Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/UOw4btIW2QDFc1WRHwR5eKxaQTs.roa
File: UOw4btIW2QDFc1WRHwR5eKxaQTs.roa (raw, json)
Hash identifier: A1JbkK8yvQxYqYTUQbbzqtqeJZ5zr/OKLaSVnnBmhJs=
Subject key identifier: 50:EC:38:6E:D2:16:D9:00:C5:73:55:91:1F:04:79:78:AC:5A:41:3B
Certificate issuer: /CN=ccd76159bfd9e337523ee930f3df111d6bae7306
Certificate serial: 0182E45D3C934EE8B6BED1918FAE21B36B31
Authority key identifier: CC:D7:61:59:BF:D9:E3:37:52:3E:E9:30:F3:DF:11:1D:6B:AE:73:06
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zNdhWb_Z4zdSPukw898RHWuucwY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/UOw4btIW2QDFc1WRHwR5eKxaQTs.roa
Signing time: Sun 28 Aug 2022 12:11:31 +0000
ROA not before: Sun 28 Aug 2022 12:11:31 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 204084
IP address blocks: 2a07:cc40::/30 maxlen: 30
2a0d:34c0::/30 maxlen: 30
2a0d:6ec4::/30 maxlen: 30
2a0d:a3c4::/30 maxlen: 30
2a0d:6ec0::/30 maxlen: 30
2a0d:fcc4::/30 maxlen: 30
2a0d:b2c0::/30 maxlen: 30
2a0d:97c0::/30 maxlen: 30
2a0d:b2c4::/30 maxlen: 30
2a07:cc44::/30 maxlen: 30
2a0d:34c4::/30 maxlen: 30
2a0d:97c4::/30 maxlen: 30
2a0d:fcc0::/30 maxlen: 30
2a0d:28c4::/30 maxlen: 30
2a0d:6a40::/30 maxlen: 30
2a0d:9744::/30 maxlen: 30
2a0d:a3c0::/30 maxlen: 30
2a0d:7140::/30 maxlen: 30
2a0d:7144::/30 maxlen: 30
2a0d:28c0::/30 maxlen: 30
2a0d:f5c0::/30 maxlen: 30
2a0d:9740::/30 maxlen: 30
2a0d:6a44::/30 maxlen: 30
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:e4:5d:3c:93:4e:e8:b6:be:d1:91:8f:ae:21:b3:6b:31
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ccd76159bfd9e337523ee930f3df111d6bae7306
Validity
Not Before: Aug 28 12:11:31 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=50ec386ed216d900c57355911f047978ac5a413b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:01:1a:8e:7a:c7:22:c4:31:c7:0a:a0:c8:81:
c6:d9:05:bd:6e:58:cb:60:9c:d3:17:f7:d5:56:b8:
f3:c8:8d:09:bb:b7:a2:bb:b8:03:b2:65:cb:fb:2b:
55:2e:ad:8a:8a:db:07:b3:a4:e3:1f:7d:ff:d9:fa:
ab:90:66:1e:7b:86:71:6a:d9:76:24:c0:09:8b:4e:
ee:ae:f9:f6:60:f3:21:bf:40:25:36:62:d7:28:22:
d9:1d:6a:bc:26:3a:56:77:c5:4d:07:4f:13:4f:c0:
51:b0:62:2f:ad:13:55:7c:ba:02:7b:4c:66:35:9f:
52:7e:14:c6:e2:d1:de:ed:ef:66:12:68:fd:f7:03:
11:e0:21:5c:de:34:3e:63:d1:07:69:57:c0:72:b2:
ab:e0:ae:27:b0:13:9a:6a:0b:04:c8:79:38:33:6f:
3c:27:b7:c4:b6:45:6c:8f:99:50:30:ef:d8:65:2d:
30:b8:2e:9d:ef:c2:8f:33:39:e6:8d:28:ac:f7:30:
8b:c1:ec:b7:e1:fc:6e:e8:e8:47:d6:25:5c:6c:bb:
88:f4:e7:e0:e8:00:92:41:dc:ab:ac:2e:4b:47:d9:
77:65:ca:28:eb:3a:ef:34:3e:4a:8c:27:50:4e:d1:
39:43:ec:c9:ab:5f:12:8c:69:e1:fc:27:21:ce:dc:
f7:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:EC:38:6E:D2:16:D9:00:C5:73:55:91:1F:04:79:78:AC:5A:41:3B
X509v3 Authority Key Identifier:
keyid:CC:D7:61:59:BF:D9:E3:37:52:3E:E9:30:F3:DF:11:1D:6B:AE:73:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zNdhWb_Z4zdSPukw898RHWuucwY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/UOw4btIW2QDFc1WRHwR5eKxaQTs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/zNdhWb_Z4zdSPukw898RHWuucwY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a07:cc40::/29
2a0d:28c0::/29
2a0d:34c0::/29
2a0d:6a40::/29
2a0d:6ec0::/29
2a0d:7140::/29
2a0d:9740::/29
2a0d:97c0::/29
2a0d:a3c0::/29
2a0d:b2c0::/29
2a0d:f5c0::/30
2a0d:fcc0::/29
Signature Algorithm: sha256WithRSAEncryption
60:6a:5a:8d:af:2b:9f:4f:e9:1a:bd:c9:3d:98:c4:ca:ec:32:
dd:d1:a7:69:81:66:5e:fc:99:b4:e7:7b:63:ea:30:6d:67:f9:
fd:80:fe:67:c7:ce:f4:e3:b5:c4:34:3b:02:e4:24:53:86:c7:
0b:12:e7:69:14:b3:7f:bc:0b:80:1e:4b:d8:c9:96:3a:e8:b8:
b1:44:00:3f:73:e8:38:e7:f6:34:10:17:a2:e2:22:a1:62:bc:
db:e5:e8:c1:a7:65:7a:a0:53:33:34:e9:24:8b:3a:34:73:40:
f8:07:01:9e:51:d0:46:3c:87:78:e6:71:39:6f:b2:48:a8:35:
ba:26:f9:9b:21:06:10:aa:a7:85:d1:2e:5c:b7:42:8a:46:27:
a3:94:e3:0d:70:10:7f:90:a6:6d:1d:fd:02:1e:41:21:c5:92:
3e:48:24:b3:40:36:ba:f2:f3:b4:77:fa:75:86:5a:0a:c6:45:
e0:a8:80:f1:e0:06:fd:c5:2b:67:db:a4:db:9c:f7:a2:0e:bb:
b4:51:87:86:91:b5:57:ff:6c:8b:0a:b6:da:7c:c6:91:a1:36:
25:72:dd:5a:21:93:94:fd:26:1a:c8:83:f4:83:83:cf:04:e7:
f9:93:68:ae:82:2c:f8:a6:09:c1:9f:38:26:4e:93:43:42:ae:
5a:16:97:ee
-----BEGIN CERTIFICATE-----
MIIFSzCCBDOgAwIBAgISAYLkXTyTTui2vtGRj64hs2sxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNjZDc2MTU5YmZkOWUzMzc1MjNlZTkzMGYzZGYxMTFkNmJh
ZTczMDYwHhcNMjIwODI4MTIxMTMxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MGVjMzg2ZWQyMTZkOTAwYzU3MzU1OTExZjA0Nzk3OGFjNWE0MTNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzgEajnrHIsQxxwqgyIHG2QW9bljL
YJzTF/fVVrjzyI0Ju7eiu7gDsmXL+ytVLq2KitsHs6TjH33/2fqrkGYee4Zxatl2
JMAJi07urvn2YPMhv0AlNmLXKCLZHWq8JjpWd8VNB08TT8BRsGIvrRNVfLoCe0xm
NZ9SfhTG4tHe7e9mEmj99wMR4CFc3jQ+Y9EHaVfAcrKr4K4nsBOaagsEyHk4M288
J7fEtkVsj5lQMO/YZS0wuC6d78KPMznmjSis9zCLwey34fxu6OhH1iVcbLuI9Ofg
6ACSQdyrrC5LR9l3Zcoo6zrvND5KjCdQTtE5Q+zJq18SjGnh/Cchztz3AwIDAQAB
o4ICVzCCAlMwHQYDVR0OBBYEFFDsOG7SFtkAxXNVkR8EeXisWkE7MB8GA1UdIwQY
MBaAFMzXYVm/2eM3Uj7pMPPfER1rrnMGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvek5kaFdiX1o0emRTUHVrdzg5OFJIV3V1Y3dZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MC9mNmFkYTEtN2U4YS00YjNlLWI3ZTgt
Zjg1ODlmNjgyNjkxLzEvVU93NGJ0SVcyUURGYzFXUkh3UjVlS3hhUVRzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MC9mNmFkYTEtN2U4YS00YjNlLWI3ZTgtZjg1ODlmNjgyNjkx
LzEvek5kaFdiX1o0emRTUHVrdzg5OFJIV3V1Y3dZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG0GCCsGAQUFBwEHAQH/BF4wXDBaBAIAAjBUAwUDKgfMQAMF
AyoNKMADBQMqDTTAAwUDKg1qQAMFAyoNbsADBQMqDXFAAwUDKg2XQAMFAyoNl8AD
BQMqDaPAAwUDKg2ywAMFAioN9cADBQMqDfzAMA0GCSqGSIb3DQEBCwUAA4IBAQBg
alqNryufT+kavck9mMTK7DLd0adpgWZe/Jm053tj6jBtZ/n9gP5nx87047XENDsC
5CRThscLEudpFLN/vAuAHkvYyZY66LixRAA/c+g45/Y0EBei4iKhYrzb5ejBp2V6
oFMzNOkkizo0c0D4BwGeUdBGPId45nE5b7JIqDW6JvmbIQYQqqeF0S5ct0KKRiej
lOMNcBB/kKZtHf0CHkEhxZI+SCSzQDa68vO0d/p1hloKxkXgqIDx4Ab9xStn26Tb
nPeiDru0UYeGkbVX/2yLCrbafMaRoTYlct1aIZOU/SYayIP0g4PPBOf5k2iugiz4
pgnBnzgmTpNDQq5aFpfu
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:08:46 2024 by rpki-client on console-ams.rpki-client.org