Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/59f376-dfbe-478a-b81e-f4979d50ee22/1/9ceDsxoYGXpQpu0AR6r1VUqJzkY.roa
File: 9ceDsxoYGXpQpu0AR6r1VUqJzkY.roa (raw, json)
Hash identifier: 1ZA9YJPWDr0WphZ7w0Ngl78CftHeV8bxx6wk/Dd3Lrk=
Subject key identifier: F5:C7:83:B3:1A:18:19:7A:50:A6:ED:00:47:AA:F5:55:4A:89:CE:46
Certificate issuer: /CN=9696e5224fef517f4dcc66c1410352cc8abfb22e
Certificate serial: 059BB083
Authority key identifier: 96:96:E5:22:4F:EF:51:7F:4D:CC:66:C1:41:03:52:CC:8A:BF:B2:2E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lpblIk_vUX9NzGbBQQNSzIq_si4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/59f376-dfbe-478a-b81e-f4979d50ee22/1/9ceDsxoYGXpQpu0AR6r1VUqJzkY.roa
Signing time: Sat 01 Jan 2022 16:11:31 +0000
ROA not before: Sat 01 Jan 2022 16:11:31 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 205165
IP address blocks: 2001:67c:2ebc::/48 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 94089347 (0x59bb083)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9696e5224fef517f4dcc66c1410352cc8abfb22e
Validity
Not Before: Jan 1 16:11:31 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f5c783b31a18197a50a6ed0047aaf5554a89ce46
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:17:f2:3c:b5:78:a6:79:e4:46:11:74:d9:02:
1c:91:aa:c1:46:bf:53:01:ad:0b:ce:d9:ff:ad:67:
ec:a5:d7:34:f0:73:60:7a:85:42:bc:2d:ab:4d:ea:
8b:8e:aa:e0:c7:78:51:81:87:c2:fe:d8:7d:0f:e8:
96:d6:6c:70:6e:67:73:ce:12:72:ef:1b:1e:0d:b1:
32:8b:ff:d6:91:65:7a:29:c1:48:e6:d2:25:d2:9c:
f4:c4:06:f1:4e:cf:11:b0:ac:c6:0a:a3:97:91:7c:
52:03:ea:09:a7:b3:87:f3:9a:0d:96:ba:c2:21:9d:
03:9a:00:dd:fa:4f:dd:cb:0b:6e:64:67:b1:60:c9:
79:56:74:7f:e9:c9:9a:71:74:03:65:c9:b4:0c:aa:
77:cb:87:07:62:48:a5:8e:4c:c5:08:4f:d4:7e:b9:
33:9b:a0:11:2d:7a:20:e3:67:67:eb:78:da:1d:ca:
2e:3f:16:10:df:54:53:b8:a2:62:d2:0a:89:15:77:
7c:bb:c1:7d:a7:ab:92:63:bb:7f:62:d1:f8:5e:a0:
60:1a:67:97:9d:98:59:16:59:bc:b0:35:7d:0c:01:
48:b4:3b:27:25:cc:5d:8c:7a:4d:b7:76:50:50:37:
54:a7:33:09:18:cb:d8:a2:d2:e7:bc:43:5a:0e:06:
0a:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:C7:83:B3:1A:18:19:7A:50:A6:ED:00:47:AA:F5:55:4A:89:CE:46
X509v3 Authority Key Identifier:
keyid:96:96:E5:22:4F:EF:51:7F:4D:CC:66:C1:41:03:52:CC:8A:BF:B2:2E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lpblIk_vUX9NzGbBQQNSzIq_si4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/59f376-dfbe-478a-b81e-f4979d50ee22/1/9ceDsxoYGXpQpu0AR6r1VUqJzkY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/59f376-dfbe-478a-b81e-f4979d50ee22/1/lpblIk_vUX9NzGbBQQNSzIq_si4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:2ebc::/48
Signature Algorithm: sha256WithRSAEncryption
d0:ab:12:97:ed:78:0d:5d:c4:7c:b8:dd:29:c8:2d:60:e2:e0:
52:e3:be:02:b9:b0:fe:f8:f0:91:7b:4a:25:99:a2:0f:db:a2:
3b:bf:a0:6c:31:9a:73:a0:ed:94:7a:9a:7e:67:e2:3c:2c:29:
d6:31:d5:42:f5:4f:3f:fd:69:18:35:ec:0c:b9:08:0f:9f:3c:
93:c1:fa:2d:23:75:2e:8d:03:01:2f:7e:a7:8c:02:ad:e5:02:
b6:6d:88:48:3d:f2:a4:d1:20:19:e8:13:b3:a7:37:5a:9c:09:
a5:49:c2:29:e1:04:a1:be:cd:7f:37:cc:0b:cf:55:1a:b3:69:
bc:fb:26:fe:75:de:0e:a9:44:43:a4:62:74:c1:78:39:ec:2a:
90:38:f8:d6:b6:f6:3c:3b:6c:1a:f9:5b:87:af:58:ba:a4:d9:
29:66:20:69:8a:20:d4:b8:a6:5e:f5:88:fc:69:4f:10:2f:7b:
38:e4:77:3f:b3:a4:f1:57:74:d5:c3:b1:a0:9a:c9:c1:92:51:
3e:be:be:58:55:44:67:61:8c:ad:54:10:46:af:8f:1a:0b:68:
13:2a:19:d0:22:84:88:fa:a2:d8:33:96:4a:d0:51:05:ed:1f:
13:99:38:41:ef:5f:80:fd:92:2e:69:ed:9a:0a:ee:78:f8:8a:
78:0c:29:e8
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIEBZuwgzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
Njk2ZTUyMjRmZWY1MTdmNGRjYzY2YzE0MTAzNTJjYzhhYmZiMjJlMB4XDTIyMDEw
MTE2MTEzMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZjVjNzgzYjMxYTE4
MTk3YTUwYTZlZDAwNDdhYWY1NTU0YTg5Y2U0NjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJ4X8jy1eKZ55EYRdNkCHJGqwUa/UwGtC87Z/61n7KXXNPBz
YHqFQrwtq03qi46q4Md4UYGHwv7YfQ/oltZscG5nc84Scu8bHg2xMov/1pFleinB
SObSJdKc9MQG8U7PEbCsxgqjl5F8UgPqCaezh/OaDZa6wiGdA5oA3fpP3csLbmRn
sWDJeVZ0f+nJmnF0A2XJtAyqd8uHB2JIpY5MxQhP1H65M5ugES16IONnZ+t42h3K
Lj8WEN9UU7iiYtIKiRV3fLvBfaerkmO7f2LR+F6gYBpnl52YWRZZvLA1fQwBSLQ7
JyXMXYx6Tbd2UFA3VKczCRjL2KLS57xDWg4GCr0CAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBT1x4OzGhgZelCm7QBHqvVVSonORjAfBgNVHSMEGDAWgBSWluUiT+9Rf03M
ZsFBA1LMir+yLjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2xwYmxJa192VVg5TnpHYkJRUU5TeklxX3NpNC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTgvNTlmMzc2LWRmYmUtNDc4YS1iODFlLWY0OTc5ZDUwZWUyMi8x
LzljZURzeG9ZR1hwUXB1MEFSNnIxVlVxSnprWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTgv
NTlmMzc2LWRmYmUtNDc4YS1iODFlLWY0OTc5ZDUwZWUyMi8xL2xwYmxJa192VVg5
TnpHYkJRUU5TeklxX3NpNC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACABBnwuvDANBgkqhkiG9w0BAQsF
AAOCAQEA0KsSl+14DV3EfLjdKcgtYOLgUuO+Armw/vjwkXtKJZmiD9uiO7+gbDGa
c6DtlHqafmfiPCwp1jHVQvVPP/1pGDXsDLkID588k8H6LSN1Lo0DAS9+p4wCreUC
tm2ISD3ypNEgGegTs6c3WpwJpUnCKeEEob7NfzfMC89VGrNpvPsm/nXeDqlEQ6Ri
dMF4OewqkDj41rb2PDtsGvlbh69YuqTZKWYgaYog1LimXvWI/GlPEC97OOR3P7Ok
8Vd01cOxoJrJwZJRPr6+WFVEZ2GMrVQQRq+PGgtoEyoZ0CKEiPqi2DOWStBRBe0f
E5k4Qe9fgP2SLmntmgruePiKeAwp6A==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:10:54 2024 by rpki-client on console-ams.rpki-client.org