Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1b/fe8984-2218-41bb-b5fa-43e42aed09e9/1/KBwrSLP6VWTOVvkRDhoekr3xS7w.roa
File: KBwrSLP6VWTOVvkRDhoekr3xS7w.roa (raw, json)
Hash identifier: lBbXQt84lQ2wBfO7MVWcAYoiDL/ysYKhz4bXgG0AOL8=
Subject key identifier: 28:1C:2B:48:B3:FA:55:64:CE:56:F9:11:0E:1A:1E:92:BD:F1:4B:BC
Certificate issuer: /CN=226bcc0f87b32f74b838dc1f24d28e5823f60ff7
Certificate serial: B230CE
Authority key identifier: 22:6B:CC:0F:87:B3:2F:74:B8:38:DC:1F:24:D2:8E:58:23:F6:0F:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ImvMD4ezL3S4ONwfJNKOWCP2D_c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1b/fe8984-2218-41bb-b5fa-43e42aed09e9/1/KBwrSLP6VWTOVvkRDhoekr3xS7w.roa
Signing time: Sat 01 Jan 2022 11:56:37 +0000
ROA not before: Sat 01 Jan 2022 11:56:37 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 204790
IP address blocks: 2a11:b8c0::/29 maxlen: 29
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 11677902 (0xb230ce)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=226bcc0f87b32f74b838dc1f24d28e5823f60ff7
Validity
Not Before: Jan 1 11:56:37 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=281c2b48b3fa5564ce56f9110e1a1e92bdf14bbc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:7c:12:66:9e:d0:65:68:56:f6:0e:31:9c:8c:
29:9a:05:89:92:be:21:02:30:79:fd:1f:ff:a1:39:
ca:5e:f1:ca:1a:b8:51:8e:06:9d:d9:55:27:e7:56:
64:bb:c4:68:c5:0a:1a:36:b5:ff:e1:1c:a5:6d:41:
63:a7:66:2a:7f:ac:fc:c6:0f:fb:19:80:d1:f9:b2:
5c:1c:65:ff:81:9a:5f:78:0e:6b:3f:72:cf:23:6d:
2e:e3:d3:f4:86:0a:29:94:c2:5d:8f:26:4b:13:7c:
cc:76:80:ff:4e:00:01:a5:95:0a:e8:63:b2:08:ea:
2c:80:f3:58:d7:2e:c1:d2:9e:92:76:26:31:56:ed:
06:13:18:c1:5e:7c:af:48:ca:a4:45:26:01:d2:9a:
05:d2:57:98:07:88:9b:87:37:a6:d6:93:a7:10:c0:
ed:9b:7b:d1:b4:77:94:10:36:9a:56:da:f0:10:c6:
e5:b8:a6:93:0b:fe:b1:d3:f0:a9:cc:86:b1:dc:cd:
8f:41:80:0c:a6:da:25:6b:35:98:0a:fa:b7:2c:9e:
d9:96:51:c5:90:f7:99:72:c9:68:d0:91:51:5a:04:
44:b5:b0:e1:ae:ff:b3:63:bc:71:63:a5:c7:e8:92:
ae:f2:db:41:bd:e2:41:34:0d:65:d8:3b:e9:40:12:
f2:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:1C:2B:48:B3:FA:55:64:CE:56:F9:11:0E:1A:1E:92:BD:F1:4B:BC
X509v3 Authority Key Identifier:
keyid:22:6B:CC:0F:87:B3:2F:74:B8:38:DC:1F:24:D2:8E:58:23:F6:0F:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ImvMD4ezL3S4ONwfJNKOWCP2D_c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/fe8984-2218-41bb-b5fa-43e42aed09e9/1/KBwrSLP6VWTOVvkRDhoekr3xS7w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/fe8984-2218-41bb-b5fa-43e42aed09e9/1/ImvMD4ezL3S4ONwfJNKOWCP2D_c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:b8c0::/29
Signature Algorithm: sha256WithRSAEncryption
bb:dd:d1:93:4b:4d:fa:79:89:9d:ab:73:1f:2b:0b:67:42:e8:
1e:cb:a0:b0:20:0e:7e:c5:2e:58:94:b5:2b:bb:6f:e2:3b:a7:
f9:46:d3:d6:7d:ab:93:1f:c1:d1:06:44:f4:c3:59:a0:09:9e:
a7:20:01:c5:4e:2a:8c:ac:a2:cf:a4:a1:00:63:8c:b8:21:e1:
da:70:74:fc:0a:81:01:d6:5e:a2:74:8f:b8:47:17:4a:51:01:
d5:64:f9:5e:15:2f:26:e9:d2:52:7b:31:33:6b:10:32:c7:28:
c7:d6:77:bd:32:ac:9c:31:64:b6:c0:4e:ad:19:44:55:c6:96:
a3:0b:78:c3:e7:83:84:9a:22:cb:2b:3f:8a:37:52:7d:c8:d4:
f1:90:d2:20:04:e3:c3:96:9f:14:60:4b:58:02:49:9c:f9:62:
e7:9a:dd:4c:91:d5:a9:16:80:f9:e5:a1:37:d5:1f:bf:29:84:
ca:72:de:e8:bb:85:ea:2d:db:5e:9a:5b:46:0b:c5:fe:c8:ac:
e4:a7:22:f8:ce:17:b3:4c:eb:06:66:32:66:bc:14:bc:80:b4:
4b:0f:b4:0d:e5:7e:7f:40:60:ea:8b:0a:67:d0:81:ff:d5:12:
ea:12:3b:7a:14:b4:d7:ac:09:a3:85:a1:a0:ab:54:58:76:a6:
44:04:2f:32
-----BEGIN CERTIFICATE-----
MIIE8DCCA9igAwIBAgIEALIwzjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
MjZiY2MwZjg3YjMyZjc0YjgzOGRjMWYyNGQyOGU1ODIzZjYwZmY3MB4XDTIyMDEw
MTExNTYzN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMjgxYzJiNDhiM2Zh
NTU2NGNlNTZmOTExMGUxYTFlOTJiZGYxNGJiYzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJh8Emae0GVoVvYOMZyMKZoFiZK+IQIwef0f/6E5yl7xyhq4
UY4GndlVJ+dWZLvEaMUKGja1/+EcpW1BY6dmKn+s/MYP+xmA0fmyXBxl/4GaX3gO
az9yzyNtLuPT9IYKKZTCXY8mSxN8zHaA/04AAaWVCuhjsgjqLIDzWNcuwdKeknYm
MVbtBhMYwV58r0jKpEUmAdKaBdJXmAeIm4c3ptaTpxDA7Zt70bR3lBA2mlba8BDG
5bimkwv+sdPwqcyGsdzNj0GADKbaJWs1mAr6tyye2ZZRxZD3mXLJaNCRUVoERLWw
4a7/s2O8cWOlx+iSrvLbQb3iQTQNZdg76UAS8qECAwEAAaOCAgowggIGMB0GA1Ud
DgQWBBQoHCtIs/pVZM5W+REOGh6SvfFLvDAfBgNVHSMEGDAWgBQia8wPh7MvdLg4
3B8k0o5YI/YP9zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0ltdk1ENGV6TDNTNE9Od2ZKTktPV0NQMkRfYy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMWIvZmU4OTg0LTIyMTgtNDFiYi1iNWZhLTQzZTQyYWVkMDllOS8x
L0tCd3JTTFA2VldUT1Z2a1JEaG9la3IzeFM3dy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMWIv
ZmU4OTg0LTIyMTgtNDFiYi1iNWZhLTQzZTQyYWVkMDllOS8xL0ltdk1ENGV6TDNT
NE9Od2ZKTktPV0NQMkRfYy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAg
BggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFAyoRuMAwDQYJKoZIhvcNAQELBQAD
ggEBALvd0ZNLTfp5iZ2rcx8rC2dC6B7LoLAgDn7FLliUtSu7b+I7p/lG09Z9q5Mf
wdEGRPTDWaAJnqcgAcVOKoysos+koQBjjLgh4dpwdPwKgQHWXqJ0j7hHF0pRAdVk
+V4VLybp0lJ7MTNrEDLHKMfWd70yrJwxZLbATq0ZRFXGlqMLeMPng4SaIssrP4o3
Un3I1PGQ0iAE48OWnxRgS1gCSZz5Yuea3UyR1akWgPnloTfVH78phMpy3ui7heot
216aW0YLxf7IrOSnIvjOF7NM6wZmMma8FLyAtEsPtA3lfn9AYOqLCmfQgf/VEuoS
O3oUtNesCaOFoaCrVFh2pkQELzI=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:43 2023 by rpki-client on console-ams.rpki-client.org