Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/73/7c7bf6-2bdf-4c7d-9aec-1ef1cee661ca/1/BDm1jSbXDuc-C1giMPBmS4rVbUo.roa
File: BDm1jSbXDuc-C1giMPBmS4rVbUo.roa (raw, json)
Hash identifier: YO0I1G1QMrlhd5kpCAQVf/C5t2zAI0tnCQvWbTWWvKc=
Subject key identifier: 04:39:B5:8D:26:D7:0E:E7:3E:0B:58:22:30:F0:66:4B:8A:D5:6D:4A
Certificate issuer: /CN=4be1bbbe540079d2b7f270b92ceaf3b2a816e8fa
Certificate serial: 01856BD373F286DF813F10C8F38BBA5E5A9C
Authority key identifier: 4B:E1:BB:BE:54:00:79:D2:B7:F2:70:B9:2C:EA:F3:B2:A8:16:E8:FA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/S-G7vlQAedK38nC5LOrzsqgW6Po.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/73/7c7bf6-2bdf-4c7d-9aec-1ef1cee661ca/1/BDm1jSbXDuc-C1giMPBmS4rVbUo.roa
Signing time: Sun 01 Jan 2023 05:34:57 +0000
ROA not before: Sun 01 Jan 2023 05:34:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203629
IP address blocks: 2a06:ddc5::/32 maxlen: 32
2a13:3306::/32 maxlen: 32
2a06:ddc2::/32 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:d3:73:f2:86:df:81:3f:10:c8:f3:8b:ba:5e:5a:9c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4be1bbbe540079d2b7f270b92ceaf3b2a816e8fa
Validity
Not Before: Jan 1 05:34:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0439b58d26d70ee73e0b582230f0664b8ad56d4a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:71:19:0c:72:d4:65:54:e9:f8:d6:82:87:79:
06:31:71:43:46:60:c0:58:d4:da:ca:9e:78:5d:d8:
ec:3c:81:a7:7f:94:5e:05:23:d6:76:01:1c:f9:65:
1c:ed:ef:4e:aa:28:09:cf:ad:89:a9:17:7d:56:74:
19:20:80:a6:26:14:3d:f0:2a:6d:b4:03:e6:a5:08:
bf:ab:0e:c4:fc:01:84:0f:ab:9a:54:72:c3:78:22:
a9:3f:19:ed:b1:91:4d:e4:2a:58:9b:6e:23:bd:98:
cd:95:b6:62:a8:d9:66:08:98:2c:41:6c:aa:cf:92:
5b:67:b1:79:4b:4b:d6:be:e5:92:04:8f:86:08:c3:
a7:0a:b3:3a:df:59:49:06:a1:b2:e7:c1:10:fd:f6:
03:7b:04:20:23:2d:bf:ab:c2:8d:7b:41:bd:1a:17:
4b:cd:0c:18:5c:86:da:c6:08:33:82:40:9b:46:e7:
47:21:08:61:b3:69:f7:b0:28:51:00:b5:d1:08:f5:
5f:cc:04:44:54:51:d5:b9:c5:c9:a1:04:b1:ba:cc:
db:96:65:44:fa:3a:41:d4:07:0c:6f:31:0c:55:a8:
ff:48:80:f9:23:9e:b0:d9:7b:08:2e:f0:db:26:a8:
ed:62:25:26:a7:29:59:69:97:cc:95:74:57:f3:5d:
f2:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:39:B5:8D:26:D7:0E:E7:3E:0B:58:22:30:F0:66:4B:8A:D5:6D:4A
X509v3 Authority Key Identifier:
keyid:4B:E1:BB:BE:54:00:79:D2:B7:F2:70:B9:2C:EA:F3:B2:A8:16:E8:FA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/S-G7vlQAedK38nC5LOrzsqgW6Po.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/73/7c7bf6-2bdf-4c7d-9aec-1ef1cee661ca/1/BDm1jSbXDuc-C1giMPBmS4rVbUo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/73/7c7bf6-2bdf-4c7d-9aec-1ef1cee661ca/1/S-G7vlQAedK38nC5LOrzsqgW6Po.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:ddc2::/32
2a06:ddc5::/32
2a13:3306::/32
Signature Algorithm: sha256WithRSAEncryption
87:d3:4f:75:f4:11:1f:a7:ab:95:6b:dd:02:2c:70:49:62:62:
b2:6b:a1:8f:bc:70:49:f5:e1:0c:35:ae:57:10:a7:cd:6a:c1:
3c:23:bf:c0:81:ec:31:fe:f5:0e:b7:f3:65:39:14:37:28:b3:
0a:d7:fb:88:21:5c:60:20:ef:bd:a6:98:d9:0b:a1:2f:04:49:
9f:cb:d2:27:10:14:70:0b:76:31:7e:82:66:6e:a7:1a:c0:ec:
b6:ee:3f:ed:55:fd:20:a9:93:41:4a:da:90:9b:68:be:8c:44:
fa:5e:14:f4:c8:5d:a9:fb:1d:8e:d6:ad:85:67:2d:2e:a6:d0:
54:3d:3e:8b:f6:2c:9b:07:e7:00:2e:b4:1c:f9:9c:e4:cd:2a:
b3:bf:97:1f:1a:03:26:2f:70:04:e0:10:8d:2e:8d:0f:cc:48:
dc:6b:70:ab:4e:24:62:9e:d3:33:d1:7a:dd:37:2c:ef:dd:0a:
72:13:a7:7d:7a:01:94:66:ec:4b:9b:a2:88:a3:5d:35:1a:01:
16:bd:34:55:78:9e:c6:4e:c8:83:0e:27:9a:39:5f:35:98:a7:
1c:01:52:5a:7c:d9:a2:8f:c6:6d:1b:f0:f8:ee:19:3f:68:8a:
38:7f:16:f9:7a:99:a6:f9:58:4d:cd:b7:71:b1:93:48:61:13:
58:8c:ce:2c
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVr03Pyht+BPxDI84u6XlqcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRiZTFiYmJlNTQwMDc5ZDJiN2YyNzBiOTJjZWFmM2IyYTgx
NmU4ZmEwHhcNMjMwMTAxMDUzNDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNDM5YjU4ZDI2ZDcwZWU3M2UwYjU4MjIzMGYwNjY0YjhhZDU2ZDRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz3EZDHLUZVTp+NaCh3kGMXFDRmDA
WNTayp54XdjsPIGnf5ReBSPWdgEc+WUc7e9OqigJz62JqRd9VnQZIICmJhQ98Cpt
tAPmpQi/qw7E/AGED6uaVHLDeCKpPxntsZFN5CpYm24jvZjNlbZiqNlmCJgsQWyq
z5JbZ7F5S0vWvuWSBI+GCMOnCrM631lJBqGy58EQ/fYDewQgIy2/q8KNe0G9GhdL
zQwYXIbaxggzgkCbRudHIQhhs2n3sChRALXRCPVfzAREVFHVucXJoQSxuszblmVE
+jpB1AcMbzEMVaj/SID5I56w2XsILvDbJqjtYiUmpylZaZfMlXRX813ygQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFAQ5tY0m1w7nPgtYIjDwZkuK1W1KMB8GA1UdIwQY
MBaAFEvhu75UAHnSt/JwuSzq87KoFuj6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUy1HN3ZsUUFlZEszOG5DNUxPcnpzcWdXNlBvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83My83YzdiZjYtMmJkZi00YzdkLTlhZWMt
MWVmMWNlZTY2MWNhLzEvQkRtMWpTYlhEdWMtQzFnaU1QQm1TNHJWYlVvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83My83YzdiZjYtMmJkZi00YzdkLTlhZWMtMWVmMWNlZTY2MWNh
LzEvUy1HN3ZsUUFlZEszOG5DNUxPcnpzcWdXNlBvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAbBAIAAjAVAwUAKgbdwgMF
ACoG3cUDBQAqEzMGMA0GCSqGSIb3DQEBCwUAA4IBAQCH00919BEfp6uVa90CLHBJ
YmKya6GPvHBJ9eEMNa5XEKfNasE8I7/Agewx/vUOt/NlORQ3KLMK1/uIIVxgIO+9
ppjZC6EvBEmfy9InEBRwC3YxfoJmbqcawOy27j/tVf0gqZNBStqQm2i+jET6XhT0
yF2p+x2O1q2FZy0uptBUPT6L9iybB+cALrQc+ZzkzSqzv5cfGgMmL3AE4BCNLo0P
zEjca3CrTiRintMz0XrdNyzv3QpyE6d9egGUZuxLm6KIo101GgEWvTRVeJ7GTsiD
DieaOV81mKccAVJafNmij8ZtG/D47hk/aIo4fxb5epmm+VhNzbdxsZNIYRNYjM4s
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:34:59 2024 by rpki-client on console-fra.rpki-client.org