Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1e/fe9eb3-3b1b-4ff4-a374-5a5d0bd8760e/1/iDoSqKc6llKQxGfTmZCZ2YcY4cs.roa
File: iDoSqKc6llKQxGfTmZCZ2YcY4cs.roa (raw, json)
Hash identifier: es0ka58c7y8IgQ5dN6WBs931acMAS5ZhFggaGnqiGkE=
Subject key identifier: 88:3A:12:A8:A7:3A:96:52:90:C4:67:D3:99:90:99:D9:87:18:E1:CB
Certificate issuer: /CN=1f4439c757b6b646df16844f5a529ee27520736e
Certificate serial: 018F154846FC990996810F3B942604F970BE
Authority key identifier: 1F:44:39:C7:57:B6:B6:46:DF:16:84:4F:5A:52:9E:E2:75:20:73:6E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/H0Q5x1e2tkbfFoRPWlKe4nUgc24.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1e/fe9eb3-3b1b-4ff4-a374-5a5d0bd8760e/1/iDoSqKc6llKQxGfTmZCZ2YcY4cs.roa
Signing time: Thu 25 Apr 2024 12:43:29 +0000
ROA not before: Thu 25 Apr 2024 12:43:29 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15377
IP address blocks: 2a14:45c0::/29 maxlen: 29
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:15:48:46:fc:99:09:96:81:0f:3b:94:26:04:f9:70:be
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1f4439c757b6b646df16844f5a529ee27520736e
Validity
Not Before: Apr 25 12:43:29 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=883a12a8a73a965290c467d3999099d98718e1cb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:27:be:8e:c8:68:f2:ee:1f:9f:25:08:0e:71:
71:a0:6c:00:5e:af:9a:ec:0b:0a:84:5e:dc:61:3a:
64:98:da:9f:2b:8c:47:53:57:17:2b:bc:4a:25:1f:
70:68:76:3e:fa:2e:b3:fa:e7:73:3c:51:28:51:43:
bc:46:22:b5:ae:be:c8:98:e0:c2:26:b4:12:51:8c:
3b:08:f3:f9:9e:fa:53:a1:cc:35:c9:38:b4:04:5c:
03:b2:e3:e3:09:db:cf:ae:42:54:3c:98:06:71:4d:
64:66:41:13:15:08:57:08:d7:cb:63:b8:5b:71:60:
d6:43:39:f1:c4:66:64:e9:97:30:d5:a2:e4:a4:f5:
10:b2:77:4e:05:ec:f7:2a:17:58:51:14:c4:43:a9:
e2:83:01:d6:66:6c:c4:59:5a:55:f6:b2:e3:1b:97:
de:24:83:6d:6d:c2:1c:52:a8:c4:39:78:36:61:d0:
85:ff:14:0c:f8:5e:c4:47:50:12:63:18:07:4d:bf:
be:34:47:e1:60:97:e5:2c:b9:80:52:08:7c:1d:43:
f1:36:ce:5c:e6:39:5b:77:1c:c5:54:af:47:d1:ae:
23:41:62:0d:bf:2b:45:87:91:49:7a:a0:07:c3:15:
74:60:f7:5b:0c:52:e2:29:98:37:70:88:1b:25:9c:
42:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:3A:12:A8:A7:3A:96:52:90:C4:67:D3:99:90:99:D9:87:18:E1:CB
X509v3 Authority Key Identifier:
keyid:1F:44:39:C7:57:B6:B6:46:DF:16:84:4F:5A:52:9E:E2:75:20:73:6E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/H0Q5x1e2tkbfFoRPWlKe4nUgc24.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/fe9eb3-3b1b-4ff4-a374-5a5d0bd8760e/1/iDoSqKc6llKQxGfTmZCZ2YcY4cs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/fe9eb3-3b1b-4ff4-a374-5a5d0bd8760e/1/H0Q5x1e2tkbfFoRPWlKe4nUgc24.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:45c0::/29
Signature Algorithm: sha256WithRSAEncryption
06:6f:97:34:ab:62:15:b8:2a:89:32:56:b6:50:16:9d:0f:23:
5d:9f:51:ce:e2:9c:96:fb:54:64:90:c7:26:73:18:dd:2d:d6:
23:28:77:2e:dc:be:1a:80:c6:12:ac:86:79:6e:d8:cf:dd:46:
3d:d5:68:cd:0a:53:07:f8:d0:bb:93:ba:0b:de:ca:a3:e1:b9:
97:53:f0:8e:dc:7d:71:c6:99:f6:d8:54:a1:71:7a:76:b4:f0:
97:d5:b6:44:19:d6:33:0a:57:4c:cd:e9:26:3a:64:e2:83:4d:
11:47:16:70:d8:b8:1d:e8:12:28:c1:bd:1b:3f:c6:36:1b:4b:
27:a3:b1:31:ba:6a:0e:6f:95:4f:f0:92:f3:41:fd:10:3e:f1:
50:0d:31:c9:cb:4a:d5:ad:a8:ea:11:84:e2:af:c9:8f:5b:2a:
33:da:66:5b:3a:ae:83:3a:cc:bc:3b:89:bc:01:dc:66:57:ac:
41:d2:14:bd:fb:af:aa:6a:0a:62:91:d3:7c:11:7f:76:73:d7:
ac:76:3a:02:16:96:cc:26:80:f5:31:64:fe:71:d2:49:ec:4d:
89:96:f4:c0:cf:45:c2:f4:65:37:fd:dd:69:2c:00:67:e9:9b:
72:1c:43:0c:70:4e:cb:23:66:cb:c7:b5:f1:b2:75:d3:f5:e0:
ee:c9:b5:16
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAY8VSEb8mQmWgQ87lCYE+XC+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmNDQzOWM3NTdiNmI2NDZkZjE2ODQ0ZjVhNTI5ZWUyNzUy
MDczNmUwHhcNMjQwNDI1MTI0MzI5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ODNhMTJhOGE3M2E5NjUyOTBjNDY3ZDM5OTkwOTlkOTg3MThlMWNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApSe+jsho8u4fnyUIDnFxoGwAXq+a
7AsKhF7cYTpkmNqfK4xHU1cXK7xKJR9waHY++i6z+udzPFEoUUO8RiK1rr7ImODC
JrQSUYw7CPP5nvpTocw1yTi0BFwDsuPjCdvPrkJUPJgGcU1kZkETFQhXCNfLY7hb
cWDWQznxxGZk6Zcw1aLkpPUQsndOBez3KhdYURTEQ6nigwHWZmzEWVpV9rLjG5fe
JINtbcIcUqjEOXg2YdCF/xQM+F7ER1ASYxgHTb++NEfhYJflLLmAUgh8HUPxNs5c
5jlbdxzFVK9H0a4jQWINvytFh5FJeqAHwxV0YPdbDFLiKZg3cIgbJZxCUQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFIg6EqinOpZSkMRn05mQmdmHGOHLMB8GA1UdIwQY
MBaAFB9EOcdXtrZG3xaET1pSnuJ1IHNuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSDBRNXgxZTJ0a2JmRm9SUFdsS2U0blVnYzI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZS9mZTllYjMtM2IxYi00ZmY0LWEzNzQt
NWE1ZDBiZDg3NjBlLzEvaURvU3FLYzZsbEtReEdmVG1aQ1oyWWNZNGNzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZS9mZTllYjMtM2IxYi00ZmY0LWEzNzQtNWE1ZDBiZDg3NjBl
LzEvSDBRNXgxZTJ0a2JmRm9SUFdsS2U0blVnYzI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhRFwDAN
BgkqhkiG9w0BAQsFAAOCAQEABm+XNKtiFbgqiTJWtlAWnQ8jXZ9RzuKclvtUZJDH
JnMY3S3WIyh3Lty+GoDGEqyGeW7Yz91GPdVozQpTB/jQu5O6C97Ko+G5l1Pwjtx9
ccaZ9thUoXF6drTwl9W2RBnWMwpXTM3pJjpk4oNNEUcWcNi4HegSKMG9Gz/GNhtL
J6OxMbpqDm+VT/CS80H9ED7xUA0xyctK1a2o6hGE4q/Jj1sqM9pmWzqugzrMvDuJ
vAHcZlesQdIUvfuvqmoKYpHTfBF/dnPXrHY6AhaWzCaA9TFk/nHSSexNiZb0wM9F
wvRlN/3daSwAZ+mbchxDDHBOyyNmy8e18bJ10/Xg7sm1Fg==
-----END CERTIFICATE-----
Generated at Sun Apr 20 17:46:53 2025 by rpki-client