Route Origin Authorization
$ rpki-client -vvf rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5b7fb122-dfdf-4c0c-b90d-3bc7a5feb82b/1e1775ba-ce9e-4791-8e12-e05afbb9713e/2504ab4d-4934-379e-990a-40b06317aded.roa
File: 2504ab4d-4934-379e-990a-40b06317aded.roa (raw, json)
Hash identifier: fRe+/FzQCzVryeDTCiMF55U9tdDVw82JV+jaq8kLc0E=
Subject key identifier: 56:77:DB:FA:5F:91:D8:08:D8:86:A9:3E:53:B0:56:2B:C9:E4:DE:AB
Certificate issuer: /CN=1e1775ba-ce9e-4791-8e12-e05afbb9713e
Certificate serial: 010D0C9F4328584409E3D37ADD3A45433AF82480
Authority key identifier: DD:A2:87:E5:BF:D3:2F:D1:0F:AC:E8:2C:49:1E:FA:B1:2E:C7:82:FD
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5b7fb122-dfdf-4c0c-b90d-3bc7a5feb82b/1e1775ba-ce9e-4791-8e12-e05afbb9713e.cer
Subject info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5b7fb122-dfdf-4c0c-b90d-3bc7a5feb82b/1e1775ba-ce9e-4791-8e12-e05afbb9713e/2504ab4d-4934-379e-990a-40b06317aded.roa
Signing time: Tue 28 Nov 2023 14:00:21 +0000
ROA not before: Tue 28 Nov 2023 14:00:21 +0000
ROA not after: Mon 26 Feb 2024 14:00:21 +0000
asID: 27599
IP address blocks: 204.195.224.0/19 maxlen: 22
2607:5004::/32 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:0d:0c:9f:43:28:58:44:09:e3:d3:7a:dd:3a:45:43:3a:f8:24:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1e1775ba-ce9e-4791-8e12-e05afbb9713e
Validity
Not Before: Nov 28 14:00:21 2023 GMT
Not After : Feb 26 14:00:21 2024 GMT
Subject: CN=8b126def-8d40-4bba-bd7d-6152ed53e6b9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:d3:fc:d5:cb:ee:3e:86:4f:ea:74:9a:e7:7b:
91:67:92:72:7b:14:50:1f:12:b0:e2:dc:13:c9:fe:
98:53:65:96:39:ce:c3:a5:d4:34:af:fe:01:19:d4:
b9:b1:06:92:2f:77:88:5a:2e:4d:4f:19:b2:ce:cb:
16:a0:4f:54:c9:d3:26:e6:ac:90:b4:d2:41:af:41:
3a:6f:85:2f:e7:ff:26:06:c2:66:8b:fc:4e:5f:a2:
79:2c:03:36:c9:48:32:b1:f9:9b:55:e1:23:d9:c0:
5b:8c:25:c6:d4:48:83:e6:54:95:3f:b9:9e:86:29:
4c:2f:91:64:68:74:d9:c8:36:8d:aa:bd:9c:70:b5:
98:b4:a0:63:45:fa:34:42:18:bc:de:aa:22:19:61:
42:94:8c:5c:49:75:f8:96:17:51:4e:8d:71:d0:fa:
c1:4d:20:6d:ec:1a:59:b1:6f:ef:79:ac:66:e4:f1:
e1:b1:fb:f1:28:b3:dd:1b:f4:46:96:8b:5e:b0:fe:
1c:8a:e7:e7:d9:d8:3d:28:80:e4:f6:56:bf:ec:09:
4d:72:36:8a:f1:67:5e:07:bc:5c:c1:ae:94:33:50:
e5:9f:a0:c8:ae:6e:1e:b2:9c:9b:f2:d9:e4:ae:d9:
bf:ee:fe:97:d8:80:6b:4e:84:c1:18:71:37:e7:39:
28:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
56:77:DB:FA:5F:91:D8:08:D8:86:A9:3E:53:B0:56:2B:C9:E4:DE:AB
Subject Information Access:
Signed Object - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5b7fb122-dfdf-4c0c-b90d-3bc7a5feb82b/1e1775ba-ce9e-4791-8e12-e05afbb9713e/2504ab4d-4934-379e-990a-40b06317aded.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5b7fb122-dfdf-4c0c-b90d-3bc7a5feb82b/1e1775ba-ce9e-4791-8e12-e05afbb9713e/1e1775ba-ce9e-4791-8e12-e05afbb9713e.crl
X509v3 Authority Key Identifier:
keyid:DD:A2:87:E5:BF:D3:2F:D1:0F:AC:E8:2C:49:1E:FA:B1:2E:C7:82:FD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5b7fb122-dfdf-4c0c-b90d-3bc7a5feb82b/1e1775ba-ce9e-4791-8e12-e05afbb9713e.cer
sbgp-ipAddrBlock: critical
IPv4:
204.195.224.0/19
IPv6:
2607:5004::/32
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.arin.net/resources/rpki/cps.html
Signature Algorithm: sha256WithRSAEncryption
3c:ff:4b:ab:41:fa:37:dc:77:bf:f0:bc:b4:f4:39:a1:cc:b9:
43:5b:21:03:4d:9b:67:f9:85:65:7c:99:e4:57:7c:b3:a1:7f:
0e:99:4f:52:af:78:dc:21:e1:3b:f7:b4:92:59:58:85:df:09:
59:07:0b:b9:67:24:8a:01:e6:6c:b0:e8:17:05:f9:ca:5e:ce:
c2:f3:b5:3f:04:31:bc:c4:e9:6e:24:06:a7:23:df:f1:9c:bc:
60:06:bb:2b:88:a0:8b:dc:df:1f:a8:c2:a6:d8:a3:2e:ba:95:
8a:07:f6:3a:14:2e:c9:3e:56:9c:27:38:7c:63:91:4d:03:d3:
a8:d2:a8:6a:58:93:93:c9:5c:5e:4b:fd:d3:87:36:ef:b2:68:
5c:d9:29:a8:eb:ca:bc:00:54:ee:6f:86:c1:c7:1e:40:96:f5:
92:e2:fb:4a:cf:20:24:7f:47:18:3d:3d:25:99:17:79:fd:5c:
dd:ae:4a:8c:c2:58:40:80:3f:d3:3c:1d:df:68:c2:ae:36:34:
b7:b0:d9:c4:52:66:b0:a3:0c:64:7f:9b:5e:9a:f2:2e:6a:a5:
9f:5d:7d:2e:92:c4:23:1e:bc:07:1b:94:ad:42:f7:67:d4:6e:
53:e2:b2:95:85:9b:70:5c:86:55:a5:d6:b4:5b:d2:fd:66:0d:
3e:59:59:3b
-----BEGIN CERTIFICATE-----
MIIGUjCCBTqgAwIBAgIUAQ0Mn0MoWEQJ49N63TpFQzr4JIAwDQYJKoZIhvcNAQEL
BQAwLzEtMCsGA1UEAxMkMWUxNzc1YmEtY2U5ZS00NzkxLThlMTItZTA1YWZiYjk3
MTNlMB4XDTIzMTEyODE0MDAyMVoXDTI0MDIyNjE0MDAyMVowLzEtMCsGA1UEAxMk
OGIxMjZkZWYtOGQ0MC00YmJhLWJkN2QtNjE1MmVkNTNlNmI5MIIBIjANBgkqhkiG
9w0BAQEFAAOCAQ8AMIIBCgKCAQEApNP81cvuPoZP6nSa53uRZ5JyexRQHxKw4twT
yf6YU2WWOc7DpdQ0r/4BGdS5sQaSL3eIWi5NTxmyzssWoE9UydMm5qyQtNJBr0E6
b4Uv5/8mBsJmi/xOX6J5LAM2yUgysfmbVeEj2cBbjCXG1EiD5lSVP7mehilML5Fk
aHTZyDaNqr2ccLWYtKBjRfo0Qhi83qoiGWFClIxcSXX4lhdRTo1x0PrBTSBt7BpZ
sW/veaxm5PHhsfvxKLPdG/RGlotesP4ciufn2dg9KIDk9la/7AlNcjaK8WdeB7xc
wa6UM1Dln6DIrm4espyb8tnkrtm/7v6X2IBrToTBGHE35zkoywIDAQABo4IDZDCC
A2AwHQYDVR0OBBYEFFZ32/pfkdgI2IapPlOwVivJ5N6rMIHlBggrBgEFBQcBCwSB
2DCB1TCB0gYIKwYBBQUHMAuGgcVyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3Np
dG9yeS9hcmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRh
MjE1N2QzLzViN2ZiMTIyLWRmZGYtNGMwYy1iOTBkLTNiYzdhNWZlYjgyYi8xZTE3
NzViYS1jZTllLTQ3OTEtOGUxMi1lMDVhZmJiOTcxM2UvMjUwNGFiNGQtNDkzNC0z
NzllLTk5MGEtNDBiMDYzMTdhZGVkLnJvYTCB3AYDVR0fBIHUMIHRMIHOoIHLoIHI
hoHFcnN5bmM6Ly9ycGtpLmFyaW4ubmV0L3JlcG9zaXRvcnkvYXJpbi1ycGtpLXRh
LzVlNGEyM2VhLWU4MGEtNDAzZS1iMDhjLTIxNzFkYTIxNTdkMy81YjdmYjEyMi1k
ZmRmLTRjMGMtYjkwZC0zYmM3YTVmZWI4MmIvMWUxNzc1YmEtY2U5ZS00NzkxLThl
MTItZTA1YWZiYjk3MTNlLzFlMTc3NWJhLWNlOWUtNDc5MS04ZTEyLWUwNWFmYmI5
NzEzZS5jcmwwHwYDVR0jBBgwFoAU3aKH5b/TL9EPrOgsSR76sS7Hgv0wDgYDVR0P
AQH/BAQDAgeAMIHABggrBgEFBQcBAQSBszCBsDCBrQYIKwYBBQUHMAKGgaByc3lu
YzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9hcmluLXJwa2ktdGEvNWU0YTIz
ZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2QzLzViN2ZiMTIyLWRmZGYtNGMw
Yy1iOTBkLTNiYzdhNWZlYjgyYi8xZTE3NzViYS1jZTllLTQ3OTEtOGUxMi1lMDVh
ZmJiOTcxM2UuY2VyMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQFzMPgMA0E
AgACMAcDBQAmB1AEMFQGA1UdIAEB/wRKMEgwRgYIKwYBBQUHDgIwOjA4BggrBgEF
BQcCARYsaHR0cHM6Ly93d3cuYXJpbi5uZXQvcmVzb3VyY2VzL3Jwa2kvY3BzLmh0
bWwwDQYJKoZIhvcNAQELBQADggEBADz/S6tB+jfcd7/wvLT0OaHMuUNbIQNNm2f5
hWV8meRXfLOhfw6ZT1KveNwh4Tv3tJJZWIXfCVkHC7lnJIoB5myw6BcF+cpezsLz
tT8EMbzE6W4kBqcj3/GcvGAGuyuIoIvc3x+owqbYoy66lYoH9joULsk+VpwnOHxj
kU0D06jSqGpYk5PJXF5L/dOHNu+yaFzZKajryrwAVO5vhsHHHkCW9ZLi+0rPICR/
Rxg9PSWZF3n9XN2uSozCWECAP9M8Hd9owq42NLew2cRSZrCjDGR/m16a8i5qpZ9d
fS6SxCMevAcblK1C92fUblPispWFm3BchlWl1rRb0v1mDT5ZWTs=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:10:13 2024 by rpki-client on console-fra.rpki-client.org