Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/vSu_1TKkH91Aun9B6lGUt0XlP6U.roa
File: vSu_1TKkH91Aun9B6lGUt0XlP6U.roa (raw, json)
Hash identifier: /moyDzttG4ptbyGJ8tA3ygDRC4xtoQOKDi8ICA7j8Ec=
Subject key identifier: BD:2B:BF:D5:32:A4:1F:DD:40:BA:7F:41:EA:51:94:B7:45:E5:3F:A5
Certificate issuer: /CN=ccd76159bfd9e337523ee930f3df111d6bae7306
Certificate serial: 018570D564850A13C892FEB82D2AFA74D282
Authority key identifier: CC:D7:61:59:BF:D9:E3:37:52:3E:E9:30:F3:DF:11:1D:6B:AE:73:06
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zNdhWb_Z4zdSPukw898RHWuucwY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/vSu_1TKkH91Aun9B6lGUt0XlP6U.roa
Signing time: Mon 02 Jan 2023 04:55:11 +0000
ROA not before: Mon 02 Jan 2023 04:55:11 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203629
IP address blocks: 2a0f:b745::/32 maxlen: 32
2a0d:e1c0::/30 maxlen: 30
2a09:e704::/32 maxlen: 32
2a09:4484::/32 maxlen: 32
2a09:bc00::/30 maxlen: 30
2a09:9985::/32 maxlen: 32
2a09:3a84::/32 maxlen: 32
2a0d:ad44::/30 maxlen: 30
2a0d:fbc4::/30 maxlen: 30
2a09:a600::/30 maxlen: 30
2a09:af85::/32 maxlen: 32
2a0e:19c5::/32 maxlen: 32
2a09:e705::/32 maxlen: 32
2a09:4485::/32 maxlen: 32
2a09:9984::/32 maxlen: 32
2a0f:b744::/32 maxlen: 32
2a09:af84::/32 maxlen: 32
2a0e:19c4::/32 maxlen: 32
2a09:3a85::/32 maxlen: 32
2a0d:b540::/30 maxlen: 30
2a09:4284::/32 maxlen: 32
2a0e:4b45::/32 maxlen: 32
2a09:4000::/30 maxlen: 30
2a0d:6b40::/30 maxlen: 30
2a09:7b85::/32 maxlen: 32
2a0e:c485::/32 maxlen: 32
2a06:77c4::/32 maxlen: 32
2a0d:ce44::/30 maxlen: 30
2a09:7884::/32 maxlen: 32
2a0d:ad40::/30 maxlen: 30
2a09:9384::/32 maxlen: 32
2a0d:fbc0::/30 maxlen: 30
2a09:bc04::/30 maxlen: 30
2a0d:e1c4::/30 maxlen: 30
2a09:a604::/30 maxlen: 30
2a0e:e685::/32 maxlen: 32
2a0d:ce40::/30 maxlen: 30
2a09:9385::/32 maxlen: 32
2a09:7b84::/32 maxlen: 32
2a0e:c484::/32 maxlen: 32
2a09:7885::/32 maxlen: 32
2a06:77c5::/32 maxlen: 32
2a0d:b544::/30 maxlen: 30
2a09:4004::/30 maxlen: 30
2a0d:6b44::/30 maxlen: 30
2a0e:4b44::/32 maxlen: 32
2a09:4285::/32 maxlen: 32
2a0e:e684::/32 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:d5:64:85:0a:13:c8:92:fe:b8:2d:2a:fa:74:d2:82
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ccd76159bfd9e337523ee930f3df111d6bae7306
Validity
Not Before: Jan 2 04:55:11 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bd2bbfd532a41fdd40ba7f41ea5194b745e53fa5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:54:2c:64:f9:43:89:c0:ce:6c:50:c5:5f:62:
af:dc:ac:2e:0b:30:1e:9b:b6:9d:c1:90:d1:43:55:
37:21:d9:db:0f:91:a3:98:89:d8:8a:3a:dd:b6:e0:
87:b2:6a:fc:cb:a1:d0:0f:23:f0:af:ef:a6:d5:7f:
8c:d4:19:b7:ac:e9:2d:64:86:af:0e:10:a9:95:7b:
bf:9d:0e:1d:f9:c7:a2:98:55:b9:c7:61:20:a0:82:
86:35:36:d6:42:a9:f0:e6:96:f5:c1:ff:3c:14:5c:
76:89:bb:2b:6b:9f:d1:f8:d6:a7:b0:a9:ae:44:ac:
44:72:58:07:48:cf:3c:fc:f7:c7:64:48:5c:e6:32:
45:54:1a:24:35:76:b8:a8:32:a7:14:2b:5e:a7:0b:
8c:b3:8b:4c:b5:c3:53:87:c8:d7:77:74:7c:b3:d6:
37:7b:4d:fd:39:ee:ca:3f:47:7c:f5:1c:87:ab:15:
d9:a5:5f:65:ad:59:b6:e7:56:14:65:ad:8c:a1:b0:
ab:4e:e6:d9:9c:9e:46:d6:28:7c:af:ca:f8:33:8d:
e8:bd:e5:8b:59:72:eb:f5:ee:bc:b8:4c:ca:3c:08:
91:cd:8a:ee:88:c4:5a:d4:02:0d:99:8d:4b:c5:a0:
12:ea:fe:62:bf:46:df:89:41:7a:93:1d:5f:ec:38:
50:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:2B:BF:D5:32:A4:1F:DD:40:BA:7F:41:EA:51:94:B7:45:E5:3F:A5
X509v3 Authority Key Identifier:
keyid:CC:D7:61:59:BF:D9:E3:37:52:3E:E9:30:F3:DF:11:1D:6B:AE:73:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zNdhWb_Z4zdSPukw898RHWuucwY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/vSu_1TKkH91Aun9B6lGUt0XlP6U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/zNdhWb_Z4zdSPukw898RHWuucwY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:77c4::/31
2a09:3a84::/31
2a09:4000::/29
2a09:4284::/31
2a09:4484::/31
2a09:7884::/31
2a09:7b84::/31
2a09:9384::/31
2a09:9984::/31
2a09:a600::/29
2a09:af84::/31
2a09:bc00::/29
2a09:e704::/31
2a0d:6b40::/29
2a0d:ad40::/29
2a0d:b540::/29
2a0d:ce40::/29
2a0d:e1c0::/29
2a0d:fbc0::/29
2a0e:19c4::/31
2a0e:4b44::/31
2a0e:c484::/31
2a0e:e684::/31
2a0f:b744::/31
Signature Algorithm: sha256WithRSAEncryption
cf:5c:82:cb:cd:d4:1c:6f:3e:d6:e9:6d:a1:51:7b:94:6e:09:
88:61:1f:c8:ee:e2:7a:72:0c:91:5c:fe:c0:97:6d:3d:42:ee:
03:a8:03:b9:a4:4e:73:10:a6:3e:51:51:43:01:b1:9c:dc:0e:
ca:68:42:4b:e3:03:bb:b3:c0:7d:03:22:e6:9d:52:f9:92:ca:
95:95:d7:90:f5:87:42:16:90:bd:b4:3f:9b:1a:e8:65:49:ab:
64:a3:97:9c:8a:d3:fa:5c:86:26:ed:8e:c2:a2:d5:8a:30:eb:
10:a4:0e:c2:c2:aa:1c:7f:4c:58:3f:47:dd:80:21:f6:f7:7c:
1e:3b:5e:05:5e:83:e7:92:be:63:e6:58:1e:87:00:6b:34:04:
3e:d3:09:48:4e:37:5a:27:be:b9:0b:33:5d:d1:26:40:f7:a3:
8a:aa:54:33:45:61:b3:07:bf:2f:f9:9a:d4:a1:a9:c0:3b:5f:
d9:2b:68:18:93:7f:10:25:83:ff:d2:23:df:12:9c:ba:d0:13:
8a:13:94:db:11:04:bf:93:a6:8f:05:13:75:d0:b6:83:45:cd:
bf:23:c6:53:39:d3:e6:bc:94:eb:b6:6f:f8:ac:69:55:2c:9f:
6b:b8:39:3f:8c:3c:93:29:e1:6e:d0:68:cd:62:53:67:0f:7f:
e0:43:e8:10
-----BEGIN CERTIFICATE-----
MIIFpDCCBIygAwIBAgISAYVw1WSFChPIkv64LSr6dNKCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNjZDc2MTU5YmZkOWUzMzc1MjNlZTkzMGYzZGYxMTFkNmJh
ZTczMDYwHhcNMjMwMTAyMDQ1NTExWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZDJiYmZkNTMyYTQxZmRkNDBiYTdmNDFlYTUxOTRiNzQ1ZTUzZmE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAilQsZPlDicDObFDFX2Kv3KwuCzAe
m7adwZDRQ1U3IdnbD5GjmInYijrdtuCHsmr8y6HQDyPwr++m1X+M1Bm3rOktZIav
DhCplXu/nQ4d+ceimFW5x2EgoIKGNTbWQqnw5pb1wf88FFx2ibsra5/R+NansKmu
RKxEclgHSM88/PfHZEhc5jJFVBokNXa4qDKnFCtepwuMs4tMtcNTh8jXd3R8s9Y3
e039Oe7KP0d89RyHqxXZpV9lrVm251YUZa2MobCrTubZnJ5G1ih8r8r4M43oveWL
WXLr9e68uEzKPAiRzYruiMRa1AINmY1LxaAS6v5iv0bfiUF6kx1f7DhQAQIDAQAB
o4ICsDCCAqwwHQYDVR0OBBYEFL0rv9UypB/dQLp/QepRlLdF5T+lMB8GA1UdIwQY
MBaAFMzXYVm/2eM3Uj7pMPPfER1rrnMGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvek5kaFdiX1o0emRTUHVrdzg5OFJIV3V1Y3dZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MC9mNmFkYTEtN2U4YS00YjNlLWI3ZTgt
Zjg1ODlmNjgyNjkxLzEvdlN1XzFUS2tIOTFBdW45QjZsR1V0MFhsUDZVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MC9mNmFkYTEtN2U4YS00YjNlLWI3ZTgtZjg1ODlmNjgyNjkx
LzEvek5kaFdiX1o0emRTUHVrdzg5OFJIV3V1Y3dZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHFBggrBgEFBQcBBwEB/wSBtTCBsjCBrwQCAAIwgagDBQEq
BnfEAwUBKgk6hAMFAyoJQAADBQEqCUKEAwUBKglEhAMFASoJeIQDBQEqCXuEAwUB
KgmThAMFASoJmYQDBQMqCaYAAwUBKgmvhAMFAyoJvAADBQEqCecEAwUDKg1rQAMF
AyoNrUADBQMqDbVAAwUDKg3OQAMFAyoN4cADBQMqDfvAAwUBKg4ZxAMFASoOS0QD
BQEqDsSEAwUBKg7mhAMFASoPt0QwDQYJKoZIhvcNAQELBQADggEBAM9cgsvN1Bxv
PtbpbaFRe5RuCYhhH8ju4npyDJFc/sCXbT1C7gOoA7mkTnMQpj5RUUMBsZzcDspo
QkvjA7uzwH0DIuadUvmSypWV15D1h0IWkL20P5sa6GVJq2Sjl5yK0/pchibtjsKi
1Yow6xCkDsLCqhx/TFg/R92AIfb3fB47XgVeg+eSvmPmWB6HAGs0BD7TCUhON1on
vrkLM13RJkD3o4qqVDNFYbMHvy/5mtShqcA7X9kraBiTfxAlg//SI98SnLrQE4oT
lNsRBL+Tpo8FE3XQtoNFzb8jxlM50+a8lOu2b/isaVUsn2u4OT+MPJMp4W7QaM1i
U2cPf+BD6BA=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:08:46 2024 by rpki-client on console-ams.rpki-client.org