Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/1fa4a1-9a1c-47de-aca6-9449957fd5a5/1/EP-IWewgDIw9mY4dzdzrTqoEF24.roa
File: EP-IWewgDIw9mY4dzdzrTqoEF24.roa (raw, json)
Hash identifier: 9mBgNF9Cb3LTx51k6mIvc4wvD9aXdmdbdllEGpk1yDA=
Subject key identifier: 10:FF:88:59:EC:20:0C:8C:3D:99:8E:1D:CD:DC:EB:4E:AA:04:17:6E
Certificate issuer: /CN=e0559ce889ae4241121fe0a1653e4b955f3edf4b
Certificate serial: 018260A1A7F6C89E358D2BFAA0DC58752AA2
Authority key identifier: E0:55:9C:E8:89:AE:42:41:12:1F:E0:A1:65:3E:4B:95:5F:3E:DF:4B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4FWc6ImuQkESH-ChZT5LlV8-30s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/1fa4a1-9a1c-47de-aca6-9449957fd5a5/1/EP-IWewgDIw9mY4dzdzrTqoEF24.roa
Signing time: Tue 02 Aug 2022 22:16:23 +0000
ROA not before: Tue 02 Aug 2022 22:16:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 60781
IP address blocks: 2a11:1800::/29 maxlen: 29
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:60:a1:a7:f6:c8:9e:35:8d:2b:fa:a0:dc:58:75:2a:a2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e0559ce889ae4241121fe0a1653e4b955f3edf4b
Validity
Not Before: Aug 2 22:16:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=10ff8859ec200c8c3d998e1dcddceb4eaa04176e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:9c:44:68:8b:62:80:b8:05:19:6f:5d:04:ec:
64:70:b5:6b:d6:ae:b8:ab:80:39:5e:31:e6:b2:99:
a1:fa:c3:c2:5a:d5:b1:d8:b5:dd:48:8c:4c:d8:fc:
f0:48:83:7b:ec:6c:c4:52:2e:8d:e5:1e:80:92:3a:
c9:b2:6f:90:3b:ee:91:30:15:7c:ff:ea:bd:63:72:
86:8b:05:c5:16:8d:1d:96:d5:5c:4c:64:ae:18:14:
70:f5:e1:1a:72:14:51:d8:88:d5:71:37:ca:0e:c5:
9f:7c:b8:0a:a3:ed:04:7a:f1:c1:a4:25:2d:e5:4c:
b9:6f:a9:bd:e6:60:f9:a6:6e:fd:4a:d7:05:35:56:
6c:bb:02:1f:bf:d1:ad:95:0b:ab:77:f6:66:f6:8f:
82:ee:b3:64:25:13:d0:53:fb:01:3e:97:af:97:8d:
8f:63:34:84:c2:f6:0d:15:fc:fc:3e:5b:a7:6e:5c:
e6:78:77:4b:93:da:e7:49:d7:44:96:6f:3d:f5:b3:
5f:36:08:25:76:39:50:29:0d:71:9e:58:95:32:d4:
13:6a:a1:13:a2:6a:59:23:75:44:cc:6e:53:da:bf:
74:6f:4f:63:17:17:ec:1f:4e:c5:98:f6:e8:11:d9:
20:eb:c1:02:d7:f7:7f:d3:7e:f4:00:79:21:fb:29:
c5:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
10:FF:88:59:EC:20:0C:8C:3D:99:8E:1D:CD:DC:EB:4E:AA:04:17:6E
X509v3 Authority Key Identifier:
keyid:E0:55:9C:E8:89:AE:42:41:12:1F:E0:A1:65:3E:4B:95:5F:3E:DF:4B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4FWc6ImuQkESH-ChZT5LlV8-30s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/1fa4a1-9a1c-47de-aca6-9449957fd5a5/1/EP-IWewgDIw9mY4dzdzrTqoEF24.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/62/1fa4a1-9a1c-47de-aca6-9449957fd5a5/1/4FWc6ImuQkESH-ChZT5LlV8-30s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:1800::/29
Signature Algorithm: sha256WithRSAEncryption
97:95:1c:32:df:07:b5:d9:39:af:72:f1:60:6b:c9:b2:c1:a4:
eb:26:e2:dd:18:6c:37:d2:bc:da:70:d8:8c:c9:4c:cd:0b:a2:
64:48:9f:a6:fb:83:93:e3:40:13:1a:f1:88:2b:3f:c5:65:d2:
5b:dd:6b:f2:27:7d:43:d9:55:56:8c:d2:da:df:a5:28:9d:57:
51:26:74:3f:f5:8a:cb:2a:89:86:fe:94:38:b6:a9:da:9c:65:
5f:87:12:7e:fc:4b:22:9f:af:5f:2e:13:7c:26:65:fa:2b:70:
7d:9a:c5:48:eb:96:ff:07:d2:12:47:09:b3:f8:96:b3:1c:0d:
e3:bf:44:59:46:47:76:12:fa:0f:26:c9:cd:0d:9b:cc:14:b2:
32:27:fa:9a:41:5d:99:18:25:53:e1:70:c2:e0:58:05:52:85:
eb:46:57:14:60:80:ec:ff:4c:c5:ec:a1:a3:46:7c:21:e4:13:
3d:df:26:19:0c:3f:6c:9f:92:cb:9d:aa:31:fb:1e:96:51:03:
ba:a3:a3:72:b8:d2:09:4b:19:44:41:35:68:4a:25:ea:70:f2:
ad:e5:a3:3e:36:38:ab:8d:8c:81:67:00:44:a9:be:14:0c:25:
37:02:b3:3c:ad:23:90:68:c8:43:51:e5:30:02:74:b8:3a:a6:
bb:28:60:45
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYJgoaf2yJ41jSv6oNxYdSqiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUwNTU5Y2U4ODlhZTQyNDExMjFmZTBhMTY1M2U0Yjk1NWYz
ZWRmNGIwHhcNMjIwODAyMjIxNjIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMGZmODg1OWVjMjAwYzhjM2Q5OThlMWRjZGRjZWI0ZWFhMDQxNzZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlpxEaItigLgFGW9dBOxkcLVr1q64
q4A5XjHmspmh+sPCWtWx2LXdSIxM2PzwSIN77GzEUi6N5R6AkjrJsm+QO+6RMBV8
/+q9Y3KGiwXFFo0dltVcTGSuGBRw9eEachRR2IjVcTfKDsWffLgKo+0EevHBpCUt
5Uy5b6m95mD5pm79StcFNVZsuwIfv9GtlQurd/Zm9o+C7rNkJRPQU/sBPpevl42P
YzSEwvYNFfz8PlunblzmeHdLk9rnSddElm899bNfNggldjlQKQ1xnliVMtQTaqET
ompZI3VEzG5T2r90b09jFxfsH07FmPboEdkg68EC1/d/0370AHkh+ynFJQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFBD/iFnsIAyMPZmOHc3c606qBBduMB8GA1UdIwQY
MBaAFOBVnOiJrkJBEh/goWU+S5VfPt9LMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNEZXYzZJbXVRa0VTSC1DaFpUNUxsVjgtMzBzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Mi8xZmE0YTEtOWExYy00N2RlLWFjYTYt
OTQ0OTk1N2ZkNWE1LzEvRVAtSVdld2dESXc5bVk0ZHpkenJUcW9FRjI0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Mi8xZmE0YTEtOWExYy00N2RlLWFjYTYtOTQ0OTk1N2ZkNWE1
LzEvNEZXYzZJbXVRa0VTSC1DaFpUNUxsVjgtMzBzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhEYADAN
BgkqhkiG9w0BAQsFAAOCAQEAl5UcMt8Htdk5r3LxYGvJssGk6ybi3RhsN9K82nDY
jMlMzQuiZEifpvuDk+NAExrxiCs/xWXSW91r8id9Q9lVVozS2t+lKJ1XUSZ0P/WK
yyqJhv6UOLap2pxlX4cSfvxLIp+vXy4TfCZl+itwfZrFSOuW/wfSEkcJs/iWsxwN
479EWUZHdhL6DybJzQ2bzBSyMif6mkFdmRglU+FwwuBYBVKF60ZXFGCA7P9Mxeyh
o0Z8IeQTPd8mGQw/bJ+Sy52qMfsellEDuqOjcrjSCUsZREE1aEol6nDyreWjPjY4
q42MgWcARKm+FAwlNwKzPK0jkGjIQ1HlMAJ0uDqmuyhgRQ==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:00:42 2023 by rpki-client on console-ams.rpki-client.org