Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/Kzva28f-7NKC4EwCgcJGGGf1xqI.roa
File: Kzva28f-7NKC4EwCgcJGGGf1xqI.roa (raw, json)
Hash identifier: ++yIPnJ1t/WvpPZF/pgeW4FIK8koSNzQWoqGSXOuXTo=
Subject key identifier: 2B:3B:DA:DB:C7:FE:EC:D2:82:E0:4C:02:81:C2:46:18:67:F5:C6:A2
Certificate issuer: /CN=ccd76159bfd9e337523ee930f3df111d6bae7306
Certificate serial: 018699A6BA8D0D060CA267E59B202C976A39
Authority key identifier: CC:D7:61:59:BF:D9:E3:37:52:3E:E9:30:F3:DF:11:1D:6B:AE:73:06
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zNdhWb_Z4zdSPukw898RHWuucwY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/Kzva28f-7NKC4EwCgcJGGGf1xqI.roa
Signing time: Tue 28 Feb 2023 20:11:25 +0000
ROA not before: Tue 28 Feb 2023 20:11:25 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204339
IP address blocks: 2a0d:e244::/30 maxlen: 30
2a09:af86::/32 maxlen: 32
2a0d:c1c0::/30 maxlen: 30
2a0e:19c6::/32 maxlen: 32
2a0e:c486::/32 maxlen: 32
2a09:7b86::/32 maxlen: 32
2a09:a800::/30 maxlen: 30
2a0d:cc44::/30 maxlen: 30
2a0e:c487::/32 maxlen: 32
2a09:7b87::/32 maxlen: 32
2a0e:4b46::/32 maxlen: 32
2a0e:19c7::/32 maxlen: 32
2a09:af87::/32 maxlen: 32
2a09:9386::/32 maxlen: 32
2a0f:b747::/32 maxlen: 32
2a09:6504::/30 maxlen: 30
2a09:9987::/32 maxlen: 32
2a09:3a87::/32 maxlen: 32
2a0e:e686::/32 maxlen: 32
2a09:e707::/32 maxlen: 32
2a09:4487::/32 maxlen: 32
2a09:7887::/32 maxlen: 32
2a06:77c7::/32 maxlen: 32
2a09:4286::/32 maxlen: 32
2a0d:cc40::/30 maxlen: 30
2a09:4287::/32 maxlen: 32
2a06:77c6::/32 maxlen: 32
2a0d:c1c4::/30 maxlen: 30
2a0d:e240::/30 maxlen: 30
2a09:3a86::/32 maxlen: 32
2a09:7886::/32 maxlen: 32
2a09:6500::/30 maxlen: 30
2a09:e706::/32 maxlen: 32
2a09:4486::/32 maxlen: 32
2a0f:b746::/32 maxlen: 32
2a09:9387::/32 maxlen: 32
2a09:a804::/30 maxlen: 30
2a0e:e687::/32 maxlen: 32
2a0e:4b47::/32 maxlen: 32
2a09:9986::/32 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:99:a6:ba:8d:0d:06:0c:a2:67:e5:9b:20:2c:97:6a:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ccd76159bfd9e337523ee930f3df111d6bae7306
Validity
Not Before: Feb 28 20:11:25 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2b3bdadbc7feecd282e04c0281c2461867f5c6a2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:97:ef:0f:95:94:ca:64:a4:93:eb:f7:9b:f1:
72:c9:7d:33:f9:b2:ef:70:25:97:5f:33:10:6c:f5:
97:ab:b3:99:e3:ec:6c:34:b0:5a:cf:dc:93:36:03:
dc:3f:7b:20:dc:75:e4:0d:a0:e9:78:d0:cc:0f:cf:
7f:33:7a:77:89:25:5e:5b:37:88:c1:54:88:f9:ad:
f4:dc:90:9a:89:1b:14:7f:c1:00:9f:a6:d7:a3:b1:
56:b7:84:ea:93:fe:a1:a8:ba:19:5a:53:3e:ae:90:
94:fa:9b:74:36:8d:5a:0b:f2:39:bf:55:e3:88:80:
e1:7b:d7:37:ba:ca:91:60:fd:95:ee:9c:21:bc:7e:
04:cf:fb:64:65:2b:32:b5:08:17:d6:25:1d:c9:c4:
2b:3d:0c:dd:0c:0a:72:f3:ac:06:17:df:e8:5c:45:
55:bf:17:21:98:5d:b5:65:49:8f:61:ff:8f:05:a0:
6d:29:fb:d9:2f:5d:54:bc:97:69:08:84:86:84:05:
68:22:03:e2:54:2b:83:05:8b:b2:e1:cb:7e:85:9d:
e4:9b:48:1a:19:3a:23:e4:83:96:f4:e2:dc:ba:27:
38:1f:66:39:a6:6c:65:9e:2b:73:85:31:01:4b:b0:
78:d7:bf:f4:ba:2d:87:46:a6:c4:3f:a2:f3:9c:12:
a8:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:3B:DA:DB:C7:FE:EC:D2:82:E0:4C:02:81:C2:46:18:67:F5:C6:A2
X509v3 Authority Key Identifier:
keyid:CC:D7:61:59:BF:D9:E3:37:52:3E:E9:30:F3:DF:11:1D:6B:AE:73:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zNdhWb_Z4zdSPukw898RHWuucwY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/Kzva28f-7NKC4EwCgcJGGGf1xqI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/zNdhWb_Z4zdSPukw898RHWuucwY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:77c6::/31
2a09:3a86::/31
2a09:4286::/31
2a09:4486::/31
2a09:6500::/29
2a09:7886::/31
2a09:7b86::/31
2a09:9386::/31
2a09:9986::/31
2a09:a800::/29
2a09:af86::/31
2a09:e706::/31
2a0d:c1c0::/29
2a0d:cc40::/29
2a0d:e240::/29
2a0e:19c6::/31
2a0e:4b46::/31
2a0e:c486::/31
2a0e:e686::/31
2a0f:b746::/31
Signature Algorithm: sha256WithRSAEncryption
30:97:3a:74:16:ed:51:59:91:e3:da:4a:09:de:c8:9b:d8:99:
7c:13:ca:1b:35:28:a0:d4:02:9e:f5:c0:f9:e3:09:83:bf:a6:
65:cc:3e:e9:11:ba:1e:d3:3f:2a:0c:d2:e8:d4:dc:8d:90:6c:
38:1d:ac:03:97:0c:01:48:65:9d:f3:73:7c:1f:5a:90:66:fe:
7b:32:74:b1:62:cd:74:a4:82:1a:97:00:2f:f9:50:54:95:40:
97:18:9a:54:8d:a8:3b:6f:f1:7b:fc:e5:79:2a:36:63:e7:3f:
aa:e8:86:4f:aa:cd:24:22:ee:91:9d:8d:95:47:6e:53:23:10:
df:83:25:21:cd:8a:0c:65:79:65:cb:fa:b5:9c:08:4b:db:c3:
b1:48:c2:c8:55:cb:12:f3:fb:98:79:cf:5a:ed:57:00:47:2c:
c0:a8:ec:5b:da:06:8c:86:39:cb:09:79:6d:f8:ca:62:59:9b:
e1:1f:14:65:67:c2:4f:0a:2c:bc:98:7e:f6:e5:74:34:08:a1:
90:04:e0:aa:ef:dc:11:61:4d:cc:40:70:09:f5:82:a3:a3:8a:
f1:a0:97:f6:ff:96:d9:73:4d:b9:2a:03:50:62:5a:79:a4:44:
45:23:10:84:b1:ff:52:b9:56:41:ad:aa:cd:94:ef:39:79:19:
a7:2a:ff:75
-----BEGIN CERTIFICATE-----
MIIFiDCCBHCgAwIBAgISAYaZprqNDQYMomflmyAsl2o5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNjZDc2MTU5YmZkOWUzMzc1MjNlZTkzMGYzZGYxMTFkNmJh
ZTczMDYwHhcNMjMwMjI4MjAxMTI1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYjNiZGFkYmM3ZmVlY2QyODJlMDRjMDI4MWMyNDYxODY3ZjVjNmEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhZfvD5WUymSkk+v3m/FyyX0z+bLv
cCWXXzMQbPWXq7OZ4+xsNLBaz9yTNgPcP3sg3HXkDaDpeNDMD89/M3p3iSVeWzeI
wVSI+a303JCaiRsUf8EAn6bXo7FWt4Tqk/6hqLoZWlM+rpCU+pt0No1aC/I5v1Xj
iIDhe9c3usqRYP2V7pwhvH4Ez/tkZSsytQgX1iUdycQrPQzdDApy86wGF9/oXEVV
vxchmF21ZUmPYf+PBaBtKfvZL11UvJdpCISGhAVoIgPiVCuDBYuy4ct+hZ3km0ga
GToj5IOW9OLcuic4H2Y5pmxlnitzhTEBS7B417/0ui2HRqbEP6LznBKoJwIDAQAB
o4IClDCCApAwHQYDVR0OBBYEFCs72tvH/uzSguBMAoHCRhhn9caiMB8GA1UdIwQY
MBaAFMzXYVm/2eM3Uj7pMPPfER1rrnMGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvek5kaFdiX1o0emRTUHVrdzg5OFJIV3V1Y3dZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MC9mNmFkYTEtN2U4YS00YjNlLWI3ZTgt
Zjg1ODlmNjgyNjkxLzEvS3p2YTI4Zi03TktDNEV3Q2djSkdHR2YxeHFJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MC9mNmFkYTEtN2U4YS00YjNlLWI3ZTgtZjg1ODlmNjgyNjkx
LzEvek5kaFdiX1o0emRTUHVrdzg5OFJIV3V1Y3dZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGpBggrBgEFBQcBBwEB/wSBmTCBljCBkwQCAAIwgYwDBQEq
BnfGAwUBKgk6hgMFASoJQoYDBQEqCUSGAwUDKgllAAMFASoJeIYDBQEqCXuGAwUB
KgmThgMFASoJmYYDBQMqCagAAwUBKgmvhgMFASoJ5wYDBQMqDcHAAwUDKg3MQAMF
AyoN4kADBQEqDhnGAwUBKg5LRgMFASoOxIYDBQEqDuaGAwUBKg+3RjANBgkqhkiG
9w0BAQsFAAOCAQEAMJc6dBbtUVmR49pKCd7Im9iZfBPKGzUooNQCnvXA+eMJg7+m
Zcw+6RG6HtM/KgzS6NTcjZBsOB2sA5cMAUhlnfNzfB9akGb+ezJ0sWLNdKSCGpcA
L/lQVJVAlxiaVI2oO2/xe/zleSo2Y+c/quiGT6rNJCLukZ2NlUduUyMQ34MlIc2K
DGV5Zcv6tZwIS9vDsUjCyFXLEvP7mHnPWu1XAEcswKjsW9oGjIY5ywl5bfjKYlmb
4R8UZWfCTwosvJh+9uV0NAihkATgqu/cEWFNzEBwCfWCo6OK8aCX9v+W2XNNuSoD
UGJaeaRERSMQhLH/UrlWQa2qzZTvOXkZpyr/dQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:08:46 2024 by rpki-client on console-ams.rpki-client.org