Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c6/d59880-4dc4-4ae0-b93e-b3d345a1ff17/1/fx4xTCMCQmvhTtg5JnFXGFE-PII.roa
File: fx4xTCMCQmvhTtg5JnFXGFE-PII.roa (raw, json)
Hash identifier: T9rlC3HdA3iyQgMjv1flJOgCeAcSZJs8SNSoHVk/FUs=
Subject key identifier: 7F:1E:31:4C:23:02:42:6B:E1:4E:D8:39:26:71:57:18:51:3E:3C:82
Certificate issuer: /CN=9dd65e89ef38111ecc0bfbd60acf6271d3bc53e5
Certificate serial: 0182D52722595B5D283F6EF12BD1671F0380
Authority key identifier: 9D:D6:5E:89:EF:38:11:1E:CC:0B:FB:D6:0A:CF:62:71:D3:BC:53:E5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ndZeie84ER7MC_vWCs9icdO8U-U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c6/d59880-4dc4-4ae0-b93e-b3d345a1ff17/1/fx4xTCMCQmvhTtg5JnFXGFE-PII.roa
Signing time: Thu 25 Aug 2022 13:18:07 +0000
ROA not before: Thu 25 Aug 2022 13:18:07 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 22773
IP address blocks: 2a12:7e80::/29 maxlen: 29
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:d5:27:22:59:5b:5d:28:3f:6e:f1:2b:d1:67:1f:03:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9dd65e89ef38111ecc0bfbd60acf6271d3bc53e5
Validity
Not Before: Aug 25 13:18:07 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=7f1e314c2302426be14ed83926715718513e3c82
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:7d:f3:99:36:22:98:31:a9:eb:a9:16:00:c8:
d3:cd:5b:02:a6:a3:7e:5b:51:07:1d:7c:53:29:90:
0a:39:e8:44:05:21:95:a9:d6:a3:80:b3:7a:10:38:
52:00:94:7b:cf:b9:ae:f3:08:ac:03:e9:d7:9f:66:
28:f0:1c:3b:17:3a:53:b3:4c:ea:85:34:9c:3c:9c:
5d:bd:a0:e6:f8:ba:be:9e:ea:44:65:71:33:77:f3:
f3:83:be:15:24:17:1a:1f:7a:a3:54:e0:c7:7e:f0:
b8:a8:c1:83:b4:32:9e:ef:f3:1f:47:d2:b5:88:55:
4b:f2:5a:9e:45:e1:56:8e:8f:06:fd:6c:b1:b4:2b:
fe:b8:4e:77:6c:9d:95:6e:76:ec:8c:cc:e7:04:58:
e8:c4:9b:ae:c4:38:50:3e:d8:7c:ca:3e:dc:f1:fa:
96:2b:e0:4b:dc:90:ad:38:0f:63:e0:12:40:49:7c:
b4:b0:43:be:6b:a2:d2:8d:fd:04:1c:bd:3a:40:c3:
73:dc:d4:cf:6c:cd:72:8e:09:b5:87:f7:48:e6:ec:
b3:5e:5a:ca:b5:7f:d7:8f:01:41:ab:74:69:cd:43:
b1:1a:7e:1d:82:24:4a:50:7c:51:31:49:e1:b1:6b:
93:fd:0c:1a:dc:85:81:6d:7a:30:c2:11:15:88:e3:
b8:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:1E:31:4C:23:02:42:6B:E1:4E:D8:39:26:71:57:18:51:3E:3C:82
X509v3 Authority Key Identifier:
keyid:9D:D6:5E:89:EF:38:11:1E:CC:0B:FB:D6:0A:CF:62:71:D3:BC:53:E5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ndZeie84ER7MC_vWCs9icdO8U-U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c6/d59880-4dc4-4ae0-b93e-b3d345a1ff17/1/fx4xTCMCQmvhTtg5JnFXGFE-PII.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c6/d59880-4dc4-4ae0-b93e-b3d345a1ff17/1/ndZeie84ER7MC_vWCs9icdO8U-U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:7e80::/29
Signature Algorithm: sha256WithRSAEncryption
08:f8:c7:87:62:dd:23:5d:bc:84:8e:98:19:73:c8:fe:ca:12:
a4:e4:e4:25:f1:c5:70:d6:fc:a2:2c:07:d5:ab:05:5b:be:69:
d9:6e:3c:66:77:f5:36:8b:68:10:da:7d:d4:57:3d:b3:a8:e4:
4e:21:ed:aa:8f:09:38:a8:02:e5:44:ee:05:40:f4:18:21:27:
f3:dd:44:73:a5:a3:14:ef:81:60:e4:03:03:e6:18:52:80:0e:
5d:58:77:9c:d8:65:f5:40:0b:dc:09:56:25:1c:e8:86:97:77:
e7:33:37:47:be:6d:36:cf:af:80:54:f3:0d:83:91:53:7c:95:
c2:4c:b9:20:4c:4f:c4:dc:7e:96:a1:86:07:c2:47:eb:ae:02:
9a:e1:4e:b4:88:28:68:d8:fa:ff:14:99:ad:84:19:bb:2d:eb:
ea:73:43:c2:b1:49:2a:e2:58:29:6c:4d:b4:92:32:52:c9:69:
42:4a:30:c4:ec:92:9c:6d:9e:27:b1:79:5e:d5:2d:f8:8f:6b:
92:d2:43:46:46:18:39:5b:05:57:4d:0e:d7:9a:50:63:d8:02:
f2:db:f3:1c:96:ba:41:9a:10:26:bb:49:cb:ed:30:37:a9:f3:
18:d2:04:e2:46:69:a8:c6:52:22:02:78:09:fe:70:85:7d:f7:
36:b1:0f:25
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYLVJyJZW10oP27xK9FnHwOAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkZDY1ZTg5ZWYzODExMWVjYzBiZmJkNjBhY2Y2MjcxZDNi
YzUzZTUwHhcNMjIwODI1MTMxODA3WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZjFlMzE0YzIzMDI0MjZiZTE0ZWQ4MzkyNjcxNTcxODUxM2UzYzgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoH3zmTYimDGp66kWAMjTzVsCpqN+
W1EHHXxTKZAKOehEBSGVqdajgLN6EDhSAJR7z7mu8wisA+nXn2Yo8Bw7FzpTs0zq
hTScPJxdvaDm+Lq+nupEZXEzd/Pzg74VJBcaH3qjVODHfvC4qMGDtDKe7/MfR9K1
iFVL8lqeReFWjo8G/WyxtCv+uE53bJ2VbnbsjMznBFjoxJuuxDhQPth8yj7c8fqW
K+BL3JCtOA9j4BJASXy0sEO+a6LSjf0EHL06QMNz3NTPbM1yjgm1h/dI5uyzXlrK
tX/XjwFBq3RpzUOxGn4dgiRKUHxRMUnhsWuT/Qwa3IWBbXowwhEViOO4lQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFH8eMUwjAkJr4U7YOSZxVxhRPjyCMB8GA1UdIwQY
MBaAFJ3WXonvOBEezAv71grPYnHTvFPlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbmRaZWllODRFUjdNQ192V0NzOWljZE84VS1VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNi9kNTk4ODAtNGRjNC00YWUwLWI5M2Ut
YjNkMzQ1YTFmZjE3LzEvZng0eFRDTUNRbXZoVHRnNUpuRlhHRkUtUElJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNi9kNTk4ODAtNGRjNC00YWUwLWI5M2UtYjNkMzQ1YTFmZjE3
LzEvbmRaZWllODRFUjdNQ192V0NzOWljZE84VS1VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhJ+gDAN
BgkqhkiG9w0BAQsFAAOCAQEACPjHh2LdI128hI6YGXPI/soSpOTkJfHFcNb8oiwH
1asFW75p2W48Znf1NotoENp91Fc9s6jkTiHtqo8JOKgC5UTuBUD0GCEn891Ec6Wj
FO+BYOQDA+YYUoAOXVh3nNhl9UAL3AlWJRzohpd35zM3R75tNs+vgFTzDYORU3yV
wky5IExPxNx+lqGGB8JH664CmuFOtIgoaNj6/xSZrYQZuy3r6nNDwrFJKuJYKWxN
tJIyUslpQkowxOySnG2eJ7F5XtUt+I9rktJDRkYYOVsFV00O15pQY9gC8tvzHJa6
QZoQJrtJy+0wN6nzGNIE4kZpqMZSIgJ4Cf5whX33NrEPJQ==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:07:36 2023 by rpki-client on console-ams.rpki-client.org