Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/rUU43a4_95irRGSzSBMF1-15CFM.roa
File: rUU43a4_95irRGSzSBMF1-15CFM.roa (raw, json)
Hash identifier: UYa9yBCPljmcO3olWVzfq21CdEMWUN1iMEukuVQHcVY=
Subject key identifier: AD:45:38:DD:AE:3F:F7:98:AB:44:64:B3:48:13:05:D7:ED:79:08:53
Certificate issuer: /CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Certificate serial: 19E44BD0
Authority key identifier: B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/rUU43a4_95irRGSzSBMF1-15CFM.roa
Signing time: Sat 01 Jan 2022 15:56:48 +0000
ROA not before: Sat 01 Jan 2022 15:56:48 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 60262
IP address blocks: 2a0f:2b40::/29 maxlen: 29
2a0f:fa80::/29 maxlen: 29
2a0f:c40::/29 maxlen: 29
2a0f:3640::/29 maxlen: 29
2a0f:1740::/29 maxlen: 29
2a0f:2240::/29 maxlen: 29
2a0f:2d40::/29 maxlen: 29
2a0f:e40::/29 maxlen: 29
2a0f:1940::/29 maxlen: 29
2a0f:f380::/29 maxlen: 29
2a0f:2f40::/29 maxlen: 29
2a0f:fe80::/29 maxlen: 29
2a0f:1040::/29 maxlen: 29
2a0e:c740::/29 maxlen: 29
2a0f:15c0::/29 maxlen: 29
2a0f:35c0::/29 maxlen: 29
2a0f:16c0::/29 maxlen: 29
2a0f:21c0::/29 maxlen: 29
2a0f:f680::/29 maxlen: 29
2a0f:2cc0::/29 maxlen: 29
2a0f:dc0::/29 maxlen: 29
2a0f:18c0::/29 maxlen: 29
2a0f:2ec0::/29 maxlen: 29
2a0f:fc0::/29 maxlen: 29
2a0f:e480::/29 maxlen: 29
2a0f:1ac0::/29 maxlen: 29
2a0f:2040::/29 maxlen: 29
2a0f:1640::/29 maxlen: 29
2a0f:2140::/29 maxlen: 29
2a0f:2c40::/29 maxlen: 29
2a0f:240::/29 maxlen: 29
2a0f:fb80::/29 maxlen: 29
2a0f:12c0::/29 maxlen: 29
2a0f:d40::/29 maxlen: 29
2a0f:3740::/29 maxlen: 29
2a0f:1840::/29 maxlen: 29
2a0f:2e40::/29 maxlen: 29
2a0f:f40::/29 maxlen: 29
2a0f:1a40::/29 maxlen: 29
2a0f:1fc0::/29 maxlen: 29
2a0f:f480::/29 maxlen: 29
2a0f:2ac0::/29 maxlen: 29
2a0f:20c0::/29 maxlen: 29
2a0f:f580::/29 maxlen: 29
2a0f:1c0::/29 maxlen: 29
2a0f:2bc0::/29 maxlen: 29
2a0f:36c0::/29 maxlen: 29
2a0f:cc0::/29 maxlen: 29
2a0f:1240::/29 maxlen: 29
2a0f:17c0::/29 maxlen: 29
2a0f:f780::/29 maxlen: 29
2a0f:2dc0::/29 maxlen: 29
2a0f:e380::/29 maxlen: 29
2a0f:19c0::/29 maxlen: 29
2a0f:f980::/29 maxlen: 29
2a0f:3540::/29 maxlen: 29
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 434392016 (0x19e44bd0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Validity
Not Before: Jan 1 15:56:48 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ad4538ddae3ff798ab4464b3481305d7ed790853
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:ae:19:5e:03:59:39:e0:7f:2c:a5:ac:09:0d:
bf:ae:e7:31:8b:bb:89:1a:5f:7d:62:11:45:ad:93:
5a:4c:ce:4f:3f:59:fd:bf:4f:a9:b2:a8:7a:16:3d:
21:21:ae:b7:98:fe:99:6a:43:d3:2c:c9:80:a9:2d:
f6:c0:ae:16:70:1e:7b:30:0d:f9:98:e3:46:d9:7d:
7a:67:48:aa:3a:46:c0:9e:56:20:05:ce:29:19:0d:
bf:c6:04:13:56:6e:0e:9c:a5:70:c9:fc:c7:26:d5:
34:8e:8b:97:c7:9e:a9:81:8a:34:fa:5f:db:95:f0:
33:42:14:ac:ed:bb:2c:61:b2:05:57:d6:3a:b7:d2:
ef:de:79:16:b2:be:ff:93:18:60:19:cf:48:cf:1c:
b3:b1:5e:9f:6d:9f:b4:68:84:ed:31:15:c3:cf:83:
34:7e:b0:c1:8b:6e:1d:ea:b8:72:e4:8b:e3:a3:5a:
60:47:9a:92:d4:19:b0:ae:6f:88:7f:37:6f:8d:3d:
30:40:db:4d:4e:3f:ab:f1:71:99:20:ad:bf:cd:9c:
e8:e2:67:f6:31:70:28:3e:c8:f4:fa:58:a1:78:80:
24:6a:0b:65:0f:ae:ed:be:72:e9:71:8b:52:16:fc:
0e:bc:97:dc:a9:73:64:d8:11:59:2a:08:0d:bd:fa:
aa:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:45:38:DD:AE:3F:F7:98:AB:44:64:B3:48:13:05:D7:ED:79:08:53
X509v3 Authority Key Identifier:
keyid:B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/rUU43a4_95irRGSzSBMF1-15CFM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:c740::/29
2a0f:1c0::/29
2a0f:240::/29
2a0f:c40::/29
2a0f:cc0::/29
2a0f:d40::/29
2a0f:dc0::/29
2a0f:e40::/29
2a0f:f40::/29
2a0f:fc0::/29
2a0f:1040::/29
2a0f:1240::/29
2a0f:12c0::/29
2a0f:15c0::/29
2a0f:1640::/29
2a0f:16c0::/29
2a0f:1740::/29
2a0f:17c0::/29
2a0f:1840::/29
2a0f:18c0::/29
2a0f:1940::/29
2a0f:19c0::/29
2a0f:1a40::/29
2a0f:1ac0::/29
2a0f:1fc0::/29
2a0f:2040::/29
2a0f:20c0::/29
2a0f:2140::/29
2a0f:21c0::/29
2a0f:2240::/29
2a0f:2ac0::/29
2a0f:2b40::/29
2a0f:2bc0::/29
2a0f:2c40::/29
2a0f:2cc0::/29
2a0f:2d40::/29
2a0f:2dc0::/29
2a0f:2e40::/29
2a0f:2ec0::/29
2a0f:2f40::/29
2a0f:3540::/29
2a0f:35c0::/29
2a0f:3640::/29
2a0f:36c0::/29
2a0f:3740::/29
2a0f:e380::/29
2a0f:e480::/29
2a0f:f380::/29
2a0f:f480::/29
2a0f:f580::/29
2a0f:f680::/29
2a0f:f780::/29
2a0f:f980::/29
2a0f:fa80::/29
2a0f:fb80::/29
2a0f:fe80::/29
Signature Algorithm: sha256WithRSAEncryption
2b:4a:6e:d2:1e:0f:b2:b2:68:a6:11:5d:99:6d:0d:1e:28:58:
53:66:25:64:ee:57:d6:83:7c:74:07:24:13:21:06:be:eb:f2:
aa:ad:e5:a5:d6:47:de:a2:96:20:56:b9:2a:5e:ea:a3:07:be:
5d:ee:bd:b0:59:db:5d:b8:30:ef:f9:cb:15:06:e8:e9:8c:33:
9a:66:49:c2:12:f1:00:36:d7:04:cc:b8:5c:f5:21:2c:16:9e:
6d:1f:10:46:c6:15:bc:1c:23:cd:6d:b2:52:b8:07:55:96:fd:
21:e4:0b:a5:1f:e7:18:92:96:3a:a5:54:91:d2:8f:eb:79:28:
f4:1e:3d:11:ee:e6:6f:a8:ee:08:41:24:47:cb:11:62:6f:ce:
4f:64:dc:e3:24:5a:bc:06:22:9a:54:c8:8a:2d:6a:23:78:2c:
0a:d6:2a:8a:2d:d9:be:30:41:1d:b6:f4:ea:f1:a7:76:f7:96:
14:d5:fc:82:75:76:d1:a5:f4:cc:06:51:30:09:e8:d4:f9:b5:
cd:91:95:e0:26:5c:3f:9d:ca:d8:ae:5d:99:a0:a6:68:d4:7e:
87:19:89:a2:32:2a:cc:82:c1:5f:bd:0c:a9:9d:58:c6:ae:03:
3b:1a:91:b0:1e:7e:bf:e7:72:0c:1c:b1:5d:ae:18:a3:d1:d2:
0e:ac:dc:dc
-----BEGIN CERTIFICATE-----
MIIGezCCBWOgAwIBAgIEGeRL0DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
MTU1MDA5YzNkZTQyMWNjNGU2N2I5YTlhZTQyM2JiMzVkZTBiOTI2MB4XDTIyMDEw
MTE1NTY0OFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYWQ0NTM4ZGRhZTNm
Zjc5OGFiNDQ2NGIzNDgxMzA1ZDdlZDc5MDg1MzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANWuGV4DWTngfyylrAkNv67nMYu7iRpffWIRRa2TWkzOTz9Z
/b9PqbKoehY9ISGut5j+mWpD0yzJgKkt9sCuFnAeezAN+ZjjRtl9emdIqjpGwJ5W
IAXOKRkNv8YEE1ZuDpylcMn8xybVNI6Ll8eeqYGKNPpf25XwM0IUrO27LGGyBVfW
OrfS7955FrK+/5MYYBnPSM8cs7Fen22ftGiE7TEVw8+DNH6wwYtuHeq4cuSL46Na
YEeaktQZsK5viH83b409MEDbTU4/q/FxmSCtv82c6OJn9jFwKD7I9PpYoXiAJGoL
ZQ+u7b5y6XGLUhb8DryX3KlzZNgRWSoIDb36qisCAwEAAaOCA5UwggORMB0GA1Ud
DgQWBBStRTjdrj/3mKtEZLNIEwXX7XkIUzAfBgNVHSMEGDAWgBSxVQCcPeQhzE5n
uamuQjuzXeC5JjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3NWVUFuRDNrSWN4T1o3bXBya0k3czEzZ3VTWS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYTAvZGU5MDJjLTNkMTMtNDdkMS1hNWU2LTczODU2YWY0OWYzZS8x
L3JVVTQzYTRfOTVpclJHU3pTQk1GMS0xNUNGTS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTAv
ZGU5MDJjLTNkMTMtNDdkMS1hNWU2LTczODU2YWY0OWYzZS8xL3NWVUFuRDNrSWN4
T1o3bXBya0k3czEzZ3VTWS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCC
AakGCCsGAQUFBwEHAQH/BIIBmDCCAZQwggGQBAIAAjCCAYgDBQMqDsdAAwUDKg8B
wAMFAyoPAkADBQMqDwxAAwUDKg8MwAMFAyoPDUADBQMqDw3AAwUDKg8OQAMFAyoP
D0ADBQMqDw/AAwUDKg8QQAMFAyoPEkADBQMqDxLAAwUDKg8VwAMFAyoPFkADBQMq
DxbAAwUDKg8XQAMFAyoPF8ADBQMqDxhAAwUDKg8YwAMFAyoPGUADBQMqDxnAAwUD
Kg8aQAMFAyoPGsADBQMqDx/AAwUDKg8gQAMFAyoPIMADBQMqDyFAAwUDKg8hwAMF
AyoPIkADBQMqDyrAAwUDKg8rQAMFAyoPK8ADBQMqDyxAAwUDKg8swAMFAyoPLUAD
BQMqDy3AAwUDKg8uQAMFAyoPLsADBQMqDy9AAwUDKg81QAMFAyoPNcADBQMqDzZA
AwUDKg82wAMFAyoPN0ADBQMqD+OAAwUDKg/kgAMFAyoP84ADBQMqD/SAAwUDKg/1
gAMFAyoP9oADBQMqD/eAAwUDKg/5gAMFAyoP+oADBQMqD/uAAwUDKg/+gDANBgkq
hkiG9w0BAQsFAAOCAQEAK0pu0h4PsrJophFdmW0NHihYU2YlZO5X1oN8dAckEyEG
vuvyqq3lpdZH3qKWIFa5Kl7qowe+Xe69sFnbXbgw7/nLFQbo6YwzmmZJwhLxADbX
BMy4XPUhLBaebR8QRsYVvBwjzW2yUrgHVZb9IeQLpR/nGJKWOqVUkdKP63ko9B49
Ee7mb6juCEEkR8sRYm/OT2Tc4yRavAYimlTIii1qI3gsCtYqii3ZvjBBHbb06vGn
dveWFNX8gnV20aX0zAZRMAno1Pm1zZGV4CZcP53K2K5dmaCmaNR+hxmJojIqzILB
X70MqZ1Yxq4DOxqRsB5+v+dyDByxXa4Yo9HSDqzc3A==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:01:33 2023 by rpki-client on console-fra.rpki-client.org