Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/edaeb5-5e6e-411b-99cb-3c50180780b0/1/VI8HyzifVFocIOQf0oUdYEemJFM.roa
File: VI8HyzifVFocIOQf0oUdYEemJFM.roa (raw, json)
Hash identifier: gcDUQeFE+whR1mxMYigM8xgTpPfB3Kc4ct0EPmLWvuM=
Subject key identifier: 54:8F:07:CB:38:9F:54:5A:1C:20:E4:1F:D2:85:1D:60:47:A6:24:53
Certificate issuer: /CN=0c4579a4028829d37acac65f66c056063251e57e
Certificate serial: 018EC2D12E0E9F66DF428B18CA0EE911D6F4
Authority key identifier: 0C:45:79:A4:02:88:29:D3:7A:CA:C6:5F:66:C0:56:06:32:51:E5:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DEV5pAKIKdN6ysZfZsBWBjJR5X4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/edaeb5-5e6e-411b-99cb-3c50180780b0/1/VI8HyzifVFocIOQf0oUdYEemJFM.roa
Signing time: Tue 09 Apr 2024 12:24:32 +0000
ROA not before: Tue 09 Apr 2024 12:24:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 34425
IP address blocks: 2001:b18:a::/48 maxlen: 48
2001:b18:b::/48 maxlen: 48
2a12:c1c0::/29 maxlen: 29
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:c2:d1:2e:0e:9f:66:df:42:8b:18:ca:0e:e9:11:d6:f4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0c4579a4028829d37acac65f66c056063251e57e
Validity
Not Before: Apr 9 12:24:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=548f07cb389f545a1c20e41fd2851d6047a62453
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:cb:22:27:95:c2:c9:b2:3e:51:7e:a3:27:a1:
7c:51:f6:db:ad:9d:41:96:60:27:2f:53:60:45:07:
20:ed:c9:8c:4f:2f:fa:d6:0b:a2:53:99:04:f1:09:
1f:85:67:79:dc:dc:01:9a:6d:13:11:cd:f0:63:40:
c8:3d:ed:af:08:e8:e2:e1:ff:eb:e5:df:91:3e:d1:
4f:50:a1:97:f2:fd:e8:d9:2a:0e:06:d7:db:27:7a:
09:f7:c2:7a:cc:13:c0:cc:0b:48:fa:6b:00:77:09:
e8:d4:8c:49:62:1f:75:0f:68:3d:a5:b2:4b:0b:4b:
a2:d5:9a:b3:ce:cc:7d:cb:c9:f2:8f:ed:c2:b6:8c:
7d:18:ba:01:cf:8a:e1:80:7d:37:d5:6c:93:98:9c:
1f:b5:49:c6:68:6f:37:7b:09:42:8b:42:59:c9:62:
ee:d4:3f:a2:a3:12:0b:c0:2f:b1:a6:42:69:e9:0e:
35:7d:a8:b0:f7:95:55:2d:de:0a:97:eb:7f:fb:69:
ec:01:07:51:98:04:88:50:b6:33:64:aa:fc:68:ba:
86:16:04:87:d9:61:4a:67:e1:b0:6b:38:bd:94:f3:
81:57:93:3c:d6:05:cb:69:b7:7e:42:a0:04:e8:2f:
f6:b6:aa:cd:57:a3:9b:f1:9d:6c:cb:2c:61:81:fc:
4b:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:8F:07:CB:38:9F:54:5A:1C:20:E4:1F:D2:85:1D:60:47:A6:24:53
X509v3 Authority Key Identifier:
keyid:0C:45:79:A4:02:88:29:D3:7A:CA:C6:5F:66:C0:56:06:32:51:E5:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DEV5pAKIKdN6ysZfZsBWBjJR5X4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/edaeb5-5e6e-411b-99cb-3c50180780b0/1/VI8HyzifVFocIOQf0oUdYEemJFM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/edaeb5-5e6e-411b-99cb-3c50180780b0/1/DEV5pAKIKdN6ysZfZsBWBjJR5X4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:b18:a::/47
2a12:c1c0::/29
Signature Algorithm: sha256WithRSAEncryption
0d:12:1e:0d:5e:cd:9f:ac:b6:65:c1:bb:b3:a7:dc:f0:20:72:
5d:b9:87:c9:e9:1d:fd:f6:18:29:dd:bd:15:f7:60:74:84:3c:
f5:92:9a:b2:ba:50:f5:63:b1:26:b9:2c:39:f1:02:e5:85:0c:
bc:ce:1f:41:90:f4:7d:69:e2:82:87:b3:43:1d:14:a5:79:77:
ff:01:2a:c8:1b:3a:e5:a1:f0:76:5d:fd:99:10:de:79:10:07:
fd:97:79:e3:db:68:24:49:4e:e8:45:d3:1d:3f:df:4d:1d:dc:
59:fd:71:7f:e5:16:18:da:eb:a9:05:db:d5:90:e8:80:e6:3f:
68:84:df:ea:7c:97:04:7e:9e:37:a1:71:e3:b5:3e:a7:a3:86:
d2:c6:eb:fa:b4:1c:a1:f2:ac:3f:ff:2e:4e:c8:af:29:87:de:
fe:48:14:e7:b5:74:9e:f6:43:2d:83:cb:43:df:ac:8d:e0:08:
98:06:33:29:41:0c:2b:8f:3f:7b:e8:75:fe:19:3e:8f:2e:14:
85:4c:38:02:c3:40:27:63:c0:c0:a6:71:48:f4:ac:ba:3a:a2:
bb:56:44:d4:ba:ed:70:ac:15:4d:ba:61:2d:13:dd:fe:15:04:
91:e8:74:82:d8:8b:bc:05:fb:58:11:c7:b9:87:b8:3a:9f:a2:
27:08:e3:cc
-----BEGIN CERTIFICATE-----
MIIFBzCCA++gAwIBAgISAY7C0S4On2bfQosYyg7pEdb0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjNDU3OWE0MDI4ODI5ZDM3YWNhYzY1ZjY2YzA1NjA2MzI1
MWU1N2UwHhcNMjQwNDA5MTIyNDMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NDhmMDdjYjM4OWY1NDVhMWMyMGU0MWZkMjg1MWQ2MDQ3YTYyNDUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgssiJ5XCybI+UX6jJ6F8UfbbrZ1B
lmAnL1NgRQcg7cmMTy/61guiU5kE8QkfhWd53NwBmm0TEc3wY0DIPe2vCOji4f/r
5d+RPtFPUKGX8v3o2SoOBtfbJ3oJ98J6zBPAzAtI+msAdwno1IxJYh91D2g9pbJL
C0ui1Zqzzsx9y8nyj+3Ctox9GLoBz4rhgH031WyTmJwftUnGaG83ewlCi0JZyWLu
1D+ioxILwC+xpkJp6Q41faiw95VVLd4Kl+t/+2nsAQdRmASIULYzZKr8aLqGFgSH
2WFKZ+Gwazi9lPOBV5M81gXLabd+QqAE6C/2tqrNV6Ob8Z1syyxhgfxLpwIDAQAB
o4ICEzCCAg8wHQYDVR0OBBYEFFSPB8s4n1RaHCDkH9KFHWBHpiRTMB8GA1UdIwQY
MBaAFAxFeaQCiCnTesrGX2bAVgYyUeV+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvREVWNXBBS0lLZE42eXNaZlpzQldCakpSNVg0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC9lZGFlYjUtNWU2ZS00MTFiLTk5Y2It
M2M1MDE4MDc4MGIwLzEvVkk4SHl6aWZWRm9jSU9RZjBvVWRZRWVtSkZNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC9lZGFlYjUtNWU2ZS00MTFiLTk5Y2ItM2M1MDE4MDc4MGIw
LzEvREVWNXBBS0lLZE42eXNaZlpzQldCakpSNVg0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCkGCCsGAQUFBwEHAQH/BBowGDAWBAIAAjAQAwcBIAELGAAK
AwUDKhLBwDANBgkqhkiG9w0BAQsFAAOCAQEADRIeDV7Nn6y2ZcG7s6fc8CByXbmH
yekd/fYYKd29FfdgdIQ89ZKasrpQ9WOxJrksOfEC5YUMvM4fQZD0fWnigoezQx0U
pXl3/wEqyBs65aHwdl39mRDeeRAH/Zd549toJElO6EXTHT/fTR3cWf1xf+UWGNrr
qQXb1ZDogOY/aITf6nyXBH6eN6Fx47U+p6OG0sbr+rQcofKsP/8uTsivKYfe/kgU
57V0nvZDLYPLQ9+sjeAImAYzKUEMK48/e+h1/hk+jy4UhUw4AsNAJ2PAwKZxSPSs
ujqiu1ZE1LrtcKwVTbphLRPd/hUEkeh0gtiLvAX7WBHHuYe4Op+iJwjjzA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:02:26 2024 by rpki-client on console-ams.rpki-client.org