Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1d/a2396c-2dfd-45f6-aa34-54c1dc574145/1/cGltTauyTTJ9szO8O0uT78DcpOw.roa
File: cGltTauyTTJ9szO8O0uT78DcpOw.roa (raw, json)
Hash identifier: V9N3tofeBihPSK8HME2b3J73ZCKQ9kat1h6Kg0+z2lM=
Subject key identifier: 70:69:6D:4D:AB:B2:4D:32:7D:B3:33:BC:3B:4B:93:EF:C0:DC:A4:EC
Certificate issuer: /CN=686f0a4da2373205ef3445d28e260c284684b74b
Certificate serial: A5A260
Authority key identifier: 68:6F:0A:4D:A2:37:32:05:EF:34:45:D2:8E:26:0C:28:46:84:B7:4B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aG8KTaI3MgXvNEXSjiYMKEaEt0s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1d/a2396c-2dfd-45f6-aa34-54c1dc574145/1/cGltTauyTTJ9szO8O0uT78DcpOw.roa
Signing time: Sat 01 Jan 2022 02:56:08 +0000
ROA not before: Sat 01 Jan 2022 02:56:08 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 204790
IP address blocks: 2a11:dbc0::/29 maxlen: 29
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 10855008 (0xa5a260)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=686f0a4da2373205ef3445d28e260c284684b74b
Validity
Not Before: Jan 1 02:56:08 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=70696d4dabb24d327db333bc3b4b93efc0dca4ec
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:ab:8f:43:f0:3b:84:49:36:d9:16:1c:40:f8:
ad:e9:0a:a3:09:71:85:9a:95:b1:44:81:b2:6c:3d:
ce:28:ae:78:c0:4a:27:05:68:62:56:8d:ff:00:3f:
fe:35:ac:85:b1:b8:15:36:f3:a2:e8:5f:f5:6e:95:
af:b6:b1:a0:85:cd:ef:8d:9d:fa:88:81:e5:f2:d9:
5d:48:c4:71:c3:0c:c8:b8:a8:e9:b1:2b:9e:ce:05:
20:96:29:c6:d6:16:4e:8a:85:c4:d8:90:af:52:dd:
dd:d9:f8:4b:27:3c:5a:5c:65:92:4a:57:72:f4:08:
cf:e1:84:0b:03:f4:3b:e4:24:5d:ea:5f:37:d3:39:
c3:dd:1b:22:bc:e6:d3:be:6b:96:61:80:08:bb:30:
b3:d0:45:43:16:d5:41:72:eb:47:db:e1:42:fd:ff:
4f:75:0e:a3:87:b5:1a:89:45:a9:e7:b5:23:10:77:
59:94:6b:ec:85:3c:25:bd:15:d4:ca:85:dd:b5:4b:
4e:62:58:3a:38:32:06:09:ce:35:75:45:4f:08:80:
66:30:57:79:02:bb:a0:ad:bf:60:d3:be:55:f2:74:
fe:01:fb:33:62:a2:1e:16:59:42:9e:1c:cf:59:4b:
e2:18:c9:21:06:d6:6d:29:04:65:2d:11:3f:34:f4:
71:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:69:6D:4D:AB:B2:4D:32:7D:B3:33:BC:3B:4B:93:EF:C0:DC:A4:EC
X509v3 Authority Key Identifier:
keyid:68:6F:0A:4D:A2:37:32:05:EF:34:45:D2:8E:26:0C:28:46:84:B7:4B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aG8KTaI3MgXvNEXSjiYMKEaEt0s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/a2396c-2dfd-45f6-aa34-54c1dc574145/1/cGltTauyTTJ9szO8O0uT78DcpOw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/a2396c-2dfd-45f6-aa34-54c1dc574145/1/aG8KTaI3MgXvNEXSjiYMKEaEt0s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:dbc0::/29
Signature Algorithm: sha256WithRSAEncryption
88:2e:e4:7d:b0:cc:76:9e:5c:98:2c:11:30:f3:71:c3:b1:ab:
2c:2d:6e:ff:17:ae:9f:42:d2:0a:cc:eb:d8:b2:eb:23:64:f7:
64:54:5e:9e:ee:e5:aa:c6:2a:02:6a:1b:8f:29:d5:82:77:ce:
ac:57:71:e7:4a:37:42:db:46:d5:8b:84:a4:3b:f0:65:f2:db:
71:2e:b9:f6:41:46:e0:71:58:e6:d2:1d:f5:27:08:66:26:25:
49:1c:ae:25:d6:5e:63:e9:ac:ee:ef:6c:04:df:ca:8b:23:64:
a3:6a:3d:1e:92:84:64:c4:c2:a9:8c:23:7e:59:72:1f:c6:5e:
df:60:47:d1:40:ab:22:1c:0c:5c:7c:82:0a:98:07:27:36:88:
8b:87:9c:c6:07:98:3f:98:e1:2b:cc:e2:fe:2f:ec:b7:05:13:
43:6f:c1:4c:f4:e1:c5:14:d0:fc:d1:ef:0d:c7:9f:31:68:2d:
b2:19:2e:40:be:d5:7a:4e:e1:a6:43:dc:9a:09:ca:d0:bc:50:
2c:ef:2c:8c:74:df:4b:11:79:34:0c:3d:ca:7b:ae:65:0b:e4:
35:0a:9c:be:85:b6:59:72:f5:26:b8:64:f7:3b:b6:37:48:90:
30:c7:f8:72:fe:d5:c2:1c:a4:f5:58:c1:f0:52:b7:78:a3:9b:
27:db:cd:ac
-----BEGIN CERTIFICATE-----
MIIE8DCCA9igAwIBAgIEAKWiYDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
ODZmMGE0ZGEyMzczMjA1ZWYzNDQ1ZDI4ZTI2MGMyODQ2ODRiNzRiMB4XDTIyMDEw
MTAyNTYwOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNzA2OTZkNGRhYmIy
NGQzMjdkYjMzM2JjM2I0YjkzZWZjMGRjYTRlYzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALKrj0PwO4RJNtkWHED4rekKowlxhZqVsUSBsmw9ziiueMBK
JwVoYlaN/wA//jWshbG4FTbzouhf9W6Vr7axoIXN742d+oiB5fLZXUjEccMMyLio
6bErns4FIJYpxtYWToqFxNiQr1Ld3dn4Syc8WlxlkkpXcvQIz+GECwP0O+QkXepf
N9M5w90bIrzm075rlmGACLsws9BFQxbVQXLrR9vhQv3/T3UOo4e1GolFqee1IxB3
WZRr7IU8Jb0V1MqF3bVLTmJYOjgyBgnONXVFTwiAZjBXeQK7oK2/YNO+VfJ0/gH7
M2KiHhZZQp4cz1lL4hjJIQbWbSkEZS0RPzT0cV0CAwEAAaOCAgowggIGMB0GA1Ud
DgQWBBRwaW1Nq7JNMn2zM7w7S5PvwNyk7DAfBgNVHSMEGDAWgBRobwpNojcyBe80
RdKOJgwoRoS3SzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2FHOEtUYUkzTWdYdk5FWFNqaVlNS0VhRXQwcy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMWQvYTIzOTZjLTJkZmQtNDVmNi1hYTM0LTU0YzFkYzU3NDE0NS8x
L2NHbHRUYXV5VFRKOXN6TzhPMHVUNzhEY3BPdy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMWQv
YTIzOTZjLTJkZmQtNDVmNi1hYTM0LTU0YzFkYzU3NDE0NS8xL2FHOEtUYUkzTWdY
dk5FWFNqaVlNS0VhRXQwcy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAg
BggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFAyoR28AwDQYJKoZIhvcNAQELBQAD
ggEBAIgu5H2wzHaeXJgsETDzccOxqywtbv8Xrp9C0grM69iy6yNk92RUXp7u5arG
KgJqG48p1YJ3zqxXcedKN0LbRtWLhKQ78GXy23EuufZBRuBxWObSHfUnCGYmJUkc
riXWXmPprO7vbATfyosjZKNqPR6ShGTEwqmMI35Zch/GXt9gR9FAqyIcDFx8ggqY
Byc2iIuHnMYHmD+Y4SvM4v4v7LcFE0NvwUz04cUU0PzR7w3HnzFoLbIZLkC+1XpO
4aZD3JoJytC8UCzvLIx030sReTQMPcp7rmUL5DUKnL6Ftlly9Sa4ZPc7tjdIkDDH
+HL+1cIcpPVYwfBSt3ijmyfbzaw=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:49 2023 by rpki-client on console-ams.rpki-client.org