Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/70bf8b-d8c4-40c3-9022-63348cdbf024/1/cRqN88hUL7_-k75AgXNHSQPBIzk.roa
File: cRqN88hUL7_-k75AgXNHSQPBIzk.roa (raw, json)
Hash identifier: msoCns9Z1m6El35KqtyGOj8m3lScPgVhnFYbUe+L10g=
Subject key identifier: 71:1A:8D:F3:C8:54:2F:BF:FE:93:BE:40:81:73:47:49:03:C1:23:39
Certificate issuer: /CN=8e1c11658d2041eaf2502fe5408ed493bbd4f318
Certificate serial: 0182E80221AC4B006D15C45D6D9F9859793C
Authority key identifier: 8E:1C:11:65:8D:20:41:EA:F2:50:2F:E5:40:8E:D4:93:BB:D4:F3:18
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jhwRZY0gQeryUC_lQI7Uk7vU8xg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/70bf8b-d8c4-40c3-9022-63348cdbf024/1/cRqN88hUL7_-k75AgXNHSQPBIzk.roa
Signing time: Mon 29 Aug 2022 05:10:29 +0000
ROA not before: Mon 29 Aug 2022 05:10:29 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 399587
IP address blocks: 2a10:6280::/29 maxlen: 29
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:e8:02:21:ac:4b:00:6d:15:c4:5d:6d:9f:98:59:79:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8e1c11658d2041eaf2502fe5408ed493bbd4f318
Validity
Not Before: Aug 29 05:10:29 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=711a8df3c8542fbffe93be408173474903c12339
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:d8:28:31:21:8e:1e:ec:4e:e2:53:d3:7b:d4:
3f:f8:32:24:70:17:da:80:e5:5a:9b:02:43:03:29:
d4:2e:da:b6:92:89:7a:35:79:fc:d8:c8:cb:29:cf:
95:ea:18:f2:41:ad:0c:ea:f8:c3:1f:33:18:1a:53:
73:a2:bc:5b:98:eb:5f:f2:78:bd:b5:78:9c:c1:c2:
0c:87:1b:89:45:8b:19:f2:81:f4:30:50:42:88:1a:
21:0c:d2:a2:59:83:8d:ed:72:15:62:5d:99:a8:d2:
f5:25:f9:5d:3a:64:ec:0f:03:fd:21:f8:00:fe:05:
f3:76:b1:4b:57:87:21:fe:ec:f3:36:47:4f:ed:e5:
61:45:c3:c0:d1:f2:03:4c:24:38:77:6e:d1:1e:87:
b7:d6:58:78:d0:42:16:d0:40:bf:30:29:c2:c3:1f:
80:f5:ac:1a:2e:40:41:d9:0a:92:cf:18:f9:df:ac:
2b:de:fb:e8:97:f7:63:b4:5e:1a:f3:76:a3:a3:19:
35:dc:0f:b3:3e:12:38:5b:45:37:40:3c:bd:3d:7d:
a8:41:d7:06:17:8a:46:e2:64:19:c8:87:e2:af:74:
ba:a9:be:15:b1:8c:be:ea:6c:af:cc:27:26:85:9b:
15:59:4d:d3:60:78:8d:a6:b3:80:0c:87:30:e5:6a:
a2:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:1A:8D:F3:C8:54:2F:BF:FE:93:BE:40:81:73:47:49:03:C1:23:39
X509v3 Authority Key Identifier:
keyid:8E:1C:11:65:8D:20:41:EA:F2:50:2F:E5:40:8E:D4:93:BB:D4:F3:18
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jhwRZY0gQeryUC_lQI7Uk7vU8xg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/70bf8b-d8c4-40c3-9022-63348cdbf024/1/cRqN88hUL7_-k75AgXNHSQPBIzk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/62/70bf8b-d8c4-40c3-9022-63348cdbf024/1/jhwRZY0gQeryUC_lQI7Uk7vU8xg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a10:6280::/29
Signature Algorithm: sha256WithRSAEncryption
10:3d:f7:5f:82:12:03:91:35:68:2b:34:0a:08:28:62:f2:2e:
d9:d6:ad:b6:67:2c:b1:0e:e0:8a:56:7a:ab:55:87:8f:5c:d3:
f0:80:ee:a7:4b:a4:2e:f3:8e:6a:a3:78:f1:6c:38:c6:74:d4:
c7:27:49:99:0f:38:96:4a:e1:01:60:d5:5e:a6:f0:9c:e5:d9:
b2:f9:91:eb:c2:d3:a9:62:61:2a:aa:2c:34:16:55:cd:ea:4b:
d4:fc:97:8a:45:50:fd:08:e9:19:f4:ef:e6:df:c9:5f:e5:26:
5e:9a:cf:25:4e:2b:d4:3a:2f:d2:fd:df:31:83:a4:7b:e7:7f:
7d:04:c6:d7:ba:3e:1e:5f:78:c0:62:45:75:48:57:41:c3:ef:
a5:a2:e1:8d:6c:b6:0f:64:4f:23:83:0b:1a:ba:a4:01:9c:0d:
63:66:f8:9f:1d:93:67:fb:13:b0:c0:ab:1e:8c:ed:a4:46:0d:
9a:4b:9a:b6:6b:5b:a5:53:46:fd:ec:22:6e:7a:05:02:67:26:
aa:04:97:97:a6:d8:bd:43:39:97:97:02:6c:be:36:be:34:26:
35:92:91:30:21:62:5c:6b:7c:51:e5:79:3c:c2:d3:b6:a7:93:
0b:c7:bb:91:e1:f5:eb:de:7e:c5:25:72:4f:52:a1:46:f1:ef:
44:66:fe:16
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYLoAiGsSwBtFcRdbZ+YWXk8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhlMWMxMTY1OGQyMDQxZWFmMjUwMmZlNTQwOGVkNDkzYmJk
NGYzMTgwHhcNMjIwODI5MDUxMDI5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MTFhOGRmM2M4NTQyZmJmZmU5M2JlNDA4MTczNDc0OTAzYzEyMzM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg9goMSGOHuxO4lPTe9Q/+DIkcBfa
gOVamwJDAynULtq2kol6NXn82MjLKc+V6hjyQa0M6vjDHzMYGlNzorxbmOtf8ni9
tXicwcIMhxuJRYsZ8oH0MFBCiBohDNKiWYON7XIVYl2ZqNL1JfldOmTsDwP9IfgA
/gXzdrFLV4ch/uzzNkdP7eVhRcPA0fIDTCQ4d27RHoe31lh40EIW0EC/MCnCwx+A
9awaLkBB2QqSzxj536wr3vvol/djtF4a83ajoxk13A+zPhI4W0U3QDy9PX2oQdcG
F4pG4mQZyIfir3S6qb4VsYy+6myvzCcmhZsVWU3TYHiNprOADIcw5WqifQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFHEajfPIVC+//pO+QIFzR0kDwSM5MB8GA1UdIwQY
MBaAFI4cEWWNIEHq8lAv5UCO1JO71PMYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvamh3UlpZMGdRZXJ5VUNfbFFJN1VrN3ZVOHhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Mi83MGJmOGItZDhjNC00MGMzLTkwMjIt
NjMzNDhjZGJmMDI0LzEvY1JxTjg4aFVMN18tazc1QWdYTkhTUVBCSXprLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Mi83MGJmOGItZDhjNC00MGMzLTkwMjItNjMzNDhjZGJmMDI0
LzEvamh3UlpZMGdRZXJ5VUNfbFFJN1VrN3ZVOHhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhBigDAN
BgkqhkiG9w0BAQsFAAOCAQEAED33X4ISA5E1aCs0CggoYvIu2dattmcssQ7gilZ6
q1WHj1zT8IDup0ukLvOOaqN48Ww4xnTUxydJmQ84lkrhAWDVXqbwnOXZsvmR68LT
qWJhKqosNBZVzepL1PyXikVQ/QjpGfTv5t/JX+UmXprPJU4r1Dov0v3fMYOke+d/
fQTG17o+Hl94wGJFdUhXQcPvpaLhjWy2D2RPI4MLGrqkAZwNY2b4nx2TZ/sTsMCr
HoztpEYNmkuatmtbpVNG/ewibnoFAmcmqgSXl6bYvUM5l5cCbL42vjQmNZKRMCFi
XGt8UeV5PMLTtqeTC8e7keH1695+xSVyT1KhRvHvRGb+Fg==
-----END CERTIFICATE-----
Generated at Wed Feb 19 21:58:41 2025 by rpki-client