Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f9/23929a-b247-4f3b-9cd1-8b1f5becdda2/1/PgrNP_cbhC_zIq-RAUi5NsWIMGg.roa
File: PgrNP_cbhC_zIq-RAUi5NsWIMGg.roa (raw, json)
Hash identifier: MA/3WgJbPHJouHsd6tRizc5Csh9L6gRUBXUnVtdnoio=
Subject key identifier: 3E:0A:CD:3F:F7:1B:84:2F:F3:22:AF:91:01:48:B9:36:C5:88:30:68
Certificate issuer: /CN=e3c7c19f8d9b50ea60cce7498af0fd8c3908119e
Certificate serial: 0149A788
Authority key identifier: E3:C7:C1:9F:8D:9B:50:EA:60:CC:E7:49:8A:F0:FD:8C:39:08:11:9E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/48fBn42bUOpgzOdJivD9jDkIEZ4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f9/23929a-b247-4f3b-9cd1-8b1f5becdda2/1/PgrNP_cbhC_zIq-RAUi5NsWIMGg.roa
Signing time: Wed 27 Apr 2022 12:58:46 +0000
ROA not before: Wed 27 Apr 2022 12:58:46 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 210512
IP address blocks: 2a12:1780::/29 maxlen: 29
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 21604232 (0x149a788)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e3c7c19f8d9b50ea60cce7498af0fd8c3908119e
Validity
Not Before: Apr 27 12:58:46 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3e0acd3ff71b842ff322af910148b936c5883068
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:93:cd:98:90:d8:d9:91:2d:41:e0:31:5f:2f:
91:ec:12:99:e2:d7:b4:d9:d8:30:c8:a7:51:3a:bf:
b5:72:a8:f1:1d:a8:83:0c:c5:5e:cb:6a:b3:cf:78:
0a:44:c6:a8:70:8f:aa:d5:c8:7a:ec:cd:e8:d6:d1:
4d:21:00:10:21:b8:9c:fd:25:2e:ca:46:20:9d:6a:
07:40:b4:fd:93:30:53:46:3b:67:bb:60:15:d3:05:
9e:b2:52:16:02:36:aa:92:0f:f4:83:15:48:70:4a:
50:58:71:df:0c:cf:65:6d:ab:e1:27:b7:e8:1e:a8:
05:4d:52:c4:9a:d2:1b:ef:81:d9:59:41:61:1c:79:
3c:45:3b:0c:ae:96:0d:94:39:1b:f2:fd:2d:29:d0:
f2:51:89:63:4d:1a:98:40:49:7e:89:e4:34:72:69:
31:cd:05:15:8f:0c:f5:5e:8b:54:07:8f:35:58:40:
cc:34:58:51:b5:d0:78:d1:f0:bb:3e:d5:6e:c1:4f:
07:0e:db:77:eb:7a:21:73:03:2d:5a:f9:84:0d:5d:
0e:1a:df:4e:73:ba:b6:da:c0:df:cf:47:58:b1:e5:
06:3f:f5:ba:e7:b3:68:e5:f0:6b:63:80:50:6e:46:
72:8a:94:c2:d1:0c:97:01:b2:c1:50:27:0e:52:ff:
aa:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:0A:CD:3F:F7:1B:84:2F:F3:22:AF:91:01:48:B9:36:C5:88:30:68
X509v3 Authority Key Identifier:
keyid:E3:C7:C1:9F:8D:9B:50:EA:60:CC:E7:49:8A:F0:FD:8C:39:08:11:9E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/48fBn42bUOpgzOdJivD9jDkIEZ4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/23929a-b247-4f3b-9cd1-8b1f5becdda2/1/PgrNP_cbhC_zIq-RAUi5NsWIMGg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/23929a-b247-4f3b-9cd1-8b1f5becdda2/1/48fBn42bUOpgzOdJivD9jDkIEZ4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:1780::/29
Signature Algorithm: sha256WithRSAEncryption
72:8c:66:47:d5:8d:4e:66:3c:32:da:f0:35:7f:da:a7:9a:49:
6d:83:7c:61:42:55:3d:cd:19:8c:5b:1c:84:75:54:f4:42:82:
e1:d5:5b:ab:ab:a8:5b:af:1f:0a:8a:17:90:dd:ed:71:f1:82:
7f:de:12:0a:09:48:52:02:0c:b1:59:7b:cb:af:7d:b7:85:a0:
4f:bc:8f:4c:8e:8f:87:6b:65:d7:ff:1f:7d:99:e5:40:8e:e0:
04:bd:49:08:44:7a:16:91:5d:5c:e9:6b:6b:52:e4:a4:40:45:
bd:f3:7c:22:37:7a:3b:1a:4b:32:5e:86:9f:cb:83:4a:27:9e:
a1:4b:54:62:c8:a6:09:3a:6a:9e:d7:ba:5e:f9:43:47:11:69:
aa:b3:73:f1:34:62:9f:48:41:ec:6a:0b:e2:0e:49:a0:59:64:
3a:35:fe:ef:e6:6e:e1:18:08:79:0d:f5:38:2a:12:80:ab:1d:
37:d4:6c:f1:8e:db:e0:49:c7:f4:5b:f5:4b:dc:39:34:a3:21:
11:db:64:ba:14:ca:b2:2f:77:ce:86:f5:c3:83:16:c8:6c:52:
a9:85:e5:4d:62:af:02:fe:9a:95:67:31:68:75:4a:53:fd:79:
ae:81:fe:50:c1:0b:70:6a:b7:e2:b0:db:d0:af:17:d3:49:72:
34:86:d0:bd
-----BEGIN CERTIFICATE-----
MIIE8DCCA9igAwIBAgIEAUmniDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
M2M3YzE5ZjhkOWI1MGVhNjBjY2U3NDk4YWYwZmQ4YzM5MDgxMTllMB4XDTIyMDQy
NzEyNTg0NloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoM2UwYWNkM2ZmNzFi
ODQyZmYzMjJhZjkxMDE0OGI5MzZjNTg4MzA2ODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJWTzZiQ2NmRLUHgMV8vkewSmeLXtNnYMMinUTq/tXKo8R2o
gwzFXstqs894CkTGqHCPqtXIeuzN6NbRTSEAECG4nP0lLspGIJ1qB0C0/ZMwU0Y7
Z7tgFdMFnrJSFgI2qpIP9IMVSHBKUFhx3wzPZW2r4Se36B6oBU1SxJrSG++B2VlB
YRx5PEU7DK6WDZQ5G/L9LSnQ8lGJY00amEBJfonkNHJpMc0FFY8M9V6LVAePNVhA
zDRYUbXQeNHwuz7VbsFPBw7bd+t6IXMDLVr5hA1dDhrfTnO6ttrA389HWLHlBj/1
uuezaOXwa2OAUG5GcoqUwtEMlwGywVAnDlL/qnsCAwEAAaOCAgowggIGMB0GA1Ud
DgQWBBQ+Cs0/9xuEL/Mir5EBSLk2xYgwaDAfBgNVHSMEGDAWgBTjx8GfjZtQ6mDM
50mK8P2MOQgRnjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzQ4ZkJuNDJiVU9wZ3pPZEppdkQ5akRrSUVaNC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZjkvMjM5MjlhLWIyNDctNGYzYi05Y2QxLThiMWY1YmVjZGRhMi8x
L1Bnck5QX2NiaENfeklxLVJBVWk1TnNXSU1HZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZjkv
MjM5MjlhLWIyNDctNGYzYi05Y2QxLThiMWY1YmVjZGRhMi8xLzQ4ZkJuNDJiVU9w
Z3pPZEppdkQ5akRrSUVaNC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAg
BggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFAyoSF4AwDQYJKoZIhvcNAQELBQAD
ggEBAHKMZkfVjU5mPDLa8DV/2qeaSW2DfGFCVT3NGYxbHIR1VPRCguHVW6urqFuv
HwqKF5Dd7XHxgn/eEgoJSFICDLFZe8uvfbeFoE+8j0yOj4drZdf/H32Z5UCO4AS9
SQhEehaRXVzpa2tS5KRARb3zfCI3ejsaSzJehp/Lg0onnqFLVGLIpgk6ap7Xul75
Q0cRaaqzc/E0Yp9IQexqC+IOSaBZZDo1/u/mbuEYCHkN9TgqEoCrHTfUbPGO2+BJ
x/Rb9UvcOTSjIRHbZLoUyrIvd86G9cODFshsUqmF5U1irwL+mpVnMWh1SlP9ea6B
/lDBC3Bqt+Kw29CvF9NJcjSG0L0=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:42 2023 by rpki-client on console-fra.rpki-client.org