Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3c/da5e3b-ca0b-4fce-b1e2-5dd336f38060/1/y8iQB2LlhNCNfQ_1OlBA3db-UW8.roa
File: y8iQB2LlhNCNfQ_1OlBA3db-UW8.roa (raw, json)
Hash identifier: c4VEpbxed5Zj+Obd9h7lZEGVQLui96E9vlwC0QgOhhs=
Subject key identifier: CB:C8:90:07:62:E5:84:D0:8D:7D:0F:F5:3A:50:40:DD:D6:FE:51:6F
Certificate issuer: /CN=d0c3d358812e60b680e4e11632f139560bf525fb
Certificate serial: 011866
Authority key identifier: D0:C3:D3:58:81:2E:60:B6:80:E4:E1:16:32:F1:39:56:0B:F5:25:FB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0MPTWIEuYLaA5OEWMvE5Vgv1Jfs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3c/da5e3b-ca0b-4fce-b1e2-5dd336f38060/1/y8iQB2LlhNCNfQ_1OlBA3db-UW8.roa
Signing time: Fri 04 Mar 2022 15:57:57 +0000
ROA not before: Fri 04 Mar 2022 15:57:57 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 50113
IP address blocks: 2a12:7f40::/29 maxlen: 29
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 71782 (0x11866)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d0c3d358812e60b680e4e11632f139560bf525fb
Validity
Not Before: Mar 4 15:57:57 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=cbc8900762e584d08d7d0ff53a5040ddd6fe516f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:70:1a:ac:9c:6f:4e:f6:13:ca:ec:45:b3:3b:
7b:84:57:38:59:bd:eb:ee:24:7a:9d:62:f0:31:d4:
38:0c:0a:fd:dc:fe:65:39:70:58:a7:2a:c8:4e:a1:
ae:07:ce:42:60:78:43:7a:71:dd:44:91:a7:3d:02:
c3:ca:4e:c0:36:5a:07:70:9d:e2:52:0e:1d:5a:60:
52:89:24:d6:ad:e4:11:66:8e:9d:6a:db:24:68:b3:
99:13:01:45:82:12:79:69:28:fb:43:3b:20:a4:30:
e7:a8:18:ef:b7:df:64:b8:64:dd:cd:08:51:10:96:
48:e5:d7:ce:c0:78:78:b4:18:b6:7c:47:eb:b9:77:
89:7b:67:5e:f6:61:1a:ef:f3:7e:8d:9d:23:45:66:
ee:34:dd:58:7c:c0:ec:59:ee:12:05:5a:bf:22:27:
8b:14:bd:b5:52:c6:50:86:2d:b3:90:f8:eb:50:4a:
38:d7:4f:99:c7:79:45:16:85:f6:7d:ec:d7:15:f5:
44:2b:e6:54:50:f6:e6:b8:77:5d:0d:5c:b1:cf:b7:
39:70:31:d2:c0:03:1b:f9:21:e2:cc:21:3d:c7:9d:
76:52:b6:c1:1d:17:89:56:2b:3e:d4:88:e0:95:8b:
4e:eb:29:ef:2d:65:3f:be:82:52:ba:01:65:68:74:
26:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:C8:90:07:62:E5:84:D0:8D:7D:0F:F5:3A:50:40:DD:D6:FE:51:6F
X509v3 Authority Key Identifier:
keyid:D0:C3:D3:58:81:2E:60:B6:80:E4:E1:16:32:F1:39:56:0B:F5:25:FB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0MPTWIEuYLaA5OEWMvE5Vgv1Jfs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/da5e3b-ca0b-4fce-b1e2-5dd336f38060/1/y8iQB2LlhNCNfQ_1OlBA3db-UW8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/da5e3b-ca0b-4fce-b1e2-5dd336f38060/1/0MPTWIEuYLaA5OEWMvE5Vgv1Jfs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:7f40::/29
Signature Algorithm: sha256WithRSAEncryption
08:30:48:0a:07:36:8f:55:65:e1:62:d5:c7:39:04:22:3b:4e:
f0:78:ba:30:a1:d4:2d:5b:c2:2f:ed:de:af:b9:ff:61:55:85:
9f:63:fd:eb:87:d1:ef:f7:71:28:55:c7:f6:d6:f1:56:8c:a2:
5a:8a:da:c3:9f:0a:76:ab:39:e5:f1:a8:e0:a2:4c:d6:fe:af:
33:91:29:ed:0f:05:41:5c:b0:08:2c:3c:a0:f3:c4:90:a5:fd:
04:b3:b0:56:3c:8c:47:47:44:b1:2d:a6:73:3d:32:54:f3:cb:
60:2c:0b:40:2e:8d:2a:67:bd:7c:2b:69:2b:61:9f:db:35:7a:
0b:61:58:80:0e:af:54:eb:be:b5:80:a1:fc:61:db:cf:3e:86:
d5:fa:ab:39:4b:be:b5:0b:44:5f:0c:48:5c:97:47:f6:68:b9:
cd:0b:63:4c:9f:2e:61:cd:a1:3c:2c:af:4a:34:49:75:2d:e8:
1a:cb:2c:b0:f3:ed:65:50:cf:4e:19:49:9d:f2:79:a3:c2:0a:
68:86:7e:5d:c9:03:e5:d5:4e:4d:05:70:c2:4e:42:50:8c:57:
40:7b:b3:a0:81:86:ad:64:85:b2:1b:10:19:a1:ba:18:04:91:
85:29:4e:13:4d:c9:f6:b8:b3:3b:be:b8:4b:a3:0b:b2:f7:e7:
d1:4a:06:34
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIDARhmMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGQw
YzNkMzU4ODEyZTYwYjY4MGU0ZTExNjMyZjEzOTU2MGJmNTI1ZmIwHhcNMjIwMzA0
MTU1NzU3WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyhjYmM4OTAwNzYyZTU4
NGQwOGQ3ZDBmZjUzYTUwNDBkZGQ2ZmU1MTZmMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAs3AarJxvTvYTyuxFszt7hFc4Wb3r7iR6nWLwMdQ4DAr93P5l
OXBYpyrITqGuB85CYHhDenHdRJGnPQLDyk7ANloHcJ3iUg4dWmBSiSTWreQRZo6d
atskaLOZEwFFghJ5aSj7QzsgpDDnqBjvt99kuGTdzQhREJZI5dfOwHh4tBi2fEfr
uXeJe2de9mEa7/N+jZ0jRWbuNN1YfMDsWe4SBVq/IieLFL21UsZQhi2zkPjrUEo4
10+Zx3lFFoX2fezXFfVEK+ZUUPbmuHddDVyxz7c5cDHSwAMb+SHizCE9x512UrbB
HReJVis+1IjglYtO6ynvLWU/voJSugFlaHQm8wIDAQABo4ICCjCCAgYwHQYDVR0O
BBYEFMvIkAdi5YTQjX0P9TpQQN3W/lFvMB8GA1UdIwQYMBaAFNDD01iBLmC2gOTh
FjLxOVYL9SX7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
ME1QVFdJRXVZTGFBNU9FV012RTVWZ3YxSmZzLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC8zYy9kYTVlM2ItY2EwYi00ZmNlLWIxZTItNWRkMzM2ZjM4MDYwLzEv
eThpUUIyTGxoTkNOZlFfMU9sQkEzZGItVVc4LnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYy9k
YTVlM2ItY2EwYi00ZmNlLWIxZTItNWRkMzM2ZjM4MDYwLzEvME1QVFdJRXVZTGFB
NU9FV012RTVWZ3YxSmZzLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCAG
CCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhJ/QDANBgkqhkiG9w0BAQsFAAOC
AQEACDBICgc2j1Vl4WLVxzkEIjtO8Hi6MKHULVvCL+3er7n/YVWFn2P964fR7/dx
KFXH9tbxVoyiWoraw58Kdqs55fGo4KJM1v6vM5Ep7Q8FQVywCCw8oPPEkKX9BLOw
VjyMR0dEsS2mcz0yVPPLYCwLQC6NKme9fCtpK2Gf2zV6C2FYgA6vVOu+tYCh/GHb
zz6G1fqrOUu+tQtEXwxIXJdH9mi5zQtjTJ8uYc2hPCyvSjRJdS3oGssssPPtZVDP
ThlJnfJ5o8IKaIZ+XckD5dVOTQVwwk5CUIxXQHuzoIGGrWSFshsQGaG6GASRhSlO
E03J9rizO764S6MLsvfn0UoGNA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:04:16 2024 by rpki-client on console-ams.rpki-client.org