Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/1j9zkv4JAFd4iOzj7EVeYmT5qqg.roa
File: 1j9zkv4JAFd4iOzj7EVeYmT5qqg.roa (raw, json)
Hash identifier: 2kjcWvumP9/o3/MMXrpA/+5cM4yERcH3dutV3uNFzkY=
Subject key identifier: D6:3F:73:92:FE:09:00:57:78:88:EC:E3:EC:45:5E:62:64:F9:AA:A8
Certificate issuer: /CN=ccd76159bfd9e337523ee930f3df111d6bae7306
Certificate serial: 018699A6B8CB9C1E2ED77F5E577A638C888F
Authority key identifier: CC:D7:61:59:BF:D9:E3:37:52:3E:E9:30:F3:DF:11:1D:6B:AE:73:06
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zNdhWb_Z4zdSPukw898RHWuucwY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/1j9zkv4JAFd4iOzj7EVeYmT5qqg.roa
Signing time: Tue 28 Feb 2023 20:11:25 +0000
ROA not before: Tue 28 Feb 2023 20:11:25 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 12608
IP address blocks: 2a0e:e680::/32 maxlen: 32
2a09:4304::/30 maxlen: 30
2a09:9380::/32 maxlen: 32
2a0d:f140::/30 maxlen: 30
2a0d:c100::/30 maxlen: 30
2a09:5400::/30 maxlen: 30
2a09:2d04::/30 maxlen: 30
2a0e:4b40::/32 maxlen: 32
2a09:4281::/32 maxlen: 32
2a09:7881::/32 maxlen: 32
2a06:77c1::/32 maxlen: 32
2a09:2d00::/30 maxlen: 30
2a09:e701::/32 maxlen: 32
2a09:4481::/32 maxlen: 32
2a09:7880::/32 maxlen: 32
2a09:4300::/30 maxlen: 30
2a09:3a81::/32 maxlen: 32
2a09:e700::/32 maxlen: 32
2a09:4480::/32 maxlen: 32
2a0d:f144::/30 maxlen: 30
2a09:9981::/32 maxlen: 32
2a0f:b741::/32 maxlen: 32
2a09:3a80::/32 maxlen: 32
2a0e:19c1::/32 maxlen: 32
2a09:af81::/32 maxlen: 32
2a09:4280::/32 maxlen: 32
2a0e:c481::/32 maxlen: 32
2a06:77c0::/32 maxlen: 32
2a09:7b81::/32 maxlen: 32
2a0e:19c0::/32 maxlen: 32
2a09:af80::/32 maxlen: 32
2a0e:c480::/32 maxlen: 32
2a09:7b80::/32 maxlen: 32
2a09:9980::/32 maxlen: 32
2a0e:4b41::/32 maxlen: 32
2a09:5404::/30 maxlen: 30
2a0f:b740::/32 maxlen: 32
2a09:9381::/32 maxlen: 32
2a0e:e681::/32 maxlen: 32
2a0d:c104::/30 maxlen: 30
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:99:a6:b8:cb:9c:1e:2e:d7:7f:5e:57:7a:63:8c:88:8f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ccd76159bfd9e337523ee930f3df111d6bae7306
Validity
Not Before: Feb 28 20:11:25 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d63f7392fe0900577888ece3ec455e6264f9aaa8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:c5:08:b0:20:0e:23:ba:60:20:e5:63:b6:03:
3e:66:ca:7b:5b:fa:9d:14:f1:38:7c:b1:f1:30:38:
9e:10:23:22:1f:49:35:af:f6:2f:f6:78:43:c0:29:
ad:57:ed:27:cd:e8:49:31:be:84:af:eb:e0:67:db:
49:d9:4c:ce:7e:c2:c6:67:83:66:9e:0c:62:a9:09:
a7:99:aa:b2:94:d5:d0:86:b8:78:79:59:41:fa:65:
e5:db:9a:b3:ff:ff:2d:b5:33:16:42:3c:38:a9:a7:
46:64:eb:85:00:1c:91:e5:c1:f2:8b:b0:3a:e1:95:
2a:9c:4b:a4:b1:be:31:82:22:37:1f:00:f4:f5:19:
a9:89:b7:67:77:42:c8:1e:4d:06:0d:75:eb:02:dc:
08:70:6f:1a:b1:46:7f:93:0c:c4:5e:25:da:1b:90:
11:52:e5:09:04:4a:17:0d:70:df:cf:ab:45:ad:d9:
41:88:d5:cc:cb:29:2d:bc:77:f1:f2:a9:ca:cf:e9:
1e:7f:21:e0:20:23:e9:59:ab:e7:c7:e4:0c:2e:31:
23:9d:24:b8:2e:52:e5:46:2d:37:b9:e6:7b:db:ba:
b5:88:e0:7f:1c:6b:c9:cf:7d:52:a2:71:13:ca:cb:
0d:8e:36:56:cf:3d:06:74:c3:a0:71:2c:db:ad:c9:
af:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:3F:73:92:FE:09:00:57:78:88:EC:E3:EC:45:5E:62:64:F9:AA:A8
X509v3 Authority Key Identifier:
keyid:CC:D7:61:59:BF:D9:E3:37:52:3E:E9:30:F3:DF:11:1D:6B:AE:73:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zNdhWb_Z4zdSPukw898RHWuucwY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/1j9zkv4JAFd4iOzj7EVeYmT5qqg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/zNdhWb_Z4zdSPukw898RHWuucwY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:77c0::/31
2a09:2d00::/29
2a09:3a80::/31
2a09:4280::/31
2a09:4300::/29
2a09:4480::/31
2a09:5400::/29
2a09:7880::/31
2a09:7b80::/31
2a09:9380::/31
2a09:9980::/31
2a09:af80::/31
2a09:e700::/31
2a0d:c100::/29
2a0d:f140::/29
2a0e:19c0::/31
2a0e:4b40::/31
2a0e:c480::/31
2a0e:e680::/31
2a0f:b740::/31
Signature Algorithm: sha256WithRSAEncryption
5b:03:2f:b2:d0:aa:fc:cb:86:7d:48:c6:63:69:1d:b1:b0:57:
5b:33:bc:34:68:0c:d4:49:be:4c:0a:7f:42:28:d5:54:c0:19:
18:4d:40:c1:92:b3:08:4f:a2:6e:d1:92:e8:ef:da:58:dc:93:
1d:65:a2:2c:d3:c5:96:cc:c2:91:b2:34:2b:6b:fd:f4:1b:34:
b8:f0:6c:6c:b5:ce:77:d3:ed:09:57:fc:05:9f:90:1f:6a:3e:
73:22:bc:95:e3:4c:8f:86:af:5e:8b:28:20:06:29:58:fa:e6:
84:79:ff:92:7e:27:78:22:2c:cc:7c:67:b8:aa:93:55:98:e9:
df:4c:0c:73:0d:38:be:c4:40:34:8a:c6:56:cf:00:8c:e6:33:
5d:f6:aa:f4:56:a4:1b:ce:ec:ae:5e:e7:02:5b:ca:2a:26:24:
a5:b8:51:9c:5f:d9:1c:6d:58:b7:cc:46:ef:70:ba:64:ec:96:
91:ea:31:4c:49:ad:3a:3b:d2:c7:df:4d:dc:1c:3e:3c:fc:54:
3c:7b:84:47:80:1b:94:e5:64:67:ce:06:b4:b0:66:34:d3:76:
19:85:da:93:26:cc:15:29:f5:b4:a0:ca:11:93:4d:18:bd:e9:
22:7a:56:55:aa:de:07:c8:35:4b:c1:7d:0a:31:64:02:b1:a4:
de:9b:37:ec
-----BEGIN CERTIFICATE-----
MIIFiDCCBHCgAwIBAgISAYaZprjLnB4u139eV3pjjIiPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNjZDc2MTU5YmZkOWUzMzc1MjNlZTkzMGYzZGYxMTFkNmJh
ZTczMDYwHhcNMjMwMjI4MjAxMTI1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNjNmNzM5MmZlMDkwMDU3Nzg4OGVjZTNlYzQ1NWU2MjY0ZjlhYWE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxMUIsCAOI7pgIOVjtgM+Zsp7W/qd
FPE4fLHxMDieECMiH0k1r/Yv9nhDwCmtV+0nzehJMb6Er+vgZ9tJ2UzOfsLGZ4Nm
ngxiqQmnmaqylNXQhrh4eVlB+mXl25qz//8ttTMWQjw4qadGZOuFAByR5cHyi7A6
4ZUqnEuksb4xgiI3HwD09Rmpibdnd0LIHk0GDXXrAtwIcG8asUZ/kwzEXiXaG5AR
UuUJBEoXDXDfz6tFrdlBiNXMyyktvHfx8qnKz+kefyHgICPpWavnx+QMLjEjnSS4
LlLlRi03ueZ727q1iOB/HGvJz31SonETyssNjjZWzz0GdMOgcSzbrcmvVQIDAQAB
o4IClDCCApAwHQYDVR0OBBYEFNY/c5L+CQBXeIjs4+xFXmJk+aqoMB8GA1UdIwQY
MBaAFMzXYVm/2eM3Uj7pMPPfER1rrnMGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvek5kaFdiX1o0emRTUHVrdzg5OFJIV3V1Y3dZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MC9mNmFkYTEtN2U4YS00YjNlLWI3ZTgt
Zjg1ODlmNjgyNjkxLzEvMWo5emt2NEpBRmQ0aU96ajdFVmVZbVQ1cXFnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MC9mNmFkYTEtN2U4YS00YjNlLWI3ZTgtZjg1ODlmNjgyNjkx
LzEvek5kaFdiX1o0emRTUHVrdzg5OFJIV3V1Y3dZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGpBggrBgEFBQcBBwEB/wSBmTCBljCBkwQCAAIwgYwDBQEq
BnfAAwUDKgktAAMFASoJOoADBQEqCUKAAwUDKglDAAMFASoJRIADBQMqCVQAAwUB
Kgl4gAMFASoJe4ADBQEqCZOAAwUBKgmZgAMFASoJr4ADBQEqCecAAwUDKg3BAAMF
AyoN8UADBQEqDhnAAwUBKg5LQAMFASoOxIADBQEqDuaAAwUBKg+3QDANBgkqhkiG
9w0BAQsFAAOCAQEAWwMvstCq/MuGfUjGY2kdsbBXWzO8NGgM1Em+TAp/QijVVMAZ
GE1AwZKzCE+ibtGS6O/aWNyTHWWiLNPFlszCkbI0K2v99Bs0uPBsbLXOd9PtCVf8
BZ+QH2o+cyK8leNMj4avXosoIAYpWPrmhHn/kn4neCIszHxnuKqTVZjp30wMcw04
vsRANIrGVs8AjOYzXfaq9FakG87srl7nAlvKKiYkpbhRnF/ZHG1Yt8xG73C6ZOyW
keoxTEmtOjvSx99N3Bw+PPxUPHuER4AblOVkZ84GtLBmNNN2GYXakybMFSn1tKDK
EZNNGL3pInpWVareB8g1S8F9CjFkArGk3ps37A==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:08:46 2024 by rpki-client on console-ams.rpki-client.org