Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/edaeb5-5e6e-411b-99cb-3c50180780b0/1/dlnxk-kN86wHZf4871_fwPFF1kw.roa
File: dlnxk-kN86wHZf4871_fwPFF1kw.roa (raw, json)
Hash identifier: F4ld1/S5JS+JMHGIAe/i+8gsXGj2NAIaDHrkxSFEHfA=
Subject key identifier: 76:59:F1:93:E9:0D:F3:AC:07:65:FE:3C:EF:5F:DF:C0:F1:45:D6:4C
Certificate issuer: /CN=0c4579a4028829d37acac65f66c056063251e57e
Certificate serial: 018DF885B388AC8B755C07B37FB586362C86
Authority key identifier: 0C:45:79:A4:02:88:29:D3:7A:CA:C6:5F:66:C0:56:06:32:51:E5:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DEV5pAKIKdN6ysZfZsBWBjJR5X4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/edaeb5-5e6e-411b-99cb-3c50180780b0/1/dlnxk-kN86wHZf4871_fwPFF1kw.roa
Signing time: Fri 01 Mar 2024 05:38:48 +0000
ROA not before: Fri 01 Mar 2024 05:38:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 6424
IP address blocks: 2001:b18::/32 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:f8:85:b3:88:ac:8b:75:5c:07:b3:7f:b5:86:36:2c:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0c4579a4028829d37acac65f66c056063251e57e
Validity
Not Before: Mar 1 05:38:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7659f193e90df3ac0765fe3cef5fdfc0f145d64c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:9e:05:df:3d:0b:95:c0:1d:f2:79:f2:52:a0:
72:8e:03:a4:9d:9c:98:63:7a:f7:95:d6:17:6a:1f:
58:aa:37:b6:69:28:74:40:10:d5:69:f6:2d:92:2f:
bd:42:b5:e4:20:e7:3f:9d:22:65:ce:de:7b:3a:33:
71:38:fc:39:99:dd:04:10:83:27:06:30:4a:eb:38:
f4:53:c4:e0:14:93:33:43:f0:72:1d:8c:00:22:92:
d0:be:cc:90:85:75:30:f9:76:71:a3:43:44:db:0a:
2a:93:f2:ea:93:27:f8:63:70:3c:3f:2f:f4:8c:e4:
44:c5:75:60:da:e6:e5:53:cb:42:ac:61:56:44:87:
ee:f5:07:87:9e:6c:c9:45:a3:ed:f8:70:4d:b4:81:
2c:ef:0b:d5:f3:d8:a8:98:f5:6c:42:30:10:ae:af:
66:b8:b2:4d:4d:ac:73:74:f0:0e:91:b0:a0:72:b3:
28:f8:3f:23:82:7e:57:17:ac:55:3b:8f:00:a8:38:
a2:04:52:40:c6:cc:b2:0f:7c:6b:36:8d:24:c0:b8:
7d:a3:4a:28:a0:f0:6d:68:6a:ce:3a:c5:37:52:6f:
b8:60:41:7d:54:7a:6c:0e:b9:2c:a4:24:f6:8e:09:
a9:33:9c:b5:2d:9a:b9:a7:dd:11:0d:c5:f4:0a:09:
1c:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:59:F1:93:E9:0D:F3:AC:07:65:FE:3C:EF:5F:DF:C0:F1:45:D6:4C
X509v3 Authority Key Identifier:
keyid:0C:45:79:A4:02:88:29:D3:7A:CA:C6:5F:66:C0:56:06:32:51:E5:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DEV5pAKIKdN6ysZfZsBWBjJR5X4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/edaeb5-5e6e-411b-99cb-3c50180780b0/1/dlnxk-kN86wHZf4871_fwPFF1kw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/edaeb5-5e6e-411b-99cb-3c50180780b0/1/DEV5pAKIKdN6ysZfZsBWBjJR5X4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:b18::/32
Signature Algorithm: sha256WithRSAEncryption
82:1f:3e:0e:8d:13:29:88:f6:00:3e:bf:99:b4:d8:a4:82:45:
45:f9:e4:b8:3e:1e:92:6b:c6:ed:19:50:7f:8d:df:da:de:ef:
00:50:a1:a1:97:ce:b0:98:2a:a9:a0:22:92:17:72:ec:7a:b9:
6b:f7:2a:1a:31:62:63:42:47:62:25:a9:12:6f:e7:f1:cb:f6:
28:52:cc:7c:f9:ff:6e:cb:65:0c:0f:82:b6:a8:33:b6:88:64:
2f:35:6c:a1:ca:be:49:78:35:ea:35:7d:de:33:6b:ea:46:05:
63:1c:2f:95:48:85:4d:68:21:46:a0:ba:42:b3:53:3a:43:75:
e0:8b:cd:e5:40:fa:8c:ca:3e:5a:ed:02:1d:65:f2:d3:d3:11:
5e:57:f3:24:5b:3a:7f:0e:19:7c:bd:fc:b3:94:5e:06:d3:ce:
23:dc:2e:81:ff:e8:f5:64:b7:56:af:86:ca:4b:12:31:9e:7d:
d2:2e:5a:90:60:2b:16:7e:e2:3e:ec:9e:6b:7b:4b:90:b5:6d:
8d:ea:02:83:bb:91:0b:76:9b:01:d2:c7:d9:ed:43:18:b3:c0:
a9:8a:4e:98:3f:94:06:79:43:ba:84:87:bc:f2:c4:ec:bc:4b:
47:a3:bb:5a:99:ac:66:5d:24:43:f6:54:d8:01:5e:16:1d:83:
fa:c7:83:45
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAY34hbOIrIt1XAezf7WGNiyGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjNDU3OWE0MDI4ODI5ZDM3YWNhYzY1ZjY2YzA1NjA2MzI1
MWU1N2UwHhcNMjQwMzAxMDUzODQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NjU5ZjE5M2U5MGRmM2FjMDc2NWZlM2NlZjVmZGZjMGYxNDVkNjRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqZ4F3z0LlcAd8nnyUqByjgOknZyY
Y3r3ldYXah9Yqje2aSh0QBDVafYtki+9QrXkIOc/nSJlzt57OjNxOPw5md0EEIMn
BjBK6zj0U8TgFJMzQ/ByHYwAIpLQvsyQhXUw+XZxo0NE2woqk/Lqkyf4Y3A8Py/0
jORExXVg2ublU8tCrGFWRIfu9QeHnmzJRaPt+HBNtIEs7wvV89iomPVsQjAQrq9m
uLJNTaxzdPAOkbCgcrMo+D8jgn5XF6xVO48AqDiiBFJAxsyyD3xrNo0kwLh9o0oo
oPBtaGrOOsU3Um+4YEF9VHpsDrkspCT2jgmpM5y1LZq5p90RDcX0CgkciQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFHZZ8ZPpDfOsB2X+PO9f38DxRdZMMB8GA1UdIwQY
MBaAFAxFeaQCiCnTesrGX2bAVgYyUeV+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvREVWNXBBS0lLZE42eXNaZlpzQldCakpSNVg0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC9lZGFlYjUtNWU2ZS00MTFiLTk5Y2It
M2M1MDE4MDc4MGIwLzEvZGxueGsta044NndIWmY0ODcxX2Z3UEZGMWt3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC9lZGFlYjUtNWU2ZS00MTFiLTk5Y2ItM2M1MDE4MDc4MGIw
LzEvREVWNXBBS0lLZE42eXNaZlpzQldCakpSNVg0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAIAELGDAN
BgkqhkiG9w0BAQsFAAOCAQEAgh8+Do0TKYj2AD6/mbTYpIJFRfnkuD4ekmvG7RlQ
f43f2t7vAFChoZfOsJgqqaAikhdy7Hq5a/cqGjFiY0JHYiWpEm/n8cv2KFLMfPn/
bstlDA+CtqgztohkLzVsocq+SXg16jV93jNr6kYFYxwvlUiFTWghRqC6QrNTOkN1
4IvN5UD6jMo+Wu0CHWXy09MRXlfzJFs6fw4ZfL38s5ReBtPOI9wugf/o9WS3Vq+G
yksSMZ590i5akGArFn7iPuyea3tLkLVtjeoCg7uRC3abAdLH2e1DGLPAqYpOmD+U
BnlDuoSHvPLE7LxLR6O7WpmsZl0kQ/ZU2AFeFh2D+seDRQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:25:07 2024 by rpki-client on console-fra.rpki-client.org