Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/75/c072ae-15d7-42a8-bfc2-bc93ca679e1f/1/M1ZAZlronvEzbQVBFiYTHl4zwws.roa
File: M1ZAZlronvEzbQVBFiYTHl4zwws.roa (raw, json)
Hash identifier: PWPtlVy3i0WkuS0RThX96zS3B4puucECdlxclETnNA8=
Subject key identifier: 33:56:40:66:5A:E8:9E:F1:33:6D:05:41:16:26:13:1E:5E:33:C3:0B
Certificate issuer: /CN=215266435617fa0f1fd2837ec80c6d83b0b9d608
Certificate serial: 018EBD394BAA29F4F80B1D3D4AB43936D10E
Authority key identifier: 21:52:66:43:56:17:FA:0F:1F:D2:83:7E:C8:0C:6D:83:B0:B9:D6:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IVJmQ1YX-g8f0oN-yAxtg7C51gg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/75/c072ae-15d7-42a8-bfc2-bc93ca679e1f/1/M1ZAZlronvEzbQVBFiYTHl4zwws.roa
Signing time: Mon 08 Apr 2024 10:20:32 +0000
ROA not before: Mon 08 Apr 2024 10:20:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 198154
IP address blocks: 2a05:9080::/48 maxlen: 48
2a05:9080:4::/48 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:bd:39:4b:aa:29:f4:f8:0b:1d:3d:4a:b4:39:36:d1:0e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=215266435617fa0f1fd2837ec80c6d83b0b9d608
Validity
Not Before: Apr 8 10:20:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=335640665ae89ef1336d05411626131e5e33c30b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:7a:c1:1f:d7:44:f4:4c:8d:e3:7c:e6:90:28:
9d:62:5e:e9:c2:48:a3:72:31:8e:04:02:08:62:1c:
13:33:1c:ae:a5:40:79:49:06:aa:fb:22:d7:ca:e5:
e8:51:b3:b2:09:75:3a:0b:9a:40:b8:f7:13:02:19:
0c:f0:f2:22:a3:1f:99:97:41:ac:53:dc:36:20:f7:
00:61:dd:34:20:c8:0f:b0:ac:fe:c9:97:01:77:f1:
77:47:ad:70:e7:54:80:af:03:a1:dd:73:e7:0c:d6:
fb:0e:73:0a:cf:f1:e1:86:a1:6d:b2:99:ff:7d:6c:
33:2a:70:f0:cc:da:ea:a8:0c:b5:42:f2:9a:fd:74:
80:8e:27:bc:df:15:3b:2d:48:ba:a7:f3:1d:66:d9:
4c:2b:55:b4:60:f5:9a:44:6f:69:78:d2:bf:29:6c:
c2:a6:93:88:a6:c6:39:34:f4:cb:52:9c:49:5a:57:
a6:3d:cd:12:48:eb:44:34:38:79:03:60:33:d9:f9:
f5:3e:e3:63:22:94:b9:d2:af:6b:b9:52:a2:c2:d9:
4d:ac:c2:5c:5f:11:68:9d:08:a8:50:a8:58:5b:52:
a2:eb:d9:bc:16:9e:51:be:0e:a0:cb:8a:05:ec:f8:
d7:9f:85:f7:dc:de:da:e1:f4:7b:33:b0:69:0f:e6:
35:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:56:40:66:5A:E8:9E:F1:33:6D:05:41:16:26:13:1E:5E:33:C3:0B
X509v3 Authority Key Identifier:
keyid:21:52:66:43:56:17:FA:0F:1F:D2:83:7E:C8:0C:6D:83:B0:B9:D6:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IVJmQ1YX-g8f0oN-yAxtg7C51gg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/75/c072ae-15d7-42a8-bfc2-bc93ca679e1f/1/M1ZAZlronvEzbQVBFiYTHl4zwws.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/75/c072ae-15d7-42a8-bfc2-bc93ca679e1f/1/IVJmQ1YX-g8f0oN-yAxtg7C51gg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:9080::/48
2a05:9080:4::/48
Signature Algorithm: sha256WithRSAEncryption
49:90:97:7a:2a:59:29:12:30:94:15:43:41:b3:6a:c2:ba:7d:
24:8e:70:d0:a1:6e:33:d6:fd:27:06:15:80:64:08:a7:1b:6e:
f9:bd:e1:82:71:b7:09:c8:c1:dd:c8:97:5d:16:ee:5a:ab:b1:
d9:0f:24:e7:1a:2a:62:0f:94:ab:63:80:d0:62:59:1b:d0:bd:
a2:1a:1f:47:e1:0b:f9:a8:08:fe:b0:61:f4:62:0c:41:78:bf:
a3:7b:e3:a6:3b:64:dd:82:8d:89:69:c4:b9:41:0e:97:cf:a8:
a3:a7:58:c6:f6:1b:48:ab:2e:16:51:90:34:aa:f0:60:31:65:
01:0d:dc:b3:6f:99:6b:34:76:81:ea:f5:87:03:80:e3:b3:51:
4c:12:3f:06:19:23:f4:81:16:22:88:fe:df:93:6d:96:50:bb:
42:1d:7a:ba:88:69:07:ae:e2:64:20:27:1d:95:0a:65:24:37:
47:a1:ba:2a:61:34:82:9d:b3:82:13:14:3b:02:2b:a6:fc:4c:
ce:82:a9:aa:6c:d8:92:12:3f:83:a7:d9:6b:8a:1c:f1:68:b1:
74:3a:2e:79:45:2f:e1:81:97:71:75:12:94:07:40:64:ee:1f:
f8:50:42:88:6b:cf:c9:09:4c:55:0f:93:ef:a0:c3:94:a4:41:
40:69:96:85
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY69OUuqKfT4Cx09SrQ5NtEOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxNTI2NjQzNTYxN2ZhMGYxZmQyODM3ZWM4MGM2ZDgzYjBi
OWQ2MDgwHhcNMjQwNDA4MTAyMDMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMzU2NDA2NjVhZTg5ZWYxMzM2ZDA1NDExNjI2MTMxZTVlMzNjMzBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAznrBH9dE9EyN43zmkCidYl7pwkij
cjGOBAIIYhwTMxyupUB5SQaq+yLXyuXoUbOyCXU6C5pAuPcTAhkM8PIiox+Zl0Gs
U9w2IPcAYd00IMgPsKz+yZcBd/F3R61w51SArwOh3XPnDNb7DnMKz/HhhqFtspn/
fWwzKnDwzNrqqAy1QvKa/XSAjie83xU7LUi6p/MdZtlMK1W0YPWaRG9peNK/KWzC
ppOIpsY5NPTLUpxJWlemPc0SSOtENDh5A2Az2fn1PuNjIpS50q9ruVKiwtlNrMJc
XxFonQioUKhYW1Ki69m8Fp5Rvg6gy4oF7PjXn4X33N7a4fR7M7BpD+Y1CwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFDNWQGZa6J7xM20FQRYmEx5eM8MLMB8GA1UdIwQY
MBaAFCFSZkNWF/oPH9KDfsgMbYOwudYIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVZKbVExWVgtZzhmMG9OLXlBeHRnN0M1MWdnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NS9jMDcyYWUtMTVkNy00MmE4LWJmYzIt
YmM5M2NhNjc5ZTFmLzEvTTFaQVpscm9udkV6YlFWQkZpWVRIbDR6d3dzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NS9jMDcyYWUtMTVkNy00MmE4LWJmYzItYmM5M2NhNjc5ZTFm
LzEvSVZKbVExWVgtZzhmMG9OLXlBeHRnN0M1MWdnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcAKgWQgAAA
AwcAKgWQgAAEMA0GCSqGSIb3DQEBCwUAA4IBAQBJkJd6KlkpEjCUFUNBs2rCun0k
jnDQoW4z1v0nBhWAZAinG275veGCcbcJyMHdyJddFu5aq7HZDyTnGipiD5SrY4DQ
Ylkb0L2iGh9H4Qv5qAj+sGH0YgxBeL+je+OmO2Tdgo2JacS5QQ6Xz6ijp1jG9htI
qy4WUZA0qvBgMWUBDdyzb5lrNHaB6vWHA4Djs1FMEj8GGSP0gRYiiP7fk22WULtC
HXq6iGkHruJkICcdlQplJDdHoboqYTSCnbOCExQ7Aium/EzOgqmqbNiSEj+Dp9lr
ihzxaLF0Oi55RS/hgZdxdRKUB0Bk7h/4UEKIa8/JCUxVD5PvoMOUpEFAaZaF
-----END CERTIFICATE-----
Generated at Tue May 14 16:18:17 2024 by rpki-client on console-fra.rpki-client.org