
48:f7:7e:39:ea:f0:7c:58:c6:ad:8e:44:11:75:df:
f2:3b:e0:12:19:44:b4:eb:ac:b7:54:ef:98:91:69:
df:46:0f:f3:e5:ad:2e:32:75:24:16:ad:6c:87:b4:
ad:72:f1:12:be:c2:59:f8:68:27:0b:ed:13:29:18:
34:5e:cc:79:f8:28:bd:5f:a8:40:24:cd:a6:5e:38:
df:4f:4e:aa:7f:91:0a:45:a3:9a:cd:a2:fa:5b:52:
b6:75:36:26:fb:b3:65:3f:eb:49:11:01:11:3f:37:
53:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:F0:DF:A7:A1:2A:3C:79:89:D1:B6:6E:FF:35:58:FF:1B:6D:82:08
X509v3 Authority Key Identifier:
keyid:B0:7A:B9:22:56:5E:2B:3E:2C:C6:3D:48:5A:55:DD:4F:C4:1D:35:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sHq5IlZeKz4sxj1IWlXdT8QdNX4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/6d59d9-9daf-4fcb-8d05-13bcc752119a/1/wfDfp6EqPHmJ0bZu_zVY_xttggg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/6d59d9-9daf-4fcb-8d05-13bcc752119a/1/sHq5IlZeKz4sxj1IWlXdT8QdNX4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:f8c1:30::/44
2a12:f8c2::/40
Signature Algorithm: sha256WithRSAEncryption
20:2c:a3:ba:1e:bc:9b:38:c7:ad:43:ff:9e:fc:5e:ac:41:5c:
1e:9a:27:58:55:07:11:34:ef:cb:14:f2:0f:ba:69:bc:f4:c3:
3c:88:55:08:4e:bd:bc:37:16:f8:83:15:29:d2:b6:d5:32:83:
56:bb:35:9f:52:f0:f6:9f:c2:55:ba:9b:c2:fb:97:56:a7:8e:
d0:c8:8d:87:b5:2f:40:fb:08:e8:49:42:59:e5:8f:c8:8a:98:
4a:1c:05:56:f1:9b:82:75:ff:ae:5a:b7:fb:8a:d3:cf:8b:0c:
e4:28:7f:1c:7d:96:b5:80:34:b4:b6:5c:91:94:de:04:95:d6:
b9:7e:31:bd:e0:aa:ba:96:b8:26:81:2f:2f:00:f0:5d:95:1c:
53:19:60:92:00:53:d1:2e:12:3a:0c:80:ba:52:1a:d7:4d:5d:
3e:97:6a:57:96:18:65:2e:dd:88:20:3a:a0:78:28:f4:f2:fb:
01:22:c2:ce:41:13:10:7d:55:a4:66:5b:af:25:f1:32:df:92:
24:4a:16:08:67:a4:6e:b3:3e:05:bc:34:33:0a:d8:0f:f2:de:
3c:5d:33:4b:e6:70:39:7d:e5:84:d9:5e:19:b3:67:d0:89:f4:
9b:c4:dd:06:c2:1d:4c:d7:2c:1e:6f:eb:c0:82:1d:9b:39:b6:
77:68:94:b5
-----BEGIN CERTIFICATE-----
MIIFCDCCA/CgAwIBAgISAYVwOa0UNkVvAll2x021N3TXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIwN2FiOTIyNTY1ZTJiM2UyY2M2M2Q0ODVhNTVkZDRmYzQx
ZDM1N2UwHhcNMjMwMTAyMDIwNTA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMWYwZGZhN2ExMmEzYzc5ODlkMWI2NmVmZjM1NThmZjFiNmQ4MjA4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmJV8M0yD9ytQJ4uEzVBV68FKjjL4
ZtVqK6KPSzzUL7T24NJbLRzlFYLPtbZ/9M7OQv8wv3NAEnB7iPlYOFl+XY3JVV0x
XYSQNNhw12RrD7N5pi2P5PoNEZ1ToySnCk3tIVUVkoyxHAgsrrl9OejCWcoR0pwD
Fn5tyfxqv/4LNGk5hudaZ4zDvoQ+q8ywqiHkMXJJPPhI93456vB8WMatjkQRdd/y
O+ASGUS066y3VO+YkWnfRg/z5a0uMnUkFq1sh7StcvESvsJZ+GgnC+0TKRg0Xsx5
+Ci9X6hAJM2mXjjfT06qf5EKRaOazaL6W1K2dTYm+7NlP+tJEQERPzdTnQIDAQAB
o4ICFDCCAhAwHQYDVR0OBBYEFMHw36ehKjx5idG2bv81WP8bbYIIMB8GA1UdIwQY
MBaAFLB6uSJWXis+LMY9SFpV3U/EHTV+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc0hxNUlsWmVLejRzeGoxSVdsWGRUOFFkTlg0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS82ZDU5ZDktOWRhZi00ZmNiLThkMDUt
MTNiY2M3NTIxMTlhLzEvd2ZEZnA2RXFQSG1KMGJadV96VllfeHR0Z2dnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS82ZDU5ZDktOWRhZi00ZmNiLThkMDUtMTNiY2M3NTIxMTlh
LzEvc0hxNUlsWmVLejRzeGoxSVdsWGRUOFFkTlg0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCoGCCsGAQUFBwEHAQH/BBswGTAXBAIAAjARAwcEKhL4wQAw
AwYAKhL4wgAwDQYJKoZIhvcNAQELBQADggEBACAso7oevJs4x61D/578XqxBXB6a
J1hVBxE078sU8g+6abz0wzyIVQhOvbw3FviDFSnSttUyg1a7NZ9S8PafwlW6m8L7
l1anjtDIjYe1L0D7COhJQlnlj8iKmEocBVbxm4J1/65at/uK08+LDOQofxx9lrWA
NLS2XJGU3gSV1rl+Mb3gqrqWuCaBLy8A8F2VHFMZYJIAU9EuEjoMgLpSGtdNXT6X
aleWGGUu3YggOqB4KPTy+wEiws5BExB9VaRmW68l8TLfkiRKFghnpG6zPgW8NDMK
2A/y3jxdM0vmcDl95YTZXhmzZ9CJ9JvE3QbCHUzXLB5v68CCHZs5tndolLU=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:02 2024 by rpki-client on console-fra.rpki-client.org