Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1d/f9c0f8-bb07-4234-ab06-2b1aaae880ea/1/v4QjrWmy-b7lFBEjXE7lTJDU5KA.roa
File: v4QjrWmy-b7lFBEjXE7lTJDU5KA.roa (raw, json)
Hash identifier: P2Z2qv9o+g8RdMeYzICwoeO1746bjEnfOQI6J5wucE4=
Subject key identifier: BF:84:23:AD:69:B2:F9:BE:E5:14:11:23:5C:4E:E5:4C:90:D4:E4:A0
Certificate issuer: /CN=0dcef0e1fa4a0088ff8d7b91b8a864eed9ec61dc
Certificate serial: 0185703977055CEFF41CFD314F698E990ADB
Authority key identifier: 0D:CE:F0:E1:FA:4A:00:88:FF:8D:7B:91:B8:A8:64:EE:D9:EC:61:DC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Dc7w4fpKAIj_jXuRuKhk7tnsYdw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1d/f9c0f8-bb07-4234-ab06-2b1aaae880ea/1/v4QjrWmy-b7lFBEjXE7lTJDU5KA.roa
Signing time: Mon 02 Jan 2023 02:04:52 +0000
ROA not before: Mon 02 Jan 2023 02:04:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204790
IP address blocks: 2a11:c480::/29 maxlen: 29
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:39:77:05:5c:ef:f4:1c:fd:31:4f:69:8e:99:0a:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0dcef0e1fa4a0088ff8d7b91b8a864eed9ec61dc
Validity
Not Before: Jan 2 02:04:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bf8423ad69b2f9bee51411235c4ee54c90d4e4a0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:25:f8:cd:e4:4d:c2:7d:3a:91:6e:7f:e9:11:
c2:4b:b5:5b:88:85:93:df:39:5a:85:fd:cf:97:e8:
1e:2a:51:62:9c:33:d0:2b:27:8c:df:c7:fc:ef:e1:
95:92:44:98:ef:87:34:cf:81:34:89:09:35:09:80:
15:4c:da:16:88:42:4a:be:87:05:f8:ec:57:9d:d0:
b2:38:05:03:83:e4:c9:7d:f8:53:8b:ff:19:29:78:
c3:d5:e3:10:91:19:98:65:d5:2f:37:b7:18:bd:4b:
80:ef:83:49:84:40:7d:90:ac:b8:4d:9c:49:6e:cd:
85:3c:ce:41:6c:27:79:8a:52:b0:44:1f:63:f4:86:
05:08:48:af:17:84:74:84:34:20:c4:ff:73:69:ca:
fc:ae:f7:42:cf:27:f5:76:8b:4e:ef:c4:6e:d0:23:
1a:23:86:68:4e:03:1e:61:ce:5a:7e:f7:cb:0b:29:
54:50:80:d0:5c:f5:83:3e:f1:d1:9c:5e:b0:e6:ca:
7a:0f:10:63:ac:be:76:10:91:f3:bf:d1:a7:7b:01:
f9:49:85:47:ff:13:a9:95:86:e6:3e:14:70:8f:80:
e4:64:b6:b5:38:e3:30:85:a7:c2:60:3a:3d:ff:54:
37:b3:fb:8a:e2:b3:b6:0b:2b:00:71:86:af:c7:bf:
d6:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:84:23:AD:69:B2:F9:BE:E5:14:11:23:5C:4E:E5:4C:90:D4:E4:A0
X509v3 Authority Key Identifier:
keyid:0D:CE:F0:E1:FA:4A:00:88:FF:8D:7B:91:B8:A8:64:EE:D9:EC:61:DC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Dc7w4fpKAIj_jXuRuKhk7tnsYdw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/f9c0f8-bb07-4234-ab06-2b1aaae880ea/1/v4QjrWmy-b7lFBEjXE7lTJDU5KA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/f9c0f8-bb07-4234-ab06-2b1aaae880ea/1/Dc7w4fpKAIj_jXuRuKhk7tnsYdw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:c480::/29
Signature Algorithm: sha256WithRSAEncryption
2f:0e:64:7b:d2:e6:89:8f:cb:77:09:dc:b4:77:22:e9:01:24:
33:17:ba:0d:c4:2c:16:5d:52:e5:10:36:03:5a:b0:98:14:ca:
f1:01:b4:6a:16:be:55:3e:28:6b:33:8a:29:9b:d5:0c:57:18:
1a:b3:0e:ff:4a:c1:a0:a3:1b:ce:a4:04:fb:b6:f3:52:f3:dd:
93:0f:5f:48:11:e4:28:6c:d3:7b:1a:82:91:7f:77:4c:57:66:
71:5e:3e:10:ea:85:33:78:e0:73:3c:1a:4b:a8:ab:91:ee:ed:
4a:9a:b1:8d:dc:0a:26:de:4a:dc:c2:5a:3f:ba:43:3d:68:71:
86:77:b9:c6:dd:a1:30:24:49:55:ee:60:e5:88:a9:97:2a:ee:
c7:e4:3b:23:81:a4:a3:c9:7b:22:0c:a0:66:c2:40:09:87:19:
e1:67:a7:aa:07:21:1f:c3:97:c6:1d:9b:1a:19:92:96:5c:63:
9b:36:a6:9c:e2:6d:d6:13:59:82:03:9c:37:f2:36:66:01:48:
3d:9f:18:22:dc:4d:45:02:29:84:96:f8:77:7e:b5:a3:bd:93:
39:57:9b:a2:be:2e:ef:9b:2b:34:20:47:1c:9a:5f:a5:ee:2a:
12:e1:55:33:b1:c5:2c:0f:b4:5f:b1:12:2c:f6:32:31:cb:0d:
25:96:4c:14
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYVwOXcFXO/0HP0xT2mOmQrbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkY2VmMGUxZmE0YTAwODhmZjhkN2I5MWI4YTg2NGVlZDll
YzYxZGMwHhcNMjMwMTAyMDIwNDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZjg0MjNhZDY5YjJmOWJlZTUxNDExMjM1YzRlZTU0YzkwZDRlNGEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5yX4zeRNwn06kW5/6RHCS7VbiIWT
3zlahf3Pl+geKlFinDPQKyeM38f87+GVkkSY74c0z4E0iQk1CYAVTNoWiEJKvocF
+OxXndCyOAUDg+TJffhTi/8ZKXjD1eMQkRmYZdUvN7cYvUuA74NJhEB9kKy4TZxJ
bs2FPM5BbCd5ilKwRB9j9IYFCEivF4R0hDQgxP9zacr8rvdCzyf1dotO78Ru0CMa
I4ZoTgMeYc5afvfLCylUUIDQXPWDPvHRnF6w5sp6DxBjrL52EJHzv9GnewH5SYVH
/xOplYbmPhRwj4DkZLa1OOMwhafCYDo9/1Q3s/uK4rO2CysAcYavx7/WfwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFL+EI61psvm+5RQRI1xO5UyQ1OSgMB8GA1UdIwQY
MBaAFA3O8OH6SgCI/417kbioZO7Z7GHcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRGM3dzRmcEtBSWpfalh1UnVLaGs3dG5zWWR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZC9mOWMwZjgtYmIwNy00MjM0LWFiMDYt
MmIxYWFhZTg4MGVhLzEvdjRRanJXbXktYjdsRkJFalhFN2xUSkRVNUtBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZC9mOWMwZjgtYmIwNy00MjM0LWFiMDYtMmIxYWFhZTg4MGVh
LzEvRGM3dzRmcEtBSWpfalh1UnVLaGs3dG5zWWR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhHEgDAN
BgkqhkiG9w0BAQsFAAOCAQEALw5ke9LmiY/LdwnctHci6QEkMxe6DcQsFl1S5RA2
A1qwmBTK8QG0aha+VT4oazOKKZvVDFcYGrMO/0rBoKMbzqQE+7bzUvPdkw9fSBHk
KGzTexqCkX93TFdmcV4+EOqFM3jgczwaS6irke7tSpqxjdwKJt5K3MJaP7pDPWhx
hne5xt2hMCRJVe5g5Yiplyrux+Q7I4Gko8l7IgygZsJACYcZ4WenqgchH8OXxh2b
GhmSllxjmzamnOJt1hNZggOcN/I2ZgFIPZ8YItxNRQIphJb4d361o72TOVebor4u
75srNCBHHJpfpe4qEuFVM7HFLA+0X7ESLPYyMcsNJZZMFA==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:49 2023 by rpki-client on console-ams.rpki-client.org