Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/70bf8b-d8c4-40c3-9022-63348cdbf024/1/jMxKe0FupypyH_hyqYoxNXdHKG4.roa
File: jMxKe0FupypyH_hyqYoxNXdHKG4.roa (raw, json)
Hash identifier: HqsvhDEVqwBf+Tfo4e1vHJ0EdgjSRu9e+VYx0opfySI=
Subject key identifier: 8C:CC:4A:7B:41:6E:A7:2A:72:1F:F8:72:A9:8A:31:35:77:47:28:6E
Certificate issuer: /CN=8e1c11658d2041eaf2502fe5408ed493bbd4f318
Certificate serial: 0183130E8BF0E0F36E459AD888575FEB3972
Authority key identifier: 8E:1C:11:65:8D:20:41:EA:F2:50:2F:E5:40:8E:D4:93:BB:D4:F3:18
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jhwRZY0gQeryUC_lQI7Uk7vU8xg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/70bf8b-d8c4-40c3-9022-63348cdbf024/1/jMxKe0FupypyH_hyqYoxNXdHKG4.roa
Signing time: Tue 06 Sep 2022 13:47:43 +0000
ROA not before: Tue 06 Sep 2022 13:47:43 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 204790
IP address blocks: 2a10:6880::/29 maxlen: 29
2a10:3bc0::/29 maxlen: 29
2a10:3c40::/29 maxlen: 29
2a0e:4200::/29 maxlen: 29
2a10:6980::/29 maxlen: 29
2a10:3cc0::/29 maxlen: 29
2a10:3d40::/29 maxlen: 29
2a0c:cc40::/29 maxlen: 29
2a0d:d000::/29 maxlen: 29
2a10:38c0::/29 maxlen: 29
2a10:3dc0::/29 maxlen: 29
2a10:3e40::/29 maxlen: 29
2a10:3940::/29 maxlen: 29
2a10:39c0::/29 maxlen: 29
2a10:3a40::/29 maxlen: 29
2a10:6180::/29 maxlen: 29
2a10:3ac0::/29 maxlen: 29
2a06:7780::/29 maxlen: 29
2a10:6780::/29 maxlen: 29
2a10:3b40::/29 maxlen: 29
2a10:2380::/29 maxlen: 29
2a10:7280::/29 maxlen: 29
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:13:0e:8b:f0:e0:f3:6e:45:9a:d8:88:57:5f:eb:39:72
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8e1c11658d2041eaf2502fe5408ed493bbd4f318
Validity
Not Before: Sep 6 13:47:43 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=8ccc4a7b416ea72a721ff872a98a31357747286e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:28:06:01:31:f3:29:3b:66:f9:96:51:bb:6a:
fb:a8:77:13:e9:a2:0a:51:57:fc:d4:d0:4f:7e:39:
f1:79:83:26:09:7f:d9:b4:27:d6:56:2c:2a:8c:84:
b0:47:56:33:a4:a1:9e:d2:db:d4:69:a5:44:2e:b7:
ee:52:04:d9:47:f4:8e:8e:b0:89:0a:34:07:84:47:
12:18:db:ce:60:0d:45:7e:a3:48:6a:a6:c2:98:9d:
9d:dc:ec:7c:89:eb:dd:a6:5e:1b:f3:70:d0:45:d7:
1c:5e:d6:51:86:cf:18:04:7c:e8:10:e1:83:d2:53:
ac:8d:6e:10:e9:03:16:e8:a2:39:82:b6:99:8b:1c:
70:e7:2c:1b:e5:ae:ef:33:c0:d9:75:50:6f:68:ab:
6b:85:5c:99:94:dc:2d:49:1f:6e:07:94:3b:85:18:
90:17:21:33:8d:29:6d:7e:b7:95:e0:22:24:4c:8a:
2e:ad:7e:75:75:70:80:36:93:c5:2b:f9:ee:ae:b8:
ee:50:4d:35:0f:be:8b:bf:77:40:8c:74:45:4c:b1:
80:07:3b:e6:31:34:7e:3a:3e:7d:3a:2c:fe:d9:4f:
25:49:32:cf:d1:33:a5:01:7a:3d:e1:17:1a:5a:97:
ef:5e:81:2d:2b:8b:7c:eb:39:c2:41:24:c9:41:62:
b5:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:CC:4A:7B:41:6E:A7:2A:72:1F:F8:72:A9:8A:31:35:77:47:28:6E
X509v3 Authority Key Identifier:
keyid:8E:1C:11:65:8D:20:41:EA:F2:50:2F:E5:40:8E:D4:93:BB:D4:F3:18
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jhwRZY0gQeryUC_lQI7Uk7vU8xg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/70bf8b-d8c4-40c3-9022-63348cdbf024/1/jMxKe0FupypyH_hyqYoxNXdHKG4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/62/70bf8b-d8c4-40c3-9022-63348cdbf024/1/jhwRZY0gQeryUC_lQI7Uk7vU8xg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:7780::/29
2a0c:cc40::/29
2a0d:d000::/29
2a0e:4200::/29
2a10:2380::/29
2a10:38c0::/29
2a10:3940::/29
2a10:39c0::/29
2a10:3a40::/29
2a10:3ac0::/29
2a10:3b40::/29
2a10:3bc0::/29
2a10:3c40::/29
2a10:3cc0::/29
2a10:3d40::/29
2a10:3dc0::/29
2a10:3e40::/29
2a10:6180::/29
2a10:6780::/29
2a10:6880::/29
2a10:6980::/29
2a10:7280::/29
Signature Algorithm: sha256WithRSAEncryption
72:9a:76:9f:d7:e3:ff:1f:97:08:cd:ff:a9:6b:2b:9f:fa:9d:
2d:48:13:bb:19:dd:b5:12:64:32:2a:81:77:31:a5:83:f9:d0:
1c:a3:5d:60:da:a5:78:67:5e:a2:d7:ba:7b:49:12:78:ac:39:
b0:db:83:33:1c:76:ce:46:6d:67:b9:a1:87:27:28:fe:e7:1b:
ab:8e:51:3f:a2:da:51:c2:88:86:49:82:5e:f4:59:0b:7e:89:
1f:48:74:2d:66:ef:a2:85:f9:6e:c4:98:0d:bf:c2:e4:bb:9d:
5a:96:c4:b2:14:39:c5:84:65:52:e1:8a:53:3a:84:0d:39:55:
97:c2:23:74:bc:41:a3:39:aa:c0:9c:fa:0a:d2:64:ea:81:8c:
f7:33:d6:5c:51:27:95:9a:c1:53:5d:d6:30:54:61:2c:74:77:
d5:30:3a:ce:de:b9:e7:d8:5f:fa:d0:50:78:bc:f6:45:36:15:
41:10:43:da:04:0b:90:e3:56:46:15:78:c1:a5:29:97:c3:48:
9a:91:78:15:f6:4b:93:ec:4b:f1:86:d9:80:1e:95:7a:f1:47:
29:76:e5:fd:f5:ff:5c:c4:2e:c4:51:c4:33:f2:a6:b7:8a:7b:
0d:2b:da:24:ee:88:20:dc:18:ef:20:d8:50:53:e0:79:0d:e9:
00:48:49:0f
-----BEGIN CERTIFICATE-----
MIIFljCCBH6gAwIBAgISAYMTDovw4PNuRZrYiFdf6zlyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhlMWMxMTY1OGQyMDQxZWFmMjUwMmZlNTQwOGVkNDkzYmJk
NGYzMTgwHhcNMjIwOTA2MTM0NzQzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4Y2NjNGE3YjQxNmVhNzJhNzIxZmY4NzJhOThhMzEzNTc3NDcyODZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqygGATHzKTtm+ZZRu2r7qHcT6aIK
UVf81NBPfjnxeYMmCX/ZtCfWViwqjISwR1YzpKGe0tvUaaVELrfuUgTZR/SOjrCJ
CjQHhEcSGNvOYA1FfqNIaqbCmJ2d3Ox8ievdpl4b83DQRdccXtZRhs8YBHzoEOGD
0lOsjW4Q6QMW6KI5graZixxw5ywb5a7vM8DZdVBvaKtrhVyZlNwtSR9uB5Q7hRiQ
FyEzjSltfreV4CIkTIourX51dXCANpPFK/nurrjuUE01D76Lv3dAjHRFTLGABzvm
MTR+Oj59Oiz+2U8lSTLP0TOlAXo94RcaWpfvXoEtK4t86znCQSTJQWK1owIDAQAB
o4ICojCCAp4wHQYDVR0OBBYEFIzMSntBbqcqch/4cqmKMTV3RyhuMB8GA1UdIwQY
MBaAFI4cEWWNIEHq8lAv5UCO1JO71PMYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvamh3UlpZMGdRZXJ5VUNfbFFJN1VrN3ZVOHhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Mi83MGJmOGItZDhjNC00MGMzLTkwMjIt
NjMzNDhjZGJmMDI0LzEvak14S2UwRnVweXB5SF9oeXFZb3hOWGRIS0c0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Mi83MGJmOGItZDhjNC00MGMzLTkwMjItNjMzNDhjZGJmMDI0
LzEvamh3UlpZMGdRZXJ5VUNfbFFJN1VrN3ZVOHhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG3BggrBgEFBQcBBwEB/wSBpzCBpDCBoQQCAAIwgZoDBQMq
BneAAwUDKgzMQAMFAyoN0AADBQMqDkIAAwUDKhAjgAMFAyoQOMADBQMqEDlAAwUD
KhA5wAMFAyoQOkADBQMqEDrAAwUDKhA7QAMFAyoQO8ADBQMqEDxAAwUDKhA8wAMF
AyoQPUADBQMqED3AAwUDKhA+QAMFAyoQYYADBQMqEGeAAwUDKhBogAMFAyoQaYAD
BQMqEHKAMA0GCSqGSIb3DQEBCwUAA4IBAQBymnaf1+P/H5cIzf+payuf+p0tSBO7
Gd21EmQyKoF3MaWD+dAco11g2qV4Z16i17p7SRJ4rDmw24MzHHbORm1nuaGHJyj+
5xurjlE/otpRwoiGSYJe9FkLfokfSHQtZu+ihfluxJgNv8Lku51alsSyFDnFhGVS
4YpTOoQNOVWXwiN0vEGjOarAnPoK0mTqgYz3M9ZcUSeVmsFTXdYwVGEsdHfVMDrO
3rnn2F/60FB4vPZFNhVBEEPaBAuQ41ZGFXjBpSmXw0iakXgV9kuT7EvxhtmAHpV6
8UcpduX99f9cxC7EUcQz8qa3insNK9ok7ogg3BjvINhQU+B5DekASEkP
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:00:43 2023 by rpki-client on console-ams.rpki-client.org