Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/a1a88f-1dff-4eff-826b-36de657232be/1/C8x1yG58OxIWWo5Hyd6aHJgr4_w.roa
File: C8x1yG58OxIWWo5Hyd6aHJgr4_w.roa (raw, json)
Hash identifier: w+ziuYTdfrx16WkuxwsWRh8Iy1QILxOSNzr8JCWzMnw=
Subject key identifier: 0B:CC:75:C8:6E:7C:3B:12:16:5A:8E:47:C9:DE:9A:1C:98:2B:E3:FC
Certificate issuer: /CN=6d20ddd398dac8f62cc12526325f1821fb724f75
Certificate serial: 01857054CCCF78FC327B4FD4B09C230A27A8
Authority key identifier: 6D:20:DD:D3:98:DA:C8:F6:2C:C1:25:26:32:5F:18:21:FB:72:4F:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bSDd05jayPYswSUmMl8YIftyT3U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/01/a1a88f-1dff-4eff-826b-36de657232be/1/C8x1yG58OxIWWo5Hyd6aHJgr4_w.roa
Signing time: Mon 02 Jan 2023 02:34:43 +0000
ROA not before: Mon 02 Jan 2023 02:34:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 53356
IP address blocks: 2a09:fb86::/32 maxlen: 32
2a10:4705:831a::/48 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:54:cc:cf:78:fc:32:7b:4f:d4:b0:9c:23:0a:27:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6d20ddd398dac8f62cc12526325f1821fb724f75
Validity
Not Before: Jan 2 02:34:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0bcc75c86e7c3b12165a8e47c9de9a1c982be3fc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:bd:dd:52:15:0b:b1:5a:ea:31:ff:ce:75:2d:
1f:15:1a:71:27:c9:4e:5d:21:c3:cd:4a:b4:01:9e:
12:cc:56:33:6e:38:9b:f1:a0:56:b2:94:e7:43:ee:
9b:e8:15:a8:38:0c:83:13:7c:20:be:68:ae:77:6c:
73:4a:cd:7a:70:52:07:19:19:04:ed:fa:29:9c:6d:
08:21:9c:46:a8:15:1b:d6:5e:46:c8:d8:37:48:ab:
2c:86:95:97:b5:98:a3:9a:f5:a8:d7:8e:82:19:b9:
c2:be:6b:c0:d3:f5:a8:1f:89:83:08:20:91:08:e4:
c2:8e:95:40:3b:11:24:fe:75:de:2c:87:e1:dd:b8:
06:7d:50:7d:70:91:fe:33:d2:6a:f8:fd:4b:fa:7d:
42:38:28:89:90:98:d4:18:a1:27:47:74:67:b0:f8:
ca:20:2f:42:59:81:4e:1e:ba:0c:c3:ba:fc:32:04:
6e:c8:99:e9:c1:85:08:8a:83:e1:12:fb:cd:ef:ac:
3d:1f:15:ed:8b:5e:e3:5a:6e:ba:83:58:d1:a1:dc:
d0:23:ba:ec:f4:03:56:9f:a7:f0:f0:ad:d9:7e:08:
b1:58:cf:db:1e:13:f2:ba:44:1f:c3:28:c8:51:0b:
71:77:62:a1:a8:1b:29:f2:80:1b:91:14:b4:35:fa:
95:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:CC:75:C8:6E:7C:3B:12:16:5A:8E:47:C9:DE:9A:1C:98:2B:E3:FC
X509v3 Authority Key Identifier:
keyid:6D:20:DD:D3:98:DA:C8:F6:2C:C1:25:26:32:5F:18:21:FB:72:4F:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bSDd05jayPYswSUmMl8YIftyT3U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/a1a88f-1dff-4eff-826b-36de657232be/1/C8x1yG58OxIWWo5Hyd6aHJgr4_w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/01/a1a88f-1dff-4eff-826b-36de657232be/1/bSDd05jayPYswSUmMl8YIftyT3U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a09:fb86::/32
2a10:4705:831a::/48
Signature Algorithm: sha256WithRSAEncryption
7b:4c:3b:dd:9f:29:42:5e:b1:3c:63:58:66:3c:e3:04:98:0a:
16:d2:6f:8b:fd:82:37:12:53:4c:af:77:22:33:bd:6f:c0:8b:
7f:08:c3:55:21:b2:30:77:8e:7c:d7:d0:07:77:1f:c1:0c:cc:
71:2a:f8:af:aa:fe:41:9f:b2:9f:44:44:a2:2f:40:28:35:39:
1d:ca:45:19:9d:57:11:35:54:7c:c5:ac:8f:9c:ca:0e:32:3f:
9c:a0:83:03:ea:cd:4a:9c:3f:9b:79:eb:01:ea:28:6f:53:52:
71:6c:ef:e4:57:17:e9:8c:2c:b1:19:0d:80:ed:e9:14:0b:53:
a8:93:e6:d4:38:77:95:f8:73:64:53:45:85:ac:a3:44:2c:b1:
7f:2e:07:e3:f7:2b:ec:bf:fd:f7:f5:86:04:c8:36:fc:d5:cd:
a4:b3:4e:98:d7:d8:08:4a:af:24:56:f7:bd:aa:bb:67:f2:6c:
5d:3d:54:89:5e:3d:27:63:25:f0:11:15:c3:61:68:30:4a:56:
39:48:f0:7a:e9:fd:9b:fb:9d:be:20:6c:59:2a:8f:d4:58:7a:
72:38:78:9a:f8:d2:47:db:f5:af:8d:65:9e:b3:d3:a4:a5:36:
c6:80:95:bb:88:8d:5f:61:a5:79:75:d3:d7:f7:d0:a2:b0:6e:
95:3b:70:44
-----BEGIN CERTIFICATE-----
MIIFBzCCA++gAwIBAgISAYVwVMzPePwye0/UsJwjCieoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkMjBkZGQzOThkYWM4ZjYyY2MxMjUyNjMyNWYxODIxZmI3
MjRmNzUwHhcNMjMwMTAyMDIzNDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYmNjNzVjODZlN2MzYjEyMTY1YThlNDdjOWRlOWExYzk4MmJlM2ZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkb3dUhULsVrqMf/OdS0fFRpxJ8lO
XSHDzUq0AZ4SzFYzbjib8aBWspTnQ+6b6BWoOAyDE3wgvmiud2xzSs16cFIHGRkE
7fopnG0IIZxGqBUb1l5GyNg3SKsshpWXtZijmvWo146CGbnCvmvA0/WoH4mDCCCR
COTCjpVAOxEk/nXeLIfh3bgGfVB9cJH+M9Jq+P1L+n1COCiJkJjUGKEnR3RnsPjK
IC9CWYFOHroMw7r8MgRuyJnpwYUIioPhEvvN76w9HxXti17jWm66g1jRodzQI7rs
9ANWn6fw8K3ZfgixWM/bHhPyukQfwyjIUQtxd2KhqBsp8oAbkRS0NfqVkwIDAQAB
o4ICEzCCAg8wHQYDVR0OBBYEFAvMdchufDsSFlqOR8nemhyYK+P8MB8GA1UdIwQY
MBaAFG0g3dOY2sj2LMElJjJfGCH7ck91MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYlNEZDA1amF5UFlzd1NVbU1sOFlJZnR5VDNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMS9hMWE4OGYtMWRmZi00ZWZmLTgyNmIt
MzZkZTY1NzIzMmJlLzEvQzh4MXlHNThPeElXV281SHlkNmFISmdyNF93LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMS9hMWE4OGYtMWRmZi00ZWZmLTgyNmItMzZkZTY1NzIzMmJl
LzEvYlNEZDA1amF5UFlzd1NVbU1sOFlJZnR5VDNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCkGCCsGAQUFBwEHAQH/BBowGDAWBAIAAjAQAwUAKgn7hgMH
ACoQRwWDGjANBgkqhkiG9w0BAQsFAAOCAQEAe0w73Z8pQl6xPGNYZjzjBJgKFtJv
i/2CNxJTTK93IjO9b8CLfwjDVSGyMHeOfNfQB3cfwQzMcSr4r6r+QZ+yn0REoi9A
KDU5HcpFGZ1XETVUfMWsj5zKDjI/nKCDA+rNSpw/m3nrAeoob1NScWzv5FcX6Yws
sRkNgO3pFAtTqJPm1Dh3lfhzZFNFhayjRCyxfy4H4/cr7L/99/WGBMg2/NXNpLNO
mNfYCEqvJFb3vaq7Z/JsXT1UiV49J2Ml8BEVw2FoMEpWOUjweun9m/udviBsWSqP
1Fh6cjh4mvjSR9v1r41lnrPTpKU2xoCVu4iNX2GleXXT1/fQorBulTtwRA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:37 2024 by rpki-client on console-fra.rpki-client.org