Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/83/30883a-16d7-4212-9199-09d0aa28e551/1/ADLjG1pXzLZcaC49Fer7459adAI.roa
File: ADLjG1pXzLZcaC49Fer7459adAI.roa (raw, json)
Hash identifier: L8X6ofyFtXED/6LaQtrHAdALxCEKObl+9Rwp7q3jXLo=
Subject key identifier: 00:32:E3:1B:5A:57:CC:B6:5C:68:2E:3D:15:EA:FB:E3:9F:5A:74:02
Certificate issuer: /CN=798f7b1fd802b3dc6abd7a5cda786a6311e1d63d
Certificate serial: 0195FCEC758E8C16338C0DA8DE7971985DD1
Authority key identifier: 79:8F:7B:1F:D8:02:B3:DC:6A:BD:7A:5C:DA:78:6A:63:11:E1:D6:3D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eY97H9gCs9xqvXpc2nhqYxHh1j0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/83/30883a-16d7-4212-9199-09d0aa28e551/1/ADLjG1pXzLZcaC49Fer7459adAI.roa
Signing time: Thu 03 Apr 2025 18:31:49 +0000
ROA not before: Thu 03 Apr 2025 18:31:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215451
IP address blocks: 2a12:3fc1:1003::/48 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:fc:ec:75:8e:8c:16:33:8c:0d:a8:de:79:71:98:5d:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=798f7b1fd802b3dc6abd7a5cda786a6311e1d63d
Validity
Not Before: Apr 3 18:31:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0032e31b5a57ccb65c682e3d15eafbe39f5a7402
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:3f:bb:11:1d:ff:fb:23:d5:8f:6e:e0:78:e7:
a1:29:59:7e:50:1d:61:c7:28:03:0d:89:1b:bd:34:
6c:c0:b5:05:cb:18:2e:f8:01:16:fa:40:e9:bd:5a:
5a:d9:49:5f:30:6e:22:d5:ea:f2:d3:1c:40:27:3d:
ed:0b:1f:07:c9:2e:43:df:57:ac:a8:97:9c:d8:e7:
31:10:39:08:74:13:22:22:df:c1:f0:88:d5:4c:b6:
33:e8:83:f1:66:7e:6c:76:73:74:dc:51:49:0d:80:
1a:37:9a:cc:ba:f6:ae:ea:0e:f7:83:3d:7c:00:b0:
f9:fb:cb:45:8f:59:42:2e:22:74:93:01:cf:3c:c1:
11:a1:cd:89:cf:ea:33:6a:9d:c1:4f:bf:08:cc:39:
0d:3e:4c:b4:82:f4:7d:6c:85:e2:84:bf:72:b2:10:
5c:c8:6c:ca:fa:44:ab:c1:b7:a0:fb:ad:f8:57:84:
cf:f2:3d:a0:f9:e8:d2:5c:2c:e2:cb:bf:d9:40:5d:
81:3d:75:17:8f:54:eb:db:82:7b:4e:92:25:5d:1f:
41:04:04:54:d3:2b:15:57:15:ec:0a:73:c5:4c:ea:
81:34:96:01:fd:05:fc:9e:29:f5:3c:da:c4:93:98:
df:01:ea:e8:1d:17:50:48:07:c0:de:30:82:e9:f0:
bc:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:32:E3:1B:5A:57:CC:B6:5C:68:2E:3D:15:EA:FB:E3:9F:5A:74:02
X509v3 Authority Key Identifier:
keyid:79:8F:7B:1F:D8:02:B3:DC:6A:BD:7A:5C:DA:78:6A:63:11:E1:D6:3D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eY97H9gCs9xqvXpc2nhqYxHh1j0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/83/30883a-16d7-4212-9199-09d0aa28e551/1/ADLjG1pXzLZcaC49Fer7459adAI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/83/30883a-16d7-4212-9199-09d0aa28e551/1/eY97H9gCs9xqvXpc2nhqYxHh1j0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:3fc1:1003::/48
Signature Algorithm: sha256WithRSAEncryption
a5:99:ff:a1:84:32:54:96:2e:8e:e2:86:d7:f1:3f:44:5e:61:
c2:9f:77:54:03:02:e7:a9:26:30:22:d2:fb:41:af:f6:53:11:
cd:03:a9:85:6f:ca:90:37:66:c1:8e:8c:52:2c:4f:94:86:5c:
0b:17:60:d2:b9:6a:a9:fc:08:57:9f:eb:70:cd:34:15:43:fa:
ad:4d:f8:93:a2:89:d0:e9:88:95:5e:0c:e7:72:09:3b:b6:31:
40:57:eb:c4:a7:70:7f:2d:84:58:ae:6d:c7:b6:1c:7b:fe:2d:
aa:a9:0e:51:0a:7d:42:94:c8:9d:6c:96:d7:92:df:df:07:ec:
e1:3f:23:5a:10:20:71:26:d2:c4:ba:e9:a5:aa:3e:83:d5:7c:
95:4b:14:fd:c2:84:2d:2a:42:3e:a9:f5:02:85:51:7a:f3:bf:
6e:7e:18:3e:cf:3a:22:d7:35:d1:ec:e1:c5:6a:43:8e:58:b8:
c5:f8:f7:50:6f:fb:a6:ab:b2:f6:ed:d3:4e:c2:2a:86:ca:f2:
c5:8f:fd:9d:b3:8b:c8:61:64:92:17:f0:75:6f:5e:dd:66:29:
58:dd:1c:38:0d:ff:63:ec:98:d3:60:2c:67:80:a8:66:9e:68:
b1:63:7d:17:e0:38:a9:39:f0:f7:f8:d0:d5:ab:d3:a1:68:13:
f9:0a:9c:f6
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZX87HWOjBYzjA2o3nlxmF3RMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc5OGY3YjFmZDgwMmIzZGM2YWJkN2E1Y2RhNzg2YTYzMTFl
MWQ2M2QwHhcNMjUwNDAzMTgzMTQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMDMyZTMxYjVhNTdjY2I2NWM2ODJlM2QxNWVhZmJlMzlmNWE3NDAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyz+7ER3/+yPVj27geOehKVl+UB1h
xygDDYkbvTRswLUFyxgu+AEW+kDpvVpa2UlfMG4i1ery0xxAJz3tCx8HyS5D31es
qJec2OcxEDkIdBMiIt/B8IjVTLYz6IPxZn5sdnN03FFJDYAaN5rMuvau6g73gz18
ALD5+8tFj1lCLiJ0kwHPPMERoc2Jz+ozap3BT78IzDkNPky0gvR9bIXihL9yshBc
yGzK+kSrwbeg+634V4TP8j2g+ejSXCziy7/ZQF2BPXUXj1Tr24J7TpIlXR9BBARU
0ysVVxXsCnPFTOqBNJYB/QX8nin1PNrEk5jfAeroHRdQSAfA3jCC6fC85QIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFAAy4xtaV8y2XGguPRXq++OfWnQCMB8GA1UdIwQY
MBaAFHmPex/YArPcar16XNp4amMR4dY9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZVk5N0g5Z0NzOXhxdlhwYzJuaHFZeEhoMWowLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84My8zMDg4M2EtMTZkNy00MjEyLTkxOTkt
MDlkMGFhMjhlNTUxLzEvQURMakcxcFh6TFpjYUM0OUZlcjc0NTlhZEFJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84My8zMDg4M2EtMTZkNy00MjEyLTkxOTktMDlkMGFhMjhlNTUx
LzEvZVk5N0g5Z0NzOXhxdlhwYzJuaHFZeEhoMWowLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKhI/wRAD
MA0GCSqGSIb3DQEBCwUAA4IBAQClmf+hhDJUli6O4obX8T9EXmHCn3dUAwLnqSYw
ItL7Qa/2UxHNA6mFb8qQN2bBjoxSLE+UhlwLF2DSuWqp/AhXn+twzTQVQ/qtTfiT
oonQ6YiVXgzncgk7tjFAV+vEp3B/LYRYrm3Hthx7/i2qqQ5RCn1ClMidbJbXkt/f
B+zhPyNaECBxJtLEuumlqj6D1XyVSxT9woQtKkI+qfUChVF6879ufhg+zzoi1zXR
7OHFakOOWLjF+PdQb/umq7L27dNOwiqGyvLFj/2ds4vIYWSSF/B1b17dZilY3Rw4
Df9j7JjTYCxngKhmnmixY30X4DipOfD3+NDVq9OhaBP5Cpz2
-----END CERTIFICATE-----
Generated at Sun Apr 20 18:53:46 2025 by rpki-client