Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/SbTIraad-P2ydbk2fnoaTJEFYEQ.roa
File: SbTIraad-P2ydbk2fnoaTJEFYEQ.roa (raw, json)
Hash identifier: EO3HJz7Os3B6n1A/kyTYpuqsQ8wSF1TpdYp4zdqS8Rc=
Subject key identifier: 49:B4:C8:AD:A6:9D:F8:FD:B2:75:B9:36:7E:7A:1A:4C:91:05:60:44
Certificate issuer: /CN=0d2999042c5e2006bd5aeb7a05de1e96a5e73664
Certificate serial: 5626AA
Authority key identifier: 0D:29:99:04:2C:5E:20:06:BD:5A:EB:7A:05:DE:1E:96:A5:E7:36:64
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DSmZBCxeIAa9Wut6Bd4elqXnNmQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/SbTIraad-P2ydbk2fnoaTJEFYEQ.roa
Signing time: Sat 01 Jan 2022 02:52:02 +0000
ROA not before: Sat 01 Jan 2022 02:52:02 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 204790
IP address blocks: 2a0e:cf80::/29 maxlen: 29
2a0e:d780::/29 maxlen: 29
2a0e:9bc0::/29 maxlen: 29
2a0f:5b80::/29 maxlen: 29
2a0e:b3c0::/29 maxlen: 29
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5645994 (0x5626aa)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d2999042c5e2006bd5aeb7a05de1e96a5e73664
Validity
Not Before: Jan 1 02:52:02 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=49b4c8ada69df8fdb275b9367e7a1a4c91056044
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:e0:90:93:06:69:97:49:20:fd:0a:2d:36:b6:
3e:54:72:79:c2:b9:08:1a:8f:ee:91:2b:16:90:df:
ac:72:88:30:ef:c7:36:6a:e5:00:24:37:98:f5:fa:
2b:81:32:d7:97:d5:39:5f:12:16:e2:0c:0c:79:3e:
61:e0:ef:6b:78:05:7d:a3:29:66:9b:a0:9c:b4:6f:
70:bd:c2:df:e4:41:4d:a7:6c:91:90:fc:bb:8e:78:
4c:9f:00:26:de:97:4a:68:87:69:7e:7e:fa:9c:cf:
97:88:70:bb:b1:1f:2b:cd:99:2f:df:dc:40:09:cb:
9d:7e:74:f1:9c:37:86:35:ff:d5:84:95:2b:5e:16:
0d:49:ae:39:98:bd:84:92:08:1e:5a:ea:95:e5:3b:
4f:9f:d3:bb:cb:65:d1:55:79:05:27:0e:5d:c1:05:
13:f1:19:a8:77:5f:43:fa:dd:e4:55:cc:d2:35:6f:
59:c0:d5:52:b2:03:f1:32:c5:43:cf:ae:90:07:22:
7e:cf:85:a2:6a:58:e7:b9:9b:6a:c0:42:0b:ba:7a:
ff:85:8d:77:67:c3:32:d4:17:37:16:19:0f:b1:de:
60:09:66:f7:54:cd:88:bc:4b:80:f1:a8:92:eb:6c:
11:19:9a:d3:df:3a:d8:5e:1b:14:84:1b:62:0a:c9:
64:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:B4:C8:AD:A6:9D:F8:FD:B2:75:B9:36:7E:7A:1A:4C:91:05:60:44
X509v3 Authority Key Identifier:
keyid:0D:29:99:04:2C:5E:20:06:BD:5A:EB:7A:05:DE:1E:96:A5:E7:36:64
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DSmZBCxeIAa9Wut6Bd4elqXnNmQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/SbTIraad-P2ydbk2fnoaTJEFYEQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/DSmZBCxeIAa9Wut6Bd4elqXnNmQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:9bc0::/29
2a0e:b3c0::/29
2a0e:cf80::/29
2a0e:d780::/29
2a0f:5b80::/29
Signature Algorithm: sha256WithRSAEncryption
3f:3d:eb:89:a4:47:27:7c:ef:de:1c:56:32:b2:79:29:79:6d:
b7:5e:a9:1d:e8:3b:9f:68:12:29:97:49:8d:35:95:08:73:e8:
64:1f:a4:f2:1a:00:cb:ea:30:2a:c1:d0:9d:70:14:9b:32:f9:
91:c9:cd:b0:0e:84:68:b6:f5:f8:c6:de:0b:f0:fa:2b:61:f7:
21:4c:84:43:16:34:5e:07:62:5f:c0:fb:d2:8b:71:55:84:cd:
9a:dd:4b:a1:bf:2d:a9:1c:64:9f:15:77:be:58:4d:34:a5:ed:
74:22:05:95:bb:87:63:67:0c:43:a4:a1:3c:68:40:fc:3a:5e:
33:54:5e:6e:20:26:17:23:f9:82:38:89:a1:be:03:5d:31:8e:
53:62:ab:ce:a4:5c:b1:b1:b1:1f:a0:a5:7f:29:97:5c:b3:2c:
1d:ff:0d:46:25:c7:0b:4f:ff:ff:1a:70:29:71:9a:35:53:ac:
45:8a:0b:bd:c9:03:4d:ef:dd:bc:d6:9d:21:0b:6c:90:d4:18:
70:63:00:cd:d9:8a:4f:0e:7b:d4:00:aa:43:d0:10:b5:a3:e4:
ab:99:0f:77:50:dc:7b:ef:31:5b:15:3d:ad:a8:00:37:14:1e:
c5:c2:10:73:01:40:88:6a:9c:3b:7d:f9:cd:0e:31:1b:1c:ca:
c4:5f:8b:17
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgIDViaqMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDBk
Mjk5OTA0MmM1ZTIwMDZiZDVhZWI3YTA1ZGUxZTk2YTVlNzM2NjQwHhcNMjIwMTAx
MDI1MjAyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyg0OWI0YzhhZGE2OWRm
OGZkYjI3NWI5MzY3ZTdhMWE0YzkxMDU2MDQ0MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAheCQkwZpl0kg/QotNrY+VHJ5wrkIGo/ukSsWkN+scogw78c2
auUAJDeY9forgTLXl9U5XxIW4gwMeT5h4O9reAV9oylmm6CctG9wvcLf5EFNp2yR
kPy7jnhMnwAm3pdKaIdpfn76nM+XiHC7sR8rzZkv39xACcudfnTxnDeGNf/VhJUr
XhYNSa45mL2EkggeWuqV5TtPn9O7y2XRVXkFJw5dwQUT8Rmod19D+t3kVczSNW9Z
wNVSsgPxMsVDz66QByJ+z4WialjnuZtqwEILunr/hY13Z8My1Bc3FhkPsd5gCWb3
VM2IvEuA8aiS62wRGZrT3zrYXhsUhBtiCslktQIDAQABo4ICJjCCAiIwHQYDVR0O
BBYEFEm0yK2mnfj9snW5Nn56GkyRBWBEMB8GA1UdIwQYMBaAFA0pmQQsXiAGvVrr
egXeHpal5zZkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
RFNtWkJDeGVJQWE5V3V0NkJkNGVscVhuTm1RLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC8zMC8yYzMzMTYtZWZjNy00OTUyLTllZmUtOGMxNTM5NjViYWM5LzEv
U2JUSXJhYWQtUDJ5ZGJrMmZub2FUSkVGWUVRLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC8y
YzMzMTYtZWZjNy00OTUyLTllZmUtOGMxNTM5NjViYWM5LzEvRFNtWkJDeGVJQWE5
V3V0NkJkNGVscVhuTm1RLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDwG
CCsGAQUFBwEHAQH/BC0wKzApBAIAAjAjAwUDKg6bwAMFAyoOs8ADBQMqDs+AAwUD
Kg7XgAMFAyoPW4AwDQYJKoZIhvcNAQELBQADggEBAD8964mkRyd8794cVjKyeSl5
bbdeqR3oO59oEimXSY01lQhz6GQfpPIaAMvqMCrB0J1wFJsy+ZHJzbAOhGi29fjG
3gvw+ith9yFMhEMWNF4HYl/A+9KLcVWEzZrdS6G/LakcZJ8Vd75YTTSl7XQiBZW7
h2NnDEOkoTxoQPw6XjNUXm4gJhcj+YI4iaG+A10xjlNiq86kXLGxsR+gpX8pl1yz
LB3/DUYlxwtP//8acClxmjVTrEWKC73JA03v3bzWnSELbJDUGHBjAM3Zik8Oe9QA
qkPQELWj5KuZD3dQ3HvvMVsVPa2oADcUHsXCEHMBQIhqnDt9+c0OMRscysRfixc=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:49:51 2023 by rpki-client on console-ams.rpki-client.org