Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/8ed3b7-bb2d-4f4d-9db6-267669f35648/1/eyt_QVUPjopQcS9wA_0IdW_rk7Y.roa
File: eyt_QVUPjopQcS9wA_0IdW_rk7Y.roa (raw, json)
Hash identifier: loBhoCvofFzP3ba3K6lodGH1FElG/NDpGHqD0r/fVpk=
Subject key identifier: 7B:2B:7F:41:55:0F:8E:8A:50:71:2F:70:03:FD:08:75:6F:EB:93:B6
Certificate issuer: /CN=28fd66e43a104633b27bac539b98bdf8ebfac9ae
Certificate serial: 0186180470BEBD3C4BB90116624D59055E45
Authority key identifier: 28:FD:66:E4:3A:10:46:33:B2:7B:AC:53:9B:98:BD:F8:EB:FA:C9:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KP1m5DoQRjOye6xTm5i9-Ov6ya4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/22/8ed3b7-bb2d-4f4d-9db6-267669f35648/1/eyt_QVUPjopQcS9wA_0IdW_rk7Y.roa
Signing time: Fri 03 Feb 2023 16:03:09 +0000
ROA not before: Fri 03 Feb 2023 16:03:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203377
IP address blocks: 2a0a:37c0::/48 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:18:04:70:be:bd:3c:4b:b9:01:16:62:4d:59:05:5e:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=28fd66e43a104633b27bac539b98bdf8ebfac9ae
Validity
Not Before: Feb 3 16:03:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7b2b7f41550f8e8a50712f7003fd08756feb93b6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:0f:39:70:68:01:a2:bc:cb:73:a9:28:ca:d0:
1c:d3:62:de:4a:af:3c:03:4a:ad:33:b0:e2:48:0a:
59:5e:62:87:c0:4d:0b:d0:8a:04:8e:eb:21:b0:29:
20:96:f8:14:bd:df:b5:dd:b4:4d:06:18:16:f4:6d:
aa:b6:45:ac:c1:39:cc:55:96:54:70:59:2a:9d:24:
62:77:5a:0d:fc:ba:b0:73:0c:d5:d1:ca:cc:6c:4a:
f4:7c:f0:df:f7:d5:25:f2:0e:e8:01:bb:d4:ae:12:
26:64:05:58:7e:ac:b2:91:1a:f3:0e:b2:34:d9:7e:
42:c2:b9:59:6d:76:49:77:fa:19:f3:ca:0d:e2:ae:
e4:3b:1f:eb:5e:3a:1e:d6:e6:c7:08:d8:cf:f4:e5:
0c:6e:81:00:57:d5:b5:3b:b1:47:b8:72:10:e1:89:
96:9a:83:f7:d3:dd:56:71:f4:90:d5:2a:53:5b:b6:
ec:01:94:5e:3b:a7:06:fa:05:74:95:bf:9f:a0:3c:
34:4a:1f:4c:99:76:2f:6c:1c:92:d5:9e:c8:d4:3b:
d4:cb:2f:4d:15:77:0a:5f:d2:23:e7:9e:88:54:b0:
6f:6c:6c:4e:1a:d0:d9:8d:fd:3a:e6:7a:6b:72:92:
6f:6c:fb:25:91:17:f1:aa:4c:4d:6a:0a:a6:3a:bf:
74:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7B:2B:7F:41:55:0F:8E:8A:50:71:2F:70:03:FD:08:75:6F:EB:93:B6
X509v3 Authority Key Identifier:
keyid:28:FD:66:E4:3A:10:46:33:B2:7B:AC:53:9B:98:BD:F8:EB:FA:C9:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KP1m5DoQRjOye6xTm5i9-Ov6ya4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/8ed3b7-bb2d-4f4d-9db6-267669f35648/1/eyt_QVUPjopQcS9wA_0IdW_rk7Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/22/8ed3b7-bb2d-4f4d-9db6-267669f35648/1/KP1m5DoQRjOye6xTm5i9-Ov6ya4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0a:37c0::/48
Signature Algorithm: sha256WithRSAEncryption
05:05:d1:22:e5:93:e6:fb:76:5c:a4:de:9e:fb:bf:97:0a:f3:
c7:9b:1b:64:39:a4:6f:e4:73:51:82:74:77:87:76:2d:5d:7b:
02:7e:00:63:10:6a:28:5b:49:83:45:68:94:a2:cf:2f:85:51:
ed:ed:43:52:9f:12:03:6f:92:01:9e:4e:51:9a:f3:ce:6c:e8:
a5:1f:20:92:8d:76:65:66:8b:c8:bd:2f:4b:ec:3f:63:d7:27:
59:f3:b5:76:0a:d1:f5:1c:14:d2:a1:6c:ed:c4:82:25:87:d2:
ee:76:74:bb:04:57:1c:98:7a:ba:db:68:29:67:2a:8a:6c:51:
f8:6a:7d:c0:81:ec:1d:dd:eb:cd:20:d8:dc:87:c6:03:69:f9:
c3:1a:a1:8d:9c:7a:d8:89:1d:d5:9f:22:85:ad:38:3a:92:36:
e2:7d:5c:20:22:70:10:45:c3:31:03:87:1d:d9:f2:39:d3:db:
8a:f1:23:c9:7c:27:1d:82:70:ef:4e:cb:84:d1:31:49:b6:16:
83:1a:8e:1e:6b:84:47:0b:b2:f0:3b:2f:08:58:ef:7f:8d:c6:
56:e7:36:78:eb:a6:83:b0:75:b5:07:96:68:59:3e:cb:d5:b8:
45:14:dc:82:5a:2c:e3:21:3e:6b:7b:28:c4:1f:62:f7:76:c8:
1a:19:f0:cc
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYYYBHC+vTxLuQEWYk1ZBV5FMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI4ZmQ2NmU0M2ExMDQ2MzNiMjdiYWM1MzliOThiZGY4ZWJm
YWM5YWUwHhcNMjMwMjAzMTYwMzA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YjJiN2Y0MTU1MGY4ZThhNTA3MTJmNzAwM2ZkMDg3NTZmZWI5M2I2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoQ85cGgBorzLc6koytAc02LeSq88
A0qtM7DiSApZXmKHwE0L0IoEjushsCkglvgUvd+13bRNBhgW9G2qtkWswTnMVZZU
cFkqnSRid1oN/LqwcwzV0crMbEr0fPDf99Ul8g7oAbvUrhImZAVYfqyykRrzDrI0
2X5CwrlZbXZJd/oZ88oN4q7kOx/rXjoe1ubHCNjP9OUMboEAV9W1O7FHuHIQ4YmW
moP3091WcfSQ1SpTW7bsAZReO6cG+gV0lb+foDw0Sh9MmXYvbByS1Z7I1DvUyy9N
FXcKX9Ij556IVLBvbGxOGtDZjf065nprcpJvbPslkRfxqkxNagqmOr90rQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFHsrf0FVD46KUHEvcAP9CHVv65O2MB8GA1UdIwQY
MBaAFCj9ZuQ6EEYzsnusU5uYvfjr+smuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1AxbTVEb1FSak95ZTZ4VG01aTktT3Y2eWE0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMi84ZWQzYjctYmIyZC00ZjRkLTlkYjYt
MjY3NjY5ZjM1NjQ4LzEvZXl0X1FWVVBqb3BRY1M5d0FfMElkV19yazdZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMi84ZWQzYjctYmIyZC00ZjRkLTlkYjYtMjY3NjY5ZjM1NjQ4
LzEvS1AxbTVEb1FSak95ZTZ4VG01aTktT3Y2eWE0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgo3wAAA
MA0GCSqGSIb3DQEBCwUAA4IBAQAFBdEi5ZPm+3ZcpN6e+7+XCvPHmxtkOaRv5HNR
gnR3h3YtXXsCfgBjEGooW0mDRWiUos8vhVHt7UNSnxIDb5IBnk5RmvPObOilHyCS
jXZlZovIvS9L7D9j1ydZ87V2CtH1HBTSoWztxIIlh9LudnS7BFccmHq622gpZyqK
bFH4an3Agewd3evNINjch8YDafnDGqGNnHrYiR3VnyKFrTg6kjbifVwgInAQRcMx
A4cd2fI509uK8SPJfCcdgnDvTsuE0TFJthaDGo4ea4RHC7LwOy8IWO9/jcZW5zZ4
66aDsHW1B5ZoWT7L1bhFFNyCWizjIT5reyjEH2L3dsgaGfDM
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:58:02 2024 by rpki-client on console-ams.rpki-client.org