Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/l5pL2XWuq_7I9ANPqVinhvP5x5U.roa
File: l5pL2XWuq_7I9ANPqVinhvP5x5U.roa (raw, json)
Hash identifier: uwFfiapioRZJ+U9RUjLZp6zNHIpx961r1dMPD2uPRl4=
Subject key identifier: 97:9A:4B:D9:75:AE:AB:FE:C8:F4:03:4F:A9:58:A7:86:F3:F9:C7:95
Certificate issuer: /CN=ccd76159bfd9e337523ee930f3df111d6bae7306
Certificate serial: 018699A6B9240998B7847C355330CA932B0D
Authority key identifier: CC:D7:61:59:BF:D9:E3:37:52:3E:E9:30:F3:DF:11:1D:6B:AE:73:06
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zNdhWb_Z4zdSPukw898RHWuucwY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/l5pL2XWuq_7I9ANPqVinhvP5x5U.roa
Signing time: Tue 28 Feb 2023 20:11:25 +0000
ROA not before: Tue 28 Feb 2023 20:11:25 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203629
IP address blocks: 2a0f:b745::/32 maxlen: 32
2a09:e704::/32 maxlen: 32
2a09:4484::/32 maxlen: 32
2a09:9985::/32 maxlen: 32
2a09:3a84::/32 maxlen: 32
2a09:af85::/32 maxlen: 32
2a0e:19c5::/32 maxlen: 32
2a09:e705::/32 maxlen: 32
2a09:4485::/32 maxlen: 32
2a09:9984::/32 maxlen: 32
2a0f:b744::/32 maxlen: 32
2a09:af84::/32 maxlen: 32
2a0e:19c4::/32 maxlen: 32
2a09:3a85::/32 maxlen: 32
2a09:4284::/32 maxlen: 32
2a0e:4b45::/32 maxlen: 32
2a09:7b85::/32 maxlen: 32
2a0e:c485::/32 maxlen: 32
2a06:77c4::/32 maxlen: 32
2a09:7884::/32 maxlen: 32
2a09:9384::/32 maxlen: 32
2a0e:e685::/32 maxlen: 32
2a09:9385::/32 maxlen: 32
2a09:7b84::/32 maxlen: 32
2a0e:c484::/32 maxlen: 32
2a09:7885::/32 maxlen: 32
2a06:77c5::/32 maxlen: 32
2a0e:4b44::/32 maxlen: 32
2a09:4285::/32 maxlen: 32
2a0e:e684::/32 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:99:a6:b9:24:09:98:b7:84:7c:35:53:30:ca:93:2b:0d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ccd76159bfd9e337523ee930f3df111d6bae7306
Validity
Not Before: Feb 28 20:11:25 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=979a4bd975aeabfec8f4034fa958a786f3f9c795
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:6e:56:13:d3:2f:1d:3a:1e:22:4b:3c:54:39:
8a:fc:06:70:7a:e1:5f:3e:ae:36:74:6f:15:ef:2f:
f5:39:da:ac:23:a1:4f:42:aa:52:b4:4e:98:4c:40:
f7:c7:43:7f:83:b5:95:60:4e:7f:39:59:14:8b:15:
62:02:8d:20:d5:8d:c1:96:8b:d2:60:49:8b:16:86:
99:5b:60:8f:58:9a:bd:9e:2a:b8:1a:1f:5a:ed:eb:
ed:de:3a:c1:23:ea:11:43:7d:67:be:a3:83:1f:b6:
6e:ba:f6:a4:99:ee:85:5f:0b:d1:e6:ba:57:91:e4:
69:4f:73:85:ff:39:d4:f2:73:07:f8:13:e6:ff:1e:
6a:0d:92:33:cf:a3:4a:04:fb:e9:f1:ea:7a:48:40:
fc:8a:13:ac:be:c2:f7:88:12:b6:69:8d:2f:ea:c2:
85:fe:5f:11:34:07:99:17:00:c4:49:c1:7b:73:cf:
33:37:7f:2c:36:61:44:11:fc:b7:ff:5f:4f:7b:1d:
7d:e0:d2:22:ef:82:95:82:e0:a9:37:1f:d6:be:d2:
6e:72:3a:bb:c7:77:e2:af:6a:0e:d3:61:90:41:f5:
a7:4c:35:f4:cb:46:9f:90:54:fb:b7:d4:e7:b2:92:
b7:5b:e7:84:dd:62:75:07:76:46:53:40:bb:fd:dd:
21:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:9A:4B:D9:75:AE:AB:FE:C8:F4:03:4F:A9:58:A7:86:F3:F9:C7:95
X509v3 Authority Key Identifier:
keyid:CC:D7:61:59:BF:D9:E3:37:52:3E:E9:30:F3:DF:11:1D:6B:AE:73:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zNdhWb_Z4zdSPukw898RHWuucwY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/l5pL2XWuq_7I9ANPqVinhvP5x5U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/zNdhWb_Z4zdSPukw898RHWuucwY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:77c4::/31
2a09:3a84::/31
2a09:4284::/31
2a09:4484::/31
2a09:7884::/31
2a09:7b84::/31
2a09:9384::/31
2a09:9984::/31
2a09:af84::/31
2a09:e704::/31
2a0e:19c4::/31
2a0e:4b44::/31
2a0e:c484::/31
2a0e:e684::/31
2a0f:b744::/31
Signature Algorithm: sha256WithRSAEncryption
78:df:9b:58:a1:e1:ba:64:f1:c9:db:b8:fa:6b:e5:a4:52:83:
31:b3:0a:10:29:cc:1f:03:b1:6f:68:4b:2b:1d:2c:e2:6d:08:
ea:ae:db:0a:d8:7b:79:7e:23:c2:83:af:3f:6d:79:fe:58:c3:
df:0e:e2:97:ad:91:b7:40:3d:f6:14:6d:22:66:3b:3b:80:fa:
a6:b4:3f:22:2b:99:24:bc:78:ea:b9:ef:a5:67:27:ce:6c:23:
80:2e:08:c0:1f:03:ce:4d:e6:11:dc:87:83:2f:49:26:c7:68:
2e:55:98:ed:bf:1c:f6:8e:c4:4d:8a:23:8c:d0:59:93:25:1e:
12:eb:92:5b:bf:75:67:a5:31:db:16:0d:d2:96:d9:46:e4:77:
8b:08:b6:f7:2a:f9:be:41:cc:27:6c:1f:e4:0a:04:41:af:57:
63:34:5c:9b:48:55:87:02:dd:d4:b6:a1:1a:d5:5f:b1:77:a6:
06:70:cb:35:7f:40:94:e2:85:80:b1:53:00:85:78:ec:b7:82:
9e:85:16:9c:6c:3e:33:7f:81:d3:ef:69:61:23:e6:ae:9c:15:
03:63:74:e0:c6:bd:58:73:e6:16:5e:f9:9c:c5:0b:3b:f7:0d:
25:bc:1f:f9:9a:98:67:5b:ce:4b:23:0d:3b:39:61:e8:f0:12:
fb:e5:5d:8f
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgISAYaZprkkCZi3hHw1UzDKkysNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNjZDc2MTU5YmZkOWUzMzc1MjNlZTkzMGYzZGYxMTFkNmJh
ZTczMDYwHhcNMjMwMjI4MjAxMTI1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NzlhNGJkOTc1YWVhYmZlYzhmNDAzNGZhOTU4YTc4NmYzZjljNzk1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0m5WE9MvHToeIks8VDmK/AZweuFf
Pq42dG8V7y/1OdqsI6FPQqpStE6YTED3x0N/g7WVYE5/OVkUixViAo0g1Y3BlovS
YEmLFoaZW2CPWJq9niq4Gh9a7evt3jrBI+oRQ31nvqODH7Zuuvakme6FXwvR5rpX
keRpT3OF/znU8nMH+BPm/x5qDZIzz6NKBPvp8ep6SED8ihOsvsL3iBK2aY0v6sKF
/l8RNAeZFwDEScF7c88zN38sNmFEEfy3/19Pex194NIi74KVguCpNx/WvtJucjq7
x3fir2oO02GQQfWnTDX0y0afkFT7t9TnspK3W+eE3WJ1B3ZGU0C7/d0hRQIDAQAB
o4ICbTCCAmkwHQYDVR0OBBYEFJeaS9l1rqv+yPQDT6lYp4bz+ceVMB8GA1UdIwQY
MBaAFMzXYVm/2eM3Uj7pMPPfER1rrnMGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvek5kaFdiX1o0emRTUHVrdzg5OFJIV3V1Y3dZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MC9mNmFkYTEtN2U4YS00YjNlLWI3ZTgt
Zjg1ODlmNjgyNjkxLzEvbDVwTDJYV3VxXzdJOUFOUHFWaW5odlA1eDVVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MC9mNmFkYTEtN2U4YS00YjNlLWI3ZTgtZjg1ODlmNjgyNjkx
LzEvek5kaFdiX1o0emRTUHVrdzg5OFJIV3V1Y3dZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGCBggrBgEFBQcBBwEB/wRzMHEwbwQCAAIwaQMFASoGd8QD
BQEqCTqEAwUBKglChAMFASoJRIQDBQEqCXiEAwUBKgl7hAMFASoJk4QDBQEqCZmE
AwUBKgmvhAMFASoJ5wQDBQEqDhnEAwUBKg5LRAMFASoOxIQDBQEqDuaEAwUBKg+3
RDANBgkqhkiG9w0BAQsFAAOCAQEAeN+bWKHhumTxydu4+mvlpFKDMbMKECnMHwOx
b2hLKx0s4m0I6q7bCth7eX4jwoOvP215/ljD3w7il62Rt0A99hRtImY7O4D6prQ/
IiuZJLx46rnvpWcnzmwjgC4IwB8Dzk3mEdyHgy9JJsdoLlWY7b8c9o7ETYojjNBZ
kyUeEuuSW791Z6Ux2xYN0pbZRuR3iwi29yr5vkHMJ2wf5AoEQa9XYzRcm0hVhwLd
1LahGtVfsXemBnDLNX9AlOKFgLFTAIV47LeCnoUWnGw+M3+B0+9pYSPmrpwVA2N0
4Ma9WHPmFl75nMULO/cNJbwf+ZqYZ1vOSyMNOzlh6PAS++Vdjw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:17 2024 by rpki-client on console-fra.rpki-client.org