Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/1LR0R6fZ0A2Czce4h5JKluLk4TY.roa
File: 1LR0R6fZ0A2Czce4h5JKluLk4TY.roa (raw, json)
Hash identifier: oX2EjKx/tQomV53d2TsF19Qk/Oml9mzU1wGjXeygIDA=
Subject key identifier: D4:B4:74:47:A7:D9:D0:0D:82:CD:C7:B8:87:92:4A:96:E2:E4:E1:36
Certificate issuer: /CN=0d2999042c5e2006bd5aeb7a05de1e96a5e73664
Certificate serial: 018320ABF82073960EA507C86E2230657FA1
Authority key identifier: 0D:29:99:04:2C:5E:20:06:BD:5A:EB:7A:05:DE:1E:96:A5:E7:36:64
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DSmZBCxeIAa9Wut6Bd4elqXnNmQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/1LR0R6fZ0A2Czce4h5JKluLk4TY.roa
Signing time: Fri 09 Sep 2022 05:14:44 +0000
ROA not before: Fri 09 Sep 2022 05:14:44 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 46537
IP address blocks: 2a11:9680::/29 maxlen: 29
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:20:ab:f8:20:73:96:0e:a5:07:c8:6e:22:30:65:7f:a1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d2999042c5e2006bd5aeb7a05de1e96a5e73664
Validity
Not Before: Sep 9 05:14:44 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d4b47447a7d9d00d82cdc7b887924a96e2e4e136
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:5f:ba:48:fd:dd:6c:3d:b2:30:f9:34:7f:0c:
83:3e:f7:cb:74:0b:0c:8d:bd:b0:dc:9d:4c:64:1c:
c1:b3:e2:01:de:78:e2:56:dd:e6:cf:54:43:13:c4:
aa:39:7f:14:4b:32:7f:81:64:25:36:3a:85:47:82:
ec:c0:89:99:4a:94:25:b5:0d:be:f4:38:f0:8b:93:
bb:f2:16:c9:f3:1b:96:65:f3:40:28:cc:6f:a8:f1:
38:dc:5e:2b:d0:02:c1:3e:b3:8b:22:c8:c0:0e:f1:
07:8c:34:08:41:6f:e3:39:2e:e8:bd:90:65:47:e0:
a6:cd:c7:ed:da:4e:05:5a:48:e6:56:54:ca:38:d2:
0b:b8:89:21:ab:91:ce:71:d1:42:23:c6:02:92:7e:
ae:5f:77:11:a1:29:dc:d3:a5:2b:6a:79:e8:c5:2b:
81:57:f6:e1:48:13:cb:43:18:4a:3d:e9:de:ec:12:
f5:07:dd:59:d0:43:fd:90:7d:db:1d:55:96:44:5c:
7e:81:32:3f:da:b7:3b:cb:c2:5f:25:7e:03:02:51:
17:7e:d1:66:8c:e2:c8:89:5b:b8:3c:11:fe:4b:77:
b1:2e:d6:8b:98:0e:ec:e6:ab:76:7d:0a:f5:c9:5f:
52:35:51:e2:67:55:dd:eb:44:ca:02:e1:b6:14:36:
52:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:B4:74:47:A7:D9:D0:0D:82:CD:C7:B8:87:92:4A:96:E2:E4:E1:36
X509v3 Authority Key Identifier:
keyid:0D:29:99:04:2C:5E:20:06:BD:5A:EB:7A:05:DE:1E:96:A5:E7:36:64
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DSmZBCxeIAa9Wut6Bd4elqXnNmQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/1LR0R6fZ0A2Czce4h5JKluLk4TY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/DSmZBCxeIAa9Wut6Bd4elqXnNmQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:9680::/29
Signature Algorithm: sha256WithRSAEncryption
2e:ea:5c:0e:7f:56:40:80:df:24:cf:ed:24:b2:45:28:e3:63:
ee:e1:52:79:01:66:c9:6e:c1:7a:93:f3:a9:4a:e8:7d:e6:bc:
60:5d:42:b8:43:44:24:21:81:2b:a0:44:5f:cd:1f:a2:ee:e8:
0a:9f:35:fd:5a:f5:d7:c3:c9:59:2b:e6:69:1f:44:7f:94:aa:
95:d0:8b:d1:98:70:54:7b:c3:45:38:f5:40:6b:9a:20:65:a5:
f2:6e:be:70:bc:f3:6e:3f:59:24:2f:a2:cd:1a:61:16:57:a9:
ee:ca:59:82:d1:11:ba:f7:61:99:c0:80:56:0b:2b:e5:1a:45:
c4:11:33:02:0d:04:2e:d6:1e:df:c2:41:15:aa:37:0d:6a:0e:
54:09:68:55:c8:f2:98:c7:55:d2:92:82:56:bc:1a:15:f9:ae:
dc:26:e4:76:50:8a:74:0f:4a:ef:83:66:43:71:ab:82:c6:ba:
b4:69:a2:18:c4:db:8d:5e:3e:00:41:49:c3:88:af:a1:bc:88:
47:88:ca:45:0b:2b:09:e0:75:b4:ff:6d:c1:59:a1:da:88:35:
af:1d:19:ac:7c:6d:32:0c:06:32:85:ab:83:9e:2e:db:35:93:
52:02:75:f7:9a:09:de:76:1d:44:f7:73:41:ed:17:59:dd:63:
bc:e4:bc:30
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYMgq/ggc5YOpQfIbiIwZX+hMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkMjk5OTA0MmM1ZTIwMDZiZDVhZWI3YTA1ZGUxZTk2YTVl
NzM2NjQwHhcNMjIwOTA5MDUxNDQ0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNGI0NzQ0N2E3ZDlkMDBkODJjZGM3Yjg4NzkyNGE5NmUyZTRlMTM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAll+6SP3dbD2yMPk0fwyDPvfLdAsM
jb2w3J1MZBzBs+IB3njiVt3mz1RDE8SqOX8USzJ/gWQlNjqFR4LswImZSpQltQ2+
9Djwi5O78hbJ8xuWZfNAKMxvqPE43F4r0ALBPrOLIsjADvEHjDQIQW/jOS7ovZBl
R+Cmzcft2k4FWkjmVlTKONILuIkhq5HOcdFCI8YCkn6uX3cRoSnc06UrannoxSuB
V/bhSBPLQxhKPene7BL1B91Z0EP9kH3bHVWWRFx+gTI/2rc7y8JfJX4DAlEXftFm
jOLIiVu4PBH+S3exLtaLmA7s5qt2fQr1yV9SNVHiZ1Xd60TKAuG2FDZSuQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFNS0dEen2dANgs3HuIeSSpbi5OE2MB8GA1UdIwQY
MBaAFA0pmQQsXiAGvVrregXeHpal5zZkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFNtWkJDeGVJQWE5V3V0NkJkNGVscVhuTm1RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC8yYzMzMTYtZWZjNy00OTUyLTllZmUt
OGMxNTM5NjViYWM5LzEvMUxSMFI2ZlowQTJDemNlNGg1SktsdUxrNFRZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC8yYzMzMTYtZWZjNy00OTUyLTllZmUtOGMxNTM5NjViYWM5
LzEvRFNtWkJDeGVJQWE5V3V0NkJkNGVscVhuTm1RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhGWgDAN
BgkqhkiG9w0BAQsFAAOCAQEALupcDn9WQIDfJM/tJLJFKONj7uFSeQFmyW7BepPz
qUrofea8YF1CuENEJCGBK6BEX80fou7oCp81/Vr118PJWSvmaR9Ef5SqldCL0Zhw
VHvDRTj1QGuaIGWl8m6+cLzzbj9ZJC+izRphFlep7spZgtERuvdhmcCAVgsr5RpF
xBEzAg0ELtYe38JBFao3DWoOVAloVcjymMdV0pKCVrwaFfmu3CbkdlCKdA9K74Nm
Q3Grgsa6tGmiGMTbjV4+AEFJw4ivobyIR4jKRQsrCeB1tP9twVmh2og1rx0ZrHxt
MgwGMoWrg54u2zWTUgJ195oJ3nYdRPdzQe0XWd1jvOS8MA==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:06 2023 by rpki-client on console-fra.rpki-client.org