Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/8reFZ0jjL5WiT0y3qaRReNl0bKs.roa
File: 8reFZ0jjL5WiT0y3qaRReNl0bKs.roa (raw, json)
Hash identifier: EWjHc6so4Osp0GkIFcxppxy+ngutS92925qLN/tQXzU=
Subject key identifier: F2:B7:85:67:48:E3:2F:95:A2:4F:4C:B7:A9:A4:51:78:D9:74:6C:AB
Certificate issuer: /CN=ccd76159bfd9e337523ee930f3df111d6bae7306
Certificate serial: 018699A6B983B3D70291A1D52134529648E7
Authority key identifier: CC:D7:61:59:BF:D9:E3:37:52:3E:E9:30:F3:DF:11:1D:6B:AE:73:06
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zNdhWb_Z4zdSPukw898RHWuucwY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/8reFZ0jjL5WiT0y3qaRReNl0bKs.roa
Signing time: Tue 28 Feb 2023 20:11:25 +0000
ROA not before: Tue 28 Feb 2023 20:11:25 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204084
IP address blocks: 2a09:4283::/32 maxlen: 32
2a09:e703::/32 maxlen: 32
2a09:7883::/32 maxlen: 32
2a09:9382::/32 maxlen: 32
2a06:77c3::/32 maxlen: 32
2a0e:e682::/32 maxlen: 32
2a09:9383::/32 maxlen: 32
2a0e:4b42::/32 maxlen: 32
2a0e:19c2::/32 maxlen: 32
2a0e:c482::/32 maxlen: 32
2a09:7b82::/32 maxlen: 32
2a09:af82::/32 maxlen: 32
2a0e:e683::/32 maxlen: 32
2a09:9982::/32 maxlen: 32
2a0f:b742::/32 maxlen: 32
2a0e:4b43::/32 maxlen: 32
2a09:3a82::/32 maxlen: 32
2a09:9983::/32 maxlen: 32
2a09:7882::/32 maxlen: 32
2a09:4482::/32 maxlen: 32
2a09:e702::/32 maxlen: 32
2a06:77c2::/32 maxlen: 32
2a09:3a83::/32 maxlen: 32
2a09:4483::/32 maxlen: 32
2a09:7b83::/32 maxlen: 32
2a0e:c483::/32 maxlen: 32
2a09:af83::/32 maxlen: 32
2a0e:19c3::/32 maxlen: 32
2a0f:b743::/32 maxlen: 32
2a09:4282::/32 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:99:a6:b9:83:b3:d7:02:91:a1:d5:21:34:52:96:48:e7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ccd76159bfd9e337523ee930f3df111d6bae7306
Validity
Not Before: Feb 28 20:11:25 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f2b7856748e32f95a24f4cb7a9a45178d9746cab
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:21:1d:f4:74:b7:68:d3:35:62:86:5a:a4:6a:
b2:7d:1d:47:e0:8e:49:fe:9f:26:00:c4:71:43:1e:
40:52:8b:56:e0:e4:f2:54:e2:06:6a:b9:55:53:b0:
aa:df:64:54:3d:60:aa:04:1c:2b:f0:39:30:9f:88:
32:41:d3:ae:f1:1e:06:a1:01:7e:c9:61:c6:42:94:
e1:bf:d0:f4:a7:f5:42:68:ed:4e:24:9f:94:9b:4a:
05:5f:83:c9:09:a2:b7:e7:b6:80:2f:95:57:20:29:
4a:56:ab:cb:de:ac:da:6a:b2:c9:8d:e3:d1:06:29:
4d:f2:50:47:36:41:45:9a:20:d8:ab:21:c7:7a:a6:
3c:75:22:7a:e7:ce:a8:9d:dd:dc:e5:38:f3:48:12:
2f:49:40:75:76:9d:43:da:50:1e:e3:66:2d:c0:d8:
10:04:69:f7:03:ba:00:e3:c4:18:95:40:80:62:24:
be:5b:62:b8:35:43:2d:f6:4b:2e:9c:81:14:7b:c9:
c1:18:33:85:e4:24:4e:0e:11:b0:cd:8a:7f:ca:36:
41:5a:50:0b:1b:ad:05:27:66:93:ce:f4:50:9f:10:
79:0d:81:e0:cf:91:87:9f:12:b5:9d:76:51:cb:cc:
df:4b:43:02:ad:24:48:a5:9d:66:95:db:c2:fd:f9:
f8:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:B7:85:67:48:E3:2F:95:A2:4F:4C:B7:A9:A4:51:78:D9:74:6C:AB
X509v3 Authority Key Identifier:
keyid:CC:D7:61:59:BF:D9:E3:37:52:3E:E9:30:F3:DF:11:1D:6B:AE:73:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zNdhWb_Z4zdSPukw898RHWuucwY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/8reFZ0jjL5WiT0y3qaRReNl0bKs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/zNdhWb_Z4zdSPukw898RHWuucwY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:77c2::/31
2a09:3a82::/31
2a09:4282::/31
2a09:4482::/31
2a09:7882::/31
2a09:7b82::/31
2a09:9382::/31
2a09:9982::/31
2a09:af82::/31
2a09:e702::/31
2a0e:19c2::/31
2a0e:4b42::/31
2a0e:c482::/31
2a0e:e682::/31
2a0f:b742::/31
Signature Algorithm: sha256WithRSAEncryption
c1:14:a9:37:bd:73:96:75:9d:b2:35:d8:0e:bf:b3:cd:a1:17:
d7:e0:a4:ab:54:62:3d:6a:20:f3:64:40:75:fe:8e:f7:e0:72:
6c:46:09:e4:04:76:8c:c1:22:51:00:99:b8:dd:c3:cc:12:e8:
1a:22:08:cf:a9:ad:0a:4b:c4:9b:33:b4:fe:79:3e:4c:8e:06:
ac:3e:ca:15:90:6b:37:30:0d:fa:93:90:5c:07:2c:30:c8:c7:
b4:75:2a:01:2e:35:86:69:52:93:17:6d:2c:5e:a8:e9:05:2a:
01:e1:93:d4:c9:dd:b8:75:b3:9d:2d:1f:a9:3b:72:37:63:3c:
e7:3b:6e:94:a4:d0:83:2c:10:2b:cd:df:be:e1:03:a2:14:4a:
bc:d0:87:23:b1:b9:bf:eb:c2:d7:fd:bd:ac:2c:47:aa:01:b9:
45:9e:a7:61:ed:b7:5c:0e:b4:d6:91:e4:d8:67:f7:f4:38:ce:
b0:9a:8d:f4:f3:c1:d2:80:66:41:ea:61:85:86:0e:72:69:0c:
90:2a:97:25:92:0d:56:cf:30:7c:d3:a3:a9:4d:ca:56:ca:47:
d9:bc:fb:76:97:e9:e1:b5:0b:ca:d1:94:38:b5:7a:39:b1:01:
0b:64:4e:6d:33:60:e5:e8:e6:ca:40:02:bd:3c:6d:28:81:5e:
ba:61:75:09
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgISAYaZprmDs9cCkaHVITRSlkjnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNjZDc2MTU5YmZkOWUzMzc1MjNlZTkzMGYzZGYxMTFkNmJh
ZTczMDYwHhcNMjMwMjI4MjAxMTI1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMmI3ODU2NzQ4ZTMyZjk1YTI0ZjRjYjdhOWE0NTE3OGQ5NzQ2Y2FiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArSEd9HS3aNM1YoZapGqyfR1H4I5J
/p8mAMRxQx5AUotW4OTyVOIGarlVU7Cq32RUPWCqBBwr8Dkwn4gyQdOu8R4GoQF+
yWHGQpThv9D0p/VCaO1OJJ+Um0oFX4PJCaK357aAL5VXIClKVqvL3qzaarLJjePR
BilN8lBHNkFFmiDYqyHHeqY8dSJ6586ond3c5TjzSBIvSUB1dp1D2lAe42YtwNgQ
BGn3A7oA48QYlUCAYiS+W2K4NUMt9ksunIEUe8nBGDOF5CRODhGwzYp/yjZBWlAL
G60FJ2aTzvRQnxB5DYHgz5GHnxK1nXZRy8zfS0MCrSRIpZ1mldvC/fn4pwIDAQAB
o4ICbTCCAmkwHQYDVR0OBBYEFPK3hWdI4y+Vok9Mt6mkUXjZdGyrMB8GA1UdIwQY
MBaAFMzXYVm/2eM3Uj7pMPPfER1rrnMGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvek5kaFdiX1o0emRTUHVrdzg5OFJIV3V1Y3dZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MC9mNmFkYTEtN2U4YS00YjNlLWI3ZTgt
Zjg1ODlmNjgyNjkxLzEvOHJlRlowampMNVdpVDB5M3FhUlJlTmwwYktzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MC9mNmFkYTEtN2U4YS00YjNlLWI3ZTgtZjg1ODlmNjgyNjkx
LzEvek5kaFdiX1o0emRTUHVrdzg5OFJIV3V1Y3dZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGCBggrBgEFBQcBBwEB/wRzMHEwbwQCAAIwaQMFASoGd8ID
BQEqCTqCAwUBKglCggMFASoJRIIDBQEqCXiCAwUBKgl7ggMFASoJk4IDBQEqCZmC
AwUBKgmvggMFASoJ5wIDBQEqDhnCAwUBKg5LQgMFASoOxIIDBQEqDuaCAwUBKg+3
QjANBgkqhkiG9w0BAQsFAAOCAQEAwRSpN71zlnWdsjXYDr+zzaEX1+Ckq1RiPWog
82RAdf6O9+BybEYJ5AR2jMEiUQCZuN3DzBLoGiIIz6mtCkvEmzO0/nk+TI4GrD7K
FZBrNzAN+pOQXAcsMMjHtHUqAS41hmlSkxdtLF6o6QUqAeGT1MnduHWznS0fqTty
N2M85ztulKTQgywQK83fvuEDohRKvNCHI7G5v+vC1/29rCxHqgG5RZ6nYe23XA60
1pHk2Gf39DjOsJqN9PPB0oBmQephhYYOcmkMkCqXJZINVs8wfNOjqU3KVspH2bz7
dpfp4bULytGUOLV6ObEBC2RObTNg5ejmykACvTxtKIFeumF1CQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:08:46 2024 by rpki-client on console-ams.rpki-client.org