Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3c/da5e3b-ca0b-4fce-b1e2-5dd336f38060/1/xoREqWXOxbwnvGFbFi7QSxyId6w.roa
File: xoREqWXOxbwnvGFbFi7QSxyId6w.roa (raw, json)
Hash identifier: nVtxw0k0RSiVAdPGqQTYqanhSgLkfGyj5PSohFGPcUY=
Subject key identifier: C6:84:44:A9:65:CE:C5:BC:27:BC:61:5B:16:2E:D0:4B:1C:88:77:AC
Certificate issuer: /CN=d0c3d358812e60b680e4e11632f139560bf525fb
Certificate serial: 1F29E7
Authority key identifier: D0:C3:D3:58:81:2E:60:B6:80:E4:E1:16:32:F1:39:56:0B:F5:25:FB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0MPTWIEuYLaA5OEWMvE5Vgv1Jfs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3c/da5e3b-ca0b-4fce-b1e2-5dd336f38060/1/xoREqWXOxbwnvGFbFi7QSxyId6w.roa
Signing time: Tue 15 Mar 2022 11:07:48 +0000
ROA not before: Tue 15 Mar 2022 11:07:48 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 174
IP address blocks: 2a12:7f40::/29 maxlen: 29
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2042343 (0x1f29e7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d0c3d358812e60b680e4e11632f139560bf525fb
Validity
Not Before: Mar 15 11:07:48 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c68444a965cec5bc27bc615b162ed04b1c8877ac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:86:8e:b8:de:c0:8e:f6:95:c5:66:02:6e:d0:
bf:c3:71:0e:af:ba:6e:37:0f:f0:94:d6:90:c0:8b:
65:a5:c3:23:99:46:a2:f6:51:3f:dc:8a:1c:40:7c:
d5:38:1d:64:89:bf:e9:48:d9:c7:72:0e:c9:a9:e0:
94:50:f1:2d:4e:82:3d:73:e7:8f:ba:64:fe:44:d3:
91:ec:96:21:32:1c:d1:04:4d:29:b5:36:8d:3a:4b:
a1:4b:1b:2c:fb:56:aa:ca:34:e5:54:95:e0:4f:96:
ae:d4:0a:9e:93:e3:67:36:29:30:94:cf:88:02:fa:
0c:04:55:01:d7:44:f8:43:83:88:ea:54:a8:73:73:
9a:f5:b4:1c:b1:01:3c:79:e6:c7:f7:07:c3:8b:c8:
1a:ea:4b:3b:ea:b3:02:b5:9b:a0:c6:41:5a:9a:f8:
c8:5c:f2:42:54:99:76:30:8b:6c:64:e6:5f:73:e9:
a9:d4:46:8b:c6:bc:7a:39:6d:94:e0:cf:f1:94:9e:
5d:29:4e:37:5c:50:97:c1:ea:8e:f3:a1:86:76:a1:
36:13:91:43:72:ce:3d:ed:8a:44:df:0c:13:6d:7c:
a3:e5:93:35:4f:8c:74:41:f4:ca:30:2a:a1:be:12:
a8:94:ee:c1:85:81:40:27:26:8c:28:16:18:ce:fa:
ad:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:84:44:A9:65:CE:C5:BC:27:BC:61:5B:16:2E:D0:4B:1C:88:77:AC
X509v3 Authority Key Identifier:
keyid:D0:C3:D3:58:81:2E:60:B6:80:E4:E1:16:32:F1:39:56:0B:F5:25:FB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0MPTWIEuYLaA5OEWMvE5Vgv1Jfs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/da5e3b-ca0b-4fce-b1e2-5dd336f38060/1/xoREqWXOxbwnvGFbFi7QSxyId6w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/da5e3b-ca0b-4fce-b1e2-5dd336f38060/1/0MPTWIEuYLaA5OEWMvE5Vgv1Jfs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:7f40::/29
Signature Algorithm: sha256WithRSAEncryption
c6:df:b0:07:71:21:ca:35:da:62:81:27:0d:53:86:4f:0a:3b:
58:4b:71:01:21:4d:00:4e:76:e2:34:1b:92:0c:9c:1f:28:a5:
64:89:2b:16:6d:14:9c:f9:f1:93:34:60:21:68:b9:69:52:7b:
e3:9e:43:fc:e3:9d:05:8f:10:dd:ec:af:8b:c3:28:a2:d6:a4:
3d:d2:c0:a6:00:94:25:b4:2b:a6:1a:f0:75:db:7e:e1:8d:da:
30:d0:64:76:69:70:cf:38:20:0c:4c:01:36:e5:66:fe:50:29:
ea:65:68:f7:0a:4c:b6:92:65:77:6b:9b:87:c7:84:d8:ed:73:
01:42:fd:21:3e:bc:4d:b6:4d:78:08:0e:d2:61:16:6a:58:bb:
2e:b2:b8:d2:aa:8e:4e:c0:a7:14:c4:41:16:4b:0d:20:a3:98:
82:2d:7d:42:c8:0e:04:b5:4c:77:e6:bd:0a:6c:b1:19:b6:ef:
be:ee:9c:09:c7:96:14:33:94:85:6b:78:64:02:4a:04:8f:3d:
77:08:f4:8b:bc:f0:cc:9e:ed:a1:96:14:ea:ee:bf:d3:89:2e:
93:41:aa:bf:65:5f:1e:df:b3:5e:3a:4e:57:c1:a6:a8:78:37:
7a:f0:a4:56:9d:c6:be:e2:cd:08:03:01:bd:cf:0d:b0:b0:a4:
f6:4e:8f:f1
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIDHynnMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGQw
YzNkMzU4ODEyZTYwYjY4MGU0ZTExNjMyZjEzOTU2MGJmNTI1ZmIwHhcNMjIwMzE1
MTEwNzQ4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyhjNjg0NDRhOTY1Y2Vj
NWJjMjdiYzYxNWIxNjJlZDA0YjFjODg3N2FjMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAwIaOuN7AjvaVxWYCbtC/w3EOr7puNw/wlNaQwItlpcMjmUai
9lE/3IocQHzVOB1kib/pSNnHcg7JqeCUUPEtToI9c+ePumT+RNOR7JYhMhzRBE0p
tTaNOkuhSxss+1aqyjTlVJXgT5au1Aqek+NnNikwlM+IAvoMBFUB10T4Q4OI6lSo
c3Oa9bQcsQE8eebH9wfDi8ga6ks76rMCtZugxkFamvjIXPJCVJl2MItsZOZfc+mp
1EaLxrx6OW2U4M/xlJ5dKU43XFCXweqO86GGdqE2E5FDcs497YpE3wwTbXyj5ZM1
T4x0QfTKMCqhvhKolO7BhYFAJyaMKBYYzvqtvQIDAQABo4ICCjCCAgYwHQYDVR0O
BBYEFMaERKllzsW8J7xhWxYu0EsciHesMB8GA1UdIwQYMBaAFNDD01iBLmC2gOTh
FjLxOVYL9SX7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
ME1QVFdJRXVZTGFBNU9FV012RTVWZ3YxSmZzLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC8zYy9kYTVlM2ItY2EwYi00ZmNlLWIxZTItNWRkMzM2ZjM4MDYwLzEv
eG9SRXFXWE94YndudkdGYkZpN1FTeHlJZDZ3LnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYy9k
YTVlM2ItY2EwYi00ZmNlLWIxZTItNWRkMzM2ZjM4MDYwLzEvME1QVFdJRXVZTGFB
NU9FV012RTVWZ3YxSmZzLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCAG
CCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhJ/QDANBgkqhkiG9w0BAQsFAAOC
AQEAxt+wB3EhyjXaYoEnDVOGTwo7WEtxASFNAE524jQbkgycHyilZIkrFm0UnPnx
kzRgIWi5aVJ7455D/OOdBY8Q3eyvi8MootakPdLApgCUJbQrphrwddt+4Y3aMNBk
dmlwzzggDEwBNuVm/lAp6mVo9wpMtpJld2ubh8eE2O1zAUL9IT68TbZNeAgO0mEW
ali7LrK40qqOTsCnFMRBFksNIKOYgi19QsgOBLVMd+a9CmyxGbbvvu6cCceWFDOU
hWt4ZAJKBI89dwj0i7zwzJ7toZYU6u6/04kuk0Gqv2VfHt+zXjpOV8GmqHg3evCk
Vp3GvuLNCAMBvc8NsLCk9k6P8Q==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:53 2023 by rpki-client on console-fra.rpki-client.org