Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/CozzEpvUddfttnMD4ZzW37qVjBw.roa
File: CozzEpvUddfttnMD4ZzW37qVjBw.roa (raw, json)
Hash identifier: t52SNEPxjZPr8Qt53GmZI78hNfYcrtRf4sAJdU+scsg=
Subject key identifier: 0A:8C:F3:12:9B:D4:75:D7:ED:B6:73:03:E1:9C:D6:DF:BA:95:8C:1C
Certificate issuer: /CN=ccd76159bfd9e337523ee930f3df111d6bae7306
Certificate serial: 018570D56551B6E08260DB3AB1E752F2EE60
Authority key identifier: CC:D7:61:59:BF:D9:E3:37:52:3E:E9:30:F3:DF:11:1D:6B:AE:73:06
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zNdhWb_Z4zdSPukw898RHWuucwY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/CozzEpvUddfttnMD4ZzW37qVjBw.roa
Signing time: Mon 02 Jan 2023 04:55:11 +0000
ROA not before: Mon 02 Jan 2023 04:55:11 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204339
IP address blocks: 2a0d:e244::/30 maxlen: 30
2a09:5904::/30 maxlen: 30
2a09:1a04::/30 maxlen: 30
2a09:af86::/32 maxlen: 32
2a0d:c1c0::/30 maxlen: 30
2a0e:19c6::/32 maxlen: 32
2a0e:c486::/32 maxlen: 32
2a09:7b86::/32 maxlen: 32
2a09:a800::/30 maxlen: 30
2a0d:cc44::/30 maxlen: 30
2a0e:c487::/32 maxlen: 32
2a09:7b87::/32 maxlen: 32
2a0e:4b46::/32 maxlen: 32
2a0e:19c7::/32 maxlen: 32
2a09:af87::/32 maxlen: 32
2a09:9386::/32 maxlen: 32
2a0f:b747::/32 maxlen: 32
2a09:6504::/30 maxlen: 30
2a09:9987::/32 maxlen: 32
2a09:3a87::/32 maxlen: 32
2a0e:e686::/32 maxlen: 32
2a09:e707::/32 maxlen: 32
2a09:4487::/32 maxlen: 32
2a09:7887::/32 maxlen: 32
2a06:77c7::/32 maxlen: 32
2a09:4286::/32 maxlen: 32
2a0d:cc40::/30 maxlen: 30
2a09:4287::/32 maxlen: 32
2a06:77c6::/32 maxlen: 32
2a0d:c1c4::/30 maxlen: 30
2a0d:e240::/30 maxlen: 30
2a09:1a00::/30 maxlen: 30
2a09:5900::/30 maxlen: 30
2a09:3a86::/32 maxlen: 32
2a09:7886::/32 maxlen: 32
2a09:6500::/30 maxlen: 30
2a09:e706::/32 maxlen: 32
2a09:4486::/32 maxlen: 32
2a0f:b746::/32 maxlen: 32
2a09:9387::/32 maxlen: 32
2a09:a804::/30 maxlen: 30
2a0e:e687::/32 maxlen: 32
2a0e:4b47::/32 maxlen: 32
2a09:9986::/32 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:d5:65:51:b6:e0:82:60:db:3a:b1:e7:52:f2:ee:60
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ccd76159bfd9e337523ee930f3df111d6bae7306
Validity
Not Before: Jan 2 04:55:11 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0a8cf3129bd475d7edb67303e19cd6dfba958c1c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:e8:0d:16:43:b9:4e:2e:35:2f:5a:9c:c1:d5:
0e:3a:b5:67:03:ba:46:b3:f8:0d:d2:8d:c9:55:e3:
23:87:d8:c8:80:49:bd:06:27:23:56:24:f6:64:f0:
c8:d4:86:4c:8e:1f:ff:76:44:c3:3a:45:74:4b:3c:
6b:7a:f5:4c:25:f3:95:d5:9b:18:2d:05:64:a9:20:
5a:a1:87:88:26:55:23:07:85:07:46:f4:e4:e2:03:
4b:be:c7:e1:93:54:4b:64:31:b2:08:b0:77:fd:15:
c0:3f:b6:b1:3c:bc:26:56:bc:9f:9f:26:65:4e:d4:
bd:56:41:f2:db:f5:10:77:29:c8:e7:8e:a9:8f:1c:
3b:57:37:96:58:cd:82:7b:ba:3d:e0:bd:ba:6c:b7:
3e:ea:43:3e:f0:83:2a:21:1c:b9:88:d9:08:ac:7f:
8b:41:38:95:1c:e9:e3:09:2a:20:a4:08:79:8b:ee:
e5:3c:55:e0:20:d7:28:bd:11:ef:b2:9f:2b:73:fa:
d9:09:35:7a:77:4b:62:8c:f7:35:e0:ef:f9:2e:bd:
9d:a2:f7:e8:61:fa:09:63:b8:2a:4c:9c:19:86:0a:
f1:16:d7:63:de:5f:b9:73:8d:f2:ce:85:7e:32:4b:
32:c3:35:3a:f6:48:31:3c:5a:8c:10:fb:87:c8:24:
b2:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:8C:F3:12:9B:D4:75:D7:ED:B6:73:03:E1:9C:D6:DF:BA:95:8C:1C
X509v3 Authority Key Identifier:
keyid:CC:D7:61:59:BF:D9:E3:37:52:3E:E9:30:F3:DF:11:1D:6B:AE:73:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zNdhWb_Z4zdSPukw898RHWuucwY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/CozzEpvUddfttnMD4ZzW37qVjBw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/zNdhWb_Z4zdSPukw898RHWuucwY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:77c6::/31
2a09:1a00::/29
2a09:3a86::/31
2a09:4286::/31
2a09:4486::/31
2a09:5900::/29
2a09:6500::/29
2a09:7886::/31
2a09:7b86::/31
2a09:9386::/31
2a09:9986::/31
2a09:a800::/29
2a09:af86::/31
2a09:e706::/31
2a0d:c1c0::/29
2a0d:cc40::/29
2a0d:e240::/29
2a0e:19c6::/31
2a0e:4b46::/31
2a0e:c486::/31
2a0e:e686::/31
2a0f:b746::/31
Signature Algorithm: sha256WithRSAEncryption
96:d6:39:42:07:c3:96:71:a2:ba:bb:ea:a3:af:56:6d:40:24:
c4:d4:6c:11:ea:98:27:d1:70:5e:a4:84:0c:c2:5c:9c:34:93:
3e:01:06:2e:69:a8:ed:b3:9c:8f:68:b9:82:c9:57:82:ee:54:
f3:46:4e:75:12:3e:31:6a:45:1c:75:6f:bf:b8:56:e0:20:e3:
b4:ea:37:10:46:9d:d3:34:a8:c3:d5:10:48:9a:d5:ff:c6:6b:
3e:fd:27:b9:a7:29:e6:58:c5:19:42:41:0e:31:bb:0b:1b:e0:
0b:bd:1c:1c:cd:31:58:2d:7e:19:56:c0:6c:f2:f4:c5:ec:aa:
2e:92:6e:d1:28:1c:70:5e:bf:5a:79:2a:7e:7b:51:f9:9e:42:
64:5a:b4:8a:12:14:25:ed:df:99:08:19:db:bc:25:5f:b7:c8:
cf:a7:f5:ac:79:61:19:7f:f4:55:64:07:ac:b4:79:13:5a:5d:
ec:8d:c2:98:b3:57:42:8e:59:73:d3:d7:31:23:d3:f6:6c:b6:
55:c9:98:ef:e4:54:be:6b:08:1b:a9:ba:d8:2e:f9:5b:0a:a9:
b5:dc:ef:a0:29:19:47:12:e9:53:69:63:da:62:3f:23:67:b8:
a5:8d:9e:be:fb:40:9c:06:77:05:5d:de:0d:96:e7:23:41:4b:
88:d9:6a:64
-----BEGIN CERTIFICATE-----
MIIFljCCBH6gAwIBAgISAYVw1WVRtuCCYNs6sedS8u5gMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNjZDc2MTU5YmZkOWUzMzc1MjNlZTkzMGYzZGYxMTFkNmJh
ZTczMDYwHhcNMjMwMTAyMDQ1NTExWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYThjZjMxMjliZDQ3NWQ3ZWRiNjczMDNlMTljZDZkZmJhOTU4YzFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsugNFkO5Ti41L1qcwdUOOrVnA7pG
s/gN0o3JVeMjh9jIgEm9BicjViT2ZPDI1IZMjh//dkTDOkV0SzxrevVMJfOV1ZsY
LQVkqSBaoYeIJlUjB4UHRvTk4gNLvsfhk1RLZDGyCLB3/RXAP7axPLwmVryfnyZl
TtS9VkHy2/UQdynI546pjxw7VzeWWM2Ce7o94L26bLc+6kM+8IMqIRy5iNkIrH+L
QTiVHOnjCSogpAh5i+7lPFXgINcovRHvsp8rc/rZCTV6d0tijPc14O/5Lr2dovfo
YfoJY7gqTJwZhgrxFtdj3l+5c43yzoV+MksywzU69kgxPFqMEPuHyCSyPwIDAQAB
o4ICojCCAp4wHQYDVR0OBBYEFAqM8xKb1HXX7bZzA+Gc1t+6lYwcMB8GA1UdIwQY
MBaAFMzXYVm/2eM3Uj7pMPPfER1rrnMGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvek5kaFdiX1o0emRTUHVrdzg5OFJIV3V1Y3dZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MC9mNmFkYTEtN2U4YS00YjNlLWI3ZTgt
Zjg1ODlmNjgyNjkxLzEvQ296ekVwdlVkZGZ0dG5NRDRaelczN3FWakJ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MC9mNmFkYTEtN2U4YS00YjNlLWI3ZTgtZjg1ODlmNjgyNjkx
LzEvek5kaFdiX1o0emRTUHVrdzg5OFJIV3V1Y3dZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG3BggrBgEFBQcBBwEB/wSBpzCBpDCBoQQCAAIwgZoDBQEq
BnfGAwUDKgkaAAMFASoJOoYDBQEqCUKGAwUBKglEhgMFAyoJWQADBQMqCWUAAwUB
Kgl4hgMFASoJe4YDBQEqCZOGAwUBKgmZhgMFAyoJqAADBQEqCa+GAwUBKgnnBgMF
AyoNwcADBQMqDcxAAwUDKg3iQAMFASoOGcYDBQEqDktGAwUBKg7EhgMFASoO5oYD
BQEqD7dGMA0GCSqGSIb3DQEBCwUAA4IBAQCW1jlCB8OWcaK6u+qjr1ZtQCTE1GwR
6pgn0XBepIQMwlycNJM+AQYuaajts5yPaLmCyVeC7lTzRk51Ej4xakUcdW+/uFbg
IOO06jcQRp3TNKjD1RBImtX/xms+/Se5pynmWMUZQkEOMbsLG+ALvRwczTFYLX4Z
VsBs8vTF7Koukm7RKBxwXr9aeSp+e1H5nkJkWrSKEhQl7d+ZCBnbvCVft8jPp/Ws
eWEZf/RVZAestHkTWl3sjcKYs1dCjllz09cxI9P2bLZVyZjv5FS+awgbqbrYLvlb
Cqm13O+gKRlHEulTaWPaYj8jZ7iljZ6++0CcBncFXd4NlucjQUuI2Wpk
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:17 2024 by rpki-client on console-fra.rpki-client.org