Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/23/6453c0-47f8-4cf8-a2fb-524c4ef230c9/1/z-2uqPus3PrCIokL6PwttISTOeg.roa
File: z-2uqPus3PrCIokL6PwttISTOeg.roa (raw, json)
Hash identifier: hkPE9dpiT/J4/5gwpp1AZEnxQNRTSHeY4/ZGnCvEgww=
Subject key identifier: CF:ED:AE:A8:FB:AC:DC:FA:C2:22:89:0B:E8:FC:2D:B4:84:93:39:E8
Certificate issuer: /CN=2c9dec8ecd012596869b51483c20e94dd9b41fc4
Certificate serial: 01856BAED2A5ED501674C5653A3FC64C6FDD
Authority key identifier: 2C:9D:EC:8E:CD:01:25:96:86:9B:51:48:3C:20:E9:4D:D9:B4:1F:C4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LJ3sjs0BJZaGm1FIPCDpTdm0H8Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/23/6453c0-47f8-4cf8-a2fb-524c4ef230c9/1/z-2uqPus3PrCIokL6PwttISTOeg.roa
Signing time: Sun 01 Jan 2023 04:54:57 +0000
ROA not before: Sun 01 Jan 2023 04:54:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204790
IP address blocks: 2a11:e40::/29 maxlen: 29
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:ae:d2:a5:ed:50:16:74:c5:65:3a:3f:c6:4c:6f:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2c9dec8ecd012596869b51483c20e94dd9b41fc4
Validity
Not Before: Jan 1 04:54:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cfedaea8fbacdcfac222890be8fc2db4849339e8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:25:a2:bc:79:ed:e2:c0:cc:e0:23:28:88:47:
3a:8a:a3:a1:59:ae:df:0a:2b:26:d9:78:9a:30:85:
1d:0b:52:30:53:62:cc:d8:c4:d7:be:87:ee:8e:dc:
c5:01:45:49:7f:cb:37:dd:ec:a8:c2:3a:76:ef:d8:
ec:39:42:06:a6:77:b2:df:4d:21:43:04:c4:2e:c5:
45:4f:af:47:42:b1:0a:b6:e3:36:03:4f:e1:0a:5d:
61:7e:52:e8:b0:66:47:8f:f4:31:4e:73:c2:97:9a:
1f:f8:b8:3a:31:bf:92:fa:73:54:65:af:d3:4b:0c:
be:14:3d:96:3c:fa:eb:f7:ce:47:88:92:83:5d:d4:
83:35:71:08:09:f2:7a:9a:2a:69:57:c2:16:e4:d3:
f1:65:68:ee:89:39:5e:70:cc:12:52:23:f3:bf:e6:
ac:5b:2e:3c:0a:63:de:16:13:42:04:ff:69:1d:34:
a9:ee:39:bb:dd:24:8a:51:01:f2:bf:a2:6e:5f:15:
64:7f:cf:c1:a7:7a:9f:66:8c:71:77:6d:67:ba:ab:
4a:bd:bb:5e:f7:8e:6f:cf:ec:8a:43:1d:df:76:ac:
21:ed:b5:72:b3:fb:5c:ac:a5:51:d2:95:7e:b8:24:
3b:2c:ff:70:98:81:7d:0e:e8:40:49:7a:d0:6e:62:
f6:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:ED:AE:A8:FB:AC:DC:FA:C2:22:89:0B:E8:FC:2D:B4:84:93:39:E8
X509v3 Authority Key Identifier:
keyid:2C:9D:EC:8E:CD:01:25:96:86:9B:51:48:3C:20:E9:4D:D9:B4:1F:C4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LJ3sjs0BJZaGm1FIPCDpTdm0H8Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/23/6453c0-47f8-4cf8-a2fb-524c4ef230c9/1/z-2uqPus3PrCIokL6PwttISTOeg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/23/6453c0-47f8-4cf8-a2fb-524c4ef230c9/1/LJ3sjs0BJZaGm1FIPCDpTdm0H8Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:e40::/29
Signature Algorithm: sha256WithRSAEncryption
44:8d:94:09:c0:de:0b:24:ad:8c:d9:c2:24:73:93:49:23:6f:
e1:90:dc:38:6a:2d:b9:c6:6f:0f:8a:25:87:7a:a2:9e:db:36:
84:a4:eb:e7:47:7a:2d:12:7e:92:4b:bd:20:17:f1:bd:92:e4:
86:59:ff:90:37:5a:df:3d:23:50:20:2a:8f:98:ec:fe:3c:24:
c1:2f:e8:68:e3:9a:8d:2c:2c:a6:11:76:c1:d3:07:b6:4c:28:
0e:83:cf:c9:37:23:6a:c0:7a:99:f0:4a:e3:b8:13:ce:fa:fb:
99:bd:ae:f6:c5:7f:62:37:c8:c2:32:a4:21:72:c0:c7:df:8d:
00:b5:fb:c5:c8:11:df:85:58:fc:b7:db:83:0c:84:e3:20:e6:
4f:f7:c7:98:aa:77:e7:cf:4b:a3:8b:bd:9d:23:23:5e:bd:ea:
5a:7e:5d:23:17:26:11:cb:5f:65:3f:54:11:f2:ee:81:c8:fe:
d4:2c:1d:66:cc:56:47:b4:2b:ec:b6:90:2b:7c:59:28:b2:06:
b8:20:bd:93:0f:7e:3b:95:4d:39:e2:38:d0:e8:f7:e9:aa:76:
e5:d4:24:92:9c:82:31:9c:ae:e3:bb:b5:81:2d:09:d7:37:8c:
0e:00:5f:f9:cc:b4:86:a6:8d:40:6b:75:61:ed:93:3e:d2:dd:
6a:9a:75:e6
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYVrrtKl7VAWdMVlOj/GTG/dMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJjOWRlYzhlY2QwMTI1OTY4NjliNTE0ODNjMjBlOTRkZDli
NDFmYzQwHhcNMjMwMTAxMDQ1NDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZmVkYWVhOGZiYWNkY2ZhYzIyMjg5MGJlOGZjMmRiNDg0OTMzOWU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAliWivHnt4sDM4CMoiEc6iqOhWa7f
Cism2XiaMIUdC1IwU2LM2MTXvofujtzFAUVJf8s33eyowjp279jsOUIGpney300h
QwTELsVFT69HQrEKtuM2A0/hCl1hflLosGZHj/QxTnPCl5of+Lg6Mb+S+nNUZa/T
Swy+FD2WPPrr985HiJKDXdSDNXEICfJ6mippV8IW5NPxZWjuiTlecMwSUiPzv+as
Wy48CmPeFhNCBP9pHTSp7jm73SSKUQHyv6JuXxVkf8/Bp3qfZoxxd21nuqtKvbte
945vz+yKQx3fdqwh7bVys/tcrKVR0pV+uCQ7LP9wmIF9DuhASXrQbmL29wIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFM/trqj7rNz6wiKJC+j8LbSEkznoMB8GA1UdIwQY
MBaAFCyd7I7NASWWhptRSDwg6U3ZtB/EMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTEozc2pzMEJKWmFHbTFGSVBDRHBUZG0wSDhRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMy82NDUzYzAtNDdmOC00Y2Y4LWEyZmIt
NTI0YzRlZjIzMGM5LzEvei0ydXFQdXMzUHJDSW9rTDZQd3R0SVNUT2VnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMy82NDUzYzAtNDdmOC00Y2Y4LWEyZmItNTI0YzRlZjIzMGM5
LzEvTEozc2pzMEJKWmFHbTFGSVBDRHBUZG0wSDhRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhEOQDAN
BgkqhkiG9w0BAQsFAAOCAQEARI2UCcDeCyStjNnCJHOTSSNv4ZDcOGotucZvD4ol
h3qints2hKTr50d6LRJ+kku9IBfxvZLkhln/kDda3z0jUCAqj5js/jwkwS/oaOOa
jSwsphF2wdMHtkwoDoPPyTcjasB6mfBK47gTzvr7mb2u9sV/YjfIwjKkIXLAx9+N
ALX7xcgR34VY/LfbgwyE4yDmT/fHmKp3589Lo4u9nSMjXr3qWn5dIxcmEctfZT9U
EfLugcj+1CwdZsxWR7Qr7LaQK3xZKLIGuCC9kw9+O5VNOeI40Oj36ap25dQkkpyC
MZyu47u1gS0J1zeMDgBf+cy0hqaNQGt1Ye2TPtLdapp15g==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:45:16 2023 by rpki-client on console-fra.rpki-client.org