Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/40b6ab-0bfd-42c1-af4b-d4aa27c1fce4/1/9Mm4nXqfPyaPGf6aUlLq0Q6ecRs.roa
File: 9Mm4nXqfPyaPGf6aUlLq0Q6ecRs.roa (raw, json)
Hash identifier: GkErlpLO2pg5YGbyG28oTaxhZaDoGxsClvjBZYqDE7A=
Subject key identifier: F4:C9:B8:9D:7A:9F:3F:26:8F:19:FE:9A:52:52:EA:D1:0E:9E:71:1B
Certificate issuer: /CN=c4641332e7e1def2258bfa4d05d78e34fb579297
Certificate serial: 018CC94DCB685BF2E06DC1D54C949E642423
Authority key identifier: C4:64:13:32:E7:E1:DE:F2:25:8B:FA:4D:05:D7:8E:34:FB:57:92:97
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xGQTMufh3vIli_pNBdeONPtXkpc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/40b6ab-0bfd-42c1-af4b-d4aa27c1fce4/1/9Mm4nXqfPyaPGf6aUlLq0Q6ecRs.roa
Signing time: Tue 02 Jan 2024 08:32:47 +0000
ROA not before: Tue 02 Jan 2024 08:32:47 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 200586
IP address blocks: 2001:67c:b64::/48 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4d:cb:68:5b:f2:e0:6d:c1:d5:4c:94:9e:64:24:23
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c4641332e7e1def2258bfa4d05d78e34fb579297
Validity
Not Before: Jan 2 08:32:47 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f4c9b89d7a9f3f268f19fe9a5252ead10e9e711b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:fa:61:d0:58:5b:82:81:05:8a:61:47:d1:fe:
27:45:ab:0b:f7:f8:cd:95:ac:e4:65:b4:0c:c6:1e:
10:4d:95:6c:98:79:fa:66:dd:ab:d9:01:4f:52:b3:
3c:64:cd:41:ad:39:6e:d4:72:90:73:74:9d:ae:68:
fe:6d:f7:54:5e:e0:a2:88:bb:61:71:22:07:3f:c3:
c5:c1:d9:ef:8c:59:04:28:96:24:95:f9:db:a5:cd:
cd:70:4f:95:be:06:96:88:4c:6c:53:b6:b8:7d:18:
58:c3:58:09:31:e1:bc:1e:96:e1:a4:85:40:ea:8c:
9a:33:b6:0e:d9:64:45:55:45:39:21:25:39:39:58:
0e:6c:0f:cb:38:b8:01:0b:bb:83:f0:12:fe:5e:02:
5c:c8:11:38:e6:de:71:20:0f:d3:e9:93:fc:8d:f8:
9f:5f:81:19:8c:d0:25:3a:4b:7f:b2:f5:db:f2:08:
ff:1c:ba:fd:4a:19:97:16:5b:c5:87:db:97:11:4a:
4c:8d:72:f9:97:2c:9c:8b:31:d9:d6:ac:53:42:6e:
80:75:e5:e3:f4:5d:94:f4:af:97:54:78:c7:88:83:
18:ea:5f:de:f2:7b:5c:a9:55:93:11:89:28:b2:08:
1d:cc:39:ba:75:69:27:1e:7f:04:af:e4:4e:82:9f:
17:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:C9:B8:9D:7A:9F:3F:26:8F:19:FE:9A:52:52:EA:D1:0E:9E:71:1B
X509v3 Authority Key Identifier:
keyid:C4:64:13:32:E7:E1:DE:F2:25:8B:FA:4D:05:D7:8E:34:FB:57:92:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xGQTMufh3vIli_pNBdeONPtXkpc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/40b6ab-0bfd-42c1-af4b-d4aa27c1fce4/1/9Mm4nXqfPyaPGf6aUlLq0Q6ecRs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/09/40b6ab-0bfd-42c1-af4b-d4aa27c1fce4/1/xGQTMufh3vIli_pNBdeONPtXkpc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:b64::/48
Signature Algorithm: sha256WithRSAEncryption
78:a5:b6:91:3f:e8:f8:4c:25:45:eb:75:34:bc:d7:36:d4:c5:
22:bc:10:b6:e3:55:ee:2b:1d:61:f1:6f:01:76:f4:5e:61:b1:
13:90:63:16:5f:83:34:d0:97:08:c3:eb:f4:4d:89:45:61:56:
a1:91:78:21:aa:42:fc:50:cd:78:3a:c2:91:ad:5c:5c:4f:b3:
77:65:4f:a1:4f:0c:ac:21:c9:98:07:03:e0:d2:d8:b3:27:25:
16:06:03:34:f9:fa:fd:e0:3b:65:12:67:5b:35:49:ed:f8:81:
f5:45:5f:fb:87:d6:61:6f:d0:b1:64:98:9f:c1:ab:1d:c7:1e:
38:64:63:92:8b:2f:35:1e:ca:e5:69:ea:a7:37:82:42:54:fc:
7a:76:66:77:6d:af:d4:c9:c6:4d:3d:08:09:87:09:10:fa:f2:
55:0b:db:e6:8e:f7:f6:69:b7:43:9b:09:95:4e:0c:f0:eb:c3:
f3:b6:9d:aa:cf:d3:7e:4b:79:49:cb:ea:d1:06:bd:0d:8b:35:
80:a4:b3:ac:f6:58:22:4d:66:5a:69:54:cc:40:78:7c:45:0e:
d4:49:9f:9f:e9:d4:af:98:6a:9b:9e:53:de:78:b1:48:6f:5a:
bf:14:80:07:ca:1d:84:7a:4f:c4:45:8f:04:4a:ab:d5:32:e5:
3b:8a:90:63
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYzJTctoW/LgbcHVTJSeZCQjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0NjQxMzMyZTdlMWRlZjIyNThiZmE0ZDA1ZDc4ZTM0ZmI1
NzkyOTcwHhcNMjQwMTAyMDgzMjQ3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNGM5Yjg5ZDdhOWYzZjI2OGYxOWZlOWE1MjUyZWFkMTBlOWU3MTFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg/ph0FhbgoEFimFH0f4nRasL9/jN
lazkZbQMxh4QTZVsmHn6Zt2r2QFPUrM8ZM1BrTlu1HKQc3Sdrmj+bfdUXuCiiLth
cSIHP8PFwdnvjFkEKJYklfnbpc3NcE+VvgaWiExsU7a4fRhYw1gJMeG8HpbhpIVA
6oyaM7YO2WRFVUU5ISU5OVgObA/LOLgBC7uD8BL+XgJcyBE45t5xIA/T6ZP8jfif
X4EZjNAlOkt/svXb8gj/HLr9ShmXFlvFh9uXEUpMjXL5lyycizHZ1qxTQm6AdeXj
9F2U9K+XVHjHiIMY6l/e8ntcqVWTEYkosggdzDm6dWknHn8Er+ROgp8XywIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFPTJuJ16nz8mjxn+mlJS6tEOnnEbMB8GA1UdIwQY
MBaAFMRkEzLn4d7yJYv6TQXXjjT7V5KXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveEdRVE11ZmgzdklsaV9wTkJkZU9OUHRYa3BjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS80MGI2YWItMGJmZC00MmMxLWFmNGIt
ZDRhYTI3YzFmY2U0LzEvOU1tNG5YcWZQeWFQR2Y2YVVsTHEwUTZlY1JzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS80MGI2YWItMGJmZC00MmMxLWFmNGItZDRhYTI3YzFmY2U0
LzEveEdRVE11ZmgzdklsaV9wTkJkZU9OUHRYa3BjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGfAtk
MA0GCSqGSIb3DQEBCwUAA4IBAQB4pbaRP+j4TCVF63U0vNc21MUivBC241XuKx1h
8W8BdvReYbETkGMWX4M00JcIw+v0TYlFYVahkXghqkL8UM14OsKRrVxcT7N3ZU+h
TwysIcmYBwPg0tizJyUWBgM0+fr94DtlEmdbNUnt+IH1RV/7h9Zhb9CxZJifwasd
xx44ZGOSiy81HsrlaeqnN4JCVPx6dmZ3ba/UycZNPQgJhwkQ+vJVC9vmjvf2abdD
mwmVTgzw68Pztp2qz9N+S3lJy+rRBr0NizWApLOs9lgiTWZaaVTMQHh8RQ7USZ+f
6dSvmGqbnlPeeLFIb1q/FIAHyh2Eek/ERY8ESqvVMuU7ipBj
-----END CERTIFICATE-----
Generated at Mon Nov 18 14:00:10 2024 by rpki-client on console-fra.rpki-client.org