Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/vtAj_Y8osPchz_-thqdBO1Iy2aI.roa
File: vtAj_Y8osPchz_-thqdBO1Iy2aI.roa (raw, json)
Hash identifier: OmsjNNBRxOovNkLMtJS2fK1wLMZNXCNrhtFt8ZUEGBw=
Subject key identifier: BE:D0:23:FD:8F:28:B0:F7:21:CF:FF:AD:86:A7:41:3B:52:32:D9:A2
Certificate issuer: /CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Certificate serial: 1B8D5D64
Authority key identifier: B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/vtAj_Y8osPchz_-thqdBO1Iy2aI.roa
Signing time: Thu 02 Jun 2022 08:41:31 +0000
ROA not before: Thu 02 Jun 2022 08:41:31 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 60262
IP address blocks: 2a0f:2b40::/29 maxlen: 29
2a0f:fa80::/29 maxlen: 29
2a0f:c40::/29 maxlen: 29
2a0f:3640::/29 maxlen: 29
2a0f:1740::/29 maxlen: 29
2a0f:2240::/29 maxlen: 29
2a0f:2d40::/29 maxlen: 29
2a0f:27c0::/29 maxlen: 29
2a0f:e40::/29 maxlen: 29
2a0f:1940::/29 maxlen: 29
2a0f:f380::/29 maxlen: 29
2a0f:2f40::/29 maxlen: 29
2a0f:fe80::/29 maxlen: 29
2a0f:1040::/29 maxlen: 29
2a0f:15c0::/29 maxlen: 29
2a0f:35c0::/29 maxlen: 29
2a0f:16c0::/29 maxlen: 29
2a0f:21c0::/29 maxlen: 29
2a0f:f680::/29 maxlen: 29
2a0f:2cc0::/29 maxlen: 29
2a0f:dc0::/29 maxlen: 29
2a0f:18c0::/29 maxlen: 29
2a0f:2940::/29 maxlen: 29
2a0f:2ec0::/29 maxlen: 29
2a0f:fc0::/29 maxlen: 29
2a0f:a40::/29 maxlen: 29
2a0f:1540::/29 maxlen: 29
2a0f:e480::/29 maxlen: 29
2a0f:1ac0::/29 maxlen: 29
2a0f:2040::/29 maxlen: 29
2a0f:1640::/29 maxlen: 29
2a0f:2140::/29 maxlen: 29
2a0f:2c40::/29 maxlen: 29
2a0f:240::/29 maxlen: 29
2a0f:fb80::/29 maxlen: 29
2a0f:12c0::/29 maxlen: 29
2a0f:d40::/29 maxlen: 29
2a0f:3740::/29 maxlen: 29
2a0f:1840::/29 maxlen: 29
2a0f:2e40::/29 maxlen: 29
2a0f:28c0::/29 maxlen: 29
2a0f:f40::/29 maxlen: 29
2a0f:1a40::/29 maxlen: 29
2a0f:14c0::/29 maxlen: 29
2a0f:1fc0::/29 maxlen: 29
2a0f:f480::/29 maxlen: 29
2a0f:2ac0::/29 maxlen: 29
2a0f:20c0::/29 maxlen: 29
2a0f:f580::/29 maxlen: 29
2a0f:1c0::/29 maxlen: 29
2a0f:2bc0::/29 maxlen: 29
2a0f:36c0::/29 maxlen: 29
2a0f:cc0::/29 maxlen: 29
2a0f:1240::/29 maxlen: 29
2a0f:17c0::/29 maxlen: 29
2a0f:2840::/29 maxlen: 29
2a0f:f780::/29 maxlen: 29
2a0f:2dc0::/29 maxlen: 29
2a0f:19c0::/29 maxlen: 29
2a0f:f980::/29 maxlen: 29
2a0f:2a40::/29 maxlen: 29
2a0f:3540::/29 maxlen: 29
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 462249316 (0x1b8d5d64)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Validity
Not Before: Jun 2 08:41:31 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=bed023fd8f28b0f721cfffad86a7413b5232d9a2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:4f:5d:7c:a8:dd:6d:bd:44:aa:e5:2d:df:24:
ba:0d:54:d9:ba:48:2a:76:cf:29:87:75:c9:f6:f4:
e4:40:9f:ca:da:19:03:11:a1:57:7b:9f:5e:04:d6:
6f:6a:ea:e8:08:12:01:e5:0e:15:04:f8:be:c1:e3:
74:90:75:72:1a:ac:dc:bc:45:69:79:98:06:9d:93:
e2:f2:11:4b:d9:d9:13:36:d7:de:4d:76:5e:cd:ec:
23:b9:d4:54:28:1b:d2:44:68:73:97:60:fb:16:e3:
d6:7c:cc:75:80:bd:c9:2a:9e:ad:04:50:8c:2c:8c:
4f:1d:bd:ba:76:5b:98:c3:d4:c0:94:23:45:15:97:
59:e2:28:a5:24:f0:9c:b5:3b:55:f3:f3:fd:32:52:
25:07:bb:25:94:df:fd:df:7e:90:12:28:55:11:0a:
d6:0b:42:ed:56:cc:3a:2f:1c:f4:68:94:36:c0:72:
1c:15:3e:b9:90:55:29:7f:ae:6f:c6:71:9a:14:b8:
45:06:d6:86:04:38:44:01:2d:26:bc:83:b9:36:28:
e1:33:11:e6:ae:d3:66:d4:66:48:b7:9d:d8:05:c9:
6d:c2:78:66:3a:22:17:ea:e2:17:bc:7b:c7:fb:e9:
71:c0:5a:d6:3c:e8:b7:38:6c:b0:b6:38:39:1a:b7:
f0:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:D0:23:FD:8F:28:B0:F7:21:CF:FF:AD:86:A7:41:3B:52:32:D9:A2
X509v3 Authority Key Identifier:
keyid:B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/vtAj_Y8osPchz_-thqdBO1Iy2aI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:1c0::/29
2a0f:240::/29
2a0f:a40::/29
2a0f:c40::/29
2a0f:cc0::/29
2a0f:d40::/29
2a0f:dc0::/29
2a0f:e40::/29
2a0f:f40::/29
2a0f:fc0::/29
2a0f:1040::/29
2a0f:1240::/29
2a0f:12c0::/29
2a0f:14c0::/29
2a0f:1540::/29
2a0f:15c0::/29
2a0f:1640::/29
2a0f:16c0::/29
2a0f:1740::/29
2a0f:17c0::/29
2a0f:1840::/29
2a0f:18c0::/29
2a0f:1940::/29
2a0f:19c0::/29
2a0f:1a40::/29
2a0f:1ac0::/29
2a0f:1fc0::/29
2a0f:2040::/29
2a0f:20c0::/29
2a0f:2140::/29
2a0f:21c0::/29
2a0f:2240::/29
2a0f:27c0::/29
2a0f:2840::/29
2a0f:28c0::/29
2a0f:2940::/29
2a0f:2a40::/29
2a0f:2ac0::/29
2a0f:2b40::/29
2a0f:2bc0::/29
2a0f:2c40::/29
2a0f:2cc0::/29
2a0f:2d40::/29
2a0f:2dc0::/29
2a0f:2e40::/29
2a0f:2ec0::/29
2a0f:2f40::/29
2a0f:3540::/29
2a0f:35c0::/29
2a0f:3640::/29
2a0f:36c0::/29
2a0f:3740::/29
2a0f:e480::/29
2a0f:f380::/29
2a0f:f480::/29
2a0f:f580::/29
2a0f:f680::/29
2a0f:f780::/29
2a0f:f980::/29
2a0f:fa80::/29
2a0f:fb80::/29
2a0f:fe80::/29
Signature Algorithm: sha256WithRSAEncryption
43:2a:0c:1d:a9:19:b7:ea:eb:19:18:dc:5e:bc:59:4e:67:eb:
77:03:58:83:ec:42:19:cd:fa:b3:cf:f4:18:f6:f9:19:3d:a0:
4c:b9:69:50:0f:d1:b0:1e:21:92:1d:87:6e:a6:92:ec:dd:52:
0d:dd:b3:50:3a:a2:69:d4:75:88:89:a7:69:6a:b8:96:27:06:
54:bf:66:33:62:9a:29:49:3a:c2:51:14:34:6c:d3:3f:c3:e7:
cc:b7:4a:e2:11:b1:61:86:4a:3e:b0:d8:59:d9:c7:fe:52:b2:
ce:c1:e3:d6:94:41:18:4c:e3:db:da:b7:9c:34:55:a6:6b:a3:
e1:f0:ea:6c:91:da:45:87:06:8a:29:16:72:4a:8e:68:d6:79:
90:b5:80:46:a4:2f:d7:a8:4c:20:ae:02:3d:25:e2:1e:3d:92:
f0:59:ad:1e:67:f3:ea:d6:bb:7a:6a:b0:f3:02:08:c1:df:c6:
fa:25:0f:93:49:8d:8d:11:3d:f0:9e:2e:44:8d:e6:d3:01:0d:
20:05:6d:13:43:49:d6:db:36:38:4f:c2:a7:b7:fd:87:4e:e6:
3e:31:a8:ad:19:81:19:85:a1:0b:a3:7d:aa:43:2a:01:e2:b9:
9c:5d:bb:44:a1:71:12:72:40:2e:82:eb:5c:bc:dd:57:06:b1:
89:e0:d1:8b
-----BEGIN CERTIFICATE-----
MIIGpTCCBY2gAwIBAgIEG41dZDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
MTU1MDA5YzNkZTQyMWNjNGU2N2I5YTlhZTQyM2JiMzVkZTBiOTI2MB4XDTIyMDYw
MjA4NDEzMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYmVkMDIzZmQ4ZjI4
YjBmNzIxY2ZmZmFkODZhNzQxM2I1MjMyZDlhMjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMhPXXyo3W29RKrlLd8kug1U2bpIKnbPKYd1yfb05ECfytoZ
AxGhV3ufXgTWb2rq6AgSAeUOFQT4vsHjdJB1chqs3LxFaXmYBp2T4vIRS9nZEzbX
3k12Xs3sI7nUVCgb0kRoc5dg+xbj1nzMdYC9ySqerQRQjCyMTx29unZbmMPUwJQj
RRWXWeIopSTwnLU7VfPz/TJSJQe7JZTf/d9+kBIoVREK1gtC7VbMOi8c9GiUNsBy
HBU+uZBVKX+ub8ZxmhS4RQbWhgQ4RAEtJryDuTYo4TMR5q7TZtRmSLed2AXJbcJ4
ZjoiF+riF7x7x/vpccBa1jzotzhssLY4ORq38DkCAwEAAaOCA78wggO7MB0GA1Ud
DgQWBBS+0CP9jyiw9yHP/62Gp0E7UjLZojAfBgNVHSMEGDAWgBSxVQCcPeQhzE5n
uamuQjuzXeC5JjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3NWVUFuRDNrSWN4T1o3bXBya0k3czEzZ3VTWS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYTAvZGU5MDJjLTNkMTMtNDdkMS1hNWU2LTczODU2YWY0OWYzZS8x
L3Z0QWpfWThvc1BjaHpfLXRocWRCTzFJeTJhSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTAv
ZGU5MDJjLTNkMTMtNDdkMS1hNWU2LTczODU2YWY0OWYzZS8xL3NWVUFuRDNrSWN4
T1o3bXBya0k3czEzZ3VTWS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCC
AdMGCCsGAQUFBwEHAQH/BIIBwjCCAb4wggG6BAIAAjCCAbIDBQMqDwHAAwUDKg8C
QAMFAyoPCkADBQMqDwxAAwUDKg8MwAMFAyoPDUADBQMqDw3AAwUDKg8OQAMFAyoP
D0ADBQMqDw/AAwUDKg8QQAMFAyoPEkADBQMqDxLAAwUDKg8UwAMFAyoPFUADBQMq
DxXAAwUDKg8WQAMFAyoPFsADBQMqDxdAAwUDKg8XwAMFAyoPGEADBQMqDxjAAwUD
Kg8ZQAMFAyoPGcADBQMqDxpAAwUDKg8awAMFAyoPH8ADBQMqDyBAAwUDKg8gwAMF
AyoPIUADBQMqDyHAAwUDKg8iQAMFAyoPJ8ADBQMqDyhAAwUDKg8owAMFAyoPKUAD
BQMqDypAAwUDKg8qwAMFAyoPK0ADBQMqDyvAAwUDKg8sQAMFAyoPLMADBQMqDy1A
AwUDKg8twAMFAyoPLkADBQMqDy7AAwUDKg8vQAMFAyoPNUADBQMqDzXAAwUDKg82
QAMFAyoPNsADBQMqDzdAAwUDKg/kgAMFAyoP84ADBQMqD/SAAwUDKg/1gAMFAyoP
9oADBQMqD/eAAwUDKg/5gAMFAyoP+oADBQMqD/uAAwUDKg/+gDANBgkqhkiG9w0B
AQsFAAOCAQEAQyoMHakZt+rrGRjcXrxZTmfrdwNYg+xCGc36s8/0GPb5GT2gTLlp
UA/RsB4hkh2HbqaS7N1SDd2zUDqiadR1iImnaWq4licGVL9mM2KaKUk6wlEUNGzT
P8PnzLdK4hGxYYZKPrDYWdnH/lKyzsHj1pRBGEzj29q3nDRVpmuj4fDqbJHaRYcG
iikWckqOaNZ5kLWARqQv16hMIK4CPSXiHj2S8FmtHmfz6ta7emqw8wIIwd/G+iUP
k0mNjRE98J4uRI3m0wENIAVtE0NJ1ts2OE/Cp7f9h07mPjGorRmBGYWhC6N9qkMq
AeK5nF27RKFxEnJALoLrXLzdVwaxieDRiw==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:05:25 2023 by rpki-client on console-ams.rpki-client.org