Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f9/23929a-b247-4f3b-9cd1-8b1f5becdda2/1/Ri59i9uWz7tYITQeRW74y3caHGs.roa
File: Ri59i9uWz7tYITQeRW74y3caHGs.roa (raw, json)
Hash identifier: siSs7suw2TzavubCFI2KMsG36k/nm46khzEun1/Src4=
Subject key identifier: 46:2E:7D:8B:DB:96:CF:BB:58:21:34:1E:45:6E:F8:CB:77:1A:1C:6B
Certificate issuer: /CN=e3c7c19f8d9b50ea60cce7498af0fd8c3908119e
Certificate serial: 0182253633AD29D2FE5380D35EB1BD183457
Authority key identifier: E3:C7:C1:9F:8D:9B:50:EA:60:CC:E7:49:8A:F0:FD:8C:39:08:11:9E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/48fBn42bUOpgzOdJivD9jDkIEZ4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f9/23929a-b247-4f3b-9cd1-8b1f5becdda2/1/Ri59i9uWz7tYITQeRW74y3caHGs.roa
Signing time: Fri 22 Jul 2022 09:21:25 +0000
ROA not before: Fri 22 Jul 2022 09:21:25 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 212238
IP address blocks: 2a12:1780::/29 maxlen: 29
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:25:36:33:ad:29:d2:fe:53:80:d3:5e:b1:bd:18:34:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e3c7c19f8d9b50ea60cce7498af0fd8c3908119e
Validity
Not Before: Jul 22 09:21:25 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=462e7d8bdb96cfbb5821341e456ef8cb771a1c6b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:4c:61:67:85:3c:fd:e0:26:8f:7b:eb:7d:d7:
11:07:f1:39:f3:31:4a:a8:d1:8d:2b:c3:13:ee:da:
2b:fc:c2:bf:b1:bd:64:d8:34:02:2f:2a:19:4c:2f:
bf:fd:0a:b5:c2:0a:9b:5c:39:5e:cd:d3:8a:3f:75:
04:3a:bd:8b:57:7c:5b:f6:5f:55:5f:7a:fd:1f:6a:
03:ae:18:fb:dc:e4:c7:d4:55:ea:70:b6:14:a4:fb:
ca:3a:40:90:f9:c0:ff:bd:b2:0a:15:22:44:81:eb:
17:4d:09:62:1c:8c:d3:da:e6:79:ce:cf:bc:5c:47:
80:f3:49:d4:ad:c1:fd:70:8a:a7:a2:4a:3e:9c:0c:
8e:e9:96:d7:f4:17:75:2b:57:02:ad:a2:f4:15:6b:
70:7b:7b:0d:fa:e6:8b:4c:8c:bd:9c:18:70:14:c6:
3f:e4:fc:a2:be:58:2f:59:7c:a9:c5:9b:7b:8e:b3:
4f:c2:74:07:ab:93:d7:67:ce:1b:82:12:a9:32:07:
14:ac:72:66:30:39:14:9a:fc:a3:88:c7:68:d7:c9:
d1:cc:02:7d:7a:d6:6c:71:67:27:d8:59:7a:49:1c:
b5:5c:44:09:31:e3:0f:cc:8f:b3:6b:f8:0f:8f:03:
4a:19:24:8e:e3:f6:2d:ab:d0:fc:b1:b8:e5:b5:64:
41:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
46:2E:7D:8B:DB:96:CF:BB:58:21:34:1E:45:6E:F8:CB:77:1A:1C:6B
X509v3 Authority Key Identifier:
keyid:E3:C7:C1:9F:8D:9B:50:EA:60:CC:E7:49:8A:F0:FD:8C:39:08:11:9E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/48fBn42bUOpgzOdJivD9jDkIEZ4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/23929a-b247-4f3b-9cd1-8b1f5becdda2/1/Ri59i9uWz7tYITQeRW74y3caHGs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/23929a-b247-4f3b-9cd1-8b1f5becdda2/1/48fBn42bUOpgzOdJivD9jDkIEZ4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:1780::/29
Signature Algorithm: sha256WithRSAEncryption
a8:f0:12:77:b8:21:25:3e:7e:98:90:b8:cc:bb:34:be:d6:62:
2d:db:d3:47:d1:2f:d7:fc:a3:d8:49:3c:8e:9e:02:be:79:f5:
47:87:85:ae:69:ab:7f:51:5e:26:02:80:60:e1:58:28:2d:df:
3e:6f:e8:fd:54:ff:64:5c:59:6a:8e:ed:49:f4:15:bd:0a:a4:
eb:fa:92:71:ee:d4:18:5c:63:a6:18:61:c4:22:b4:1f:d6:7a:
16:e9:f4:e7:0e:ce:88:88:78:c9:33:28:b2:25:e7:f4:49:4f:
1e:8d:ab:45:ca:25:ef:26:a4:65:45:34:7d:60:20:d5:52:bb:
cf:4b:43:0d:bf:f2:5c:d2:89:16:e7:71:33:fd:32:e3:46:df:
6f:07:2b:e5:1d:04:64:07:10:e4:31:e0:67:39:e7:01:6e:c1:
0e:7c:01:04:0f:64:69:ec:5e:6e:b2:e9:d5:48:5e:9b:cd:89:
2d:1b:d4:d6:0f:1b:9f:99:36:0b:6d:53:7a:bb:1a:00:12:b1:
18:da:f3:9c:39:84:59:a5:40:05:39:a8:83:54:c2:e0:8f:49:
14:25:30:56:12:fa:fd:f4:e0:30:29:67:2e:d5:3b:f8:ec:96:
8f:28:df:71:b7:1b:a3:1f:ff:64:d1:6e:84:45:78:07:99:97:
4d:41:1e:18
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYIlNjOtKdL+U4DTXrG9GDRXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUzYzdjMTlmOGQ5YjUwZWE2MGNjZTc0OThhZjBmZDhjMzkw
ODExOWUwHhcNMjIwNzIyMDkyMTI1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NjJlN2Q4YmRiOTZjZmJiNTgyMTM0MWU0NTZlZjhjYjc3MWExYzZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzUxhZ4U8/eAmj3vrfdcRB/E58zFK
qNGNK8MT7tor/MK/sb1k2DQCLyoZTC+//Qq1wgqbXDlezdOKP3UEOr2LV3xb9l9V
X3r9H2oDrhj73OTH1FXqcLYUpPvKOkCQ+cD/vbIKFSJEgesXTQliHIzT2uZ5zs+8
XEeA80nUrcH9cIqnoko+nAyO6ZbX9Bd1K1cCraL0FWtwe3sN+uaLTIy9nBhwFMY/
5PyivlgvWXypxZt7jrNPwnQHq5PXZ84bghKpMgcUrHJmMDkUmvyjiMdo18nRzAJ9
etZscWcn2Fl6SRy1XEQJMeMPzI+za/gPjwNKGSSO4/Ytq9D8sbjltWRBoQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFEYufYvbls+7WCE0HkVu+Mt3GhxrMB8GA1UdIwQY
MBaAFOPHwZ+Nm1DqYMznSYrw/Yw5CBGeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNDhmQm40MmJVT3Bnek9kSml2RDlqRGtJRVo0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOS8yMzkyOWEtYjI0Ny00ZjNiLTljZDEt
OGIxZjViZWNkZGEyLzEvUmk1OWk5dVd6N3RZSVRRZVJXNzR5M2NhSEdzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOS8yMzkyOWEtYjI0Ny00ZjNiLTljZDEtOGIxZjViZWNkZGEy
LzEvNDhmQm40MmJVT3Bnek9kSml2RDlqRGtJRVo0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhIXgDAN
BgkqhkiG9w0BAQsFAAOCAQEAqPASd7ghJT5+mJC4zLs0vtZiLdvTR9Ev1/yj2Ek8
jp4Cvnn1R4eFrmmrf1FeJgKAYOFYKC3fPm/o/VT/ZFxZao7tSfQVvQqk6/qSce7U
GFxjphhhxCK0H9Z6Fun05w7OiIh4yTMosiXn9ElPHo2rRcol7yakZUU0fWAg1VK7
z0tDDb/yXNKJFudxM/0y40bfbwcr5R0EZAcQ5DHgZznnAW7BDnwBBA9kaexebrLp
1Uhem82JLRvU1g8bn5k2C21TersaABKxGNrznDmEWaVABTmog1TC4I9JFCUwVhL6
/fTgMClnLtU7+OyWjyjfcbcbox//ZNFuhEV4B5mXTUEeGA==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:10:33 2023 by rpki-client on console-ams.rpki-client.org