Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a1/19c09a-d79a-4de4-8a86-4a685962f3e8/1/e_9OcWo2T9-SQWtjHToxOKMBARs.roa
File: e_9OcWo2T9-SQWtjHToxOKMBARs.roa (raw, json)
Hash identifier: OoL+ss3Ey76Rj8zDQP8+Q9hL6u99g0mPOahXxYD9pEM=
Subject key identifier: 7B:FF:4E:71:6A:36:4F:DF:92:41:6B:63:1D:3A:31:38:A3:01:01:1B
Certificate issuer: /CN=eb500c9002321f03964583710b7baa4597341213
Certificate serial: 018CC8DF7DF4EEC15088B5A90CCAF38659B5
Authority key identifier: EB:50:0C:90:02:32:1F:03:96:45:83:71:0B:7B:AA:45:97:34:12:13
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/61AMkAIyHwOWRYNxC3uqRZc0EhM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a1/19c09a-d79a-4de4-8a86-4a685962f3e8/1/e_9OcWo2T9-SQWtjHToxOKMBARs.roa
Signing time: Tue 02 Jan 2024 06:32:19 +0000
ROA not before: Tue 02 Jan 2024 06:32:19 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 62200
IP address blocks: 2a09:f907::/32 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:df:7d:f4:ee:c1:50:88:b5:a9:0c:ca:f3:86:59:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=eb500c9002321f03964583710b7baa4597341213
Validity
Not Before: Jan 2 06:32:19 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7bff4e716a364fdf92416b631d3a3138a301011b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:32:f3:d7:a4:31:82:f9:6d:22:1f:70:fb:6f:
0c:1f:0e:e7:f5:4d:fa:f7:cf:2c:20:6d:de:f0:0f:
64:30:55:9b:14:bc:cf:59:d8:34:4d:89:10:ad:67:
65:73:13:70:ee:6c:8c:47:2f:57:aa:72:9f:ca:1e:
a0:82:c2:b8:e2:3e:de:5d:71:3e:5a:ad:cb:8c:25:
34:1b:a8:b3:7f:92:ca:91:15:be:48:02:48:ee:66:
63:d3:75:7a:06:55:aa:d9:95:b4:16:20:6b:b8:c7:
ea:cf:d3:83:f5:62:5e:57:3a:27:6b:b4:85:80:8b:
ae:23:40:23:10:2d:fe:d6:39:0a:3b:0e:50:30:2d:
e3:04:2d:de:e2:65:b8:1d:5e:ea:76:28:0f:68:73:
e3:0d:f8:ad:4f:26:6d:aa:78:ef:73:6f:03:74:c3:
54:e0:c1:78:65:b6:7b:af:b4:15:9f:ca:af:6a:65:
55:ac:7d:07:b8:f8:10:67:92:86:4e:6f:41:ae:18:
88:e8:7a:07:80:cd:4e:8d:32:aa:66:8c:59:0b:35:
b0:d2:21:1c:89:cd:c3:98:ed:b2:a0:8c:04:d8:c0:
17:28:92:54:38:b8:bd:08:53:51:39:14:b0:de:c9:
88:93:fc:32:40:7d:50:a2:87:ee:aa:ae:da:f0:9f:
6e:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7B:FF:4E:71:6A:36:4F:DF:92:41:6B:63:1D:3A:31:38:A3:01:01:1B
X509v3 Authority Key Identifier:
keyid:EB:50:0C:90:02:32:1F:03:96:45:83:71:0B:7B:AA:45:97:34:12:13
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/61AMkAIyHwOWRYNxC3uqRZc0EhM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/19c09a-d79a-4de4-8a86-4a685962f3e8/1/e_9OcWo2T9-SQWtjHToxOKMBARs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/19c09a-d79a-4de4-8a86-4a685962f3e8/1/61AMkAIyHwOWRYNxC3uqRZc0EhM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a09:f907::/32
Signature Algorithm: sha256WithRSAEncryption
0b:88:46:3d:96:3a:d8:49:f1:56:e2:5f:f8:42:65:eb:fa:9d:
8b:4e:9a:fa:82:ed:41:0e:3f:25:09:39:83:58:f0:e5:f0:da:
3a:c9:ab:ab:92:0c:69:ec:e5:5d:ad:c0:18:7e:90:0e:37:95:
85:2d:49:b9:70:09:69:6a:4b:5f:0d:d1:91:38:cc:37:75:03:
ec:5d:fd:91:54:33:1f:01:87:c5:d1:34:22:36:74:43:e9:90:
d6:3e:93:11:77:df:49:c2:8b:b7:c0:ef:50:73:85:7b:93:61:
8a:df:af:f8:96:66:21:25:8b:83:0d:62:4a:b1:cc:eb:cb:70:
d4:bb:1d:27:aa:5f:96:04:57:c1:78:14:e1:b6:60:08:e4:76:
32:be:76:c9:0f:47:dd:f6:db:d7:e1:72:ed:f5:55:d3:18:af:
86:d0:b9:c2:8c:cb:b0:01:16:0e:a1:e2:31:ac:aa:af:40:ca:
87:a3:02:61:34:c6:31:f8:e6:ac:ec:cd:32:52:27:cd:23:68:
81:b6:0d:e6:72:65:71:db:d9:cf:5b:24:1c:e1:4c:c5:84:7d:
62:60:76:ee:bc:c2:fc:6d:39:85:6a:d6:4b:1e:20:9d:94:bc:
01:4b:3a:c8:fb:34:0f:21:43:84:c4:81:2d:f0:97:ed:9f:5e:
9f:07:2b:4f
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYzI33307sFQiLWpDMrzhlm1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGViNTAwYzkwMDIzMjFmMDM5NjQ1ODM3MTBiN2JhYTQ1OTcz
NDEyMTMwHhcNMjQwMTAyMDYzMjE5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YmZmNGU3MTZhMzY0ZmRmOTI0MTZiNjMxZDNhMzEzOGEzMDEwMTFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3zLz16QxgvltIh9w+28MHw7n9U36
988sIG3e8A9kMFWbFLzPWdg0TYkQrWdlcxNw7myMRy9XqnKfyh6ggsK44j7eXXE+
Wq3LjCU0G6izf5LKkRW+SAJI7mZj03V6BlWq2ZW0FiBruMfqz9OD9WJeVzona7SF
gIuuI0AjEC3+1jkKOw5QMC3jBC3e4mW4HV7qdigPaHPjDfitTyZtqnjvc28DdMNU
4MF4ZbZ7r7QVn8qvamVVrH0HuPgQZ5KGTm9BrhiI6HoHgM1OjTKqZoxZCzWw0iEc
ic3DmO2yoIwE2MAXKJJUOLi9CFNRORSw3smIk/wyQH1Qoofuqq7a8J9uxwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFHv/TnFqNk/fkkFrYx06MTijAQEbMB8GA1UdIwQY
MBaAFOtQDJACMh8DlkWDcQt7qkWXNBITMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNjFBTWtBSXlId09XUllOeEMzdXFSWmMwRWhNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMS8xOWMwOWEtZDc5YS00ZGU0LThhODYt
NGE2ODU5NjJmM2U4LzEvZV85T2NXbzJUOS1TUVd0akhUb3hPS01CQVJzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMS8xOWMwOWEtZDc5YS00ZGU0LThhODYtNGE2ODU5NjJmM2U4
LzEvNjFBTWtBSXlId09XUllOeEMzdXFSWmMwRWhNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKgn5BzAN
BgkqhkiG9w0BAQsFAAOCAQEAC4hGPZY62EnxVuJf+EJl6/qdi06a+oLtQQ4/JQk5
g1jw5fDaOsmrq5IMaezlXa3AGH6QDjeVhS1JuXAJaWpLXw3RkTjMN3UD7F39kVQz
HwGHxdE0IjZ0Q+mQ1j6TEXffScKLt8DvUHOFe5Nhit+v+JZmISWLgw1iSrHM68tw
1LsdJ6pflgRXwXgU4bZgCOR2Mr52yQ9H3fbb1+Fy7fVV0xivhtC5wozLsAEWDqHi
Mayqr0DKh6MCYTTGMfjmrOzNMlInzSNogbYN5nJlcdvZz1skHOFMxYR9YmB27rzC
/G05hWrWSx4gnZS8AUs6yPs0DyFDhMSBLfCX7Z9enwcrTw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:35:54 2024 by rpki-client on console-ams.rpki-client.org