Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/edaeb5-5e6e-411b-99cb-3c50180780b0/1/Tr2T1-AWdIevkjAUcPJzjtH9LDc.roa
File: Tr2T1-AWdIevkjAUcPJzjtH9LDc.roa (raw, json)
Hash identifier: lxiUwjtq0DTDUPofNb2jV7i9gYVnwTQKw1SFnxk2XpQ=
Subject key identifier: 4E:BD:93:D7:E0:16:74:87:AF:92:30:14:70:F2:73:8E:D1:FD:2C:37
Certificate issuer: /CN=0c4579a4028829d37acac65f66c056063251e57e
Certificate serial: 01865586A53F25F72679D54EBD9130C6B367
Authority key identifier: 0C:45:79:A4:02:88:29:D3:7A:CA:C6:5F:66:C0:56:06:32:51:E5:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DEV5pAKIKdN6ysZfZsBWBjJR5X4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/edaeb5-5e6e-411b-99cb-3c50180780b0/1/Tr2T1-AWdIevkjAUcPJzjtH9LDc.roa
Signing time: Wed 15 Feb 2023 14:42:12 +0000
ROA not before: Wed 15 Feb 2023 14:42:12 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 141193
IP address blocks: 2001:b18:1015::/48 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:55:86:a5:3f:25:f7:26:79:d5:4e:bd:91:30:c6:b3:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0c4579a4028829d37acac65f66c056063251e57e
Validity
Not Before: Feb 15 14:42:12 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4ebd93d7e0167487af92301470f2738ed1fd2c37
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:41:37:a3:ae:3e:37:69:6a:b4:65:aa:f7:db:
7d:c0:aa:20:33:4d:2f:37:e6:07:8d:49:1b:ae:4f:
5b:da:20:fa:aa:c9:d9:6c:62:aa:7e:6f:49:68:fe:
93:e9:9c:73:e9:9b:0e:87:28:38:2d:bc:ea:78:60:
98:9c:cb:ac:7b:3b:bf:d5:71:c9:ce:84:3d:2f:c1:
4a:3e:3b:27:88:2e:cf:0b:51:58:31:7f:35:1a:10:
aa:65:0b:34:20:8d:56:4f:0d:9b:5f:1c:4d:6e:4c:
31:85:ac:28:29:6a:23:f9:a6:d2:a4:58:bc:3c:39:
55:cd:28:17:57:18:86:ce:81:fe:62:b0:91:35:8c:
43:b6:84:00:ca:c7:18:df:92:10:1b:8a:76:7f:c0:
1d:6a:0f:89:59:56:6e:a4:1a:d7:7c:ac:21:77:41:
89:da:9c:13:da:3a:8c:39:3d:35:ab:3a:7a:e8:c9:
bb:b6:48:36:f5:79:94:70:f7:cf:2e:04:b0:b2:d3:
aa:a4:22:bd:50:4c:92:62:8e:54:ef:ba:51:07:df:
4a:67:0a:4c:52:c6:9f:44:f3:fd:cd:eb:09:93:33:
ff:80:47:1f:d2:ad:c0:52:5e:6e:40:2d:be:92:04:
b4:c8:b9:17:e0:82:9b:80:52:25:27:10:55:ba:1a:
cb:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:BD:93:D7:E0:16:74:87:AF:92:30:14:70:F2:73:8E:D1:FD:2C:37
X509v3 Authority Key Identifier:
keyid:0C:45:79:A4:02:88:29:D3:7A:CA:C6:5F:66:C0:56:06:32:51:E5:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DEV5pAKIKdN6ysZfZsBWBjJR5X4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/edaeb5-5e6e-411b-99cb-3c50180780b0/1/Tr2T1-AWdIevkjAUcPJzjtH9LDc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/edaeb5-5e6e-411b-99cb-3c50180780b0/1/DEV5pAKIKdN6ysZfZsBWBjJR5X4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:b18:1015::/48
Signature Algorithm: sha256WithRSAEncryption
21:7f:75:bb:f8:81:d5:a2:bf:d1:1c:38:66:e4:2d:b8:3d:8e:
af:72:95:d3:cb:b8:8b:e1:83:3c:9e:ba:78:69:1c:ea:07:45:
a5:8b:61:90:94:7f:74:59:17:fe:97:46:ec:26:df:4b:46:c8:
d2:00:38:6d:c1:2e:9d:d1:8e:84:b8:59:35:79:96:92:26:7a:
12:15:72:4c:87:79:5e:f5:c5:4a:f3:0d:8e:c5:51:e9:50:b5:
59:89:cb:f3:55:60:e1:d2:42:a7:6a:02:d8:49:06:c1:17:f5:
04:37:34:c0:0a:04:4a:23:3f:e3:3c:86:4c:ce:19:44:3e:5e:
d4:ec:11:30:ad:d0:53:f6:76:41:a1:f6:b1:d4:7b:ae:96:f7:
3a:d8:6b:3c:c7:d9:ac:be:f4:d8:47:46:ae:e9:40:d7:a5:98:
96:34:99:f3:d0:4c:d2:96:e7:d4:0c:84:c2:65:7b:cd:55:18:
cb:30:96:01:f8:0b:3b:53:30:b9:81:00:3a:cc:33:79:06:2e:
72:e7:06:ae:8b:87:8d:de:cf:a3:5a:52:d8:2b:2c:0f:3f:51:
fa:17:22:a4:84:ad:72:7f:ad:a7:96:70:6c:b7:7a:73:ae:e2:
e6:13:38:6b:99:81:46:f9:98:d1:f5:e9:ac:5f:fa:af:8c:04:
2b:14:40:fd
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYZVhqU/JfcmedVOvZEwxrNnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjNDU3OWE0MDI4ODI5ZDM3YWNhYzY1ZjY2YzA1NjA2MzI1
MWU1N2UwHhcNMjMwMjE1MTQ0MjEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZWJkOTNkN2UwMTY3NDg3YWY5MjMwMTQ3MGYyNzM4ZWQxZmQyYzM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlkE3o64+N2lqtGWq99t9wKogM00v
N+YHjUkbrk9b2iD6qsnZbGKqfm9JaP6T6Zxz6ZsOhyg4LbzqeGCYnMusezu/1XHJ
zoQ9L8FKPjsniC7PC1FYMX81GhCqZQs0II1WTw2bXxxNbkwxhawoKWoj+abSpFi8
PDlVzSgXVxiGzoH+YrCRNYxDtoQAyscY35IQG4p2f8Adag+JWVZupBrXfKwhd0GJ
2pwT2jqMOT01qzp66Mm7tkg29XmUcPfPLgSwstOqpCK9UEySYo5U77pRB99KZwpM
UsafRPP9zesJkzP/gEcf0q3AUl5uQC2+kgS0yLkX4IKbgFIlJxBVuhrLwQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFE69k9fgFnSHr5IwFHDyc47R/Sw3MB8GA1UdIwQY
MBaAFAxFeaQCiCnTesrGX2bAVgYyUeV+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvREVWNXBBS0lLZE42eXNaZlpzQldCakpSNVg0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC9lZGFlYjUtNWU2ZS00MTFiLTk5Y2It
M2M1MDE4MDc4MGIwLzEvVHIyVDEtQVdkSWV2a2pBVWNQSnpqdEg5TERjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC9lZGFlYjUtNWU2ZS00MTFiLTk5Y2ItM2M1MDE4MDc4MGIw
LzEvREVWNXBBS0lLZE42eXNaZlpzQldCakpSNVg0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAELGBAV
MA0GCSqGSIb3DQEBCwUAA4IBAQAhf3W7+IHVor/RHDhm5C24PY6vcpXTy7iL4YM8
nrp4aRzqB0Wli2GQlH90WRf+l0bsJt9LRsjSADhtwS6d0Y6EuFk1eZaSJnoSFXJM
h3le9cVK8w2OxVHpULVZicvzVWDh0kKnagLYSQbBF/UENzTACgRKIz/jPIZMzhlE
Pl7U7BEwrdBT9nZBofax1Huulvc62Gs8x9msvvTYR0au6UDXpZiWNJnz0EzSlufU
DITCZXvNVRjLMJYB+As7UzC5gQA6zDN5Bi5y5waui4eN3s+jWlLYKywPP1H6FyKk
hK1yf62nlnBst3pzruLmEzhrmYFG+ZjR9emsX/qvjAQrFED9
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:40:07 2025 by rpki-client