Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/XNfsaahd5SngYhYlNGrfFeqVhhQ.roa
File: XNfsaahd5SngYhYlNGrfFeqVhhQ.roa (raw, json)
Hash identifier: l7MwTLutFo0I0Z4QTu8qq+KlWSwkqQ48gZtc3BAerc8=
Subject key identifier: 5C:D7:EC:69:A8:5D:E5:29:E0:62:16:25:34:6A:DF:15:EA:95:86:14
Certificate issuer: /CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Certificate serial: 01856F798A3EEC3EB5D311F3F3A836787012
Authority key identifier: B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/XNfsaahd5SngYhYlNGrfFeqVhhQ.roa
Signing time: Sun 01 Jan 2023 22:35:14 +0000
ROA not before: Sun 01 Jan 2023 22:35:14 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60262
IP address blocks: 2a0f:2b40::/29 maxlen: 29
2a0f:fa80::/29 maxlen: 29
2a0f:c40::/29 maxlen: 29
2a0f:3640::/29 maxlen: 29
2a0f:1740::/29 maxlen: 29
2a0f:2240::/29 maxlen: 29
2a0f:2d40::/29 maxlen: 29
2a0f:27c0::/29 maxlen: 29
2a0f:e40::/29 maxlen: 29
2a0f:1940::/29 maxlen: 29
2a0f:f380::/29 maxlen: 29
2a0f:2f40::/29 maxlen: 29
2a0f:fe80::/29 maxlen: 29
2a0f:1040::/29 maxlen: 29
2a0f:15c0::/29 maxlen: 29
2a0f:35c0::/29 maxlen: 29
2a0f:16c0::/29 maxlen: 29
2a0f:21c0::/29 maxlen: 29
2a0f:f680::/29 maxlen: 29
2a0f:2cc0::/29 maxlen: 29
2a0f:dc0::/29 maxlen: 29
2a0f:18c0::/29 maxlen: 29
2a0f:2940::/29 maxlen: 29
2a0f:2ec0::/29 maxlen: 29
2a0f:fc0::/29 maxlen: 29
2a0f:a40::/29 maxlen: 29
2a0f:1540::/29 maxlen: 29
2a0f:e480::/29 maxlen: 29
2a0f:1ac0::/29 maxlen: 29
2a0f:2040::/29 maxlen: 29
2a0f:1640::/29 maxlen: 29
2a0f:2140::/29 maxlen: 29
2a0f:2c40::/29 maxlen: 29
2a0f:240::/29 maxlen: 29
2a0f:fb80::/29 maxlen: 29
2a0f:12c0::/29 maxlen: 29
2a0f:d40::/29 maxlen: 29
2a0f:3740::/29 maxlen: 29
2a0f:1840::/29 maxlen: 29
2a0f:2e40::/29 maxlen: 29
2a0f:28c0::/29 maxlen: 29
2a0f:f40::/29 maxlen: 29
2a0f:1a40::/29 maxlen: 29
2a0f:14c0::/29 maxlen: 29
2a0f:1fc0::/29 maxlen: 29
2a0f:f480::/29 maxlen: 29
2a0f:2ac0::/29 maxlen: 29
2a0f:20c0::/29 maxlen: 29
2a0f:f580::/29 maxlen: 29
2a0f:1c0::/29 maxlen: 29
2a0f:2bc0::/29 maxlen: 29
2a0f:36c0::/29 maxlen: 29
2a0f:cc0::/29 maxlen: 29
2a0f:1240::/29 maxlen: 29
2a0f:17c0::/29 maxlen: 29
2a0f:2840::/29 maxlen: 29
2a0f:f780::/29 maxlen: 29
2a0f:2dc0::/29 maxlen: 29
2a0f:19c0::/29 maxlen: 29
2a0f:f980::/29 maxlen: 29
2a0f:2a40::/29 maxlen: 29
2a0f:3540::/29 maxlen: 29
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:79:8a:3e:ec:3e:b5:d3:11:f3:f3:a8:36:78:70:12
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Validity
Not Before: Jan 1 22:35:14 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5cd7ec69a85de529e0621625346adf15ea958614
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:02:ea:67:8d:5c:bb:92:25:85:47:25:59:be:
68:b6:2b:74:02:b5:09:3b:a3:e5:37:a7:41:59:3a:
41:4f:be:cc:5c:0d:06:22:23:af:23:50:e6:5e:b4:
9e:ed:a1:57:24:5e:44:a2:b6:b5:cf:26:ce:3a:6f:
d9:2e:24:3e:cf:dc:da:dc:97:20:02:5a:1e:ff:66:
b0:4e:8f:07:9d:27:05:26:0c:5b:bd:ef:0a:d9:d9:
ac:2d:81:e5:e6:df:46:4a:23:c2:48:d0:26:c6:38:
6d:1b:5c:f7:b6:27:fe:d8:84:43:45:9c:a5:58:6f:
df:b6:79:94:3d:96:c8:7f:b4:b3:94:9e:a6:87:a3:
e4:e0:c9:2a:85:4b:bb:58:f0:eb:a7:c2:74:0e:23:
02:f6:88:81:5a:98:ac:4b:d0:0d:39:78:17:f9:c5:
01:96:00:d1:75:fd:30:0c:fa:b9:a3:c9:36:df:51:
99:fa:d3:a6:67:0c:ac:00:99:2c:c6:4c:bf:44:96:
7e:d0:b9:e7:d3:16:06:6a:5a:c9:0b:4a:0e:2d:5e:
9a:7a:c4:56:40:32:9a:2c:45:e4:e2:e8:87:9e:b3:
ef:d8:9f:95:10:93:69:bc:f9:21:b2:26:54:29:1d:
6c:21:0d:1e:4c:12:b5:aa:b3:1a:39:57:56:0d:6a:
ea:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:D7:EC:69:A8:5D:E5:29:E0:62:16:25:34:6A:DF:15:EA:95:86:14
X509v3 Authority Key Identifier:
keyid:B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/XNfsaahd5SngYhYlNGrfFeqVhhQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:1c0::/29
2a0f:240::/29
2a0f:a40::/29
2a0f:c40::/29
2a0f:cc0::/29
2a0f:d40::/29
2a0f:dc0::/29
2a0f:e40::/29
2a0f:f40::/29
2a0f:fc0::/29
2a0f:1040::/29
2a0f:1240::/29
2a0f:12c0::/29
2a0f:14c0::/29
2a0f:1540::/29
2a0f:15c0::/29
2a0f:1640::/29
2a0f:16c0::/29
2a0f:1740::/29
2a0f:17c0::/29
2a0f:1840::/29
2a0f:18c0::/29
2a0f:1940::/29
2a0f:19c0::/29
2a0f:1a40::/29
2a0f:1ac0::/29
2a0f:1fc0::/29
2a0f:2040::/29
2a0f:20c0::/29
2a0f:2140::/29
2a0f:21c0::/29
2a0f:2240::/29
2a0f:27c0::/29
2a0f:2840::/29
2a0f:28c0::/29
2a0f:2940::/29
2a0f:2a40::/29
2a0f:2ac0::/29
2a0f:2b40::/29
2a0f:2bc0::/29
2a0f:2c40::/29
2a0f:2cc0::/29
2a0f:2d40::/29
2a0f:2dc0::/29
2a0f:2e40::/29
2a0f:2ec0::/29
2a0f:2f40::/29
2a0f:3540::/29
2a0f:35c0::/29
2a0f:3640::/29
2a0f:36c0::/29
2a0f:3740::/29
2a0f:e480::/29
2a0f:f380::/29
2a0f:f480::/29
2a0f:f580::/29
2a0f:f680::/29
2a0f:f780::/29
2a0f:f980::/29
2a0f:fa80::/29
2a0f:fb80::/29
2a0f:fe80::/29
Signature Algorithm: sha256WithRSAEncryption
46:d4:6d:a3:56:1c:f6:9e:7e:c2:f4:4b:f0:96:f0:fe:c6:a6:
01:4a:06:63:f2:ee:07:0e:2a:d1:ea:93:ba:7e:f0:cd:40:9d:
1d:fb:0f:86:ba:96:b5:5e:fb:cb:ad:9f:d9:a6:dd:54:73:dd:
0c:14:a9:08:39:ff:dd:c0:05:1f:97:00:9d:9e:54:9b:8a:66:
fc:bb:62:6e:13:b7:29:87:f0:36:3f:ac:db:e9:b2:db:76:c1:
d8:39:b2:0a:78:55:a4:6d:c0:dc:68:66:23:21:0f:2b:62:3b:
3e:c8:b5:2c:d7:1c:fb:5d:e2:69:04:46:03:44:4f:f0:df:f4:
24:66:c4:0a:51:ce:b6:1f:93:2f:39:c7:c2:6a:7d:48:f6:18:
b0:a4:e3:b2:3a:9d:fd:06:19:18:2b:45:56:0d:c4:40:e5:92:
33:16:c1:0c:95:67:95:30:f4:a7:bd:9b:dd:df:25:77:61:4f:
4e:93:ef:78:91:ac:33:32:9d:d1:04:8f:7b:17:47:a8:f0:a0:
12:11:35:7b:e8:bb:5e:02:6d:92:7b:36:02:10:0b:8a:b5:33:
bf:75:46:78:11:74:29:80:df:93:8b:94:a0:67:f5:63:78:33:
4d:79:f2:1f:a7:2a:b0:35:0a:e6:09:f8:9b:2f:e0:3a:16:97:
57:83:47:7c
-----BEGIN CERTIFICATE-----
MIIGszCCBZugAwIBAgISAYVveYo+7D610xHz86g2eHASMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxNTUwMDljM2RlNDIxY2M0ZTY3YjlhOWFlNDIzYmIzNWRl
MGI5MjYwHhcNMjMwMTAxMjIzNTE0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1Y2Q3ZWM2OWE4NWRlNTI5ZTA2MjE2MjUzNDZhZGYxNWVhOTU4NjE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAygLqZ41cu5IlhUclWb5otit0ArUJ
O6PlN6dBWTpBT77MXA0GIiOvI1DmXrSe7aFXJF5Eora1zybOOm/ZLiQ+z9za3Jcg
Aloe/2awTo8HnScFJgxbve8K2dmsLYHl5t9GSiPCSNAmxjhtG1z3tif+2IRDRZyl
WG/ftnmUPZbIf7SzlJ6mh6Pk4MkqhUu7WPDrp8J0DiMC9oiBWpisS9ANOXgX+cUB
lgDRdf0wDPq5o8k231GZ+tOmZwysAJksxky/RJZ+0Lnn0xYGalrJC0oOLV6aesRW
QDKaLEXk4uiHnrPv2J+VEJNpvPkhsiZUKR1sIQ0eTBK1qrMaOVdWDWrqCQIDAQAB
o4IDvzCCA7swHQYDVR0OBBYEFFzX7GmoXeUp4GIWJTRq3xXqlYYUMB8GA1UdIwQY
MBaAFLFVAJw95CHMTme5qa5CO7Nd4LkmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYt
NzM4NTZhZjQ5ZjNlLzEvWE5mc2FhaGQ1U25nWWhZbE5HcmZGZXFWaGhRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYtNzM4NTZhZjQ5ZjNl
LzEvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIB0wYIKwYBBQUHAQcBAf8EggHCMIIBvjCCAboEAgACMIIB
sgMFAyoPAcADBQMqDwJAAwUDKg8KQAMFAyoPDEADBQMqDwzAAwUDKg8NQAMFAyoP
DcADBQMqDw5AAwUDKg8PQAMFAyoPD8ADBQMqDxBAAwUDKg8SQAMFAyoPEsADBQMq
DxTAAwUDKg8VQAMFAyoPFcADBQMqDxZAAwUDKg8WwAMFAyoPF0ADBQMqDxfAAwUD
Kg8YQAMFAyoPGMADBQMqDxlAAwUDKg8ZwAMFAyoPGkADBQMqDxrAAwUDKg8fwAMF
AyoPIEADBQMqDyDAAwUDKg8hQAMFAyoPIcADBQMqDyJAAwUDKg8nwAMFAyoPKEAD
BQMqDyjAAwUDKg8pQAMFAyoPKkADBQMqDyrAAwUDKg8rQAMFAyoPK8ADBQMqDyxA
AwUDKg8swAMFAyoPLUADBQMqDy3AAwUDKg8uQAMFAyoPLsADBQMqDy9AAwUDKg81
QAMFAyoPNcADBQMqDzZAAwUDKg82wAMFAyoPN0ADBQMqD+SAAwUDKg/zgAMFAyoP
9IADBQMqD/WAAwUDKg/2gAMFAyoP94ADBQMqD/mAAwUDKg/6gAMFAyoP+4ADBQMq
D/6AMA0GCSqGSIb3DQEBCwUAA4IBAQBG1G2jVhz2nn7C9EvwlvD+xqYBSgZj8u4H
DirR6pO6fvDNQJ0d+w+Gupa1XvvLrZ/Zpt1Uc90MFKkIOf/dwAUflwCdnlSbimb8
u2JuE7cph/A2P6zb6bLbdsHYObIKeFWkbcDcaGYjIQ8rYjs+yLUs1xz7XeJpBEYD
RE/w3/QkZsQKUc62H5MvOcfCan1I9hiwpOOyOp39BhkYK0VWDcRA5ZIzFsEMlWeV
MPSnvZvd3yV3YU9Ok+94kawzMp3RBI97F0eo8KASETV76LteAm2SezYCEAuKtTO/
dUZ4EXQpgN+Ti5SgZ/VjeDNNefIfpyqwNQrmCfibL+A6FpdXg0d8
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:05:24 2023 by rpki-client on console-ams.rpki-client.org