Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/23/6453c0-47f8-4cf8-a2fb-524c4ef230c9/1/Ded1RtuwlcETIjwKAqNiFzBUehQ.roa
File: Ded1RtuwlcETIjwKAqNiFzBUehQ.roa (raw, json)
Hash identifier: W8oPOZpD6vQMLtKmexPf8igTj8ASW37ULNt1MwGwCuw=
Subject key identifier: 0D:E7:75:46:DB:B0:95:C1:13:22:3C:0A:02:A3:62:17:30:54:7A:14
Certificate issuer: /CN=2c9dec8ecd012596869b51483c20e94dd9b41fc4
Certificate serial: 0104218D
Authority key identifier: 2C:9D:EC:8E:CD:01:25:96:86:9B:51:48:3C:20:E9:4D:D9:B4:1F:C4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LJ3sjs0BJZaGm1FIPCDpTdm0H8Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/23/6453c0-47f8-4cf8-a2fb-524c4ef230c9/1/Ded1RtuwlcETIjwKAqNiFzBUehQ.roa
Signing time: Sat 01 Jan 2022 08:04:36 +0000
ROA not before: Sat 01 Jan 2022 08:04:36 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 204790
IP address blocks: 2a11:e40::/29 maxlen: 29
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17047949 (0x104218d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2c9dec8ecd012596869b51483c20e94dd9b41fc4
Validity
Not Before: Jan 1 08:04:36 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0de77546dbb095c113223c0a02a3621730547a14
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:d1:90:2f:a2:36:b7:22:4e:f8:8d:cb:9e:00:
3b:38:e4:fd:24:c1:f6:ca:db:85:57:47:c8:22:c8:
57:2e:32:b0:13:2d:8e:47:d4:88:0b:52:12:93:7c:
40:a7:52:80:fa:83:75:7f:12:be:73:45:78:01:8f:
2d:35:d1:b6:e5:87:ae:fe:b7:4d:e5:1f:b7:a0:88:
fe:2d:e9:48:5a:b8:a1:01:37:35:5b:51:c9:6a:76:
b1:61:5f:02:8a:68:e5:8f:eb:18:ac:91:ba:1c:e6:
a5:12:67:75:92:a1:f4:03:8c:36:b9:df:bf:36:f2:
e9:13:db:cc:35:92:6b:9e:f2:53:7b:b7:43:1b:4e:
b3:e5:91:70:53:c5:ee:a4:90:33:6f:97:37:d4:6b:
0d:fd:18:79:41:f2:b6:fb:ce:8d:54:02:8b:1a:6b:
e8:b7:41:3a:04:dc:dc:fe:c5:af:ec:25:59:ed:5e:
76:9e:87:4b:b0:5a:0a:9f:42:71:21:d1:3a:95:1f:
26:6e:c5:16:2f:4b:c5:a0:0a:6f:34:10:cd:dd:a1:
ce:8b:ba:81:6b:4d:58:ee:ba:94:d5:e3:7a:ca:ec:
97:04:c2:03:d6:c5:7a:06:a5:fa:a8:a1:a1:a4:89:
79:8b:f1:a5:b7:7c:f3:7f:14:4a:60:74:a9:16:8f:
7f:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:E7:75:46:DB:B0:95:C1:13:22:3C:0A:02:A3:62:17:30:54:7A:14
X509v3 Authority Key Identifier:
keyid:2C:9D:EC:8E:CD:01:25:96:86:9B:51:48:3C:20:E9:4D:D9:B4:1F:C4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LJ3sjs0BJZaGm1FIPCDpTdm0H8Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/23/6453c0-47f8-4cf8-a2fb-524c4ef230c9/1/Ded1RtuwlcETIjwKAqNiFzBUehQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/23/6453c0-47f8-4cf8-a2fb-524c4ef230c9/1/LJ3sjs0BJZaGm1FIPCDpTdm0H8Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:e40::/29
Signature Algorithm: sha256WithRSAEncryption
60:b9:49:c2:7d:7e:23:7e:a6:50:de:c0:39:c4:ee:12:6c:74:
42:80:91:a8:7c:a5:2d:f3:26:b3:d5:4e:36:40:03:ba:95:af:
4e:ad:ef:2b:d6:d9:a8:8b:4e:b9:c5:4e:e3:fb:4a:12:cd:49:
a3:b0:37:04:88:a3:e4:27:4e:9d:6c:34:9e:08:d3:40:d5:83:
ba:e6:6a:6f:05:29:b7:b3:f0:fe:19:33:9a:97:74:34:a2:4a:
86:25:f7:31:e2:f7:e1:bf:48:21:34:e9:0c:28:6a:79:a0:e3:
6a:ff:d8:43:89:87:32:c0:b1:bc:d0:8d:8a:73:15:2d:c9:49:
42:5a:f0:04:ca:65:34:66:ec:dc:9f:92:7f:fe:cb:67:73:d8:
b0:6f:d2:23:5f:fd:76:84:41:5f:b1:e5:ba:77:4c:a3:d7:ce:
df:0e:a9:dc:62:4a:ba:7a:e6:3f:b1:21:c4:66:a9:80:3f:a6:
1e:2c:8b:bc:d8:b5:12:e9:a0:18:e2:b9:92:ab:d6:0b:f1:e8:
2d:2a:f8:00:5f:0f:64:cf:f5:9e:77:79:ba:5c:ca:15:60:88:
c1:70:76:ba:df:25:f7:6e:6a:d8:88:3d:df:53:af:b9:81:72:
55:1b:90:a5:f7:05:cc:4c:67:8a:93:77:b4:5e:ce:a2:4a:a0:
12:46:b6:d1
-----BEGIN CERTIFICATE-----
MIIE8DCCA9igAwIBAgIEAQQhjTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
YzlkZWM4ZWNkMDEyNTk2ODY5YjUxNDgzYzIwZTk0ZGQ5YjQxZmM0MB4XDTIyMDEw
MTA4MDQzNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMGRlNzc1NDZkYmIw
OTVjMTEzMjIzYzBhMDJhMzYyMTczMDU0N2ExNDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALHRkC+iNrciTviNy54AOzjk/STB9srbhVdHyCLIVy4ysBMt
jkfUiAtSEpN8QKdSgPqDdX8SvnNFeAGPLTXRtuWHrv63TeUft6CI/i3pSFq4oQE3
NVtRyWp2sWFfAopo5Y/rGKyRuhzmpRJndZKh9AOMNrnfvzby6RPbzDWSa57yU3u3
QxtOs+WRcFPF7qSQM2+XN9RrDf0YeUHytvvOjVQCixpr6LdBOgTc3P7Fr+wlWe1e
dp6HS7BaCp9CcSHROpUfJm7FFi9LxaAKbzQQzd2hzou6gWtNWO66lNXjesrslwTC
A9bFegal+qihoaSJeYvxpbd8838USmB0qRaPf3sCAwEAAaOCAgowggIGMB0GA1Ud
DgQWBBQN53VG27CVwRMiPAoCo2IXMFR6FDAfBgNVHSMEGDAWgBQsneyOzQElloab
UUg8IOlN2bQfxDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0xKM3NqczBCSlphR20xRklQQ0RwVGRtMEg4US5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjMvNjQ1M2MwLTQ3ZjgtNGNmOC1hMmZiLTUyNGM0ZWYyMzBjOS8x
L0RlZDFSdHV3bGNFVElqd0tBcU5pRnpCVWVoUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjMv
NjQ1M2MwLTQ3ZjgtNGNmOC1hMmZiLTUyNGM0ZWYyMzBjOS8xL0xKM3NqczBCSlph
R20xRklQQ0RwVGRtMEg4US5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAg
BggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFAyoRDkAwDQYJKoZIhvcNAQELBQAD
ggEBAGC5ScJ9fiN+plDewDnE7hJsdEKAkah8pS3zJrPVTjZAA7qVr06t7yvW2aiL
TrnFTuP7ShLNSaOwNwSIo+QnTp1sNJ4I00DVg7rmam8FKbez8P4ZM5qXdDSiSoYl
9zHi9+G/SCE06Qwoanmg42r/2EOJhzLAsbzQjYpzFS3JSUJa8ATKZTRm7Nyfkn/+
y2dz2LBv0iNf/XaEQV+x5bp3TKPXzt8OqdxiSrp65j+xIcRmqYA/ph4si7zYtRLp
oBjiuZKr1gvx6C0q+ABfD2TP9Z53ebpcyhVgiMFwdrrfJfduatiIPd9Tr7mBclUb
kKX3BcxMZ4qTd7RezqJKoBJGttE=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:45:16 2023 by rpki-client on console-fra.rpki-client.org