Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/55/78c103-89da-4b84-8f34-aeb6d2cf2de2/1/I8sGUoXGoTdnldqUzZ8y616UME0.roa
File: I8sGUoXGoTdnldqUzZ8y616UME0.roa (raw, json)
Hash identifier: gDS9Z92pYa7RBaE7snX0La8ch3OLlpfykonyzHuMD/E=
Subject key identifier: 23:CB:06:52:85:C6:A1:37:67:95:DA:94:CD:9F:32:EB:5E:94:30:4D
Certificate issuer: /CN=8f8b15d34c08b5f1fcff4f9e74c95bc76a0b6abe
Certificate serial: 013A9C65
Authority key identifier: 8F:8B:15:D3:4C:08:B5:F1:FC:FF:4F:9E:74:C9:5B:C7:6A:0B:6A:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/j4sV00wItfH8_0-edMlbx2oLar4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/55/78c103-89da-4b84-8f34-aeb6d2cf2de2/1/I8sGUoXGoTdnldqUzZ8y616UME0.roa
Signing time: Sat 01 Jan 2022 14:07:39 +0000
ROA not before: Sat 01 Jan 2022 14:07:39 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 204790
IP address blocks: 2a11:b180::/29 maxlen: 29
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 20618341 (0x13a9c65)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8f8b15d34c08b5f1fcff4f9e74c95bc76a0b6abe
Validity
Not Before: Jan 1 14:07:39 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=23cb065285c6a1376795da94cd9f32eb5e94304d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:99:8f:cd:98:d5:4f:d0:f2:e8:11:ed:62:7a:
b3:a3:57:ae:38:f1:ea:df:74:82:1c:fb:5e:29:3b:
18:7e:a0:d5:fe:71:ed:0c:18:f6:97:c0:96:de:dc:
b4:a6:7f:5c:76:f6:b9:ed:08:a5:d8:73:96:8e:5e:
6c:bd:25:95:98:61:7f:a3:06:a6:b0:b4:71:0f:b0:
69:f6:87:b2:6f:5f:47:1b:6a:56:3c:58:6b:4c:82:
e0:f9:12:7a:df:f4:c3:00:a9:3f:68:cc:ab:20:9a:
b3:bb:03:b9:26:02:dd:20:5e:26:67:ab:0a:15:17:
b1:7f:c6:6b:ea:56:37:98:ce:5c:45:af:0f:0a:09:
c1:d8:89:d9:6b:0c:76:3d:42:e8:6f:da:d4:14:37:
a9:bb:20:78:ed:01:6d:43:05:e2:2c:88:45:73:89:
8f:bb:f9:67:cc:5e:5b:50:bf:b0:ee:3b:fa:07:4b:
0c:6f:20:e0:d5:4b:22:7b:60:99:60:74:2f:7d:b5:
34:98:45:a1:b6:7f:38:be:fa:1f:99:46:42:ff:6a:
e0:f4:13:84:2e:3a:77:85:1b:f9:21:e2:32:23:76:
6d:42:d2:7d:3e:32:df:d5:06:54:e0:a3:33:32:df:
ce:7a:9a:51:8d:d1:d3:6d:4a:a3:2d:fb:b0:e8:d4:
20:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:CB:06:52:85:C6:A1:37:67:95:DA:94:CD:9F:32:EB:5E:94:30:4D
X509v3 Authority Key Identifier:
keyid:8F:8B:15:D3:4C:08:B5:F1:FC:FF:4F:9E:74:C9:5B:C7:6A:0B:6A:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/j4sV00wItfH8_0-edMlbx2oLar4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/55/78c103-89da-4b84-8f34-aeb6d2cf2de2/1/I8sGUoXGoTdnldqUzZ8y616UME0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/55/78c103-89da-4b84-8f34-aeb6d2cf2de2/1/j4sV00wItfH8_0-edMlbx2oLar4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:b180::/29
Signature Algorithm: sha256WithRSAEncryption
ba:3a:44:c5:46:aa:08:11:a6:cb:9a:31:4c:5f:6a:81:7e:f9:
c5:e4:1a:94:87:27:19:e9:47:a9:c7:a0:a5:6f:33:56:1b:1c:
d1:f6:f9:39:60:99:2d:1a:bb:eb:1b:e3:b6:9b:10:a0:6e:ed:
2b:57:ad:48:66:47:d4:78:54:ba:4b:4e:b5:64:1a:83:f7:be:
54:18:95:b8:9f:34:ec:fb:d3:48:30:40:8a:d6:a3:b6:4c:db:
a5:75:9b:b0:4c:6b:b6:5d:47:ba:fa:40:f0:90:5d:2c:35:0a:
fb:eb:b0:08:dd:96:8b:2f:eb:c8:ef:bf:5b:30:17:79:c5:62:
8a:3f:60:05:ef:3d:7b:93:11:54:28:a2:f9:0d:ad:25:36:24:
4e:b7:df:ff:1d:65:9e:08:3a:b0:b6:98:5e:eb:d3:0f:63:8e:
2c:78:3b:0d:e0:a6:65:d3:9e:cb:03:d9:36:38:dc:69:78:c7:
97:f0:fb:37:f2:d0:0a:44:dc:e7:85:f3:6e:74:49:29:69:69:
52:27:12:b1:4a:db:a2:1d:cf:08:32:27:17:b7:5d:8d:3d:d7:
7b:c5:9b:42:b7:0a:f3:42:01:3e:fc:89:4d:12:f0:3d:eb:46:
3d:dc:fe:29:37:f3:9d:62:de:d3:f8:7a:6d:69:b8:e7:82:d4:
b8:f5:d1:17
-----BEGIN CERTIFICATE-----
MIIE8DCCA9igAwIBAgIEATqcZTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
ZjhiMTVkMzRjMDhiNWYxZmNmZjRmOWU3NGM5NWJjNzZhMGI2YWJlMB4XDTIyMDEw
MTE0MDczOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMjNjYjA2NTI4NWM2
YTEzNzY3OTVkYTk0Y2Q5ZjMyZWI1ZTk0MzA0ZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKaZj82Y1U/Q8ugR7WJ6s6NXrjjx6t90ghz7Xik7GH6g1f5x
7QwY9pfAlt7ctKZ/XHb2ue0Ipdhzlo5ebL0llZhhf6MGprC0cQ+wafaHsm9fRxtq
VjxYa0yC4PkSet/0wwCpP2jMqyCas7sDuSYC3SBeJmerChUXsX/Ga+pWN5jOXEWv
DwoJwdiJ2WsMdj1C6G/a1BQ3qbsgeO0BbUMF4iyIRXOJj7v5Z8xeW1C/sO47+gdL
DG8g4NVLIntgmWB0L321NJhFobZ/OL76H5lGQv9q4PQThC46d4Ub+SHiMiN2bULS
fT4y39UGVOCjMzLfznqaUY3R021Koy37sOjUIJUCAwEAAaOCAgowggIGMB0GA1Ud
DgQWBBQjywZShcahN2eV2pTNnzLrXpQwTTAfBgNVHSMEGDAWgBSPixXTTAi18fz/
T550yVvHagtqvjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2o0c1YwMHdJdGZIOF8wLWVkTWxieDJvTGFyNC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTUvNzhjMTAzLTg5ZGEtNGI4NC04ZjM0LWFlYjZkMmNmMmRlMi8x
L0k4c0dVb1hHb1RkbmxkcVV6Wjh5NjE2VU1FMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTUv
NzhjMTAzLTg5ZGEtNGI4NC04ZjM0LWFlYjZkMmNmMmRlMi8xL2o0c1YwMHdJdGZI
OF8wLWVkTWxieDJvTGFyNC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAg
BggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFAyoRsYAwDQYJKoZIhvcNAQELBQAD
ggEBALo6RMVGqggRpsuaMUxfaoF++cXkGpSHJxnpR6nHoKVvM1YbHNH2+TlgmS0a
u+sb47abEKBu7StXrUhmR9R4VLpLTrVkGoP3vlQYlbifNOz700gwQIrWo7ZM26V1
m7BMa7ZdR7r6QPCQXSw1CvvrsAjdlosv68jvv1swF3nFYoo/YAXvPXuTEVQoovkN
rSU2JE633/8dZZ4IOrC2mF7r0w9jjix4Ow3gpmXTnssD2TY43Gl4x5fw+zfy0ApE
3OeF8250SSlpaVInErFK26IdzwgyJxe3XY0913vFm0K3CvNCAT78iU0S8D3rRj3c
/ik3851i3tP4em1puOeC1Lj10Rc=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:52:17 2023 by rpki-client on console-ams.rpki-client.org