Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/qCpD3YOsI35R1pfXam29VKDpyQo.roa
File: qCpD3YOsI35R1pfXam29VKDpyQo.roa (raw, json)
Hash identifier: l6bjUVuRSNVF5T0RGxN22dShAtUbFEQEm72Dc0DDJEQ=
Subject key identifier: A8:2A:43:DD:83:AC:23:7E:51:D6:97:D7:6A:6D:BD:54:A0:E9:C9:0A
Certificate issuer: /CN=ccd76159bfd9e337523ee930f3df111d6bae7306
Certificate serial: 01838836645BFC932DFE8178EC228DA50C5D
Authority key identifier: CC:D7:61:59:BF:D9:E3:37:52:3E:E9:30:F3:DF:11:1D:6B:AE:73:06
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zNdhWb_Z4zdSPukw898RHWuucwY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/qCpD3YOsI35R1pfXam29VKDpyQo.roa
Signing time: Thu 29 Sep 2022 07:46:49 +0000
ROA not before: Thu 29 Sep 2022 07:46:49 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 204084
IP address blocks: 2a0d:fcc4::/30 maxlen: 30
2a0d:97c0::/30 maxlen: 30
2a09:4283::/32 maxlen: 32
2a09:e703::/32 maxlen: 32
2a0d:28c4::/30 maxlen: 30
2a06:77c3::/32 maxlen: 32
2a0d:6a40::/30 maxlen: 30
2a0e:e682::/32 maxlen: 32
2a0d:28c0::/30 maxlen: 30
2a0d:34c0::/30 maxlen: 30
2a0d:6ec4::/30 maxlen: 30
2a0d:a3c4::/30 maxlen: 30
2a0d:b2c0::/30 maxlen: 30
2a07:cc44::/30 maxlen: 30
2a09:af82::/32 maxlen: 32
2a09:9982::/32 maxlen: 32
2a0f:b742::/32 maxlen: 32
2a0e:4b43::/32 maxlen: 32
2a09:3a82::/32 maxlen: 32
2a09:7882::/32 maxlen: 32
2a0d:7140::/30 maxlen: 30
2a09:4483::/32 maxlen: 32
2a09:7b83::/32 maxlen: 32
2a0e:c483::/32 maxlen: 32
2a0e:19c3::/32 maxlen: 32
2a07:cc40::/30 maxlen: 30
2a0d:6ec0::/30 maxlen: 30
2a0d:b2c4::/30 maxlen: 30
2a0d:34c4::/30 maxlen: 30
2a09:7883::/32 maxlen: 32
2a09:9382::/32 maxlen: 32
2a0d:9744::/30 maxlen: 30
2a0d:a3c0::/30 maxlen: 30
2a09:9383::/32 maxlen: 32
2a0d:7144::/30 maxlen: 30
2a0e:4b42::/32 maxlen: 32
2a0d:9740::/30 maxlen: 30
2a0e:19c2::/32 maxlen: 32
2a0e:c482::/32 maxlen: 32
2a09:7b82::/32 maxlen: 32
2a0e:e683::/32 maxlen: 32
2a0d:97c4::/30 maxlen: 30
2a0d:fcc0::/30 maxlen: 30
2a09:9983::/32 maxlen: 32
2a09:4482::/32 maxlen: 32
2a09:e702::/32 maxlen: 32
2a06:77c2::/32 maxlen: 32
2a09:3a83::/32 maxlen: 32
2a0d:f5c0::/30 maxlen: 30
2a09:af83::/32 maxlen: 32
2a0d:6a44::/30 maxlen: 30
2a0f:b743::/32 maxlen: 32
2a09:4282::/32 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:88:36:64:5b:fc:93:2d:fe:81:78:ec:22:8d:a5:0c:5d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ccd76159bfd9e337523ee930f3df111d6bae7306
Validity
Not Before: Sep 29 07:46:49 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a82a43dd83ac237e51d697d76a6dbd54a0e9c90a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:04:66:49:b2:62:3c:94:83:0d:db:62:15:8c:
e4:73:5c:30:3e:f5:a1:a5:72:f3:a0:3c:fe:5d:ba:
9b:82:f8:c5:e2:65:2c:f5:32:23:09:3b:f4:3f:0c:
9e:7e:da:d0:e5:10:90:f7:0c:f6:19:54:ee:7c:9e:
92:a4:0a:5c:59:52:0e:fe:a4:ae:e1:82:ed:0d:d0:
f2:85:ac:75:e4:81:c7:75:ed:2a:9c:de:56:68:60:
53:e3:7b:4d:8f:8e:8e:fc:d7:e2:44:e0:37:c1:44:
6a:03:71:67:5b:33:3c:b4:95:40:81:a8:e0:9f:32:
02:a3:b8:96:36:d7:b7:03:70:d2:73:cb:d5:3e:62:
37:7e:27:10:87:64:f1:ed:b2:13:04:5f:0e:d8:aa:
8c:29:68:68:32:22:35:be:16:6e:28:e3:58:eb:18:
f5:40:e8:7b:88:8a:33:78:8d:13:a9:13:7e:69:2d:
c4:bb:74:a5:56:16:fe:95:b9:c0:95:1f:09:a3:73:
d7:ca:d9:04:35:05:39:8d:7d:23:b3:b2:7b:20:73:
09:41:54:2e:a1:5a:4d:50:ea:dd:62:a6:4f:bd:0e:
4a:28:50:db:f2:b1:f8:85:ee:93:cf:b2:78:49:5f:
da:e0:4b:f2:61:25:bc:ba:aa:2b:6d:08:b9:4a:cf:
bd:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:2A:43:DD:83:AC:23:7E:51:D6:97:D7:6A:6D:BD:54:A0:E9:C9:0A
X509v3 Authority Key Identifier:
keyid:CC:D7:61:59:BF:D9:E3:37:52:3E:E9:30:F3:DF:11:1D:6B:AE:73:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zNdhWb_Z4zdSPukw898RHWuucwY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/qCpD3YOsI35R1pfXam29VKDpyQo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/zNdhWb_Z4zdSPukw898RHWuucwY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:77c2::/31
2a07:cc40::/29
2a09:3a82::/31
2a09:4282::/31
2a09:4482::/31
2a09:7882::/31
2a09:7b82::/31
2a09:9382::/31
2a09:9982::/31
2a09:af82::/31
2a09:e702::/31
2a0d:28c0::/29
2a0d:34c0::/29
2a0d:6a40::/29
2a0d:6ec0::/29
2a0d:7140::/29
2a0d:9740::/29
2a0d:97c0::/29
2a0d:a3c0::/29
2a0d:b2c0::/29
2a0d:f5c0::/30
2a0d:fcc0::/29
2a0e:19c2::/31
2a0e:4b42::/31
2a0e:c482::/31
2a0e:e682::/31
2a0f:b742::/31
Signature Algorithm: sha256WithRSAEncryption
3a:5a:72:44:65:28:6c:21:f6:f5:bb:db:18:b5:fb:f4:2e:4d:
a1:8a:80:e8:6b:a9:1f:f8:d8:ff:d3:65:82:10:3c:e1:99:21:
e5:1f:4a:c3:ef:3c:70:11:93:b7:23:40:63:39:db:2d:ce:88:
cb:0d:5c:fc:92:b8:03:3c:ca:3a:1e:26:31:a1:0a:da:8b:5b:
c1:40:a6:8b:15:37:a2:dc:0d:4d:2b:c0:21:92:6d:55:46:6d:
91:28:ee:29:1b:d0:ed:3e:12:a0:c6:ce:ed:f3:b9:b6:55:58:
b1:f4:75:2c:2e:67:0d:47:46:8a:ec:bd:07:22:65:44:f0:52:
42:32:49:bb:99:e3:15:43:51:2a:8e:87:d9:21:d5:e9:2e:f0:
27:42:a9:31:25:2a:a1:23:64:42:2d:4c:14:4e:89:f0:71:65:
d1:4c:19:c8:30:c8:ba:1b:d1:2d:0e:25:fe:a0:65:94:15:c3:
a8:20:97:41:66:5e:01:16:0d:4e:1f:6d:81:b3:5d:30:1f:ac:
cf:a5:40:e9:67:c1:5c:33:93:d3:34:9e:3d:d6:40:9d:97:00:
72:83:1b:2c:ac:65:42:84:ae:ff:61:d9:96:49:a8:1a:ae:6a:
b1:bb:df:8e:08:dc:be:16:60:b5:c5:4c:4a:6c:c0:8b:7c:a5:
d8:35:a8:9f
-----BEGIN CERTIFICATE-----
MIIFuTCCBKGgAwIBAgISAYOINmRb/JMt/oF47CKNpQxdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNjZDc2MTU5YmZkOWUzMzc1MjNlZTkzMGYzZGYxMTFkNmJh
ZTczMDYwHhcNMjIwOTI5MDc0NjQ5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhODJhNDNkZDgzYWMyMzdlNTFkNjk3ZDc2YTZkYmQ1NGEwZTljOTBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjARmSbJiPJSDDdtiFYzkc1wwPvWh
pXLzoDz+XbqbgvjF4mUs9TIjCTv0PwyeftrQ5RCQ9wz2GVTufJ6SpApcWVIO/qSu
4YLtDdDyhax15IHHde0qnN5WaGBT43tNj46O/NfiROA3wURqA3FnWzM8tJVAgajg
nzICo7iWNte3A3DSc8vVPmI3ficQh2Tx7bITBF8O2KqMKWhoMiI1vhZuKONY6xj1
QOh7iIozeI0TqRN+aS3Eu3SlVhb+lbnAlR8Jo3PXytkENQU5jX0js7J7IHMJQVQu
oVpNUOrdYqZPvQ5KKFDb8rH4he6Tz7J4SV/a4EvyYSW8uqorbQi5Ss+9FQIDAQAB
o4ICxTCCAsEwHQYDVR0OBBYEFKgqQ92DrCN+UdaX12ptvVSg6ckKMB8GA1UdIwQY
MBaAFMzXYVm/2eM3Uj7pMPPfER1rrnMGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvek5kaFdiX1o0emRTUHVrdzg5OFJIV3V1Y3dZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MC9mNmFkYTEtN2U4YS00YjNlLWI3ZTgt
Zjg1ODlmNjgyNjkxLzEvcUNwRDNZT3NJMzVSMXBmWGFtMjlWS0RweVFvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MC9mNmFkYTEtN2U4YS00YjNlLWI3ZTgtZjg1ODlmNjgyNjkx
LzEvek5kaFdiX1o0emRTUHVrdzg5OFJIV3V1Y3dZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHaBggrBgEFBQcBBwEB/wSByjCBxzCBxAQCAAIwgb0DBQEq
BnfCAwUDKgfMQAMFASoJOoIDBQEqCUKCAwUBKglEggMFASoJeIIDBQEqCXuCAwUB
KgmTggMFASoJmYIDBQEqCa+CAwUBKgnnAgMFAyoNKMADBQMqDTTAAwUDKg1qQAMF
AyoNbsADBQMqDXFAAwUDKg2XQAMFAyoNl8ADBQMqDaPAAwUDKg2ywAMFAioN9cAD
BQMqDfzAAwUBKg4ZwgMFASoOS0IDBQEqDsSCAwUBKg7mggMFASoPt0IwDQYJKoZI
hvcNAQELBQADggEBADpackRlKGwh9vW72xi1+/QuTaGKgOhrqR/42P/TZYIQPOGZ
IeUfSsPvPHARk7cjQGM52y3OiMsNXPySuAM8yjoeJjGhCtqLW8FAposVN6LcDU0r
wCGSbVVGbZEo7ikb0O0+EqDGzu3zubZVWLH0dSwuZw1HRorsvQciZUTwUkIySbuZ
4xVDUSqOh9kh1eku8CdCqTElKqEjZEItTBROifBxZdFMGcgwyLob0S0OJf6gZZQV
w6ggl0FmXgEWDU4fbYGzXTAfrM+lQOlnwVwzk9M0nj3WQJ2XAHKDGyysZUKErv9h
2ZZJqBquarG7344I3L4WYLXFTEpswIt8pdg1qJ8=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:17 2024 by rpki-client on console-fra.rpki-client.org