Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/M3ltTeDxAUUDyqt95X6mC7S-iq8.roa
File: M3ltTeDxAUUDyqt95X6mC7S-iq8.roa (raw, json)
Hash identifier: xSQZ3/ASHiXTvhjxk7SC1RK5h5bn4bFtTuz+PdBqPS4=
Subject key identifier: 33:79:6D:4D:E0:F1:01:45:03:CA:AB:7D:E5:7E:A6:0B:B4:BE:8A:AF
Certificate issuer: /CN=ccd76159bfd9e337523ee930f3df111d6bae7306
Certificate serial: 018699C4EFFA6818508492AE813F62A45E77
Authority key identifier: CC:D7:61:59:BF:D9:E3:37:52:3E:E9:30:F3:DF:11:1D:6B:AE:73:06
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zNdhWb_Z4zdSPukw898RHWuucwY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/M3ltTeDxAUUDyqt95X6mC7S-iq8.roa
Signing time: Tue 28 Feb 2023 20:44:25 +0000
ROA not before: Tue 28 Feb 2023 20:44:25 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203629
IP address blocks: 2a09:e704::/32 maxlen: 32
2a09:4484::/32 maxlen: 32
2a09:9384::/32 maxlen: 32
2a09:9985::/32 maxlen: 32
2a09:3a84::/32 maxlen: 32
2a09:af85::/32 maxlen: 32
2a09:e705::/32 maxlen: 32
2a09:4485::/32 maxlen: 32
2a09:9984::/32 maxlen: 32
2a0e:e685::/32 maxlen: 32
2a09:9385::/32 maxlen: 32
2a09:af84::/32 maxlen: 32
2a09:3a85::/32 maxlen: 32
2a09:7b84::/32 maxlen: 32
2a0e:c484::/32 maxlen: 32
2a09:4284::/32 maxlen: 32
2a09:7885::/32 maxlen: 32
2a06:77c5::/32 maxlen: 32
2a09:7b85::/32 maxlen: 32
2a0e:c485::/32 maxlen: 32
2a06:77c4::/32 maxlen: 32
2a09:4285::/32 maxlen: 32
2a09:7884::/32 maxlen: 32
2a0e:e684::/32 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:99:c4:ef:fa:68:18:50:84:92:ae:81:3f:62:a4:5e:77
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ccd76159bfd9e337523ee930f3df111d6bae7306
Validity
Not Before: Feb 28 20:44:25 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=33796d4de0f1014503caab7de57ea60bb4be8aaf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:01:02:2e:96:36:e3:96:31:eb:38:88:fd:0f:
f5:fd:6b:83:85:07:d1:6d:3d:89:e6:5e:14:c5:16:
af:90:78:11:06:5f:67:44:ae:29:a3:6d:ae:c6:af:
92:9a:c3:47:a1:da:fa:c0:c8:a3:db:9b:06:60:2d:
1e:13:d6:45:58:38:b0:02:01:08:14:55:29:41:e7:
a0:36:56:0a:c0:8c:12:85:0e:25:5e:da:36:f1:c1:
c9:03:fa:13:3a:ba:db:36:c1:a9:67:98:0c:d4:2b:
04:15:b9:a4:04:c8:bf:fd:f6:c6:d8:8d:0a:e5:b5:
6b:3c:d3:7b:72:f9:6d:29:07:40:9c:81:b7:60:df:
51:ae:3b:dc:fc:fb:93:54:5c:e5:0d:4c:9b:66:a6:
cb:d4:43:20:cd:ab:03:4b:6f:51:21:ef:1b:18:77:
e7:f9:15:15:08:30:a9:b8:30:b4:2b:4d:66:8b:9b:
ff:1b:f6:73:31:90:64:d8:45:6f:23:7e:58:ef:de:
c9:26:63:bd:73:fb:77:2b:59:2b:f0:ad:78:c6:59:
b7:9a:34:34:e1:a0:68:e9:e4:c9:8a:ad:cd:fc:4e:
6c:ed:ec:68:99:4a:1f:a1:03:65:27:d3:34:07:f8:
01:aa:cc:ec:dd:30:c4:f2:3a:4a:a2:10:39:c6:ee:
c4:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:79:6D:4D:E0:F1:01:45:03:CA:AB:7D:E5:7E:A6:0B:B4:BE:8A:AF
X509v3 Authority Key Identifier:
keyid:CC:D7:61:59:BF:D9:E3:37:52:3E:E9:30:F3:DF:11:1D:6B:AE:73:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zNdhWb_Z4zdSPukw898RHWuucwY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/M3ltTeDxAUUDyqt95X6mC7S-iq8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/zNdhWb_Z4zdSPukw898RHWuucwY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:77c4::/31
2a09:3a84::/31
2a09:4284::/31
2a09:4484::/31
2a09:7884::/31
2a09:7b84::/31
2a09:9384::/31
2a09:9984::/31
2a09:af84::/31
2a09:e704::/31
2a0e:c484::/31
2a0e:e684::/31
Signature Algorithm: sha256WithRSAEncryption
0a:12:23:be:f4:63:9e:8d:9b:e8:8f:34:c8:6c:55:2e:fb:6c:
32:91:11:fc:84:12:31:04:14:ab:1c:7f:8c:92:0f:86:3c:43:
5b:69:15:e6:dc:29:d5:4c:31:43:59:ad:84:3a:ad:f3:7d:a4:
3d:36:3f:26:84:e0:87:4a:6d:ed:d4:09:70:59:66:4d:82:e9:
43:78:f2:f8:a5:9f:0b:c0:89:ef:7a:86:62:fb:01:22:0e:c9:
3b:58:a2:91:d9:3c:7b:99:e3:75:1d:06:73:95:9f:2e:8c:a6:
46:77:f4:84:15:da:80:5c:c6:26:60:24:03:f2:4a:3f:cb:e6:
b9:61:39:00:15:11:98:5b:e5:16:15:3c:fe:b6:7e:d0:cc:a6:
b3:7f:19:3c:f8:09:1d:ff:7d:74:55:65:11:f6:2d:af:61:8b:
a8:04:77:5f:4d:25:d9:10:71:de:f2:55:56:0c:88:b2:fc:be:
ab:26:7f:ed:12:51:32:b3:69:d0:34:bc:18:a5:0e:e7:49:0c:
98:6f:22:61:a3:3d:27:49:ba:c3:4d:6f:31:21:6c:2f:7a:47:
c7:de:9d:4e:07:6c:9b:9f:2b:18:44:ae:14:7e:8a:d8:37:b9:
90:84:dc:45:7a:0d:e5:23:f8:d2:ef:0d:63:f2:80:1e:3f:99:
dd:ce:69:3e
-----BEGIN CERTIFICATE-----
MIIFSzCCBDOgAwIBAgISAYaZxO/6aBhQhJKugT9ipF53MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNjZDc2MTU5YmZkOWUzMzc1MjNlZTkzMGYzZGYxMTFkNmJh
ZTczMDYwHhcNMjMwMjI4MjA0NDI1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMzc5NmQ0ZGUwZjEwMTQ1MDNjYWFiN2RlNTdlYTYwYmI0YmU4YWFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqAECLpY245Yx6ziI/Q/1/WuDhQfR
bT2J5l4UxRavkHgRBl9nRK4po22uxq+SmsNHodr6wMij25sGYC0eE9ZFWDiwAgEI
FFUpQeegNlYKwIwShQ4lXto28cHJA/oTOrrbNsGpZ5gM1CsEFbmkBMi//fbG2I0K
5bVrPNN7cvltKQdAnIG3YN9Rrjvc/PuTVFzlDUybZqbL1EMgzasDS29RIe8bGHfn
+RUVCDCpuDC0K01mi5v/G/ZzMZBk2EVvI35Y797JJmO9c/t3K1kr8K14xlm3mjQ0
4aBo6eTJiq3N/E5s7exomUofoQNlJ9M0B/gBqszs3TDE8jpKohA5xu7EIQIDAQAB
o4ICVzCCAlMwHQYDVR0OBBYEFDN5bU3g8QFFA8qrfeV+pgu0voqvMB8GA1UdIwQY
MBaAFMzXYVm/2eM3Uj7pMPPfER1rrnMGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvek5kaFdiX1o0emRTUHVrdzg5OFJIV3V1Y3dZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MC9mNmFkYTEtN2U4YS00YjNlLWI3ZTgt
Zjg1ODlmNjgyNjkxLzEvTTNsdFRlRHhBVVVEeXF0OTVYNm1DN1MtaXE4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MC9mNmFkYTEtN2U4YS00YjNlLWI3ZTgtZjg1ODlmNjgyNjkx
LzEvek5kaFdiX1o0emRTUHVrdzg5OFJIV3V1Y3dZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG0GCCsGAQUFBwEHAQH/BF4wXDBaBAIAAjBUAwUBKgZ3xAMF
ASoJOoQDBQEqCUKEAwUBKglEhAMFASoJeIQDBQEqCXuEAwUBKgmThAMFASoJmYQD
BQEqCa+EAwUBKgnnBAMFASoOxIQDBQEqDuaEMA0GCSqGSIb3DQEBCwUAA4IBAQAK
EiO+9GOejZvojzTIbFUu+2wykRH8hBIxBBSrHH+Mkg+GPENbaRXm3CnVTDFDWa2E
Oq3zfaQ9Nj8mhOCHSm3t1AlwWWZNgulDePL4pZ8LwInveoZi+wEiDsk7WKKR2Tx7
meN1HQZzlZ8ujKZGd/SEFdqAXMYmYCQD8ko/y+a5YTkAFRGYW+UWFTz+tn7QzKaz
fxk8+Akd/310VWUR9i2vYYuoBHdfTSXZEHHe8lVWDIiy/L6rJn/tElEys2nQNLwY
pQ7nSQyYbyJhoz0nSbrDTW8xIWwvekfH3p1OB2ybnysYRK4UforYN7mQhNxFeg3l
I/jS7w1j8oAeP5ndzmk+
-----END CERTIFICATE-----
Generated at Sat Apr 19 11:39:10 2025 by rpki-client