Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/70bf8b-d8c4-40c3-9022-63348cdbf024/1/QPzAt7MaoeH6ppxSvR9z8si4ID0.roa
File: QPzAt7MaoeH6ppxSvR9z8si4ID0.roa (raw, json)
Hash identifier: MMu8VWPJ7UA5GuvOyqnx4HWl3g1TwkO/2PjwGDmkHWI=
Subject key identifier: 40:FC:C0:B7:B3:1A:A1:E1:FA:A6:9C:52:BD:1F:73:F2:C8:B8:20:3D
Certificate issuer: /CN=8e1c11658d2041eaf2502fe5408ed493bbd4f318
Certificate serial: 01856F42CC0A5CB740EFA93BF2FEFEE0399B
Authority key identifier: 8E:1C:11:65:8D:20:41:EA:F2:50:2F:E5:40:8E:D4:93:BB:D4:F3:18
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jhwRZY0gQeryUC_lQI7Uk7vU8xg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/70bf8b-d8c4-40c3-9022-63348cdbf024/1/QPzAt7MaoeH6ppxSvR9z8si4ID0.roa
Signing time: Sun 01 Jan 2023 21:35:26 +0000
ROA not before: Sun 01 Jan 2023 21:35:26 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204790
IP address blocks: 2a10:6880::/29 maxlen: 29
2a10:3bc0::/29 maxlen: 29
2a10:3c40::/29 maxlen: 29
2a0e:4200::/29 maxlen: 29
2a10:6980::/29 maxlen: 29
2a10:3cc0::/29 maxlen: 29
2a10:3d40::/29 maxlen: 29
2a0c:cc40::/29 maxlen: 29
2a0d:d000::/29 maxlen: 29
2a10:38c0::/29 maxlen: 29
2a10:3dc0::/29 maxlen: 29
2a10:3e40::/29 maxlen: 29
2a10:3940::/29 maxlen: 29
2a10:39c0::/29 maxlen: 29
2a10:3a40::/29 maxlen: 29
2a10:6180::/29 maxlen: 29
2a10:3ac0::/29 maxlen: 29
2a06:7780::/29 maxlen: 29
2a10:3b40::/29 maxlen: 29
2a10:2380::/29 maxlen: 29
2a10:7280::/29 maxlen: 29
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:42:cc:0a:5c:b7:40:ef:a9:3b:f2:fe:fe:e0:39:9b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8e1c11658d2041eaf2502fe5408ed493bbd4f318
Validity
Not Before: Jan 1 21:35:26 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=40fcc0b7b31aa1e1faa69c52bd1f73f2c8b8203d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:bd:c7:4b:90:b9:c7:93:c8:96:53:bb:2a:83:
d2:e3:f0:15:2b:ef:bd:c1:95:19:93:2c:9c:0c:b3:
0f:7b:65:4d:d3:06:63:16:0c:37:ad:37:39:97:2d:
cd:c1:9c:c3:67:4b:c4:4c:6d:99:bf:64:35:5d:aa:
ea:55:11:1c:0d:28:61:ff:a3:c3:20:5a:ef:e7:98:
11:d4:00:d8:20:39:84:cc:4d:41:ed:81:3b:44:d7:
27:e4:20:6f:ea:08:e7:24:31:c2:49:b0:c1:02:f1:
65:c7:4b:b3:8f:4b:34:05:58:b7:63:63:5b:a5:d6:
c3:92:23:84:83:fb:05:da:83:b0:da:01:27:02:2b:
50:6c:73:8f:4b:49:d2:b4:11:5c:c3:f1:aa:60:d9:
51:66:27:df:a5:0f:c3:fb:83:28:7d:64:e5:01:60:
c8:50:7b:f5:16:1e:e0:f1:34:db:9f:7e:49:eb:d7:
fb:3c:02:24:8f:4b:53:a4:bc:cf:f6:15:ed:78:b5:
a3:74:47:c1:77:66:19:15:ab:d5:41:e9:09:ce:90:
48:43:46:5a:03:48:39:2c:6c:d5:e5:14:c9:84:a8:
6b:62:27:75:7c:2d:c9:07:bd:5d:60:3c:d1:d0:0c:
5a:29:f9:9d:29:7a:14:7e:60:2c:0c:91:06:84:9f:
73:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:FC:C0:B7:B3:1A:A1:E1:FA:A6:9C:52:BD:1F:73:F2:C8:B8:20:3D
X509v3 Authority Key Identifier:
keyid:8E:1C:11:65:8D:20:41:EA:F2:50:2F:E5:40:8E:D4:93:BB:D4:F3:18
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jhwRZY0gQeryUC_lQI7Uk7vU8xg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/70bf8b-d8c4-40c3-9022-63348cdbf024/1/QPzAt7MaoeH6ppxSvR9z8si4ID0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/62/70bf8b-d8c4-40c3-9022-63348cdbf024/1/jhwRZY0gQeryUC_lQI7Uk7vU8xg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:7780::/29
2a0c:cc40::/29
2a0d:d000::/29
2a0e:4200::/29
2a10:2380::/29
2a10:38c0::/29
2a10:3940::/29
2a10:39c0::/29
2a10:3a40::/29
2a10:3ac0::/29
2a10:3b40::/29
2a10:3bc0::/29
2a10:3c40::/29
2a10:3cc0::/29
2a10:3d40::/29
2a10:3dc0::/29
2a10:3e40::/29
2a10:6180::/29
2a10:6880::/29
2a10:6980::/29
2a10:7280::/29
Signature Algorithm: sha256WithRSAEncryption
40:33:13:e6:38:97:d7:0c:de:5e:f7:58:03:f5:67:d2:09:c5:
8f:91:71:62:37:8c:cc:27:65:d9:ea:0f:fa:50:d1:ab:1e:94:
1b:c1:9a:70:9c:a5:fe:bb:8e:e7:e4:41:71:1c:6e:09:1c:0a:
de:16:0e:c4:9a:32:e7:d9:d6:71:1d:a4:7a:47:32:85:ad:0e:
f1:97:f8:56:74:73:28:73:37:a7:b6:a2:71:0e:42:34:42:65:
cf:2b:bd:a7:d0:0a:12:38:8f:1e:19:a6:bf:1c:ce:a0:2a:5f:
9c:4a:d1:a7:37:0a:d9:f5:0f:aa:02:10:72:e6:25:37:e4:b7:
ba:0e:25:b4:84:25:e6:e7:91:85:93:e3:37:92:c4:af:36:c7:
7f:84:21:1c:05:6d:8f:e1:9e:44:3b:87:ea:88:bc:24:c5:c7:
79:28:6d:7f:0e:5e:a5:8a:24:6b:3a:b6:f6:67:8e:d3:5d:ea:
94:15:56:93:6d:7d:cc:f9:0b:46:de:b7:1f:6f:64:5a:d7:cc:
8f:c6:ff:7b:1d:33:d0:1e:6f:11:c7:e0:e6:4a:47:89:65:7a:
ff:13:4b:97:42:93:2f:0a:0b:41:5f:d3:48:ba:7d:7f:9a:c2:
21:19:26:63:05:76:4d:c9:3b:a1:9c:4e:f8:b0:51:a8:40:19:
ce:33:cd:40
-----BEGIN CERTIFICATE-----
MIIFjzCCBHegAwIBAgISAYVvQswKXLdA76k78v7+4DmbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhlMWMxMTY1OGQyMDQxZWFmMjUwMmZlNTQwOGVkNDkzYmJk
NGYzMTgwHhcNMjMwMTAxMjEzNTI2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MGZjYzBiN2IzMWFhMWUxZmFhNjljNTJiZDFmNzNmMmM4YjgyMDNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhb3HS5C5x5PIllO7KoPS4/AVK++9
wZUZkyycDLMPe2VN0wZjFgw3rTc5ly3NwZzDZ0vETG2Zv2Q1XarqVREcDShh/6PD
IFrv55gR1ADYIDmEzE1B7YE7RNcn5CBv6gjnJDHCSbDBAvFlx0uzj0s0BVi3Y2Nb
pdbDkiOEg/sF2oOw2gEnAitQbHOPS0nStBFcw/GqYNlRZiffpQ/D+4MofWTlAWDI
UHv1Fh7g8TTbn35J69f7PAIkj0tTpLzP9hXteLWjdEfBd2YZFavVQekJzpBIQ0Za
A0g5LGzV5RTJhKhrYid1fC3JB71dYDzR0AxaKfmdKXoUfmAsDJEGhJ9zfQIDAQAB
o4ICmzCCApcwHQYDVR0OBBYEFED8wLezGqHh+qacUr0fc/LIuCA9MB8GA1UdIwQY
MBaAFI4cEWWNIEHq8lAv5UCO1JO71PMYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvamh3UlpZMGdRZXJ5VUNfbFFJN1VrN3ZVOHhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Mi83MGJmOGItZDhjNC00MGMzLTkwMjIt
NjMzNDhjZGJmMDI0LzEvUVB6QXQ3TWFvZUg2cHB4U3ZSOXo4c2k0SUQwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Mi83MGJmOGItZDhjNC00MGMzLTkwMjItNjMzNDhjZGJmMDI0
LzEvamh3UlpZMGdRZXJ5VUNfbFFJN1VrN3ZVOHhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGwBggrBgEFBQcBBwEB/wSBoDCBnTCBmgQCAAIwgZMDBQMq
BneAAwUDKgzMQAMFAyoN0AADBQMqDkIAAwUDKhAjgAMFAyoQOMADBQMqEDlAAwUD
KhA5wAMFAyoQOkADBQMqEDrAAwUDKhA7QAMFAyoQO8ADBQMqEDxAAwUDKhA8wAMF
AyoQPUADBQMqED3AAwUDKhA+QAMFAyoQYYADBQMqEGiAAwUDKhBpgAMFAyoQcoAw
DQYJKoZIhvcNAQELBQADggEBAEAzE+Y4l9cM3l73WAP1Z9IJxY+RcWI3jMwnZdnq
D/pQ0aselBvBmnCcpf67jufkQXEcbgkcCt4WDsSaMufZ1nEdpHpHMoWtDvGX+FZ0
cyhzN6e2onEOQjRCZc8rvafQChI4jx4Zpr8czqAqX5xK0ac3Ctn1D6oCEHLmJTfk
t7oOJbSEJebnkYWT4zeSxK82x3+EIRwFbY/hnkQ7h+qIvCTFx3kobX8OXqWKJGs6
tvZnjtNd6pQVVpNtfcz5C0betx9vZFrXzI/G/3sdM9AebxHH4OZKR4llev8TS5dC
ky8KC0Ff00i6fX+awiEZJmMFdk3JO6GcTviwUahAGc4zzUA=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:57:02 2023 by rpki-client on console-fra.rpki-client.org