Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/C157xQWvww7aKgk3h2h1yqk_VKI.roa
File: C157xQWvww7aKgk3h2h1yqk_VKI.roa (raw, json)
Hash identifier: wooFAsJON6nsfVM6WiL1FqkiQasTTczN7fAaGjPggSc=
Subject key identifier: 0B:5E:7B:C5:05:AF:C3:0E:DA:2A:09:37:87:68:75:CA:A9:3F:54:A2
Certificate issuer: /CN=ccd76159bfd9e337523ee930f3df111d6bae7306
Certificate serial: 018699C4F0797CE56203A3793A7248FE6C9D
Authority key identifier: CC:D7:61:59:BF:D9:E3:37:52:3E:E9:30:F3:DF:11:1D:6B:AE:73:06
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zNdhWb_Z4zdSPukw898RHWuucwY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/C157xQWvww7aKgk3h2h1yqk_VKI.roa
Signing time: Tue 28 Feb 2023 20:44:26 +0000
ROA not before: Tue 28 Feb 2023 20:44:26 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204084
IP address blocks: 2a0e:c482::/32 maxlen: 32
2a09:7b82::/32 maxlen: 32
2a09:4283::/32 maxlen: 32
2a09:af82::/32 maxlen: 32
2a0e:e683::/32 maxlen: 32
2a09:9982::/32 maxlen: 32
2a09:e703::/32 maxlen: 32
2a09:7883::/32 maxlen: 32
2a09:9382::/32 maxlen: 32
2a06:77c3::/32 maxlen: 32
2a09:3a82::/32 maxlen: 32
2a09:7882::/32 maxlen: 32
2a09:9983::/32 maxlen: 32
2a0e:e682::/32 maxlen: 32
2a09:4482::/32 maxlen: 32
2a09:e702::/32 maxlen: 32
2a09:9383::/32 maxlen: 32
2a09:3a83::/32 maxlen: 32
2a06:77c2::/32 maxlen: 32
2a09:4483::/32 maxlen: 32
2a09:7b83::/32 maxlen: 32
2a0e:c483::/32 maxlen: 32
2a09:af83::/32 maxlen: 32
2a09:4282::/32 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:99:c4:f0:79:7c:e5:62:03:a3:79:3a:72:48:fe:6c:9d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ccd76159bfd9e337523ee930f3df111d6bae7306
Validity
Not Before: Feb 28 20:44:26 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0b5e7bc505afc30eda2a0937876875caa93f54a2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:f7:37:d2:ba:fb:aa:11:63:08:40:8c:81:a4:
4c:f1:1b:f6:e4:bf:95:8d:a5:e8:38:c7:88:f1:f3:
53:13:a7:48:97:bf:c1:7e:6c:96:64:c6:0b:c2:7e:
7f:a4:46:c9:0c:66:20:67:9c:77:b6:32:11:ea:55:
cb:d9:cf:0c:94:87:0a:2e:3b:33:f1:08:22:fc:3c:
be:f4:6b:ca:6a:89:81:b9:4b:ce:72:0f:d3:28:59:
c4:77:87:e8:db:ff:b3:fb:50:2a:a0:72:2d:7d:7d:
23:48:40:27:0e:a7:3f:8b:17:0e:bc:37:10:f9:e7:
ba:89:87:ba:96:60:7e:1f:6a:c1:40:d4:09:91:80:
6c:0b:a3:59:96:6c:e5:27:88:11:76:e2:82:3d:e9:
e9:36:c8:bb:6d:13:4e:e4:2f:0c:53:91:c8:c5:44:
eb:9f:c4:20:db:64:b8:6e:ac:3e:34:c5:79:7b:a2:
d5:99:e3:3f:40:4a:19:7b:a1:47:ba:08:17:b3:51:
36:3e:89:10:9c:90:17:bf:97:27:8c:c4:b8:17:b0:
81:40:30:9c:af:97:57:9f:9d:4c:f0:d3:f5:ba:d0:
e0:83:29:c7:0b:76:70:9b:79:9b:e0:84:81:13:b9:
af:7a:cc:fb:4c:15:f1:02:d5:3b:46:9a:67:43:20:
0c:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:5E:7B:C5:05:AF:C3:0E:DA:2A:09:37:87:68:75:CA:A9:3F:54:A2
X509v3 Authority Key Identifier:
keyid:CC:D7:61:59:BF:D9:E3:37:52:3E:E9:30:F3:DF:11:1D:6B:AE:73:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zNdhWb_Z4zdSPukw898RHWuucwY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/C157xQWvww7aKgk3h2h1yqk_VKI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/zNdhWb_Z4zdSPukw898RHWuucwY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:77c2::/31
2a09:3a82::/31
2a09:4282::/31
2a09:4482::/31
2a09:7882::/31
2a09:7b82::/31
2a09:9382::/31
2a09:9982::/31
2a09:af82::/31
2a09:e702::/31
2a0e:c482::/31
2a0e:e682::/31
Signature Algorithm: sha256WithRSAEncryption
76:80:b0:94:b0:a7:42:15:51:50:32:47:11:81:c4:6b:12:79:
62:7f:69:d3:6c:ab:4c:42:56:37:5e:65:cf:b0:4b:88:94:18:
67:2b:9a:cc:15:dd:8b:e0:15:09:0e:ab:48:26:7a:43:84:f3:
56:44:e3:d4:c6:e1:2a:bb:ae:37:40:d0:43:df:4b:79:8a:d1:
14:a8:2e:8c:65:c1:61:dd:dc:61:5d:fc:fd:6c:00:7b:71:c7:
f9:ba:a0:27:ef:a1:d4:dc:93:0d:35:1c:8f:7b:a4:44:5f:e4:
96:ad:13:e7:44:1d:f3:a9:da:0d:8b:62:ed:07:16:f6:59:c9:
bc:0a:c8:fa:bb:49:b9:e9:fe:be:0c:bb:fa:e6:75:54:10:f5:
27:d4:99:41:61:a9:f1:56:ee:78:19:24:3e:dd:8c:4d:a9:58:
79:a5:a9:63:96:8b:bb:ce:d7:28:b5:ee:b4:d3:17:b7:3e:07:
ec:c3:06:e7:84:f8:5a:a0:74:61:80:a4:64:d9:d8:36:28:9b:
d5:da:5a:e1:ee:24:57:93:1e:3d:22:c4:54:86:44:fd:2c:fc:
74:2e:0b:27:00:67:ed:98:6f:ec:e3:48:98:b7:c2:6e:ca:01:
ea:b0:64:a1:3d:21:36:54:a4:98:cf:d9:d9:89:17:5c:bb:d7:
4a:d6:11:10
-----BEGIN CERTIFICATE-----
MIIFSzCCBDOgAwIBAgISAYaZxPB5fOViA6N5OnJI/mydMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNjZDc2MTU5YmZkOWUzMzc1MjNlZTkzMGYzZGYxMTFkNmJh
ZTczMDYwHhcNMjMwMjI4MjA0NDI2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYjVlN2JjNTA1YWZjMzBlZGEyYTA5Mzc4NzY4NzVjYWE5M2Y1NGEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo/c30rr7qhFjCECMgaRM8Rv25L+V
jaXoOMeI8fNTE6dIl7/BfmyWZMYLwn5/pEbJDGYgZ5x3tjIR6lXL2c8MlIcKLjsz
8Qgi/Dy+9GvKaomBuUvOcg/TKFnEd4fo2/+z+1AqoHItfX0jSEAnDqc/ixcOvDcQ
+ee6iYe6lmB+H2rBQNQJkYBsC6NZlmzlJ4gRduKCPenpNsi7bRNO5C8MU5HIxUTr
n8Qg22S4bqw+NMV5e6LVmeM/QEoZe6FHuggXs1E2PokQnJAXv5cnjMS4F7CBQDCc
r5dXn51M8NP1utDggynHC3Zwm3mb4ISBE7mvesz7TBXxAtU7RppnQyAMIQIDAQAB
o4ICVzCCAlMwHQYDVR0OBBYEFAtee8UFr8MO2ioJN4dodcqpP1SiMB8GA1UdIwQY
MBaAFMzXYVm/2eM3Uj7pMPPfER1rrnMGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvek5kaFdiX1o0emRTUHVrdzg5OFJIV3V1Y3dZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MC9mNmFkYTEtN2U4YS00YjNlLWI3ZTgt
Zjg1ODlmNjgyNjkxLzEvQzE1N3hRV3Z3dzdhS2drM2gyaDF5cWtfVktJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MC9mNmFkYTEtN2U4YS00YjNlLWI3ZTgtZjg1ODlmNjgyNjkx
LzEvek5kaFdiX1o0emRTUHVrdzg5OFJIV3V1Y3dZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG0GCCsGAQUFBwEHAQH/BF4wXDBaBAIAAjBUAwUBKgZ3wgMF
ASoJOoIDBQEqCUKCAwUBKglEggMFASoJeIIDBQEqCXuCAwUBKgmTggMFASoJmYID
BQEqCa+CAwUBKgnnAgMFASoOxIIDBQEqDuaCMA0GCSqGSIb3DQEBCwUAA4IBAQB2
gLCUsKdCFVFQMkcRgcRrEnlif2nTbKtMQlY3XmXPsEuIlBhnK5rMFd2L4BUJDqtI
JnpDhPNWROPUxuEqu643QNBD30t5itEUqC6MZcFh3dxhXfz9bAB7ccf5uqAn76HU
3JMNNRyPe6REX+SWrRPnRB3zqdoNi2LtBxb2Wcm8Csj6u0m56f6+DLv65nVUEPUn
1JlBYanxVu54GSQ+3YxNqVh5paljlou7ztcote600xe3PgfswwbnhPhaoHRhgKRk
2dg2KJvV2lrh7iRXkx49IsRUhkT9LPx0LgsnAGftmG/s40iYt8JuygHqsGShPSE2
VKSYz9nZiRdcu9dK1hEQ
-----END CERTIFICATE-----
Generated at Tue Apr 22 02:23:26 2025 by rpki-client