Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1d/89ec25-72dc-4f0f-8b2f-ad7890c2e752/1/wcmpquBT7mv_WsS6l7oFWZvjuEY.roa
File: wcmpquBT7mv_WsS6l7oFWZvjuEY.roa (raw, json)
Hash identifier: mAJApFhOOKsgJzceOQuDyRiOYVw9fn/0cFuwXhuyHps=
Subject key identifier: C1:C9:A9:AA:E0:53:EE:6B:FF:5A:C4:BA:97:BA:05:59:9B:E3:B8:46
Certificate issuer: /CN=5bd74e39dda400d136126e6c3efb1cf9344277ef
Certificate serial: 018DEAFE42C3893B3A27952E96DC7479E623
Authority key identifier: 5B:D7:4E:39:DD:A4:00:D1:36:12:6E:6C:3E:FB:1C:F9:34:42:77:EF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/W9dOOd2kANE2Em5sPvsc-TRCd-8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1d/89ec25-72dc-4f0f-8b2f-ad7890c2e752/1/wcmpquBT7mv_WsS6l7oFWZvjuEY.roa
Signing time: Tue 27 Feb 2024 14:35:48 +0000
ROA not before: Tue 27 Feb 2024 14:35:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 213220
IP address blocks: 2a11:aac5::/32 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:ea:fe:42:c3:89:3b:3a:27:95:2e:96:dc:74:79:e6:23
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5bd74e39dda400d136126e6c3efb1cf9344277ef
Validity
Not Before: Feb 27 14:35:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c1c9a9aae053ee6bff5ac4ba97ba05599be3b846
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:b0:78:63:bf:55:2d:3d:ac:4a:14:19:8f:4a:
e0:a3:85:08:c8:c3:eb:dd:86:b2:21:3b:a2:b8:20:
30:58:ed:fd:0a:90:8b:bf:fc:62:8e:2a:0f:5c:c8:
c7:0e:f4:55:17:e0:02:69:6d:76:d8:6d:24:fd:44:
5d:75:d0:2d:1a:b0:98:a5:bb:41:f7:03:1b:19:2d:
7e:25:a7:d7:60:55:73:4b:cb:a8:be:c2:78:4c:63:
ac:d1:63:11:c1:56:4d:b4:25:39:a8:96:fb:9d:bc:
cb:9a:08:81:0e:0f:47:19:55:be:bd:83:88:fa:34:
30:34:f7:84:6a:9e:d0:7d:b7:02:f6:a0:4f:29:bc:
7d:59:6b:51:4a:ef:46:06:73:be:23:d3:23:9a:ec:
bd:54:38:55:0e:db:4e:c7:09:7f:fa:dc:ab:3d:52:
b8:2c:8c:62:a2:e9:32:cc:77:c2:08:12:0a:d7:ce:
68:74:a1:b5:6b:29:2a:d3:df:1f:f0:6e:49:64:46:
ca:f3:45:60:1a:08:db:79:20:ed:87:24:12:f7:7b:
d9:14:4f:3e:9e:ee:7a:b9:31:13:07:1c:23:00:f4:
b0:8e:7a:96:d8:38:51:b4:24:7a:6a:c7:38:ea:d7:
88:2a:95:ca:bc:25:7c:da:98:3b:09:cc:46:f2:89:
b1:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:C9:A9:AA:E0:53:EE:6B:FF:5A:C4:BA:97:BA:05:59:9B:E3:B8:46
X509v3 Authority Key Identifier:
keyid:5B:D7:4E:39:DD:A4:00:D1:36:12:6E:6C:3E:FB:1C:F9:34:42:77:EF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/W9dOOd2kANE2Em5sPvsc-TRCd-8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/89ec25-72dc-4f0f-8b2f-ad7890c2e752/1/wcmpquBT7mv_WsS6l7oFWZvjuEY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/89ec25-72dc-4f0f-8b2f-ad7890c2e752/1/W9dOOd2kANE2Em5sPvsc-TRCd-8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:aac5::/32
Signature Algorithm: sha256WithRSAEncryption
2f:2c:f8:fb:3a:2d:55:9a:6c:10:26:49:1b:b3:d8:09:b5:7c:
96:71:52:09:ed:35:4f:50:06:37:70:d7:27:d2:0b:02:5f:64:
82:40:a2:a0:69:f0:57:83:54:48:3c:81:80:66:4a:77:03:bd:
3e:6f:9c:21:5f:b9:45:e8:93:77:01:e8:93:08:54:5c:f1:09:
62:f5:b0:18:9b:18:44:fe:72:07:bf:48:44:f3:8e:d5:75:6b:
87:b3:ed:63:9c:80:b6:90:e0:d0:a1:bf:7e:91:32:c3:dc:1c:
3f:98:ee:b7:82:ec:0e:a2:12:aa:6f:df:26:83:b8:f3:55:12:
e3:77:3e:b5:fd:5e:f4:af:65:cb:b7:27:0f:0a:d8:11:1f:83:
62:8a:ae:2f:8d:e9:fc:dc:08:56:f9:94:d9:f9:9d:79:8f:5c:
1a:f7:79:ed:7c:f7:00:77:4a:92:36:55:47:49:f6:47:08:ef:
37:80:65:02:73:5c:5a:9b:ef:bd:25:cb:57:c0:df:d5:c2:cf:
b3:2f:4b:57:24:9a:9f:7d:a5:2c:1e:06:3b:b4:5a:60:78:98:
1f:1a:9c:2b:41:40:a3:94:80:b9:45:04:02:d7:f7:4d:9d:ed:
95:54:de:72:fd:c3:ac:0f:f2:61:da:07:b5:49:70:e1:31:e1:
12:4f:f3:aa
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAY3q/kLDiTs6J5Uultx0eeYjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDViZDc0ZTM5ZGRhNDAwZDEzNjEyNmU2YzNlZmIxY2Y5MzQ0
Mjc3ZWYwHhcNMjQwMjI3MTQzNTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMWM5YTlhYWUwNTNlZTZiZmY1YWM0YmE5N2JhMDU1OTliZTNiODQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtLB4Y79VLT2sShQZj0rgo4UIyMPr
3YayITuiuCAwWO39CpCLv/xijioPXMjHDvRVF+ACaW122G0k/URdddAtGrCYpbtB
9wMbGS1+JafXYFVzS8uovsJ4TGOs0WMRwVZNtCU5qJb7nbzLmgiBDg9HGVW+vYOI
+jQwNPeEap7QfbcC9qBPKbx9WWtRSu9GBnO+I9Mjmuy9VDhVDttOxwl/+tyrPVK4
LIxioukyzHfCCBIK185odKG1aykq098f8G5JZEbK80VgGgjbeSDthyQS93vZFE8+
nu56uTETBxwjAPSwjnqW2DhRtCR6asc46teIKpXKvCV82pg7CcxG8omx4wIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFMHJqargU+5r/1rEupe6BVmb47hGMB8GA1UdIwQY
MBaAFFvXTjndpADRNhJubD77HPk0QnfvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVzlkT09kMmtBTkUyRW01c1B2c2MtVFJDZC04LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZC84OWVjMjUtNzJkYy00ZjBmLThiMmYt
YWQ3ODkwYzJlNzUyLzEvd2NtcHF1QlQ3bXZfV3NTNmw3b0ZXWnZqdUVZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZC84OWVjMjUtNzJkYy00ZjBmLThiMmYtYWQ3ODkwYzJlNzUy
LzEvVzlkT09kMmtBTkUyRW01c1B2c2MtVFJDZC04LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKhGqxTAN
BgkqhkiG9w0BAQsFAAOCAQEALyz4+zotVZpsECZJG7PYCbV8lnFSCe01T1AGN3DX
J9ILAl9kgkCioGnwV4NUSDyBgGZKdwO9Pm+cIV+5ReiTdwHokwhUXPEJYvWwGJsY
RP5yB79IRPOO1XVrh7PtY5yAtpDg0KG/fpEyw9wcP5jut4LsDqISqm/fJoO481US
43c+tf1e9K9ly7cnDwrYER+DYoquL43p/NwIVvmU2fmdeY9cGvd57Xz3AHdKkjZV
R0n2RwjvN4BlAnNcWpvvvSXLV8Df1cLPsy9LVySan32lLB4GO7RaYHiYHxqcK0FA
o5SAuUUEAtf3TZ3tlVTecv3DrA/yYdoHtUlw4THhEk/zqg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:57:14 2024 by rpki-client on console-ams.rpki-client.org