Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/73/7c7bf6-2bdf-4c7d-9aec-1ef1cee661ca/1/vjE1VKoyUwTMKymvWvoGb_r-bWk.roa
File: vjE1VKoyUwTMKymvWvoGb_r-bWk.roa (raw, json)
Hash identifier: UeDXeqPH4479tAjJXJWZ1J6zKKI29jKGQpvqU9DFezc=
Subject key identifier: BE:31:35:54:AA:32:53:04:CC:2B:29:AF:5A:FA:06:6F:FA:FE:6D:69
Certificate issuer: /CN=4be1bbbe540079d2b7f270b92ceaf3b2a816e8fa
Certificate serial: 0182C58F8DCE8C5D116694760064C21D63F1
Authority key identifier: 4B:E1:BB:BE:54:00:79:D2:B7:F2:70:B9:2C:EA:F3:B2:A8:16:E8:FA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/S-G7vlQAedK38nC5LOrzsqgW6Po.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/73/7c7bf6-2bdf-4c7d-9aec-1ef1cee661ca/1/vjE1VKoyUwTMKymvWvoGb_r-bWk.roa
Signing time: Mon 22 Aug 2022 12:38:15 +0000
ROA not before: Mon 22 Aug 2022 12:38:15 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 12608
IP address blocks: 2a06:ddc7::/32 maxlen: 32
2a13:3305::/32 maxlen: 32
2a06:ddc6::/32 maxlen: 32
2a06:ddc4::/32 maxlen: 32
2a13:3304::/32 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:c5:8f:8d:ce:8c:5d:11:66:94:76:00:64:c2:1d:63:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4be1bbbe540079d2b7f270b92ceaf3b2a816e8fa
Validity
Not Before: Aug 22 12:38:15 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=be313554aa325304cc2b29af5afa066ffafe6d69
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:27:74:37:4f:db:e6:01:a4:4f:9b:a7:b0:e5:
a8:59:15:db:4b:dd:b8:b3:a1:75:f3:d5:b9:3f:ba:
6d:34:3c:da:d3:b0:cb:cb:40:a0:1f:00:d9:7f:ee:
ac:1a:5e:d2:91:e0:3c:77:64:ce:a8:f2:49:3b:07:
8f:05:f3:37:9c:ef:4f:4f:d5:43:b3:e4:42:62:9d:
24:46:9c:c0:b5:4a:c9:f5:1c:c6:54:3d:91:0f:77:
68:c1:42:1a:67:92:70:ce:15:d8:80:7a:78:ec:bf:
a3:d6:20:84:e6:c0:4b:8a:9f:53:be:f7:32:04:ff:
e6:d8:b4:ce:e6:04:20:7a:75:7e:38:1e:f6:d6:6d:
3b:b2:c8:60:b2:2a:2c:ba:00:bd:f7:60:16:9c:b8:
a3:93:4e:7f:7c:c9:d9:a4:4d:4f:31:54:be:b9:6a:
de:61:8d:ea:45:42:8f:e4:cf:88:99:46:9c:af:bf:
89:12:7d:61:f8:63:7a:79:72:f1:6b:88:3b:61:b3:
32:2a:75:4f:e1:d9:b9:94:3f:f1:f1:c0:7b:f7:0d:
8a:82:e0:30:e8:37:21:72:58:c8:7c:eb:2c:0b:89:
ac:ad:22:01:79:ce:db:02:7c:0f:ce:9d:97:57:13:
ef:18:f3:0e:3e:75:6d:43:fc:ae:ed:3b:51:69:de:
bb:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:31:35:54:AA:32:53:04:CC:2B:29:AF:5A:FA:06:6F:FA:FE:6D:69
X509v3 Authority Key Identifier:
keyid:4B:E1:BB:BE:54:00:79:D2:B7:F2:70:B9:2C:EA:F3:B2:A8:16:E8:FA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/S-G7vlQAedK38nC5LOrzsqgW6Po.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/73/7c7bf6-2bdf-4c7d-9aec-1ef1cee661ca/1/vjE1VKoyUwTMKymvWvoGb_r-bWk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/73/7c7bf6-2bdf-4c7d-9aec-1ef1cee661ca/1/S-G7vlQAedK38nC5LOrzsqgW6Po.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:ddc4::/32
2a06:ddc6::/31
2a13:3304::/31
Signature Algorithm: sha256WithRSAEncryption
5c:50:64:46:e2:8f:4d:6e:08:67:fc:59:92:e9:ee:12:18:9e:
43:4c:40:c5:59:f8:77:0b:2a:9d:c8:91:14:ff:f8:aa:9a:ee:
31:b8:79:dc:fe:70:9e:32:b4:13:8d:b5:29:fd:61:c8:fc:9e:
6a:fb:87:0a:4d:29:3b:dd:17:72:fd:39:6f:4e:17:78:d6:29:
aa:59:45:07:49:68:59:b5:f2:9a:c7:7b:80:da:3c:ca:c9:5f:
c1:d1:c7:2a:ec:4c:0c:79:a4:16:02:e2:eb:c6:32:f4:ba:87:
06:25:24:09:07:04:de:b9:ba:76:e2:ca:51:dc:88:13:7c:ae:
c2:7e:84:0d:da:22:05:dc:a0:28:c6:a0:fc:b9:19:df:d8:5e:
09:ee:7b:03:e6:f3:27:f2:09:a7:a2:7b:e2:10:93:c6:d4:de:
1b:5f:b0:7a:67:6c:78:5b:4e:7d:e4:af:e6:9c:87:fa:fa:8e:
7e:06:d4:7d:16:8d:62:f9:7a:72:4e:fc:41:1c:e7:eb:88:e9:
26:33:1a:2c:ad:8d:d7:4e:6a:b2:e5:5b:43:31:23:8b:eb:5b:
79:a9:7a:34:a5:8e:5f:0a:e2:5c:57:f5:bb:88:00:a1:93:85:
e9:2a:2c:53:13:2c:89:89:db:e7:5a:e1:4d:89:e7:4b:15:42:
84:5a:0f:f3
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYLFj43OjF0RZpR2AGTCHWPxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRiZTFiYmJlNTQwMDc5ZDJiN2YyNzBiOTJjZWFmM2IyYTgx
NmU4ZmEwHhcNMjIwODIyMTIzODE1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZTMxMzU1NGFhMzI1MzA0Y2MyYjI5YWY1YWZhMDY2ZmZhZmU2ZDY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhSd0N0/b5gGkT5unsOWoWRXbS924
s6F189W5P7ptNDza07DLy0CgHwDZf+6sGl7SkeA8d2TOqPJJOwePBfM3nO9PT9VD
s+RCYp0kRpzAtUrJ9RzGVD2RD3dowUIaZ5JwzhXYgHp47L+j1iCE5sBLip9Tvvcy
BP/m2LTO5gQgenV+OB721m07sshgsiosugC992AWnLijk05/fMnZpE1PMVS+uWre
YY3qRUKP5M+ImUacr7+JEn1h+GN6eXLxa4g7YbMyKnVP4dm5lD/x8cB79w2KguAw
6DchcljIfOssC4msrSIBec7bAnwPzp2XVxPvGPMOPnVtQ/yu7TtRad67tQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFL4xNVSqMlMEzCspr1r6Bm/6/m1pMB8GA1UdIwQY
MBaAFEvhu75UAHnSt/JwuSzq87KoFuj6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUy1HN3ZsUUFlZEszOG5DNUxPcnpzcWdXNlBvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83My83YzdiZjYtMmJkZi00YzdkLTlhZWMt
MWVmMWNlZTY2MWNhLzEvdmpFMVZLb3lVd1RNS3ltdld2b0diX3ItYldrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83My83YzdiZjYtMmJkZi00YzdkLTlhZWMtMWVmMWNlZTY2MWNh
LzEvUy1HN3ZsUUFlZEszOG5DNUxPcnpzcWdXNlBvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAbBAIAAjAVAwUAKgbdxAMF
ASoG3cYDBQEqEzMEMA0GCSqGSIb3DQEBCwUAA4IBAQBcUGRG4o9Nbghn/FmS6e4S
GJ5DTEDFWfh3CyqdyJEU//iqmu4xuHnc/nCeMrQTjbUp/WHI/J5q+4cKTSk73Rdy
/TlvThd41imqWUUHSWhZtfKax3uA2jzKyV/B0ccq7EwMeaQWAuLrxjL0uocGJSQJ
BwTeubp24spR3IgTfK7CfoQN2iIF3KAoxqD8uRnf2F4J7nsD5vMn8gmnonviEJPG
1N4bX7B6Z2x4W0595K/mnIf6+o5+BtR9Fo1i+XpyTvxBHOfriOkmMxosrY3XTmqy
5VtDMSOL61t5qXo0pY5fCuJcV/W7iAChk4XpKixTEyyJidvnWuFNiedLFUKEWg/z
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:01:34 2023 by rpki-client on console-ams.rpki-client.org