Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/70bf8b-d8c4-40c3-9022-63348cdbf024/1/WHQy3eOkBLczzaPxTDkk-9tiF40.roa
File: WHQy3eOkBLczzaPxTDkk-9tiF40.roa (raw, json)
Hash identifier: 4PlYgXkh4WFFSOA+L+CUKoM8p0WEvDnc6PquhpDwBzQ=
Subject key identifier: 58:74:32:DD:E3:A4:04:B7:33:CD:A3:F1:4C:39:24:FB:DB:62:17:8D
Certificate issuer: /CN=8e1c11658d2041eaf2502fe5408ed493bbd4f318
Certificate serial: 0194DD2F
Authority key identifier: 8E:1C:11:65:8D:20:41:EA:F2:50:2F:E5:40:8E:D4:93:BB:D4:F3:18
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jhwRZY0gQeryUC_lQI7Uk7vU8xg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/70bf8b-d8c4-40c3-9022-63348cdbf024/1/WHQy3eOkBLczzaPxTDkk-9tiF40.roa
Signing time: Tue 22 Feb 2022 08:31:56 +0000
ROA not before: Tue 22 Feb 2022 08:31:56 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 210661
IP address blocks: 2a0e:6300::/29 maxlen: 29
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 26533167 (0x194dd2f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8e1c11658d2041eaf2502fe5408ed493bbd4f318
Validity
Not Before: Feb 22 08:31:56 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=587432dde3a404b733cda3f14c3924fbdb62178d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:5e:37:bc:4c:06:30:ea:c7:46:09:0c:4c:ba:
36:d9:f3:23:27:2b:bf:04:56:ec:ed:90:fc:8e:53:
a1:12:88:f0:c9:ab:19:31:77:ab:fc:0f:3b:19:01:
a5:6f:22:d8:46:6e:be:da:ef:01:41:b6:2d:49:f9:
d5:c4:1e:b3:90:22:0c:96:be:f3:c4:e7:a9:2a:f1:
2b:b1:70:25:0c:d3:d0:38:2c:9a:8c:8f:a3:2d:6b:
81:ab:94:f1:eb:9a:ad:5b:2a:57:aa:18:46:d9:c6:
64:3b:f6:e1:85:d2:ec:f9:da:05:1f:32:2a:31:e3:
81:67:a8:0f:b8:16:83:fc:9a:c2:54:71:52:f8:55:
fd:43:a8:c4:57:e5:15:74:d1:54:c0:9d:8b:76:61:
90:e3:08:81:b4:cb:5b:45:6e:d4:96:c0:e4:85:6b:
7a:c3:2e:ba:88:ee:a9:91:0d:00:02:83:92:8a:44:
34:12:16:1c:8a:9f:90:a7:63:80:6a:ec:5c:2c:48:
0d:c2:a3:e0:8f:e9:88:f9:b6:a8:f6:36:01:f7:d1:
00:3b:c1:38:1f:94:97:3f:72:bc:53:05:61:8d:5b:
d2:32:94:8e:ed:71:7c:40:9f:04:ea:8a:35:7e:1e:
ca:5a:39:12:9d:00:cb:6f:b4:77:7f:54:cf:39:8d:
18:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:74:32:DD:E3:A4:04:B7:33:CD:A3:F1:4C:39:24:FB:DB:62:17:8D
X509v3 Authority Key Identifier:
keyid:8E:1C:11:65:8D:20:41:EA:F2:50:2F:E5:40:8E:D4:93:BB:D4:F3:18
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jhwRZY0gQeryUC_lQI7Uk7vU8xg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/70bf8b-d8c4-40c3-9022-63348cdbf024/1/WHQy3eOkBLczzaPxTDkk-9tiF40.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/62/70bf8b-d8c4-40c3-9022-63348cdbf024/1/jhwRZY0gQeryUC_lQI7Uk7vU8xg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:6300::/29
Signature Algorithm: sha256WithRSAEncryption
38:43:48:1b:56:90:bc:de:f2:4c:12:2a:27:7a:53:f0:12:f7:
5e:9b:97:ff:17:49:0e:ab:39:21:50:3c:48:3d:2c:95:f8:a1:
d7:e0:c1:29:d3:df:cf:c5:34:39:4e:21:b7:24:cf:6d:18:eb:
0d:6c:09:40:e5:49:46:de:77:e7:1a:45:b9:ab:7f:b6:a0:32:
53:85:78:73:d1:e0:57:a2:d0:f8:6a:39:90:50:0f:80:f8:54:
ad:6a:2a:78:9a:05:df:ec:6b:a5:11:8e:77:8b:82:f9:d4:41:
bc:7a:aa:44:ed:04:12:47:af:fb:ef:11:02:ce:24:40:d7:32:
28:19:57:e0:a5:00:fd:e2:4a:05:99:3e:e9:40:6f:2e:61:52:
19:e5:3d:01:1e:4a:b7:a5:9d:7f:f0:cc:d4:88:36:cb:a6:2d:
0a:c1:d8:63:ab:f0:35:0d:8e:2f:b4:42:18:65:07:4b:44:2a:
ed:e5:52:47:ae:50:64:f7:c2:79:54:70:2e:7c:fd:40:51:42:
f2:0b:d0:1b:bc:88:eb:15:06:cc:9d:64:13:9a:79:ed:6a:9b:
9e:f8:12:96:72:f1:06:8c:09:65:8a:86:76:c4:c8:c1:62:9f:
14:b4:da:93:e7:2f:c8:fe:83:07:78:6c:ff:61:ed:3e:f0:b9:
ca:31:f0:a5
-----BEGIN CERTIFICATE-----
MIIE8DCCA9igAwIBAgIEAZTdLzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
ZTFjMTE2NThkMjA0MWVhZjI1MDJmZTU0MDhlZDQ5M2JiZDRmMzE4MB4XDTIyMDIy
MjA4MzE1NloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNTg3NDMyZGRlM2E0
MDRiNzMzY2RhM2YxNGMzOTI0ZmJkYjYyMTc4ZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAN1eN7xMBjDqx0YJDEy6NtnzIycrvwRW7O2Q/I5ToRKI8Mmr
GTF3q/wPOxkBpW8i2EZuvtrvAUG2LUn51cQes5AiDJa+88TnqSrxK7FwJQzT0Dgs
moyPoy1rgauU8euarVsqV6oYRtnGZDv24YXS7PnaBR8yKjHjgWeoD7gWg/yawlRx
UvhV/UOoxFflFXTRVMCdi3ZhkOMIgbTLW0Vu1JbA5IVresMuuojuqZENAAKDkopE
NBIWHIqfkKdjgGrsXCxIDcKj4I/piPm2qPY2AffRADvBOB+Ulz9yvFMFYY1b0jKU
ju1xfECfBOqKNX4eylo5Ep0Ay2+0d39UzzmNGKkCAwEAAaOCAgowggIGMB0GA1Ud
DgQWBBRYdDLd46QEtzPNo/FMOST722IXjTAfBgNVHSMEGDAWgBSOHBFljSBB6vJQ
L+VAjtSTu9TzGDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2pod1JaWTBnUWVyeVVDX2xRSTdVazd2VTh4Zy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNjIvNzBiZjhiLWQ4YzQtNDBjMy05MDIyLTYzMzQ4Y2RiZjAyNC8x
L1dIUXkzZU9rQkxjenphUHhURGtrLTl0aUY0MC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjIv
NzBiZjhiLWQ4YzQtNDBjMy05MDIyLTYzMzQ4Y2RiZjAyNC8xL2pod1JaWTBnUWVy
eVVDX2xRSTdVazd2VTh4Zy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAg
BggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFAyoOYwAwDQYJKoZIhvcNAQELBQAD
ggEBADhDSBtWkLze8kwSKid6U/AS916bl/8XSQ6rOSFQPEg9LJX4odfgwSnT38/F
NDlOIbckz20Y6w1sCUDlSUbed+caRbmrf7agMlOFeHPR4Fei0PhqOZBQD4D4VK1q
KniaBd/sa6URjneLgvnUQbx6qkTtBBJHr/vvEQLOJEDXMigZV+ClAP3iSgWZPulA
by5hUhnlPQEeSrelnX/wzNSINsumLQrB2GOr8DUNji+0QhhlB0tEKu3lUkeuUGT3
wnlUcC58/UBRQvIL0Bu8iOsVBsydZBOaee1qm574EpZy8QaMCWWKhnbEyMFinxS0
2pPnL8j+gwd4bP9h7T7wucox8KU=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:00:43 2023 by rpki-client on console-ams.rpki-client.org