Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/uKQLRU1J3p5bAxWjfwYFfjA_1Zw.roa
File: uKQLRU1J3p5bAxWjfwYFfjA_1Zw.roa (raw, json)
Hash identifier: TNCk/CcGTylXIf8k+4kCQdkiRq3REgj9JehzddMa9IQ=
Subject key identifier: B8:A4:0B:45:4D:49:DE:9E:5B:03:15:A3:7F:06:05:7E:30:3F:D5:9C
Certificate issuer: /CN=0d2999042c5e2006bd5aeb7a05de1e96a5e73664
Certificate serial: DA637F
Authority key identifier: 0D:29:99:04:2C:5E:20:06:BD:5A:EB:7A:05:DE:1E:96:A5:E7:36:64
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DSmZBCxeIAa9Wut6Bd4elqXnNmQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/uKQLRU1J3p5bAxWjfwYFfjA_1Zw.roa
Signing time: Tue 22 Feb 2022 08:31:58 +0000
ROA not before: Tue 22 Feb 2022 08:31:58 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 210661
IP address blocks: 2a0e:cf80::/29 maxlen: 29
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 14312319 (0xda637f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d2999042c5e2006bd5aeb7a05de1e96a5e73664
Validity
Not Before: Feb 22 08:31:58 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b8a40b454d49de9e5b0315a37f06057e303fd59c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:d2:7a:2e:99:c3:29:cc:1a:c1:d6:37:e1:f9:
41:d8:42:93:07:4c:ab:70:e8:dd:69:61:70:5c:86:
72:71:94:18:94:d9:1d:b7:b2:63:b6:45:52:fb:f4:
ed:8a:b7:91:1e:a9:e4:37:67:2d:62:d0:54:6d:5f:
57:4d:da:f8:e7:52:ae:bb:ae:7c:4b:ce:bb:56:98:
03:ad:65:cc:4e:28:ff:b1:bb:4c:4b:e5:9d:e0:7a:
d7:89:e9:ce:b8:1e:40:fd:6e:a1:4d:7a:e5:92:fc:
18:4e:61:ac:da:a9:59:5a:72:19:1e:a7:89:1d:dc:
3c:89:06:44:09:2e:11:5e:c4:fd:3a:51:b8:9d:5e:
0d:2b:5c:ea:c7:e0:e9:a9:27:31:b3:06:34:59:5e:
95:41:0b:df:0c:32:a9:eb:9c:1c:43:1b:d6:64:b8:
e3:23:ba:23:87:5a:6b:05:c1:6c:8c:e8:87:9a:9d:
5b:93:67:d8:1c:b5:48:97:94:1d:d0:aa:01:ca:b1:
82:81:89:17:d2:9a:df:2f:fb:a8:6b:f2:b6:33:fe:
60:f6:21:fd:f9:09:3c:cb:93:2c:fb:80:6c:7e:b0:
77:d5:56:d0:05:0c:1b:62:d2:3a:b0:92:10:6f:f0:
e2:31:4f:e4:7c:75:de:2d:c1:c1:6c:e7:59:b1:5f:
ea:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:A4:0B:45:4D:49:DE:9E:5B:03:15:A3:7F:06:05:7E:30:3F:D5:9C
X509v3 Authority Key Identifier:
keyid:0D:29:99:04:2C:5E:20:06:BD:5A:EB:7A:05:DE:1E:96:A5:E7:36:64
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DSmZBCxeIAa9Wut6Bd4elqXnNmQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/uKQLRU1J3p5bAxWjfwYFfjA_1Zw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/DSmZBCxeIAa9Wut6Bd4elqXnNmQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:cf80::/29
Signature Algorithm: sha256WithRSAEncryption
35:17:2f:ce:6e:57:2a:80:3b:69:1e:65:05:db:e6:2f:3e:7d:
cb:ed:64:2f:bf:be:4f:03:c0:9b:9e:cb:e2:d8:dc:90:48:18:
d3:66:43:8f:bb:16:7a:09:ac:f3:06:23:23:54:23:3a:ff:77:
dd:71:b1:66:b5:86:d3:bf:3c:dc:70:ea:f6:3c:5f:05:39:63:
0f:ea:fd:4d:6a:08:17:25:ca:ea:6d:2d:bf:4e:d3:28:d1:88:
ca:cd:5b:d0:8c:7b:d6:67:87:1f:34:da:20:99:dc:76:ee:7e:
a1:79:2b:c8:cf:ed:b5:be:30:c8:a3:5d:41:53:c0:43:3e:84:
98:10:87:18:09:49:34:0e:8e:5f:1d:29:10:71:1d:66:88:f3:
eb:3e:5d:1d:29:23:7a:1e:73:86:d0:de:4f:98:7e:e8:a0:ac:
91:b5:c5:dc:02:76:56:9e:3b:6a:a0:8b:70:4c:a9:66:0e:35:
ca:19:c6:dc:d4:1d:7b:f6:69:e2:19:c0:5f:53:6c:e8:6d:80:
32:03:75:1f:80:e7:92:8d:7e:02:37:48:d7:54:8f:86:59:4b:
2d:33:03:cc:6a:68:a8:12:b1:4f:c0:3e:9a:1f:58:2e:e3:4e:
ae:63:0d:61:5e:04:d8:ba:0c:36:74:67:18:d5:20:7e:5d:cc:
9e:5b:f9:e6
-----BEGIN CERTIFICATE-----
MIIE8DCCA9igAwIBAgIEANpjfzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
ZDI5OTkwNDJjNWUyMDA2YmQ1YWViN2EwNWRlMWU5NmE1ZTczNjY0MB4XDTIyMDIy
MjA4MzE1OFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYjhhNDBiNDU0ZDQ5
ZGU5ZTViMDMxNWEzN2YwNjA1N2UzMDNmZDU5YzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALfSei6ZwynMGsHWN+H5QdhCkwdMq3Do3WlhcFyGcnGUGJTZ
HbeyY7ZFUvv07Yq3kR6p5DdnLWLQVG1fV03a+OdSrruufEvOu1aYA61lzE4o/7G7
TEvlneB614npzrgeQP1uoU165ZL8GE5hrNqpWVpyGR6niR3cPIkGRAkuEV7E/TpR
uJ1eDStc6sfg6aknMbMGNFlelUEL3wwyqeucHEMb1mS44yO6I4daawXBbIzoh5qd
W5Nn2By1SJeUHdCqAcqxgoGJF9Ka3y/7qGvytjP+YPYh/fkJPMuTLPuAbH6wd9VW
0AUMG2LSOrCSEG/w4jFP5Hx13i3BwWznWbFf6pkCAwEAAaOCAgowggIGMB0GA1Ud
DgQWBBS4pAtFTUnenlsDFaN/BgV+MD/VnDAfBgNVHSMEGDAWgBQNKZkELF4gBr1a
63oF3h6Wpec2ZDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0RTbVpCQ3hlSUFhOVd1dDZCZDRlbHFYbk5tUS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzAvMmMzMzE2LWVmYzctNDk1Mi05ZWZlLThjMTUzOTY1YmFjOS8x
L3VLUUxSVTFKM3A1YkF4V2pmd1lGZmpBXzFady5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzAv
MmMzMzE2LWVmYzctNDk1Mi05ZWZlLThjMTUzOTY1YmFjOS8xL0RTbVpCQ3hlSUFh
OVd1dDZCZDRlbHFYbk5tUS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAg
BggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFAyoOz4AwDQYJKoZIhvcNAQELBQAD
ggEBADUXL85uVyqAO2keZQXb5i8+fcvtZC+/vk8DwJuey+LY3JBIGNNmQ4+7FnoJ
rPMGIyNUIzr/d91xsWa1htO/PNxw6vY8XwU5Yw/q/U1qCBclyuptLb9O0yjRiMrN
W9CMe9Znhx802iCZ3HbufqF5K8jP7bW+MMijXUFTwEM+hJgQhxgJSTQOjl8dKRBx
HWaI8+s+XR0pI3oec4bQ3k+YfuigrJG1xdwCdlaeO2qgi3BMqWYONcoZxtzUHXv2
aeIZwF9TbOhtgDIDdR+A55KNfgI3SNdUj4ZZSy0zA8xqaKgSsU/APpofWC7jTq5j
DWFeBNi6DDZ0ZxjVIH5dzJ5b+eY=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:06 2023 by rpki-client on console-fra.rpki-client.org