Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/da96f5-3f33-46f9-a514-2befffd57fb7/1/ewU4-FTtqmaJVfplTZMdSbdKPQg.roa
File: ewU4-FTtqmaJVfplTZMdSbdKPQg.roa (raw, json)
Hash identifier: 5wxVQbQLLM36XHxlxHPB/KlT7PmfYiTXcYzU+lgP6gc=
Subject key identifier: 7B:05:38:F8:54:ED:AA:66:89:55:FA:65:4D:93:1D:49:B7:4A:3D:08
Certificate issuer: /CN=4196230e58decc0cbcfb15f56aa64dedd1f389f5
Certificate serial: 01856F66F49F19D1F943E795F449D00F4BF7
Authority key identifier: 41:96:23:0E:58:DE:CC:0C:BC:FB:15:F5:6A:A6:4D:ED:D1:F3:89:F5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QZYjDljezAy8-xX1aqZN7dHzifU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/da96f5-3f33-46f9-a514-2befffd57fb7/1/ewU4-FTtqmaJVfplTZMdSbdKPQg.roa
Signing time: Sun 01 Jan 2023 22:14:56 +0000
ROA not before: Sun 01 Jan 2023 22:14:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 22773
IP address blocks: 2a10:6a80::/29 maxlen: 29
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:66:f4:9f:19:d1:f9:43:e7:95:f4:49:d0:0f:4b:f7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4196230e58decc0cbcfb15f56aa64dedd1f389f5
Validity
Not Before: Jan 1 22:14:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7b0538f854edaa668955fa654d931d49b74a3d08
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:f9:a3:07:bf:a9:61:1b:36:26:ef:91:b5:7e:
b6:a9:21:16:c0:a5:82:98:5c:25:a6:bb:68:d9:c6:
47:20:da:d2:e0:98:51:d6:1e:5e:f6:0a:52:c3:09:
95:37:ed:9e:f7:6a:ea:97:81:8a:ef:5e:ab:7e:2a:
d1:64:8a:b2:88:83:c9:37:0e:71:f7:87:3d:a6:fa:
28:1e:4a:a2:68:4b:c3:04:6a:43:14:4c:00:78:a9:
20:ce:32:78:76:e6:81:0d:9d:84:a3:ab:f5:3f:d8:
73:dc:aa:bb:27:4b:06:fb:0d:90:65:db:6e:57:87:
5e:87:fc:52:d2:e2:97:ea:e8:40:f0:98:03:8b:61:
1a:f8:f5:95:67:bd:c1:c5:9d:a3:14:38:34:5a:1c:
96:1b:85:5d:44:5d:4e:c6:34:ec:44:87:2e:12:df:
72:bf:78:c5:86:df:0e:6c:e8:d1:8c:90:0b:d0:88:
b8:96:d0:a8:94:5f:af:4a:32:56:67:b5:11:a5:12:
79:e6:61:11:e1:4b:22:3b:f7:22:4e:ca:dd:9a:26:
35:c6:13:91:6d:88:b3:bf:a4:c7:85:8c:6f:eb:90:
50:ef:08:02:a0:c1:c4:78:5c:53:51:a3:c6:8a:49:
94:49:c7:99:99:0a:9c:58:62:73:38:2e:b6:98:ac:
30:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7B:05:38:F8:54:ED:AA:66:89:55:FA:65:4D:93:1D:49:B7:4A:3D:08
X509v3 Authority Key Identifier:
keyid:41:96:23:0E:58:DE:CC:0C:BC:FB:15:F5:6A:A6:4D:ED:D1:F3:89:F5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QZYjDljezAy8-xX1aqZN7dHzifU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/da96f5-3f33-46f9-a514-2befffd57fb7/1/ewU4-FTtqmaJVfplTZMdSbdKPQg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/da96f5-3f33-46f9-a514-2befffd57fb7/1/QZYjDljezAy8-xX1aqZN7dHzifU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a10:6a80::/29
Signature Algorithm: sha256WithRSAEncryption
51:df:cc:85:3c:2e:0e:8e:30:a9:c7:fd:75:0b:1c:f4:38:9b:
19:b6:48:02:69:ca:1a:a4:2e:b1:12:bf:6a:7a:3c:3f:38:ef:
5e:2b:7f:82:00:2a:41:0f:32:f2:21:59:7b:88:fa:96:40:38:
14:95:4a:ed:f8:a3:e8:63:4c:8c:1d:e9:c0:26:a5:c3:b2:4a:
e5:54:d8:6a:05:70:ff:46:ea:c2:2e:37:ee:cf:d1:da:79:00:
24:42:aa:09:16:34:87:50:36:71:cc:f5:f8:6b:bc:65:f0:5c:
45:ea:d6:be:59:ba:38:93:67:ec:3c:73:ce:c5:fd:d5:23:34:
9f:07:5b:0a:7e:e1:e1:3b:c1:a4:5e:be:64:b0:d0:1f:e6:18:
03:c0:e8:bc:f7:d4:19:0a:d0:c7:fd:79:aa:27:93:7d:27:d8:
c4:28:76:1e:f1:b0:ff:db:67:f1:9a:d9:07:e9:f8:0c:5a:d9:
37:9a:20:a8:2c:2b:86:cc:0c:a6:5f:82:d4:17:18:0d:15:dc:
23:7f:ce:21:96:bf:92:7b:43:5a:e2:81:8d:4f:71:70:08:a4:
1c:e1:1b:10:62:86:4e:d9:40:ab:7d:8a:00:00:fe:a7:f2:66:
70:b8:c7:b1:18:4b:77:14:28:3f:58:87:73:a1:af:01:a1:ab:
3f:b4:6a:f8
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYVvZvSfGdH5Q+eV9EnQD0v3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQxOTYyMzBlNThkZWNjMGNiY2ZiMTVmNTZhYTY0ZGVkZDFm
Mzg5ZjUwHhcNMjMwMTAxMjIxNDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YjA1MzhmODU0ZWRhYTY2ODk1NWZhNjU0ZDkzMWQ0OWI3NGEzZDA4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg/mjB7+pYRs2Ju+RtX62qSEWwKWC
mFwlprto2cZHINrS4JhR1h5e9gpSwwmVN+2e92rql4GK716rfirRZIqyiIPJNw5x
94c9pvooHkqiaEvDBGpDFEwAeKkgzjJ4duaBDZ2Eo6v1P9hz3Kq7J0sG+w2QZdtu
V4deh/xS0uKX6uhA8JgDi2Ea+PWVZ73BxZ2jFDg0WhyWG4VdRF1OxjTsRIcuEt9y
v3jFht8ObOjRjJAL0Ii4ltColF+vSjJWZ7URpRJ55mER4UsiO/ciTsrdmiY1xhOR
bYizv6THhYxv65BQ7wgCoMHEeFxTUaPGikmUSceZmQqcWGJzOC62mKww1wIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFHsFOPhU7apmiVX6ZU2THUm3Sj0IMB8GA1UdIwQY
MBaAFEGWIw5Y3swMvPsV9WqmTe3R84n1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUVpZakRsamV6QXk4LXhYMWFxWk43ZEh6aWZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC9kYTk2ZjUtM2YzMy00NmY5LWE1MTQt
MmJlZmZmZDU3ZmI3LzEvZXdVNC1GVHRxbWFKVmZwbFRaTWRTYmRLUFFnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC9kYTk2ZjUtM2YzMy00NmY5LWE1MTQtMmJlZmZmZDU3ZmI3
LzEvUVpZakRsamV6QXk4LXhYMWFxWk43ZEh6aWZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhBqgDAN
BgkqhkiG9w0BAQsFAAOCAQEAUd/MhTwuDo4wqcf9dQsc9DibGbZIAmnKGqQusRK/
ano8PzjvXit/ggAqQQ8y8iFZe4j6lkA4FJVK7fij6GNMjB3pwCalw7JK5VTYagVw
/0bqwi437s/R2nkAJEKqCRY0h1A2ccz1+Gu8ZfBcRerWvlm6OJNn7DxzzsX91SM0
nwdbCn7h4TvBpF6+ZLDQH+YYA8DovPfUGQrQx/15qieTfSfYxCh2HvGw/9tn8ZrZ
B+n4DFrZN5ogqCwrhswMpl+C1BcYDRXcI3/OIZa/kntDWuKBjU9xcAikHOEbEGKG
TtlAq32KAAD+p/JmcLjHsRhLdxQoP1iHc6GvAaGrP7Rq+A==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:17:24 2024 by rpki-client on console-ams.rpki-client.org