Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/70bf8b-d8c4-40c3-9022-63348cdbf024/1/351bkhJ3PkRzexY5grVvXcUFCCo.roa
File: 351bkhJ3PkRzexY5grVvXcUFCCo.roa (raw, json)
Hash identifier: VkhIo5udrO/PTf7mzpTLA+oqs5b2ZgnWLcRHnqd6paU=
Subject key identifier: DF:9D:5B:92:12:77:3E:44:73:7B:16:39:82:B5:6F:5D:C5:05:08:2A
Certificate issuer: /CN=8e1c11658d2041eaf2502fe5408ed493bbd4f318
Certificate serial: 018340D7534A86E4F6F29C084F3BE64D8205
Authority key identifier: 8E:1C:11:65:8D:20:41:EA:F2:50:2F:E5:40:8E:D4:93:BB:D4:F3:18
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jhwRZY0gQeryUC_lQI7Uk7vU8xg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/70bf8b-d8c4-40c3-9022-63348cdbf024/1/351bkhJ3PkRzexY5grVvXcUFCCo.roa
Signing time: Thu 15 Sep 2022 11:09:56 +0000
ROA not before: Thu 15 Sep 2022 11:09:56 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 204790
IP address blocks: 2a10:6880::/29 maxlen: 29
2a10:3bc0::/29 maxlen: 29
2a10:3c40::/29 maxlen: 29
2a0e:4200::/29 maxlen: 29
2a10:6980::/29 maxlen: 29
2a10:3cc0::/29 maxlen: 29
2a10:3d40::/29 maxlen: 29
2a0c:cc40::/29 maxlen: 29
2a0d:d000::/29 maxlen: 29
2a10:38c0::/29 maxlen: 29
2a10:3dc0::/29 maxlen: 29
2a10:3e40::/29 maxlen: 29
2a10:3940::/29 maxlen: 29
2a10:39c0::/29 maxlen: 29
2a10:3a40::/29 maxlen: 29
2a10:6180::/29 maxlen: 29
2a10:3ac0::/29 maxlen: 29
2a06:7780::/29 maxlen: 29
2a10:3b40::/29 maxlen: 29
2a10:2380::/29 maxlen: 29
2a10:7280::/29 maxlen: 29
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:40:d7:53:4a:86:e4:f6:f2:9c:08:4f:3b:e6:4d:82:05
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8e1c11658d2041eaf2502fe5408ed493bbd4f318
Validity
Not Before: Sep 15 11:09:56 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=df9d5b9212773e44737b163982b56f5dc505082a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:18:7b:08:d3:30:43:ed:41:63:7a:fe:fa:49:
26:93:a2:ac:8e:8d:bd:ef:1a:ad:07:90:ad:88:e8:
f9:15:37:fa:47:fb:08:ba:c2:fb:43:82:61:e3:11:
98:87:6c:ed:2b:86:5f:59:f9:49:5c:30:a3:99:83:
51:ba:aa:82:93:84:40:c9:0e:0e:45:34:63:c8:18:
da:7f:74:5c:b8:fd:d8:67:5e:ca:e9:48:f9:65:f2:
ab:fe:74:b0:bc:a1:b4:78:fb:ca:32:68:92:86:7c:
e6:9e:70:d4:a2:10:50:cd:42:6e:30:81:cd:1c:b3:
77:4b:6a:7b:51:02:ca:e5:b8:e5:d7:14:4d:cc:74:
a4:3c:ff:d7:27:03:da:57:cd:f8:de:b3:5d:29:49:
80:a4:64:e5:37:20:86:10:99:c1:5d:fd:16:6a:bb:
0a:c9:6f:cd:3a:cc:2f:b2:36:77:ba:55:62:6a:c1:
61:c9:9e:09:33:b1:05:42:36:47:85:fb:cf:a5:e4:
42:2e:a7:d1:09:58:24:34:2f:15:62:69:3c:f3:cb:
0d:ea:63:55:b5:14:b7:8a:eb:4e:4c:93:2a:b0:2d:
6d:67:af:9c:f2:d8:7d:b2:a1:cc:48:55:d9:44:8f:
f3:b2:89:93:66:95:e5:00:d3:04:39:02:43:9e:ad:
04:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:9D:5B:92:12:77:3E:44:73:7B:16:39:82:B5:6F:5D:C5:05:08:2A
X509v3 Authority Key Identifier:
keyid:8E:1C:11:65:8D:20:41:EA:F2:50:2F:E5:40:8E:D4:93:BB:D4:F3:18
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jhwRZY0gQeryUC_lQI7Uk7vU8xg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/70bf8b-d8c4-40c3-9022-63348cdbf024/1/351bkhJ3PkRzexY5grVvXcUFCCo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/62/70bf8b-d8c4-40c3-9022-63348cdbf024/1/jhwRZY0gQeryUC_lQI7Uk7vU8xg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:7780::/29
2a0c:cc40::/29
2a0d:d000::/29
2a0e:4200::/29
2a10:2380::/29
2a10:38c0::/29
2a10:3940::/29
2a10:39c0::/29
2a10:3a40::/29
2a10:3ac0::/29
2a10:3b40::/29
2a10:3bc0::/29
2a10:3c40::/29
2a10:3cc0::/29
2a10:3d40::/29
2a10:3dc0::/29
2a10:3e40::/29
2a10:6180::/29
2a10:6880::/29
2a10:6980::/29
2a10:7280::/29
Signature Algorithm: sha256WithRSAEncryption
49:04:3c:6d:19:25:7b:f5:a3:10:02:9c:e0:d1:a5:62:41:fc:
9b:e5:2c:40:8d:75:a9:dd:1a:b7:66:9c:c5:12:66:47:5b:75:
dd:b3:85:4f:91:86:64:93:a1:3e:85:c5:26:aa:4e:b8:69:f2:
e3:30:b6:c3:82:2c:75:f8:01:40:40:f6:fc:bc:77:cc:d1:9b:
ba:1b:a0:45:f4:35:dd:25:00:6e:a5:07:e3:85:d6:9d:b4:66:
75:5b:b6:49:43:7c:76:f5:2d:f2:e3:da:aa:7e:ea:10:fd:b6:
df:a8:33:73:8d:a7:2b:47:d0:ba:03:07:f6:58:c8:31:f1:62:
77:08:ca:37:25:54:36:4a:6d:af:e6:41:c9:d7:ac:dd:a1:f2:
dd:84:b8:bd:2d:31:8b:47:49:5a:77:d1:02:51:d4:65:59:80:
81:d5:ce:7b:85:37:dc:69:b0:81:18:18:72:23:ce:0d:21:94:
1c:10:a5:b4:f4:80:a0:b0:b0:92:99:fe:15:a3:b7:cd:30:ad:
f6:48:93:97:b4:1b:a6:14:42:e1:38:b9:8d:fa:b7:cb:43:8d:
ca:f6:95:11:e6:65:77:97:7b:11:c1:c3:b0:d8:67:5d:21:94:
99:4d:88:98:29:58:12:19:5c:e2:87:df:3e:af:4e:3a:08:32:
de:0d:c8:76
-----BEGIN CERTIFICATE-----
MIIFjzCCBHegAwIBAgISAYNA11NKhuT28pwITzvmTYIFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhlMWMxMTY1OGQyMDQxZWFmMjUwMmZlNTQwOGVkNDkzYmJk
NGYzMTgwHhcNMjIwOTE1MTEwOTU2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZjlkNWI5MjEyNzczZTQ0NzM3YjE2Mzk4MmI1NmY1ZGM1MDUwODJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtBh7CNMwQ+1BY3r++kkmk6Ksjo29
7xqtB5CtiOj5FTf6R/sIusL7Q4Jh4xGYh2ztK4ZfWflJXDCjmYNRuqqCk4RAyQ4O
RTRjyBjaf3RcuP3YZ17K6Uj5ZfKr/nSwvKG0ePvKMmiShnzmnnDUohBQzUJuMIHN
HLN3S2p7UQLK5bjl1xRNzHSkPP/XJwPaV8343rNdKUmApGTlNyCGEJnBXf0WarsK
yW/NOswvsjZ3ulViasFhyZ4JM7EFQjZHhfvPpeRCLqfRCVgkNC8VYmk888sN6mNV
tRS3iutOTJMqsC1tZ6+c8th9sqHMSFXZRI/zsomTZpXlANMEOQJDnq0EswIDAQAB
o4ICmzCCApcwHQYDVR0OBBYEFN+dW5ISdz5Ec3sWOYK1b13FBQgqMB8GA1UdIwQY
MBaAFI4cEWWNIEHq8lAv5UCO1JO71PMYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvamh3UlpZMGdRZXJ5VUNfbFFJN1VrN3ZVOHhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Mi83MGJmOGItZDhjNC00MGMzLTkwMjIt
NjMzNDhjZGJmMDI0LzEvMzUxYmtoSjNQa1J6ZXhZNWdyVnZYY1VGQ0NvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Mi83MGJmOGItZDhjNC00MGMzLTkwMjItNjMzNDhjZGJmMDI0
LzEvamh3UlpZMGdRZXJ5VUNfbFFJN1VrN3ZVOHhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGwBggrBgEFBQcBBwEB/wSBoDCBnTCBmgQCAAIwgZMDBQMq
BneAAwUDKgzMQAMFAyoN0AADBQMqDkIAAwUDKhAjgAMFAyoQOMADBQMqEDlAAwUD
KhA5wAMFAyoQOkADBQMqEDrAAwUDKhA7QAMFAyoQO8ADBQMqEDxAAwUDKhA8wAMF
AyoQPUADBQMqED3AAwUDKhA+QAMFAyoQYYADBQMqEGiAAwUDKhBpgAMFAyoQcoAw
DQYJKoZIhvcNAQELBQADggEBAEkEPG0ZJXv1oxACnODRpWJB/JvlLECNdandGrdm
nMUSZkdbdd2zhU+RhmSToT6FxSaqTrhp8uMwtsOCLHX4AUBA9vy8d8zRm7oboEX0
Nd0lAG6lB+OF1p20ZnVbtklDfHb1LfLj2qp+6hD9tt+oM3ONpytH0LoDB/ZYyDHx
YncIyjclVDZKba/mQcnXrN2h8t2EuL0tMYtHSVp30QJR1GVZgIHVznuFN9xpsIEY
GHIjzg0hlBwQpbT0gKCwsJKZ/hWjt80wrfZIk5e0G6YUQuE4uY36t8tDjcr2lRHm
ZXeXexHBw7DYZ10hlJlNiJgpWBIZXOKH3z6vTjoIMt4NyHY=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:57:02 2023 by rpki-client on console-fra.rpki-client.org