Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/G2kUM48itin2HXwnu1OgWKpSfAg.roa
File: G2kUM48itin2HXwnu1OgWKpSfAg.roa (raw, json)
Hash identifier: /meAWA2Kcvph18l8WpLQvgWK5lsMXc85am/zTUfC46M=
Subject key identifier: 1B:69:14:33:8F:22:B6:29:F6:1D:7C:27:BB:53:A0:58:AA:52:7C:08
Certificate issuer: /CN=ccd76159bfd9e337523ee930f3df111d6bae7306
Certificate serial: 01838836659A054CFAD26BE8BCA7233B150E
Authority key identifier: CC:D7:61:59:BF:D9:E3:37:52:3E:E9:30:F3:DF:11:1D:6B:AE:73:06
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zNdhWb_Z4zdSPukw898RHWuucwY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/G2kUM48itin2HXwnu1OgWKpSfAg.roa
Signing time: Thu 29 Sep 2022 07:46:49 +0000
ROA not before: Thu 29 Sep 2022 07:46:49 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 204339
IP address blocks: 2a0d:e244::/30 maxlen: 30
2a09:5904::/30 maxlen: 30
2a09:1a04::/30 maxlen: 30
2a09:af86::/32 maxlen: 32
2a0d:c1c0::/30 maxlen: 30
2a0e:19c6::/32 maxlen: 32
2a0e:c486::/32 maxlen: 32
2a09:7b86::/32 maxlen: 32
2a09:a800::/30 maxlen: 30
2a0d:cc44::/30 maxlen: 30
2a0e:c487::/32 maxlen: 32
2a09:7b87::/32 maxlen: 32
2a0e:4b46::/32 maxlen: 32
2a0e:19c7::/32 maxlen: 32
2a09:af87::/32 maxlen: 32
2a09:9386::/32 maxlen: 32
2a0f:b747::/32 maxlen: 32
2a09:6504::/30 maxlen: 30
2a09:9987::/32 maxlen: 32
2a09:3a87::/32 maxlen: 32
2a0e:e686::/32 maxlen: 32
2a09:e707::/32 maxlen: 32
2a09:4487::/32 maxlen: 32
2a09:7887::/32 maxlen: 32
2a06:77c7::/32 maxlen: 32
2a09:4286::/32 maxlen: 32
2a0d:cc40::/30 maxlen: 30
2a09:4287::/32 maxlen: 32
2a06:77c6::/32 maxlen: 32
2a0d:c1c4::/30 maxlen: 30
2a0d:e240::/30 maxlen: 30
2a09:1a00::/30 maxlen: 30
2a09:5900::/30 maxlen: 30
2a09:3a86::/32 maxlen: 32
2a09:7886::/32 maxlen: 32
2a09:6500::/30 maxlen: 30
2a09:e706::/32 maxlen: 32
2a09:4486::/32 maxlen: 32
2a0f:b746::/32 maxlen: 32
2a09:9387::/32 maxlen: 32
2a09:a804::/30 maxlen: 30
2a0e:e687::/32 maxlen: 32
2a0e:4b47::/32 maxlen: 32
2a09:9986::/32 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:88:36:65:9a:05:4c:fa:d2:6b:e8:bc:a7:23:3b:15:0e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ccd76159bfd9e337523ee930f3df111d6bae7306
Validity
Not Before: Sep 29 07:46:49 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=1b6914338f22b629f61d7c27bb53a058aa527c08
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:89:cc:fe:70:d5:2f:58:f4:8b:27:5c:54:c7:
64:f1:02:79:d9:e3:be:2b:39:a7:ca:f8:48:fc:c9:
f5:17:97:e3:cf:f5:63:59:21:3a:83:09:d0:15:fe:
79:ff:44:0f:f3:b4:eb:ce:c1:c3:ab:1a:0b:aa:b4:
05:2b:f0:9a:67:eb:c5:63:8e:7c:88:4e:4f:1d:e6:
d3:0a:20:71:83:73:89:ef:ad:c4:83:ca:04:a7:33:
b1:70:cb:96:45:30:b3:a9:05:a8:31:50:44:db:01:
82:7c:6c:5e:67:cf:7e:38:db:a8:35:40:33:74:e2:
7c:7b:71:4c:7a:e6:30:10:62:f6:9f:6b:ab:a2:62:
8f:65:a6:5a:69:64:5c:7c:93:87:d8:d7:82:3e:08:
53:12:8b:12:72:48:a1:58:d0:47:df:cf:ce:91:81:
24:c4:1e:39:97:ff:88:cb:f0:74:43:47:47:5b:61:
70:0e:65:7d:08:19:fb:cd:c7:51:02:f0:7b:31:85:
c8:64:e3:7e:26:fd:bb:17:59:f8:52:7c:05:b6:34:
1d:e5:9b:65:d7:f0:52:86:a8:ea:00:46:bc:c3:3e:
fb:04:81:17:c1:1a:f5:57:eb:cf:eb:59:9e:89:85:
35:6c:14:c4:31:99:a6:14:27:ad:e5:25:13:93:63:
b5:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:69:14:33:8F:22:B6:29:F6:1D:7C:27:BB:53:A0:58:AA:52:7C:08
X509v3 Authority Key Identifier:
keyid:CC:D7:61:59:BF:D9:E3:37:52:3E:E9:30:F3:DF:11:1D:6B:AE:73:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zNdhWb_Z4zdSPukw898RHWuucwY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/G2kUM48itin2HXwnu1OgWKpSfAg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/zNdhWb_Z4zdSPukw898RHWuucwY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:77c6::/31
2a09:1a00::/29
2a09:3a86::/31
2a09:4286::/31
2a09:4486::/31
2a09:5900::/29
2a09:6500::/29
2a09:7886::/31
2a09:7b86::/31
2a09:9386::/31
2a09:9986::/31
2a09:a800::/29
2a09:af86::/31
2a09:e706::/31
2a0d:c1c0::/29
2a0d:cc40::/29
2a0d:e240::/29
2a0e:19c6::/31
2a0e:4b46::/31
2a0e:c486::/31
2a0e:e686::/31
2a0f:b746::/31
Signature Algorithm: sha256WithRSAEncryption
0c:8d:4c:0f:e8:e7:21:4a:68:6c:7f:be:ec:d7:bd:5b:00:b4:
d6:47:2a:20:f7:24:88:a5:7d:3a:a9:34:cc:29:a4:c5:a5:26:
3f:ef:f4:5b:ff:bc:53:62:d3:f6:95:1e:f0:c7:d1:81:33:e3:
57:33:ac:37:99:cb:c2:7f:6d:17:74:0a:52:38:91:b8:7f:cc:
c2:de:1e:42:d6:d8:c5:12:30:42:75:d6:19:36:06:52:80:e1:
00:15:bc:66:12:8d:e1:91:7e:7d:58:71:3a:75:aa:47:cf:3f:
c5:af:30:7d:48:7f:a5:08:be:52:ea:fe:96:74:3d:31:b9:ef:
59:cb:dd:3f:8f:57:37:ef:8d:bc:b0:77:5a:cd:9c:a7:c2:23:
cd:71:0d:32:9e:f7:41:69:13:b3:c1:cf:7f:f7:63:66:23:12:
9f:35:41:95:56:b3:91:ae:fd:5f:37:a4:b2:fe:9a:44:d6:7b:
5c:c2:f7:15:df:0e:10:57:63:0e:3c:1c:49:db:dd:89:a2:6b:
d4:bd:a8:f1:8c:d1:34:9b:6d:54:1a:53:c5:73:85:53:08:11:
ed:37:b2:e6:40:06:29:95:e7:06:e5:24:5f:32:cb:43:f0:62:
7b:67:01:7b:c7:dc:90:13:5a:b0:39:d8:13:60:9f:f0:b6:1c:
9d:0e:28:60
-----BEGIN CERTIFICATE-----
MIIFljCCBH6gAwIBAgISAYOINmWaBUz60mvovKcjOxUOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNjZDc2MTU5YmZkOWUzMzc1MjNlZTkzMGYzZGYxMTFkNmJh
ZTczMDYwHhcNMjIwOTI5MDc0NjQ5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYjY5MTQzMzhmMjJiNjI5ZjYxZDdjMjdiYjUzYTA1OGFhNTI3YzA4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmInM/nDVL1j0iydcVMdk8QJ52eO+
KzmnyvhI/Mn1F5fjz/VjWSE6gwnQFf55/0QP87TrzsHDqxoLqrQFK/CaZ+vFY458
iE5PHebTCiBxg3OJ763Eg8oEpzOxcMuWRTCzqQWoMVBE2wGCfGxeZ89+ONuoNUAz
dOJ8e3FMeuYwEGL2n2uromKPZaZaaWRcfJOH2NeCPghTEosSckihWNBH38/OkYEk
xB45l/+Iy/B0Q0dHW2FwDmV9CBn7zcdRAvB7MYXIZON+Jv27F1n4UnwFtjQd5Ztl
1/BShqjqAEa8wz77BIEXwRr1V+vP61meiYU1bBTEMZmmFCet5SUTk2O1ZwIDAQAB
o4ICojCCAp4wHQYDVR0OBBYEFBtpFDOPIrYp9h18J7tToFiqUnwIMB8GA1UdIwQY
MBaAFMzXYVm/2eM3Uj7pMPPfER1rrnMGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvek5kaFdiX1o0emRTUHVrdzg5OFJIV3V1Y3dZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MC9mNmFkYTEtN2U4YS00YjNlLWI3ZTgt
Zjg1ODlmNjgyNjkxLzEvRzJrVU00OGl0aW4ySFh3bnUxT2dXS3BTZkFnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MC9mNmFkYTEtN2U4YS00YjNlLWI3ZTgtZjg1ODlmNjgyNjkx
LzEvek5kaFdiX1o0emRTUHVrdzg5OFJIV3V1Y3dZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG3BggrBgEFBQcBBwEB/wSBpzCBpDCBoQQCAAIwgZoDBQEq
BnfGAwUDKgkaAAMFASoJOoYDBQEqCUKGAwUBKglEhgMFAyoJWQADBQMqCWUAAwUB
Kgl4hgMFASoJe4YDBQEqCZOGAwUBKgmZhgMFAyoJqAADBQEqCa+GAwUBKgnnBgMF
AyoNwcADBQMqDcxAAwUDKg3iQAMFASoOGcYDBQEqDktGAwUBKg7EhgMFASoO5oYD
BQEqD7dGMA0GCSqGSIb3DQEBCwUAA4IBAQAMjUwP6OchSmhsf77s171bALTWRyog
9ySIpX06qTTMKaTFpSY/7/Rb/7xTYtP2lR7wx9GBM+NXM6w3mcvCf20XdApSOJG4
f8zC3h5C1tjFEjBCddYZNgZSgOEAFbxmEo3hkX59WHE6dapHzz/FrzB9SH+lCL5S
6v6WdD0xue9Zy90/j1c37428sHdazZynwiPNcQ0ynvdBaROzwc9/92NmIxKfNUGV
VrORrv1fN6Sy/ppE1ntcwvcV3w4QV2MOPBxJ292JomvUvajxjNE0m21UGlPFc4VT
CBHtN7LmQAYplecG5SRfMstD8GJ7ZwF7x9yQE1qwOdgTYJ/wthydDihg
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:08:46 2024 by rpki-client on console-ams.rpki-client.org