Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/ER3ysovvwfYJaTvk0b1deRJ91KU.roa
File: ER3ysovvwfYJaTvk0b1deRJ91KU.roa (raw, json)
Hash identifier: VYEJsOByPnV34Scxho4l/yfPpQsMrZHo/0Cy1JDQz3k=
Subject key identifier: 11:1D:F2:B2:8B:EF:C1:F6:09:69:3B:E4:D1:BD:5D:79:12:7D:D4:A5
Certificate issuer: /CN=ccd76159bfd9e337523ee930f3df111d6bae7306
Certificate serial: 0182E3D3E88D06E45C46EE45B11B7D16EEF4
Authority key identifier: CC:D7:61:59:BF:D9:E3:37:52:3E:E9:30:F3:DF:11:1D:6B:AE:73:06
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zNdhWb_Z4zdSPukw898RHWuucwY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/ER3ysovvwfYJaTvk0b1deRJ91KU.roa
Signing time: Sun 28 Aug 2022 09:41:31 +0000
ROA not before: Sun 28 Aug 2022 09:41:31 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 12608
IP address blocks: 2a0d:b844::/30 maxlen: 30
2a09:4300::/30 maxlen: 30
2a09:e00::/30 maxlen: 30
2a09:4304::/30 maxlen: 30
2a0d:f144::/30 maxlen: 30
2a0d:f140::/30 maxlen: 30
2a0d:c100::/30 maxlen: 30
2a09:9604::/30 maxlen: 30
2a09:5400::/30 maxlen: 30
2a0d:f5c4::/30 maxlen: 30
2a0d:d3c0::/30 maxlen: 30
2a0d:e340::/30 maxlen: 30
2a09:e04::/30 maxlen: 30
2a09:2d04::/30 maxlen: 30
2a09:1804::/30 maxlen: 30
2a0d:afc0::/30 maxlen: 30
2a0d:afc4::/30 maxlen: 30
2a09:2d00::/30 maxlen: 30
2a09:9600::/30 maxlen: 30
2a09:1800::/30 maxlen: 30
2a09:5404::/30 maxlen: 30
2a0d:e344::/30 maxlen: 30
2a0d:c104::/30 maxlen: 30
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:e3:d3:e8:8d:06:e4:5c:46:ee:45:b1:1b:7d:16:ee:f4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ccd76159bfd9e337523ee930f3df111d6bae7306
Validity
Not Before: Aug 28 09:41:31 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=111df2b28befc1f609693be4d1bd5d79127dd4a5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:18:17:e9:7a:d6:28:ad:a7:ce:32:28:ca:22:
af:fc:0c:8d:bb:55:45:f2:59:11:0f:4f:da:69:47:
02:f2:d2:ec:f7:2a:ec:ec:1c:65:98:92:68:0e:8d:
3f:18:7d:a4:a1:29:be:47:ab:e2:90:f7:5e:0d:fc:
4f:d4:e6:4f:6a:a5:29:e2:55:20:d1:7c:72:0e:65:
24:ed:e9:d9:2c:3c:28:ae:db:a3:c7:7b:e8:b0:af:
40:0f:65:7a:c1:68:cb:06:32:bc:8d:ee:64:46:43:
e3:18:70:28:98:ba:23:2c:4a:5a:31:19:58:5d:46:
e4:42:81:e4:75:57:b1:66:91:f9:f2:a6:49:53:64:
6e:0b:80:9e:39:56:8b:c0:4f:25:0b:37:59:e9:4b:
75:cb:06:7f:d4:7d:bf:49:5f:ad:2c:92:31:8f:50:
97:54:c2:25:47:b8:64:58:c7:45:cb:c7:51:be:ee:
e5:24:e9:10:72:95:f7:be:b1:d2:6c:c3:b0:ad:1d:
05:c2:69:66:3c:f1:07:27:c9:a2:04:99:45:13:5d:
3a:75:87:41:8a:ec:15:b9:ac:c8:51:27:f5:de:40:
0d:36:05:c9:56:7b:35:37:95:18:66:a9:6e:78:99:
34:97:38:ba:68:b9:93:6f:c4:b3:fb:e4:8d:cf:90:
df:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:1D:F2:B2:8B:EF:C1:F6:09:69:3B:E4:D1:BD:5D:79:12:7D:D4:A5
X509v3 Authority Key Identifier:
keyid:CC:D7:61:59:BF:D9:E3:37:52:3E:E9:30:F3:DF:11:1D:6B:AE:73:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zNdhWb_Z4zdSPukw898RHWuucwY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/ER3ysovvwfYJaTvk0b1deRJ91KU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/zNdhWb_Z4zdSPukw898RHWuucwY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a09:e00::/29
2a09:1800::/29
2a09:2d00::/29
2a09:4300::/29
2a09:5400::/29
2a09:9600::/29
2a0d:afc0::/29
2a0d:b844::/30
2a0d:c100::/29
2a0d:d3c0::/30
2a0d:e340::/29
2a0d:f140::/29
2a0d:f5c4::/30
Signature Algorithm: sha256WithRSAEncryption
70:e9:a3:00:fc:87:2f:92:9b:3f:01:ed:ba:e5:c4:ea:4e:bc:
77:a6:ad:a3:b6:b2:57:26:e2:f4:55:74:93:9d:d5:fb:61:5a:
74:34:b8:9e:82:43:ac:7d:ef:fe:c1:4b:68:b1:69:c5:80:d1:
2a:8e:d3:64:aa:e2:9b:cf:06:90:1b:24:0d:7a:3d:a2:4e:02:
0c:57:f3:3b:3e:20:a3:06:6e:97:4f:8e:dc:cf:27:9f:cb:b8:
b8:49:e9:c3:d7:b6:fa:a5:eb:ad:e1:04:36:04:94:57:a5:7a:
38:23:25:fd:f6:98:7f:3e:bf:b9:13:4a:1c:a0:93:ca:54:c2:
68:9e:d2:ed:a7:b5:e1:be:0f:b9:6a:2d:7e:00:96:75:7f:04:
fc:18:6a:ef:44:37:c9:ac:21:13:14:a7:f5:df:2c:8d:20:40:
f2:87:51:b7:65:c5:e6:92:98:5e:9f:f5:b2:48:2f:82:50:c1:
be:01:1b:e1:69:f1:fb:0b:2b:bb:30:a4:b1:df:f0:bf:36:1a:
d4:67:46:a5:17:4d:42:d8:36:16:af:6e:1f:e7:61:e1:18:79:
5a:a4:98:c5:60:a5:f0:b0:15:db:8f:de:d0:11:e1:a6:09:c2:
03:b6:7c:0e:f2:4a:94:17:a0:7a:ce:15:17:37:e4:77:3a:dc:
a9:94:a9:56
-----BEGIN CERTIFICATE-----
MIIFUjCCBDqgAwIBAgISAYLj0+iNBuRcRu5FsRt9Fu70MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNjZDc2MTU5YmZkOWUzMzc1MjNlZTkzMGYzZGYxMTFkNmJh
ZTczMDYwHhcNMjIwODI4MDk0MTMxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMTFkZjJiMjhiZWZjMWY2MDk2OTNiZTRkMWJkNWQ3OTEyN2RkNGE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlxgX6XrWKK2nzjIoyiKv/AyNu1VF
8lkRD0/aaUcC8tLs9yrs7BxlmJJoDo0/GH2koSm+R6vikPdeDfxP1OZPaqUp4lUg
0XxyDmUk7enZLDwortujx3vosK9AD2V6wWjLBjK8je5kRkPjGHAomLojLEpaMRlY
XUbkQoHkdVexZpH58qZJU2RuC4CeOVaLwE8lCzdZ6Ut1ywZ/1H2/SV+tLJIxj1CX
VMIlR7hkWMdFy8dRvu7lJOkQcpX3vrHSbMOwrR0FwmlmPPEHJ8miBJlFE106dYdB
iuwVuazIUSf13kANNgXJVns1N5UYZqlueJk0lzi6aLmTb8Sz++SNz5DfQwIDAQAB
o4ICXjCCAlowHQYDVR0OBBYEFBEd8rKL78H2CWk75NG9XXkSfdSlMB8GA1UdIwQY
MBaAFMzXYVm/2eM3Uj7pMPPfER1rrnMGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvek5kaFdiX1o0emRTUHVrdzg5OFJIV3V1Y3dZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MC9mNmFkYTEtN2U4YS00YjNlLWI3ZTgt
Zjg1ODlmNjgyNjkxLzEvRVIzeXNvdnZ3ZllKYVR2azBiMWRlUko5MUtVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MC9mNmFkYTEtN2U4YS00YjNlLWI3ZTgtZjg1ODlmNjgyNjkx
LzEvek5kaFdiX1o0emRTUHVrdzg5OFJIV3V1Y3dZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHQGCCsGAQUFBwEHAQH/BGUwYzBhBAIAAjBbAwUDKgkOAAMF
AyoJGAADBQMqCS0AAwUDKglDAAMFAyoJVAADBQMqCZYAAwUDKg2vwAMFAioNuEQD
BQMqDcEAAwUCKg3TwAMFAyoN40ADBQMqDfFAAwUCKg31xDANBgkqhkiG9w0BAQsF
AAOCAQEAcOmjAPyHL5KbPwHtuuXE6k68d6ato7ayVybi9FV0k53V+2FadDS4noJD
rH3v/sFLaLFpxYDRKo7TZKrim88GkBskDXo9ok4CDFfzOz4gowZul0+O3M8nn8u4
uEnpw9e2+qXrreEENgSUV6V6OCMl/faYfz6/uRNKHKCTylTCaJ7S7ae14b4PuWot
fgCWdX8E/Bhq70Q3yawhExSn9d8sjSBA8odRt2XF5pKYXp/1skgvglDBvgEb4Wnx
+wsruzCksd/wvzYa1GdGpRdNQtg2Fq9uH+dh4Rh5WqSYxWCl8LAV24/e0BHhpgnC
A7Z8DvJKlBeges4VFzfkdzrcqZSpVg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:17 2024 by rpki-client on console-fra.rpki-client.org