Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/70bf8b-d8c4-40c3-9022-63348cdbf024/1/MWd8sLsXG0DVi7-U1M333__sWKg.roa
File: MWd8sLsXG0DVi7-U1M333__sWKg.roa (raw, json)
Hash identifier: UpjAqwJe7eZ+I+cXqa6gQPU0DyO5wLjufzcIL0L3XOY=
Subject key identifier: 31:67:7C:B0:BB:17:1B:40:D5:8B:BF:94:D4:CD:F7:DF:FF:EC:58:A8
Certificate issuer: /CN=8e1c11658d2041eaf2502fe5408ed493bbd4f318
Certificate serial: 011D2F1B
Authority key identifier: 8E:1C:11:65:8D:20:41:EA:F2:50:2F:E5:40:8E:D4:93:BB:D4:F3:18
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jhwRZY0gQeryUC_lQI7Uk7vU8xg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/70bf8b-d8c4-40c3-9022-63348cdbf024/1/MWd8sLsXG0DVi7-U1M333__sWKg.roa
Signing time: Sat 01 Jan 2022 06:03:52 +0000
ROA not before: Sat 01 Jan 2022 06:03:52 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 204790
IP address blocks: 2a10:3c40::/29 maxlen: 29
2a10:6380::/29 maxlen: 29
2a10:3d40::/29 maxlen: 29
2a0c:cc40::/29 maxlen: 29
2a10:6480::/29 maxlen: 29
2a10:38c0::/29 maxlen: 29
2a10:3e40::/29 maxlen: 29
2a10:6580::/29 maxlen: 29
2a10:39c0::/29 maxlen: 29
2a10:6680::/29 maxlen: 29
2a10:3ac0::/29 maxlen: 29
2a10:6780::/29 maxlen: 29
2a10:7280::/29 maxlen: 29
2a10:6880::/29 maxlen: 29
2a10:3bc0::/29 maxlen: 29
2a0e:4200::/29 maxlen: 29
2a10:6980::/29 maxlen: 29
2a10:3cc0::/29 maxlen: 29
2a0e:6300::/29 maxlen: 29
2a0d:d000::/29 maxlen: 29
2a10:3dc0::/29 maxlen: 29
2a10:3940::/29 maxlen: 29
2a10:6180::/29 maxlen: 29
2a10:3a40::/29 maxlen: 29
2a06:7780::/29 maxlen: 29
2a10:3b40::/29 maxlen: 29
2a10:2380::/29 maxlen: 29
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 18689819 (0x11d2f1b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8e1c11658d2041eaf2502fe5408ed493bbd4f318
Validity
Not Before: Jan 1 06:03:52 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=31677cb0bb171b40d58bbf94d4cdf7dfffec58a8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:6e:aa:cc:96:72:06:21:35:d5:0d:0e:9a:13:
fd:26:7f:9b:a9:25:61:a2:17:50:1d:97:b1:91:d6:
aa:f0:12:ef:9b:a0:0b:99:70:da:20:bb:7c:28:6e:
b4:2d:f2:c9:9a:a2:9e:77:d0:e0:af:55:58:13:ff:
3c:00:0d:48:fb:76:e3:ff:80:28:d4:ae:56:bd:e8:
ad:40:da:99:b5:1a:22:cd:d6:14:2b:f7:58:a6:35:
62:3c:51:ee:f0:e5:79:79:5c:b5:bf:2e:1c:6a:9c:
4f:ed:e6:d2:68:71:3c:18:95:32:da:8f:45:33:96:
b9:64:9d:3d:58:b5:8e:25:3a:ef:24:0b:6b:1f:d1:
60:51:9f:1a:58:5c:2b:b6:4e:cd:7b:d2:93:69:01:
4b:01:27:e1:14:4c:79:1f:9d:89:15:85:3d:f0:30:
49:7b:2a:94:fe:03:5a:f2:d8:ef:a8:17:2c:25:61:
b7:6e:f8:a8:6e:25:af:62:56:ed:69:96:88:4a:6f:
93:2d:35:1e:61:5a:d0:36:79:48:de:c7:7e:4a:5d:
6e:87:6b:2b:95:b2:ef:f4:d7:f6:99:e9:9f:96:f5:
1f:1d:96:53:17:24:ae:4c:60:b9:85:13:a4:42:a5:
fc:7e:61:30:02:20:3c:65:ec:36:c6:42:88:ae:8b:
b7:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:67:7C:B0:BB:17:1B:40:D5:8B:BF:94:D4:CD:F7:DF:FF:EC:58:A8
X509v3 Authority Key Identifier:
keyid:8E:1C:11:65:8D:20:41:EA:F2:50:2F:E5:40:8E:D4:93:BB:D4:F3:18
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jhwRZY0gQeryUC_lQI7Uk7vU8xg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/70bf8b-d8c4-40c3-9022-63348cdbf024/1/MWd8sLsXG0DVi7-U1M333__sWKg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/62/70bf8b-d8c4-40c3-9022-63348cdbf024/1/jhwRZY0gQeryUC_lQI7Uk7vU8xg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:7780::/29
2a0c:cc40::/29
2a0d:d000::/29
2a0e:4200::/29
2a0e:6300::/29
2a10:2380::/29
2a10:38c0::/29
2a10:3940::/29
2a10:39c0::/29
2a10:3a40::/29
2a10:3ac0::/29
2a10:3b40::/29
2a10:3bc0::/29
2a10:3c40::/29
2a10:3cc0::/29
2a10:3d40::/29
2a10:3dc0::/29
2a10:3e40::/29
2a10:6180::/29
2a10:6380::/29
2a10:6480::/29
2a10:6580::/29
2a10:6680::/29
2a10:6780::/29
2a10:6880::/29
2a10:6980::/29
2a10:7280::/29
Signature Algorithm: sha256WithRSAEncryption
4d:72:01:62:d4:b1:f1:00:e0:ee:5a:b6:99:90:b8:26:45:67:
6b:b8:1d:fb:dd:66:8c:13:20:79:13:59:2a:33:9f:bc:c7:61:
ff:80:41:03:f0:71:cf:89:7f:1f:bf:83:b4:ed:ab:92:e0:ea:
18:7e:db:03:ac:67:38:14:96:05:48:78:b4:f6:07:92:d6:e2:
5a:c5:36:f0:2a:2d:9b:a6:0c:53:75:9a:55:d3:91:0e:a9:14:
ea:b9:8e:01:6c:38:ff:9e:f1:0c:80:3b:3b:61:c5:49:d5:33:
c5:9f:bf:59:d1:09:8a:9e:e7:11:65:ee:1c:a0:7b:5c:c0:82:
54:b0:ac:42:d4:30:85:f6:9b:0f:4e:15:10:a6:c9:12:99:7c:
fe:38:57:51:63:d1:5b:b0:8c:49:27:62:06:35:d0:eb:55:3e:
00:a6:30:a6:a1:54:54:65:2c:7c:31:72:d8:9b:da:ca:d3:e1:
47:47:08:11:dc:c2:b0:d7:81:59:20:b1:0c:26:de:05:ed:13:
e0:58:78:f4:ec:f9:b3:1a:d6:11:a5:ef:4f:71:b0:a4:d0:e7:
9f:fc:30:b7:b1:58:31:f4:b7:7d:94:3e:05:c9:96:31:45:e4:
25:45:fa:15:83:af:8d:c4:87:df:09:22:b4:aa:31:ae:58:10:
95:07:34:dc
-----BEGIN CERTIFICATE-----
MIIFqzCCBJOgAwIBAgIEAR0vGzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
ZTFjMTE2NThkMjA0MWVhZjI1MDJmZTU0MDhlZDQ5M2JiZDRmMzE4MB4XDTIyMDEw
MTA2MDM1MloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMzE2NzdjYjBiYjE3
MWI0MGQ1OGJiZjk0ZDRjZGY3ZGZmZmVjNThhODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALBuqsyWcgYhNdUNDpoT/SZ/m6klYaIXUB2XsZHWqvAS75ug
C5lw2iC7fChutC3yyZqinnfQ4K9VWBP/PAANSPt24/+AKNSuVr3orUDambUaIs3W
FCv3WKY1YjxR7vDleXlctb8uHGqcT+3m0mhxPBiVMtqPRTOWuWSdPVi1jiU67yQL
ax/RYFGfGlhcK7ZOzXvSk2kBSwEn4RRMeR+diRWFPfAwSXsqlP4DWvLY76gXLCVh
t274qG4lr2JW7WmWiEpvky01HmFa0DZ5SN7HfkpdbodrK5Wy7/TX9pnpn5b1Hx2W
UxckrkxguYUTpEKl/H5hMAIgPGXsNsZCiK6Lt9ECAwEAAaOCAsUwggLBMB0GA1Ud
DgQWBBQxZ3ywuxcbQNWLv5TUzfff/+xYqDAfBgNVHSMEGDAWgBSOHBFljSBB6vJQ
L+VAjtSTu9TzGDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2pod1JaWTBnUWVyeVVDX2xRSTdVazd2VTh4Zy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNjIvNzBiZjhiLWQ4YzQtNDBjMy05MDIyLTYzMzQ4Y2RiZjAyNC8x
L01XZDhzTHNYRzBEVmk3LVUxTTMzM19fc1dLZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjIv
NzBiZjhiLWQ4YzQtNDBjMy05MDIyLTYzMzQ4Y2RiZjAyNC8xL2pod1JaWTBnUWVy
eVVDX2xRSTdVazd2VTh4Zy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCB
2gYIKwYBBQUHAQcBAf8EgcowgccwgcQEAgACMIG9AwUDKgZ3gAMFAyoMzEADBQMq
DdAAAwUDKg5CAAMFAyoOYwADBQMqECOAAwUDKhA4wAMFAyoQOUADBQMqEDnAAwUD
KhA6QAMFAyoQOsADBQMqEDtAAwUDKhA7wAMFAyoQPEADBQMqEDzAAwUDKhA9QAMF
AyoQPcADBQMqED5AAwUDKhBhgAMFAyoQY4ADBQMqEGSAAwUDKhBlgAMFAyoQZoAD
BQMqEGeAAwUDKhBogAMFAyoQaYADBQMqEHKAMA0GCSqGSIb3DQEBCwUAA4IBAQBN
cgFi1LHxAODuWraZkLgmRWdruB373WaMEyB5E1kqM5+8x2H/gEED8HHPiX8fv4O0
7auS4OoYftsDrGc4FJYFSHi09geS1uJaxTbwKi2bpgxTdZpV05EOqRTquY4BbDj/
nvEMgDs7YcVJ1TPFn79Z0QmKnucRZe4coHtcwIJUsKxC1DCF9psPThUQpskSmXz+
OFdRY9FbsIxJJ2IGNdDrVT4ApjCmoVRUZSx8MXLYm9rK0+FHRwgR3MKw14FZILEM
Jt4F7RPgWHj07PmzGtYRpe9PcbCk0Oef/DC3sVgx9Ld9lD4FyZYxReQlRfoVg6+N
xIffCSK0qjGuWBCVBzTc
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:06:53 2025 by rpki-client