Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/be718b-92a9-444b-ae0a-f75e5d853176/1/DB6EzD1Ze-26dAq1B6rrPhIE3IQ.roa
File: DB6EzD1Ze-26dAq1B6rrPhIE3IQ.roa (raw, json)
Hash identifier: rnD5KZW5+haIdPcQOaih+k/9Bj0ss0YjjcNEUWU/Kpg=
Subject key identifier: 0C:1E:84:CC:3D:59:7B:ED:BA:74:0A:B5:07:AA:EB:3E:12:04:DC:84
Certificate issuer: /CN=07ad752bdd91a0d31640c42304cae2a82f817c75
Certificate serial: A7E435
Authority key identifier: 07:AD:75:2B:DD:91:A0:D3:16:40:C4:23:04:CA:E2:A8:2F:81:7C:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/B611K92RoNMWQMQjBMriqC-BfHU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/20/be718b-92a9-444b-ae0a-f75e5d853176/1/DB6EzD1Ze-26dAq1B6rrPhIE3IQ.roa
Signing time: Sat 01 Jan 2022 08:04:23 +0000
ROA not before: Sat 01 Jan 2022 08:04:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 204790
IP address blocks: 2a11:ef80::/29 maxlen: 29
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 11002933 (0xa7e435)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=07ad752bdd91a0d31640c42304cae2a82f817c75
Validity
Not Before: Jan 1 08:04:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0c1e84cc3d597bedba740ab507aaeb3e1204dc84
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:51:56:34:04:da:3e:50:f3:e9:f0:9f:c7:c7:
ae:14:f6:1e:f0:58:e3:8d:57:2e:37:bb:35:07:86:
c3:7c:89:10:69:d8:c3:b2:46:93:e6:f7:0a:9b:07:
d0:36:06:61:32:ea:50:7b:5d:48:05:6d:0a:d9:06:
3b:1b:e4:30:39:57:f0:26:f9:d7:79:dc:ac:8c:06:
95:94:84:42:85:cd:f0:30:03:3f:b4:b6:5f:b0:f5:
12:53:25:69:a0:82:52:e8:36:d3:f6:b0:75:e9:0f:
c8:ee:bc:e6:5b:ec:92:44:19:ae:cf:1f:3e:43:7b:
c6:d9:18:c9:d7:fa:41:1f:26:05:e6:a9:f1:9a:a2:
e2:05:de:b8:0a:74:d2:d3:fd:e5:44:7d:d6:e6:1c:
92:ce:46:7a:97:84:d6:51:b3:4f:14:94:a4:0c:a1:
97:9e:a5:4b:40:d9:50:80:51:a5:cb:83:59:e7:66:
2b:6d:1d:65:f3:b5:25:9a:b3:b4:94:0e:7e:52:a0:
3d:0a:25:68:b2:b8:84:d2:9e:71:c5:ee:1d:2f:83:
b3:cc:9f:a9:bf:83:69:38:1d:35:4a:4b:e3:da:2c:
a8:36:ee:4a:e5:56:c3:00:35:71:00:7b:8b:8a:b4:
9f:73:78:fd:d0:4f:4c:f5:36:20:bf:ba:1c:99:0d:
fe:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:1E:84:CC:3D:59:7B:ED:BA:74:0A:B5:07:AA:EB:3E:12:04:DC:84
X509v3 Authority Key Identifier:
keyid:07:AD:75:2B:DD:91:A0:D3:16:40:C4:23:04:CA:E2:A8:2F:81:7C:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/B611K92RoNMWQMQjBMriqC-BfHU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/be718b-92a9-444b-ae0a-f75e5d853176/1/DB6EzD1Ze-26dAq1B6rrPhIE3IQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/20/be718b-92a9-444b-ae0a-f75e5d853176/1/B611K92RoNMWQMQjBMriqC-BfHU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:ef80::/29
Signature Algorithm: sha256WithRSAEncryption
1f:00:66:72:d6:32:dd:cf:06:53:10:c5:7f:36:7d:da:63:7f:
d5:21:e6:61:bc:88:87:48:77:ce:df:02:c3:e3:7c:d3:c4:a1:
6d:1d:0f:a7:b4:5f:59:f8:70:04:31:5d:30:6d:16:d7:bd:0e:
39:25:96:83:32:bf:51:14:64:b9:bb:e5:ce:77:a7:1f:39:dc:
62:83:df:41:50:01:57:10:70:e8:6e:80:7e:b3:7d:1b:0b:dc:
90:fa:96:2d:67:cf:16:fd:78:c0:19:ca:1b:35:23:47:f2:d6:
56:5e:46:c1:21:b8:61:86:c2:67:71:cb:13:50:cd:5b:13:a8:
71:74:7f:e8:14:85:08:8a:91:9c:3b:70:51:25:b0:f0:c5:92:
2c:60:97:53:2f:0a:a2:96:af:72:1a:77:1b:1f:df:08:a3:71:
d6:a2:88:0c:3e:0b:bd:48:7b:b4:45:fa:4a:0c:77:2d:c0:50:
5d:46:02:1e:e7:ae:60:ba:b3:c6:dd:76:ae:c8:7b:db:90:cb:
88:da:76:a9:ea:97:a1:b2:d2:0d:d3:bc:80:ff:57:bd:67:4d:
0a:3a:07:56:5a:ff:aa:21:d5:ba:94:c9:24:5d:39:25:bc:b7:
a3:e0:e3:e7:cb:e1:40:4a:aa:b9:14:b4:b8:85:dc:d4:49:6c:
00:18:9b:88
-----BEGIN CERTIFICATE-----
MIIE8DCCA9igAwIBAgIEAKfkNTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
N2FkNzUyYmRkOTFhMGQzMTY0MGM0MjMwNGNhZTJhODJmODE3Yzc1MB4XDTIyMDEw
MTA4MDQyM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMGMxZTg0Y2MzZDU5
N2JlZGJhNzQwYWI1MDdhYWViM2UxMjA0ZGM4NDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAORRVjQE2j5Q8+nwn8fHrhT2HvBY441XLje7NQeGw3yJEGnY
w7JGk+b3CpsH0DYGYTLqUHtdSAVtCtkGOxvkMDlX8Cb513ncrIwGlZSEQoXN8DAD
P7S2X7D1ElMlaaCCUug20/awdekPyO685lvskkQZrs8fPkN7xtkYydf6QR8mBeap
8Zqi4gXeuAp00tP95UR91uYcks5GepeE1lGzTxSUpAyhl56lS0DZUIBRpcuDWedm
K20dZfO1JZqztJQOflKgPQolaLK4hNKeccXuHS+Ds8yfqb+DaTgdNUpL49osqDbu
SuVWwwA1cQB7i4q0n3N4/dBPTPU2IL+6HJkN/l0CAwEAAaOCAgowggIGMB0GA1Ud
DgQWBBQMHoTMPVl77bp0CrUHqus+EgTchDAfBgNVHSMEGDAWgBQHrXUr3ZGg0xZA
xCMEyuKoL4F8dTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0I2MTFLOTJSb05NV1FNUWpCTXJpcUMtQmZIVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjAvYmU3MThiLTkyYTktNDQ0Yi1hZTBhLWY3NWU1ZDg1MzE3Ni8x
L0RCNkV6RDFaZS0yNmRBcTFCNnJyUGhJRTNJUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjAv
YmU3MThiLTkyYTktNDQ0Yi1hZTBhLWY3NWU1ZDg1MzE3Ni8xL0I2MTFLOTJSb05N
V1FNUWpCTXJpcUMtQmZIVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAg
BggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFAyoR74AwDQYJKoZIhvcNAQELBQAD
ggEBAB8AZnLWMt3PBlMQxX82fdpjf9Uh5mG8iIdId87fAsPjfNPEoW0dD6e0X1n4
cAQxXTBtFte9DjklloMyv1EUZLm75c53px853GKD30FQAVcQcOhugH6zfRsL3JD6
li1nzxb9eMAZyhs1I0fy1lZeRsEhuGGGwmdxyxNQzVsTqHF0f+gUhQiKkZw7cFEl
sPDFkixgl1MvCqKWr3Iadxsf3wijcdaiiAw+C71Ie7RF+koMdy3AUF1GAh7nrmC6
s8bddq7Ie9uQy4jadqnql6Gy0g3TvID/V71nTQo6B1Za/6oh1bqUySRdOSW8t6Pg
4+fL4UBKqrkUtLiF3NRJbAAYm4g=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:45:09 2023 by rpki-client on console-fra.rpki-client.org