Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9f/9a331f-ddab-4d25-a6d7-a35c025fd122/1/DayvHOfPMEx47TOB7Xr7FVhkQkQ.roa
File: DayvHOfPMEx47TOB7Xr7FVhkQkQ.roa (raw, json)
Hash identifier: yGuGaD1ZRotkgTvSMDuXEt9AQZeF5rf0H4qCF3ndrgc=
Subject key identifier: 0D:AC:AF:1C:E7:CF:30:4C:78:ED:33:81:ED:7A:FB:15:58:64:42:44
Certificate issuer: /CN=16779914bbc57b5eb908027a9d68b31017db8a0c
Certificate serial: 7F26DB
Authority key identifier: 16:77:99:14:BB:C5:7B:5E:B9:08:02:7A:9D:68:B3:10:17:DB:8A:0C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FneZFLvFe165CAJ6nWizEBfbigw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9f/9a331f-ddab-4d25-a6d7-a35c025fd122/1/DayvHOfPMEx47TOB7Xr7FVhkQkQ.roa
Signing time: Sat 01 Jan 2022 02:59:04 +0000
ROA not before: Sat 01 Jan 2022 02:59:04 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 204790
IP address blocks: 2a12:1100::/29 maxlen: 29
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 8333019 (0x7f26db)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=16779914bbc57b5eb908027a9d68b31017db8a0c
Validity
Not Before: Jan 1 02:59:04 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0dacaf1ce7cf304c78ed3381ed7afb1558644244
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:0d:84:14:7b:4f:57:ba:bb:04:dc:4a:aa:78:
a4:5f:bd:82:ed:7a:1e:0e:e1:c4:b6:5c:e0:25:4d:
40:83:21:c1:0a:7c:7d:92:ea:52:43:d8:f5:cb:f8:
05:6b:81:6d:7d:12:84:a2:30:d4:54:8a:03:a3:02:
ec:ba:b8:0a:ef:fc:86:7c:53:b0:b0:01:70:e5:5a:
68:b6:f9:5a:f2:91:e3:40:ea:94:74:7f:ef:4f:ed:
7c:86:42:f1:d8:50:c2:aa:50:9a:c1:e1:72:0b:fa:
46:d2:cc:5d:8e:c4:dc:48:3e:78:dd:3f:e2:71:b9:
6d:af:73:0a:6a:4d:f5:d0:d9:6a:86:6b:7d:cf:a6:
fe:f4:d8:f6:9b:72:47:a6:ff:ec:29:47:1c:77:9a:
05:2f:da:c4:80:d3:5b:0f:34:c7:6c:ea:93:60:8f:
de:e7:1e:76:0e:b3:4b:d4:a6:2a:df:9e:2b:91:ca:
af:73:66:44:5d:be:e2:a4:63:f5:7e:23:c8:89:8a:
f9:02:cd:9c:5b:1a:6a:f1:8e:8c:26:4b:76:f5:25:
5e:c7:6e:73:2e:7f:4b:47:16:7e:44:2f:97:83:c0:
cc:b8:03:7a:4a:cc:62:b2:a4:86:45:02:13:de:88:
50:66:d0:f0:17:b0:4c:71:53:f5:b5:b1:1b:7d:5b:
85:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:AC:AF:1C:E7:CF:30:4C:78:ED:33:81:ED:7A:FB:15:58:64:42:44
X509v3 Authority Key Identifier:
keyid:16:77:99:14:BB:C5:7B:5E:B9:08:02:7A:9D:68:B3:10:17:DB:8A:0C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FneZFLvFe165CAJ6nWizEBfbigw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/9a331f-ddab-4d25-a6d7-a35c025fd122/1/DayvHOfPMEx47TOB7Xr7FVhkQkQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/9a331f-ddab-4d25-a6d7-a35c025fd122/1/FneZFLvFe165CAJ6nWizEBfbigw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:1100::/29
Signature Algorithm: sha256WithRSAEncryption
53:37:e2:36:47:25:ea:66:96:a4:85:d7:ac:37:39:ca:c8:36:
15:c8:a9:3c:78:76:ed:ff:61:18:5e:e0:79:a2:7e:b0:09:cd:
3f:61:e8:3e:13:f3:6d:66:d7:9e:4c:b8:53:2a:c5:95:3f:5f:
25:17:50:3e:ec:f7:be:b5:e4:4a:a7:b2:64:c0:c4:b5:f6:85:
94:14:c0:ce:3d:a7:f3:7b:f2:f7:57:b1:61:f3:a8:fb:02:e1:
09:e0:ee:1f:96:29:29:47:fa:da:f7:1c:3c:39:20:3e:f2:82:
64:74:97:eb:62:89:4a:d4:a2:bd:f1:fa:4b:d2:dd:18:77:54:
55:34:80:db:30:4a:3f:8e:8b:65:bb:5c:5a:9f:eb:6b:6e:47:
5f:a9:c2:c6:c7:e0:33:fa:dd:14:53:87:9c:e0:25:bc:13:5d:
36:8e:c5:db:4e:74:2c:a1:c2:5a:29:72:18:bd:6d:c3:04:4a:
e4:1a:e2:c5:05:8a:c4:19:3c:df:0c:fc:12:cb:e4:19:ca:94:
95:6e:23:8b:c5:c1:0e:3e:c2:b2:92:0a:10:72:01:9b:dd:5c:
6a:25:af:75:bd:b5:d9:65:db:21:26:86:b2:9a:27:43:75:c3:
cf:40:7c:63:8b:43:ff:05:d6:1d:f9:b5:0e:dc:d8:39:5a:2d:
07:d8:a8:a0
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIDfybbMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDE2
Nzc5OTE0YmJjNTdiNWViOTA4MDI3YTlkNjhiMzEwMTdkYjhhMGMwHhcNMjIwMTAx
MDI1OTA0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEygwZGFjYWYxY2U3Y2Yz
MDRjNzhlZDMzODFlZDdhZmIxNTU4NjQ0MjQ0MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEA1w2EFHtPV7q7BNxKqnikX72C7XoeDuHEtlzgJU1AgyHBCnx9
kupSQ9j1y/gFa4FtfRKEojDUVIoDowLsurgK7/yGfFOwsAFw5Vpotvla8pHjQOqU
dH/vT+18hkLx2FDCqlCaweFyC/pG0sxdjsTcSD543T/icbltr3MKak310Nlqhmt9
z6b+9Nj2m3JHpv/sKUccd5oFL9rEgNNbDzTHbOqTYI/e5x52DrNL1KYq354rkcqv
c2ZEXb7ipGP1fiPIiYr5As2cWxpq8Y6MJkt29SVex25zLn9LRxZ+RC+Xg8DMuAN6
SsxisqSGRQIT3ohQZtDwF7BMcVP1tbEbfVuFfQIDAQABo4ICCjCCAgYwHQYDVR0O
BBYEFA2srxznzzBMeO0zge16+xVYZEJEMB8GA1UdIwQYMBaAFBZ3mRS7xXteuQgC
ep1osxAX24oMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
Rm5lWkZMdkZlMTY1Q0FKNm5XaXpFQmZiaWd3LmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC85Zi85YTMzMWYtZGRhYi00ZDI1LWE2ZDctYTM1YzAyNWZkMTIyLzEv
RGF5dkhPZlBNRXg0N1RPQjdYcjdGVmhrUWtRLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Zi85
YTMzMWYtZGRhYi00ZDI1LWE2ZDctYTM1YzAyNWZkMTIyLzEvRm5lWkZMdkZlMTY1
Q0FKNm5XaXpFQmZiaWd3LmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCAG
CCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhIRADANBgkqhkiG9w0BAQsFAAOC
AQEAUzfiNkcl6maWpIXXrDc5ysg2FcipPHh27f9hGF7geaJ+sAnNP2HoPhPzbWbX
nky4UyrFlT9fJRdQPuz3vrXkSqeyZMDEtfaFlBTAzj2n83vy91exYfOo+wLhCeDu
H5YpKUf62vccPDkgPvKCZHSX62KJStSivfH6S9LdGHdUVTSA2zBKP46LZbtcWp/r
a25HX6nCxsfgM/rdFFOHnOAlvBNdNo7F2050LKHCWilyGL1twwRK5BrixQWKxBk8
3wz8EsvkGcqUlW4ji8XBDj7CspIKEHIBm91caiWvdb212WXbISaGsponQ3XDz0B8
Y4tD/wXWHfm1DtzYOVotB9iooA==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:00:08 2023 by rpki-client on console-fra.rpki-client.org