Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/3K_ev4uI3gIHv8k7szAyO3gS1_U.roa
File: 3K_ev4uI3gIHv8k7szAyO3gS1_U.roa (raw, json)
Hash identifier: YBncm/4Ao46ClA+ClpwuR0havkqmry7KomrXi3OrNY0=
Subject key identifier: DC:AF:DE:BF:8B:88:DE:02:07:BF:C9:3B:B3:30:32:3B:78:12:D7:F5
Certificate issuer: /CN=ccd76159bfd9e337523ee930f3df111d6bae7306
Certificate serial: 0183883663758D6EF600E4185D66D11DB767
Authority key identifier: CC:D7:61:59:BF:D9:E3:37:52:3E:E9:30:F3:DF:11:1D:6B:AE:73:06
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zNdhWb_Z4zdSPukw898RHWuucwY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/3K_ev4uI3gIHv8k7szAyO3gS1_U.roa
Signing time: Thu 29 Sep 2022 07:46:49 +0000
ROA not before: Thu 29 Sep 2022 07:46:49 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 203629
IP address blocks: 2a0f:b745::/32 maxlen: 32
2a0d:e1c0::/30 maxlen: 30
2a09:e704::/32 maxlen: 32
2a09:4484::/32 maxlen: 32
2a09:bc00::/30 maxlen: 30
2a09:9985::/32 maxlen: 32
2a09:3a84::/32 maxlen: 32
2a0d:ad44::/30 maxlen: 30
2a0d:fbc4::/30 maxlen: 30
2a09:a600::/30 maxlen: 30
2a09:af85::/32 maxlen: 32
2a0e:19c5::/32 maxlen: 32
2a09:e705::/32 maxlen: 32
2a09:4485::/32 maxlen: 32
2a09:9984::/32 maxlen: 32
2a0f:b744::/32 maxlen: 32
2a09:af84::/32 maxlen: 32
2a0e:19c4::/32 maxlen: 32
2a09:3a85::/32 maxlen: 32
2a0d:b540::/30 maxlen: 30
2a09:4284::/32 maxlen: 32
2a0e:4b45::/32 maxlen: 32
2a09:4000::/30 maxlen: 30
2a0d:6b40::/30 maxlen: 30
2a09:7b85::/32 maxlen: 32
2a0e:c485::/32 maxlen: 32
2a06:77c4::/32 maxlen: 32
2a0d:ce44::/30 maxlen: 30
2a09:7884::/32 maxlen: 32
2a0d:ad40::/30 maxlen: 30
2a09:9384::/32 maxlen: 32
2a0d:fbc0::/30 maxlen: 30
2a09:bc04::/30 maxlen: 30
2a0d:e1c4::/30 maxlen: 30
2a09:a604::/30 maxlen: 30
2a0e:e685::/32 maxlen: 32
2a0d:ce40::/30 maxlen: 30
2a09:9385::/32 maxlen: 32
2a09:7b84::/32 maxlen: 32
2a0e:c484::/32 maxlen: 32
2a09:7885::/32 maxlen: 32
2a06:77c5::/32 maxlen: 32
2a0d:b544::/30 maxlen: 30
2a09:4004::/30 maxlen: 30
2a0d:6b44::/30 maxlen: 30
2a0e:4b44::/32 maxlen: 32
2a09:4285::/32 maxlen: 32
2a0e:e684::/32 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:88:36:63:75:8d:6e:f6:00:e4:18:5d:66:d1:1d:b7:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ccd76159bfd9e337523ee930f3df111d6bae7306
Validity
Not Before: Sep 29 07:46:49 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=dcafdebf8b88de0207bfc93bb330323b7812d7f5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:8a:dd:7b:51:23:51:59:e1:88:2c:3d:3a:2c:
d7:bf:f4:a0:8d:ef:54:4b:e8:1f:04:0a:26:92:db:
58:5e:56:69:8f:be:c9:42:c0:b5:86:8a:91:48:b0:
86:44:0a:69:bf:2d:41:e2:3b:22:81:7f:c2:6b:46:
ff:3b:1b:1e:81:8e:b7:cf:5c:a1:d9:a2:78:b4:42:
79:c0:0a:da:65:3d:cb:7c:c8:ba:41:d9:de:75:28:
57:bf:14:f8:87:0a:b5:18:82:d0:8e:d2:06:ff:70:
60:62:cc:f9:39:42:cc:c4:83:d0:bb:d9:70:2b:77:
f1:d8:6e:25:de:e1:93:3d:a8:98:f2:5f:c5:1e:7d:
ce:df:fd:3f:91:f7:bc:17:c5:42:a5:7c:e6:e8:bc:
56:d5:ac:15:3a:c5:db:7b:67:af:96:fa:27:c9:d5:
91:d2:95:67:c6:f0:07:f1:03:30:ed:94:82:b6:0b:
63:85:90:32:e4:45:15:cf:43:c5:32:07:18:3b:36:
d6:c9:bd:23:2d:43:cc:7a:c4:e5:a7:03:ed:ef:46:
2f:bc:6e:79:b5:9a:06:17:31:ea:2c:ec:6a:ec:d9:
ac:eb:0f:c7:6f:f8:6f:9f:28:b0:cc:e2:be:25:c7:
70:d2:cd:f0:c8:cd:67:52:83:e5:19:78:74:52:02:
51:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:AF:DE:BF:8B:88:DE:02:07:BF:C9:3B:B3:30:32:3B:78:12:D7:F5
X509v3 Authority Key Identifier:
keyid:CC:D7:61:59:BF:D9:E3:37:52:3E:E9:30:F3:DF:11:1D:6B:AE:73:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zNdhWb_Z4zdSPukw898RHWuucwY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/3K_ev4uI3gIHv8k7szAyO3gS1_U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/zNdhWb_Z4zdSPukw898RHWuucwY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:77c4::/31
2a09:3a84::/31
2a09:4000::/29
2a09:4284::/31
2a09:4484::/31
2a09:7884::/31
2a09:7b84::/31
2a09:9384::/31
2a09:9984::/31
2a09:a600::/29
2a09:af84::/31
2a09:bc00::/29
2a09:e704::/31
2a0d:6b40::/29
2a0d:ad40::/29
2a0d:b540::/29
2a0d:ce40::/29
2a0d:e1c0::/29
2a0d:fbc0::/29
2a0e:19c4::/31
2a0e:4b44::/31
2a0e:c484::/31
2a0e:e684::/31
2a0f:b744::/31
Signature Algorithm: sha256WithRSAEncryption
6d:15:e6:92:a6:93:9e:94:24:89:44:42:39:91:3f:68:b1:1f:
28:11:9b:63:cc:1e:5b:03:c2:c4:01:b6:83:4b:d1:2e:3b:6a:
08:1d:d2:18:45:bf:fc:ed:11:b1:c7:e9:a1:64:d1:85:54:9e:
ec:92:22:e8:ef:c0:70:b6:29:25:2d:ed:3f:52:1a:3d:4f:dd:
4b:4e:3c:7e:5e:fc:ff:57:89:59:eb:58:51:0e:d2:33:46:c8:
68:81:06:4b:c9:b5:31:62:ce:06:7a:8d:b8:14:62:e5:b4:4d:
1f:a7:85:1a:ba:33:fe:e2:48:35:c8:83:89:10:af:92:fb:94:
32:60:6b:eb:89:02:ef:f4:81:ff:57:55:b6:e4:24:0d:1f:1f:
d7:af:c9:b8:29:24:c7:81:51:4e:5f:c7:fc:02:f7:fd:9e:cd:
bf:6a:17:e0:5a:69:78:13:9c:27:5b:61:9a:3f:25:b5:ba:f9:
75:ed:b2:5b:da:78:87:99:19:e3:d0:a8:47:3e:bb:bd:af:fc:
7b:6a:cc:6c:67:07:cc:2b:b0:ea:5a:73:31:df:82:aa:ae:d2:
8e:84:58:e2:1a:b4:b9:a9:4b:10:c6:ec:5a:bc:a1:67:04:68:
4c:aa:a9:94:34:51:7d:98:a9:7b:2e:c0:48:b1:ce:42:1c:70:
7a:a0:6c:08
-----BEGIN CERTIFICATE-----
MIIFpDCCBIygAwIBAgISAYOINmN1jW72AOQYXWbRHbdnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNjZDc2MTU5YmZkOWUzMzc1MjNlZTkzMGYzZGYxMTFkNmJh
ZTczMDYwHhcNMjIwOTI5MDc0NjQ5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkY2FmZGViZjhiODhkZTAyMDdiZmM5M2JiMzMwMzIzYjc4MTJkN2Y1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlYrde1EjUVnhiCw9OizXv/Sgje9U
S+gfBAomkttYXlZpj77JQsC1hoqRSLCGRAppvy1B4jsigX/Ca0b/OxsegY63z1yh
2aJ4tEJ5wAraZT3LfMi6QdnedShXvxT4hwq1GILQjtIG/3BgYsz5OULMxIPQu9lw
K3fx2G4l3uGTPaiY8l/FHn3O3/0/kfe8F8VCpXzm6LxW1awVOsXbe2evlvonydWR
0pVnxvAH8QMw7ZSCtgtjhZAy5EUVz0PFMgcYOzbWyb0jLUPMesTlpwPt70YvvG55
tZoGFzHqLOxq7Nms6w/Hb/hvnyiwzOK+Jcdw0s3wyM1nUoPlGXh0UgJR9QIDAQAB
o4ICsDCCAqwwHQYDVR0OBBYEFNyv3r+LiN4CB7/JO7MwMjt4Etf1MB8GA1UdIwQY
MBaAFMzXYVm/2eM3Uj7pMPPfER1rrnMGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvek5kaFdiX1o0emRTUHVrdzg5OFJIV3V1Y3dZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MC9mNmFkYTEtN2U4YS00YjNlLWI3ZTgt
Zjg1ODlmNjgyNjkxLzEvM0tfZXY0dUkzZ0lIdjhrN3N6QXlPM2dTMV9VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MC9mNmFkYTEtN2U4YS00YjNlLWI3ZTgtZjg1ODlmNjgyNjkx
LzEvek5kaFdiX1o0emRTUHVrdzg5OFJIV3V1Y3dZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHFBggrBgEFBQcBBwEB/wSBtTCBsjCBrwQCAAIwgagDBQEq
BnfEAwUBKgk6hAMFAyoJQAADBQEqCUKEAwUBKglEhAMFASoJeIQDBQEqCXuEAwUB
KgmThAMFASoJmYQDBQMqCaYAAwUBKgmvhAMFAyoJvAADBQEqCecEAwUDKg1rQAMF
AyoNrUADBQMqDbVAAwUDKg3OQAMFAyoN4cADBQMqDfvAAwUBKg4ZxAMFASoOS0QD
BQEqDsSEAwUBKg7mhAMFASoPt0QwDQYJKoZIhvcNAQELBQADggEBAG0V5pKmk56U
JIlEQjmRP2ixHygRm2PMHlsDwsQBtoNL0S47aggd0hhFv/ztEbHH6aFk0YVUnuyS
IujvwHC2KSUt7T9SGj1P3UtOPH5e/P9XiVnrWFEO0jNGyGiBBkvJtTFizgZ6jbgU
YuW0TR+nhRq6M/7iSDXIg4kQr5L7lDJga+uJAu/0gf9XVbbkJA0fH9evybgpJMeB
UU5fx/wC9/2ezb9qF+BaaXgTnCdbYZo/JbW6+XXtslvaeIeZGePQqEc+u72v/Htq
zGxnB8wrsOpaczHfgqqu0o6EWOIatLmpSxDG7Fq8oWcEaEyqqZQ0UX2YqXsuwEix
zkIccHqgbAg=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:17 2024 by rpki-client on console-fra.rpki-client.org