Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/034b47-9f88-4b1a-839a-f758129b8e73/1/ktpfUKstXxrxArnMCsvMm_Rsn9c.roa
File: ktpfUKstXxrxArnMCsvMm_Rsn9c.roa (raw, json)
Hash identifier: GHmAmUg4REt0DcVdFYV9oF1ZCPPLLpl0Ec/CuKSAhjQ=
Subject key identifier: 92:DA:5F:50:AB:2D:5F:1A:F1:02:B9:CC:0A:CB:CC:9B:F4:6C:9F:D7
Certificate issuer: /CN=d2e35af3deb53a317fb0e7365a5a4ffe2fad9635
Certificate serial: 01856DAF51674F4A1C96FC24D3B78DC718C0
Authority key identifier: D2:E3:5A:F3:DE:B5:3A:31:7F:B0:E7:36:5A:5A:4F:FE:2F:AD:96:35
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0uNa8961OjF_sOc2WlpP_i-tljU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/01/034b47-9f88-4b1a-839a-f758129b8e73/1/ktpfUKstXxrxArnMCsvMm_Rsn9c.roa
Signing time: Sun 01 Jan 2023 14:14:44 +0000
ROA not before: Sun 01 Jan 2023 14:14:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204790
IP address blocks: 2a01:6640::/29 maxlen: 29
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:af:51:67:4f:4a:1c:96:fc:24:d3:b7:8d:c7:18:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d2e35af3deb53a317fb0e7365a5a4ffe2fad9635
Validity
Not Before: Jan 1 14:14:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=92da5f50ab2d5f1af102b9cc0acbcc9bf46c9fd7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:0a:1f:4c:38:52:de:95:2d:12:e6:ed:ee:d0:
e2:56:f4:8f:2b:af:f1:50:ee:2f:70:f0:88:ef:91:
4f:43:47:21:56:31:65:27:93:94:51:ef:94:5f:ed:
d2:f3:4e:7b:5a:86:f0:6d:93:95:99:be:ec:fe:0b:
91:85:05:0c:4b:e0:02:07:4c:6c:d3:fe:df:03:7f:
89:c0:c0:c8:2f:09:3b:d1:bc:25:71:d0:0b:92:05:
42:29:41:bb:d6:3a:f2:2f:d4:94:fc:7f:55:4f:55:
f7:3d:0a:57:08:56:ba:39:f3:3e:0b:b4:80:3e:06:
84:16:ca:a6:d5:a5:24:2d:fc:83:44:01:67:15:fc:
6d:74:be:a1:2f:fd:fa:37:e8:f8:21:cf:50:68:a8:
c6:00:66:b3:20:0d:a8:d3:aa:5e:98:9b:00:a7:71:
90:1e:e5:88:16:57:71:ce:8c:99:40:90:8c:dd:08:
1e:83:34:7b:58:2b:4a:c2:32:98:21:60:0f:c8:b5:
09:54:60:dc:d8:f0:c6:e7:9d:6f:87:40:33:7d:90:
ef:8d:c9:99:06:13:54:5d:f0:9f:3d:60:d8:fc:38:
07:db:c7:5e:d8:37:72:ff:95:18:af:f5:2d:43:d7:
cb:55:2e:03:d4:b1:3f:47:68:61:82:ee:4c:7f:a9:
de:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:DA:5F:50:AB:2D:5F:1A:F1:02:B9:CC:0A:CB:CC:9B:F4:6C:9F:D7
X509v3 Authority Key Identifier:
keyid:D2:E3:5A:F3:DE:B5:3A:31:7F:B0:E7:36:5A:5A:4F:FE:2F:AD:96:35
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0uNa8961OjF_sOc2WlpP_i-tljU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/034b47-9f88-4b1a-839a-f758129b8e73/1/ktpfUKstXxrxArnMCsvMm_Rsn9c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/01/034b47-9f88-4b1a-839a-f758129b8e73/1/0uNa8961OjF_sOc2WlpP_i-tljU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a01:6640::/29
Signature Algorithm: sha256WithRSAEncryption
1c:a2:b1:82:9c:29:a7:e5:26:11:08:2e:61:19:57:f0:c2:db:
91:aa:3b:44:1e:45:7d:0d:f2:00:ab:63:24:a9:33:a0:87:05:
f2:67:2b:16:97:d3:42:d3:4d:ad:f1:df:50:d4:e7:7c:d5:b7:
1b:09:05:d7:97:3d:a3:e5:3b:f8:ef:b2:74:23:7b:af:29:c4:
13:be:13:8d:9d:6e:ae:54:fd:5e:6f:dd:cf:48:b3:3f:7e:0c:
76:06:24:83:f3:a5:ba:e0:fa:4b:7c:3f:da:28:a0:ec:56:d7:
8f:cc:6d:a4:78:fd:48:51:ba:45:11:0b:91:5e:9a:d0:7c:9a:
f8:b1:1e:8b:30:2a:f2:57:6b:08:ba:e3:45:79:88:e1:4d:77:
4d:a8:02:a7:fb:01:da:87:c7:67:27:a3:a7:2e:ba:29:82:d8:
f0:87:d5:b8:78:5c:64:f2:43:8e:68:88:da:8d:41:f2:8d:76:
c5:e4:6b:b8:12:01:9c:73:30:0a:86:e1:fa:c7:6d:9a:cd:24:
6b:e7:d0:b2:65:2f:4c:76:ab:5a:7c:14:f3:50:a3:b4:56:44:
39:a9:6f:b2:86:b9:4f:3a:78:0c:04:54:35:7e:63:76:2a:38:
2e:68:5c:82:69:de:94:86:b4:05:52:b9:33:a4:12:4d:be:ba:
8e:22:34:e7
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYVtr1FnT0oclvwk07eNxxjAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyZTM1YWYzZGViNTNhMzE3ZmIwZTczNjVhNWE0ZmZlMmZh
ZDk2MzUwHhcNMjMwMTAxMTQxNDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MmRhNWY1MGFiMmQ1ZjFhZjEwMmI5Y2MwYWNiY2M5YmY0NmM5ZmQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhQofTDhS3pUtEubt7tDiVvSPK6/x
UO4vcPCI75FPQ0chVjFlJ5OUUe+UX+3S8057WobwbZOVmb7s/guRhQUMS+ACB0xs
0/7fA3+JwMDILwk70bwlcdALkgVCKUG71jryL9SU/H9VT1X3PQpXCFa6OfM+C7SA
PgaEFsqm1aUkLfyDRAFnFfxtdL6hL/36N+j4Ic9QaKjGAGazIA2o06pemJsAp3GQ
HuWIFldxzoyZQJCM3QgegzR7WCtKwjKYIWAPyLUJVGDc2PDG551vh0AzfZDvjcmZ
BhNUXfCfPWDY/DgH28de2Ddy/5UYr/UtQ9fLVS4D1LE/R2hhgu5Mf6nekwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFJLaX1CrLV8a8QK5zArLzJv0bJ/XMB8GA1UdIwQY
MBaAFNLjWvPetToxf7DnNlpaT/4vrZY1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMHVOYTg5NjFPakZfc09jMldscFBfaS10bGpVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMS8wMzRiNDctOWY4OC00YjFhLTgzOWEt
Zjc1ODEyOWI4ZTczLzEva3RwZlVLc3RYeHJ4QXJuTUNzdk1tX1JzbjljLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMS8wMzRiNDctOWY4OC00YjFhLTgzOWEtZjc1ODEyOWI4ZTcz
LzEvMHVOYTg5NjFPakZfc09jMldscFBfaS10bGpVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKgFmQDAN
BgkqhkiG9w0BAQsFAAOCAQEAHKKxgpwpp+UmEQguYRlX8MLbkao7RB5FfQ3yAKtj
JKkzoIcF8mcrFpfTQtNNrfHfUNTnfNW3GwkF15c9o+U7+O+ydCN7rynEE74TjZ1u
rlT9Xm/dz0izP34MdgYkg/OluuD6S3w/2iig7FbXj8xtpHj9SFG6RRELkV6a0Hya
+LEeizAq8ldrCLrjRXmI4U13TagCp/sB2ofHZyejpy66KYLY8IfVuHhcZPJDjmiI
2o1B8o12xeRruBIBnHMwCobh+sdtms0ka+fQsmUvTHarWnwU81CjtFZEOalvsoa5
Tzp4DARUNX5jdio4LmhcgmnelIa0BVK5M6QSTb66jiI05w==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:42:16 2023 by rpki-client on console-fra.rpki-client.org