Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/be718b-92a9-444b-ae0a-f75e5d853176/1/7LSJgh4cvYY4FB9aM5hUKTCv3YY.roa
File: 7LSJgh4cvYY4FB9aM5hUKTCv3YY.roa (raw, json)
Hash identifier: zeXyF+EoOThgjmnR1j3Bc2tqpWZUW/i/CL2kKoWDDZ0=
Subject key identifier: EC:B4:89:82:1E:1C:BD:86:38:14:1F:5A:33:98:54:29:30:AF:DD:86
Certificate issuer: /CN=07ad752bdd91a0d31640c42304cae2a82f817c75
Certificate serial: 01856FD5083BF4FEEDC6824E1FC88764AEB1
Authority key identifier: 07:AD:75:2B:DD:91:A0:D3:16:40:C4:23:04:CA:E2:A8:2F:81:7C:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/B611K92RoNMWQMQjBMriqC-BfHU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/20/be718b-92a9-444b-ae0a-f75e5d853176/1/7LSJgh4cvYY4FB9aM5hUKTCv3YY.roa
Signing time: Mon 02 Jan 2023 00:15:10 +0000
ROA not before: Mon 02 Jan 2023 00:15:10 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204790
IP address blocks: 2a11:ef80::/29 maxlen: 29
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:d5:08:3b:f4:fe:ed:c6:82:4e:1f:c8:87:64:ae:b1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=07ad752bdd91a0d31640c42304cae2a82f817c75
Validity
Not Before: Jan 2 00:15:10 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ecb489821e1cbd8638141f5a3398542930afdd86
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:57:cb:73:ef:98:2b:11:d2:58:f5:a7:ad:04:
49:3d:59:ac:d1:2f:77:4f:f1:6a:92:a0:70:bb:d3:
af:dc:a9:f9:de:ac:d9:97:13:51:53:57:dc:ed:a0:
dc:81:79:35:84:e9:09:6c:d0:58:ba:d6:15:ff:3a:
9a:06:b7:4b:ac:db:2f:94:7e:6b:31:c1:3b:cd:75:
41:06:d7:0b:f0:97:ca:59:b0:a7:16:60:a9:70:e7:
ab:f5:b5:37:b7:45:5c:b1:de:c1:0d:c6:c3:19:65:
46:00:e1:06:ef:dd:58:ed:12:41:92:46:5f:84:6f:
1c:c5:5a:54:6e:bc:51:5d:f2:fe:1d:ac:4c:36:42:
8c:e5:bc:2d:28:c1:8b:c8:d4:5d:45:0c:d6:88:82:
b5:6f:6a:59:42:6f:de:30:2a:a9:c1:81:15:e5:b0:
ae:5e:73:7f:3a:7d:d5:5f:e0:a9:3f:45:ca:7d:01:
f7:41:45:67:78:53:3e:f6:34:10:48:4c:53:b7:b2:
25:d9:b1:9d:9c:b0:ab:ba:e9:d3:4c:92:86:eb:69:
37:10:38:7c:78:a3:fd:a8:44:09:65:fc:89:e4:e2:
a2:a8:42:1b:00:bf:2d:d7:66:40:20:85:5b:bd:1e:
11:66:60:be:89:63:17:b5:c9:83:29:49:dc:fe:15:
10:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:B4:89:82:1E:1C:BD:86:38:14:1F:5A:33:98:54:29:30:AF:DD:86
X509v3 Authority Key Identifier:
keyid:07:AD:75:2B:DD:91:A0:D3:16:40:C4:23:04:CA:E2:A8:2F:81:7C:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/B611K92RoNMWQMQjBMriqC-BfHU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/be718b-92a9-444b-ae0a-f75e5d853176/1/7LSJgh4cvYY4FB9aM5hUKTCv3YY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/20/be718b-92a9-444b-ae0a-f75e5d853176/1/B611K92RoNMWQMQjBMriqC-BfHU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:ef80::/29
Signature Algorithm: sha256WithRSAEncryption
a5:44:ce:23:b4:e3:69:3d:72:ca:f1:2f:01:91:87:f5:5c:e0:
69:ea:38:d4:03:d4:d3:ba:15:ca:99:04:19:0b:54:27:8d:01:
ae:69:74:bf:8c:83:c3:8c:b0:65:a8:d1:68:e7:7e:15:34:11:
d0:14:92:b7:93:14:3d:05:0a:97:4a:11:cb:8a:a1:e8:2d:d9:
98:ed:7e:ad:cf:c6:68:d4:24:04:ae:87:14:af:c6:7c:45:d5:
e3:29:64:b4:53:a5:3b:d2:d6:93:35:1e:1f:03:39:99:93:d4:
09:e1:60:85:23:34:85:cb:28:1a:f9:43:9f:72:0c:de:a4:94:
07:50:6f:64:25:96:26:c5:e3:ed:49:48:57:9a:97:ee:7e:8c:
22:1f:bc:ec:91:83:78:3d:d2:73:d3:2a:7b:ac:a0:ce:9e:8e:
a0:f0:f4:0b:dd:ec:34:9b:ac:8f:5e:4d:43:bd:94:0a:c9:a0:
7f:62:ae:f3:5e:33:90:3c:e8:54:0d:5d:1a:bc:47:74:ac:45:
05:5a:59:c1:3f:f6:ea:95:54:66:0a:67:75:10:bf:30:3e:f9:
75:41:b1:21:3e:e8:a9:83:f0:20:c6:89:d0:1d:8b:65:65:d7:
dd:a2:61:f5:0a:36:3c:54:65:b5:49:ce:28:d5:bd:7c:53:be:
11:76:1f:48
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYVv1Qg79P7txoJOH8iHZK6xMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA3YWQ3NTJiZGQ5MWEwZDMxNjQwYzQyMzA0Y2FlMmE4MmY4
MTdjNzUwHhcNMjMwMTAyMDAxNTEwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlY2I0ODk4MjFlMWNiZDg2MzgxNDFmNWEzMzk4NTQyOTMwYWZkZDg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArlfLc++YKxHSWPWnrQRJPVms0S93
T/FqkqBwu9Ov3Kn53qzZlxNRU1fc7aDcgXk1hOkJbNBYutYV/zqaBrdLrNsvlH5r
McE7zXVBBtcL8JfKWbCnFmCpcOer9bU3t0Vcsd7BDcbDGWVGAOEG791Y7RJBkkZf
hG8cxVpUbrxRXfL+HaxMNkKM5bwtKMGLyNRdRQzWiIK1b2pZQm/eMCqpwYEV5bCu
XnN/On3VX+CpP0XKfQH3QUVneFM+9jQQSExTt7Il2bGdnLCruunTTJKG62k3EDh8
eKP9qEQJZfyJ5OKiqEIbAL8t12ZAIIVbvR4RZmC+iWMXtcmDKUnc/hUQiwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFOy0iYIeHL2GOBQfWjOYVCkwr92GMB8GA1UdIwQY
MBaAFAetdSvdkaDTFkDEIwTK4qgvgXx1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQjYxMUs5MlJvTk1XUU1RakJNcmlxQy1CZkhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMC9iZTcxOGItOTJhOS00NDRiLWFlMGEt
Zjc1ZTVkODUzMTc2LzEvN0xTSmdoNGN2WVk0RkI5YU01aFVLVEN2M1lZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMC9iZTcxOGItOTJhOS00NDRiLWFlMGEtZjc1ZTVkODUzMTc2
LzEvQjYxMUs5MlJvTk1XUU1RakJNcmlxQy1CZkhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhHvgDAN
BgkqhkiG9w0BAQsFAAOCAQEApUTOI7TjaT1yyvEvAZGH9Vzgaeo41APU07oVypkE
GQtUJ40Brml0v4yDw4ywZajRaOd+FTQR0BSSt5MUPQUKl0oRy4qh6C3ZmO1+rc/G
aNQkBK6HFK/GfEXV4ylktFOlO9LWkzUeHwM5mZPUCeFghSM0hcsoGvlDn3IM3qSU
B1BvZCWWJsXj7UlIV5qX7n6MIh+87JGDeD3Sc9Mqe6ygzp6OoPD0C93sNJusj15N
Q72UCsmgf2Ku814zkDzoVA1dGrxHdKxFBVpZwT/26pVUZgpndRC/MD75dUGxIT7o
qYPwIMaJ0B2LZWXX3aJh9Qo2PFRltUnOKNW9fFO+EXYfSA==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:56 2023 by rpki-client on console-ams.rpki-client.org