Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/0f2471-efd9-49ca-986a-9c8ef6039d26/1/oGn5oRWLl911TqPKc_nEtcVxW2Y.roa
File: oGn5oRWLl911TqPKc_nEtcVxW2Y.roa (raw, json)
Hash identifier: a/2CYS86i9YdWqk/ya443hZ1tVoOEd8CCcTlk8dr1d0=
Subject key identifier: A0:69:F9:A1:15:8B:97:DD:75:4E:A3:CA:73:F9:C4:B5:C5:71:5B:66
Certificate issuer: /CN=0ac6250b5e13f16c35eeeb0faef7da22fe32f2c6
Certificate serial: 04B2B0D3
Authority key identifier: 0A:C6:25:0B:5E:13:F1:6C:35:EE:EB:0F:AE:F7:DA:22:FE:32:F2:C6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CsYlC14T8Ww17usPrvfaIv4y8sY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/0f2471-efd9-49ca-986a-9c8ef6039d26/1/oGn5oRWLl911TqPKc_nEtcVxW2Y.roa
Signing time: Sat 01 Jan 2022 02:59:00 +0000
ROA not before: Sat 01 Jan 2022 02:59:00 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 212993
IP address blocks: 2001:678:dd8::/48 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 78819539 (0x4b2b0d3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ac6250b5e13f16c35eeeb0faef7da22fe32f2c6
Validity
Not Before: Jan 1 02:59:00 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a069f9a1158b97dd754ea3ca73f9c4b5c5715b66
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:39:5d:2a:8e:9a:fd:8b:96:36:86:4a:9f:b1:
96:27:0e:d5:79:84:bb:44:62:77:db:bb:1e:8b:c3:
98:0a:11:2d:2c:7f:86:a3:b5:a1:90:b0:e4:7c:9c:
3c:9c:d1:07:7b:a9:11:8b:3b:fe:ea:f6:cc:6e:81:
4a:33:a6:16:d9:ad:ff:c6:f7:0f:f3:fe:29:96:88:
e7:23:f6:73:f1:e4:8d:11:9a:be:64:9f:3d:a2:d1:
93:7d:37:f7:44:5d:31:05:e3:17:c3:3c:e0:db:bb:
46:f7:12:39:59:d7:bb:bc:74:34:89:06:5d:fe:b9:
28:ac:87:48:b9:d1:ac:4d:ba:2c:11:37:2d:4b:cb:
ae:08:79:b4:0e:94:e1:18:a1:a8:63:73:78:dc:7a:
02:75:d3:2b:9a:75:6d:46:c8:4e:33:8f:2e:4a:74:
f4:6c:7c:3d:cf:b5:18:48:22:d2:2f:bf:3e:d6:e9:
3d:0d:83:6e:77:12:9c:7b:a5:98:11:67:56:99:d5:
0c:47:bd:e7:9a:0c:ed:c8:bd:10:a2:21:52:44:50:
6a:65:3c:84:c7:f2:fd:b5:93:d5:16:cc:38:fa:07:
14:af:26:55:4e:45:79:81:69:52:91:38:13:8c:cd:
a9:26:3a:6f:fb:60:8f:37:6a:ba:06:9a:cd:b0:d2:
7d:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:69:F9:A1:15:8B:97:DD:75:4E:A3:CA:73:F9:C4:B5:C5:71:5B:66
X509v3 Authority Key Identifier:
keyid:0A:C6:25:0B:5E:13:F1:6C:35:EE:EB:0F:AE:F7:DA:22:FE:32:F2:C6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CsYlC14T8Ww17usPrvfaIv4y8sY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/0f2471-efd9-49ca-986a-9c8ef6039d26/1/oGn5oRWLl911TqPKc_nEtcVxW2Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/0f2471-efd9-49ca-986a-9c8ef6039d26/1/CsYlC14T8Ww17usPrvfaIv4y8sY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:678:dd8::/48
Signature Algorithm: sha256WithRSAEncryption
43:f5:27:34:70:d6:ec:67:f5:03:21:03:4b:66:65:fb:9c:70:
7f:0f:69:57:3f:39:fb:2e:9b:ac:c1:ce:61:04:51:b2:dd:e3:
85:5a:b5:1c:58:0c:2f:db:4d:db:8b:49:fc:8e:b9:8c:82:76:
df:92:25:5c:6f:c3:26:9b:73:0e:6d:7c:c0:ef:6e:6b:5f:35:
cd:db:22:74:33:ca:4f:9e:c9:ca:aa:cb:a3:91:08:79:70:f2:
5e:f2:23:b3:e9:53:28:bc:37:c5:a7:8b:d3:d4:76:4e:39:c0:
f2:09:cd:4f:69:85:8c:75:53:a9:2b:f6:4a:ef:93:00:45:55:
26:66:f0:7f:3b:59:a3:a3:43:17:56:17:08:35:45:20:d2:c3:
9b:80:0c:e8:01:ca:1a:b9:cc:e1:89:5c:0d:3f:44:ae:9f:16:
16:7e:3f:58:93:d7:89:27:31:3d:68:8a:29:b9:18:38:8c:19:
ea:87:8c:93:45:7c:3d:50:8b:09:e0:42:c0:f7:db:2c:ed:bb:
b5:bc:48:0e:b6:ff:1e:64:27:5e:41:36:03:b6:7d:c1:90:de:
6d:ca:87:01:d8:c4:24:5b:4f:af:0b:7c:de:7f:8d:31:cd:fc:
12:a2:79:22:da:d2:8c:f2:d4:ef:76:da:e9:64:08:cc:c7:4f:
d0:0e:6a:de
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIEBLKw0zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
YWM2MjUwYjVlMTNmMTZjMzVlZWViMGZhZWY3ZGEyMmZlMzJmMmM2MB4XDTIyMDEw
MTAyNTkwMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYTA2OWY5YTExNThi
OTdkZDc1NGVhM2NhNzNmOWM0YjVjNTcxNWI2NjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANM5XSqOmv2LljaGSp+xlicO1XmEu0Rid9u7HovDmAoRLSx/
hqO1oZCw5HycPJzRB3upEYs7/ur2zG6BSjOmFtmt/8b3D/P+KZaI5yP2c/HkjRGa
vmSfPaLRk30390RdMQXjF8M84Nu7RvcSOVnXu7x0NIkGXf65KKyHSLnRrE26LBE3
LUvLrgh5tA6U4RihqGNzeNx6AnXTK5p1bUbITjOPLkp09Gx8Pc+1GEgi0i+/Ptbp
PQ2DbncSnHulmBFnVpnVDEe955oM7ci9EKIhUkRQamU8hMfy/bWT1RbMOPoHFK8m
VU5FeYFpUpE4E4zNqSY6b/tgjzdqugaazbDSfZkCAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBSgafmhFYuX3XVOo8pz+cS1xXFbZjAfBgNVHSMEGDAWgBQKxiULXhPxbDXu
6w+u99oi/jLyxjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0NzWWxDMTRUOFd3MTd1c1BydmZhSXY0eThzWS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNjUvMGYyNDcxLWVmZDktNDljYS05ODZhLTljOGVmNjAzOWQyNi8x
L29HbjVvUldMbDkxMVRxUEtjX25FdGNWeFcyWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjUv
MGYyNDcxLWVmZDktNDljYS05ODZhLTljOGVmNjAzOWQyNi8xL0NzWWxDMTRUOFd3
MTd1c1BydmZhSXY0eThzWS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACABBngN2DANBgkqhkiG9w0BAQsF
AAOCAQEAQ/UnNHDW7Gf1AyEDS2Zl+5xwfw9pVz85+y6brMHOYQRRst3jhVq1HFgM
L9tN24tJ/I65jIJ235IlXG/DJptzDm18wO9ua181zdsidDPKT57JyqrLo5EIeXDy
XvIjs+lTKLw3xaeL09R2TjnA8gnNT2mFjHVTqSv2Su+TAEVVJmbwfztZo6NDF1YX
CDVFINLDm4AM6AHKGrnM4YlcDT9Erp8WFn4/WJPXiScxPWiKKbkYOIwZ6oeMk0V8
PVCLCeBCwPfbLO27tbxIDrb/HmQnXkE2A7Z9wZDebcqHAdjEJFtPrwt83n+NMc38
EqJ5ItrSjPLU73ba6WQIzMdP0A5q3g==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:00:50 2023 by rpki-client on console-ams.rpki-client.org