Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/75/c072ae-15d7-42a8-bfc2-bc93ca679e1f/1/P9-ISppWVX0oyBBNvJIVfpWXNmg.roa
File: P9-ISppWVX0oyBBNvJIVfpWXNmg.roa (raw, json)
Hash identifier: LabG8Rt0UvP6ihO/u6TBK4+ZRgko4JUxjJR/QzZwhlY=
Subject key identifier: 3F:DF:88:4A:9A:56:55:7D:28:C8:10:4D:BC:92:15:7E:95:97:36:68
Certificate issuer: /CN=215266435617fa0f1fd2837ec80c6d83b0b9d608
Certificate serial: 018D5967EDCB8811D3D2D3AE9570BD2AECCB
Authority key identifier: 21:52:66:43:56:17:FA:0F:1F:D2:83:7E:C8:0C:6D:83:B0:B9:D6:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IVJmQ1YX-g8f0oN-yAxtg7C51gg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/75/c072ae-15d7-42a8-bfc2-bc93ca679e1f/1/P9-ISppWVX0oyBBNvJIVfpWXNmg.roa
Signing time: Tue 30 Jan 2024 08:06:39 +0000
ROA not before: Tue 30 Jan 2024 08:06:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 198154
IP address blocks: 2a05:9080::/48 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:59:67:ed:cb:88:11:d3:d2:d3:ae:95:70:bd:2a:ec:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=215266435617fa0f1fd2837ec80c6d83b0b9d608
Validity
Not Before: Jan 30 08:06:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3fdf884a9a56557d28c8104dbc92157e95973668
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:5c:cd:82:ed:d3:f0:50:76:81:32:78:27:cb:
31:95:4a:db:1b:15:ab:14:ac:46:d2:b2:34:7b:6a:
64:55:6e:41:e6:b6:65:38:e4:49:c3:4e:ae:63:9a:
11:66:e7:da:c4:a8:22:a2:27:7a:11:e4:8f:81:33:
2d:99:bb:81:62:46:1b:e4:8c:d4:40:d4:63:95:de:
6e:01:3d:f2:9a:12:db:77:01:d0:ec:7c:7c:06:b4:
65:a7:86:81:fe:66:43:5f:61:48:fb:95:0f:97:f9:
65:62:1b:17:ee:3e:ec:97:7e:05:57:e6:91:70:72:
7b:4b:78:f0:6b:bb:d0:da:90:f1:cf:50:6a:31:f7:
58:2e:5d:3f:31:ea:06:0b:86:b0:7b:28:0e:08:79:
74:de:46:14:43:ce:ea:f6:99:ae:22:e4:a6:c8:5f:
1c:97:f2:f4:d2:30:47:d3:2d:55:1e:63:da:db:0e:
21:32:fb:98:0e:84:38:f5:96:b0:4b:8b:15:49:65:
ea:c5:60:be:f3:10:b4:83:92:25:28:e8:03:88:7f:
70:30:c5:ba:da:5d:8d:67:6a:b5:4e:a7:a3:6f:c3:
bb:7d:fa:ea:b4:21:91:50:46:60:9d:65:84:67:da:
6a:ef:9f:53:d6:f7:c5:80:e8:02:1c:0c:62:d3:e5:
6a:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:DF:88:4A:9A:56:55:7D:28:C8:10:4D:BC:92:15:7E:95:97:36:68
X509v3 Authority Key Identifier:
keyid:21:52:66:43:56:17:FA:0F:1F:D2:83:7E:C8:0C:6D:83:B0:B9:D6:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IVJmQ1YX-g8f0oN-yAxtg7C51gg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/75/c072ae-15d7-42a8-bfc2-bc93ca679e1f/1/P9-ISppWVX0oyBBNvJIVfpWXNmg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/75/c072ae-15d7-42a8-bfc2-bc93ca679e1f/1/IVJmQ1YX-g8f0oN-yAxtg7C51gg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:9080::/48
Signature Algorithm: sha256WithRSAEncryption
1b:a0:ee:7d:fa:ac:6f:98:a4:4e:8c:da:ab:8d:2b:b6:a8:e1:
48:10:34:45:ec:4b:71:c7:25:ab:e2:23:90:74:19:a0:d6:0a:
27:b9:d8:9f:15:df:48:f7:61:60:70:a8:73:f4:45:61:09:62:
9f:04:f4:d7:c4:71:7e:be:7d:33:cf:5f:d7:f5:86:db:18:ea:
4a:ef:0d:75:47:dd:ee:d2:e8:60:a2:98:04:ad:53:91:42:3a:
25:c1:ba:a4:48:60:17:0a:68:9e:70:ad:56:18:6f:49:11:ca:
0a:5a:76:03:db:d6:af:4c:97:96:df:23:cb:cf:70:95:a8:28:
95:ed:df:b7:a6:2c:56:49:c5:e0:74:36:f6:fe:77:92:ca:da:
ba:14:83:e5:23:c1:86:03:a0:1c:59:09:0d:46:e4:f8:78:4e:
ad:ee:fc:58:29:35:65:7a:92:27:29:36:3c:58:c9:a1:05:fd:
d6:74:1a:2c:44:09:60:60:3f:66:80:f4:f2:54:b3:c9:f3:a5:
47:25:8f:56:e0:37:4d:de:a3:e4:77:c8:e7:56:1f:fd:18:bf:
2b:c8:05:f0:f5:8c:e7:e8:c9:77:0d:d2:cd:37:6f:3c:ef:b0:
26:9f:2e:57:26:34:17:d3:47:20:64:ce:d6:33:d7:a6:61:73:
68:5d:40:ce
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAY1ZZ+3LiBHT0tOulXC9KuzLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxNTI2NjQzNTYxN2ZhMGYxZmQyODM3ZWM4MGM2ZDgzYjBi
OWQ2MDgwHhcNMjQwMTMwMDgwNjM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZmRmODg0YTlhNTY1NTdkMjhjODEwNGRiYzkyMTU3ZTk1OTczNjY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArVzNgu3T8FB2gTJ4J8sxlUrbGxWr
FKxG0rI0e2pkVW5B5rZlOORJw06uY5oRZufaxKgioid6EeSPgTMtmbuBYkYb5IzU
QNRjld5uAT3ymhLbdwHQ7Hx8BrRlp4aB/mZDX2FI+5UPl/llYhsX7j7sl34FV+aR
cHJ7S3jwa7vQ2pDxz1BqMfdYLl0/MeoGC4aweygOCHl03kYUQ87q9pmuIuSmyF8c
l/L00jBH0y1VHmPa2w4hMvuYDoQ49ZawS4sVSWXqxWC+8xC0g5IlKOgDiH9wMMW6
2l2NZ2q1Tqejb8O7ffrqtCGRUEZgnWWEZ9pq759T1vfFgOgCHAxi0+Vq/wIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFD/fiEqaVlV9KMgQTbySFX6VlzZoMB8GA1UdIwQY
MBaAFCFSZkNWF/oPH9KDfsgMbYOwudYIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVZKbVExWVgtZzhmMG9OLXlBeHRnN0M1MWdnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NS9jMDcyYWUtMTVkNy00MmE4LWJmYzIt
YmM5M2NhNjc5ZTFmLzEvUDktSVNwcFdWWDBveUJCTnZKSVZmcFdYTm1nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NS9jMDcyYWUtMTVkNy00MmE4LWJmYzItYmM5M2NhNjc5ZTFm
LzEvSVZKbVExWVgtZzhmMG9OLXlBeHRnN0M1MWdnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgWQgAAA
MA0GCSqGSIb3DQEBCwUAA4IBAQAboO59+qxvmKROjNqrjSu2qOFIEDRF7EtxxyWr
4iOQdBmg1gonudifFd9I92FgcKhz9EVhCWKfBPTXxHF+vn0zz1/X9YbbGOpK7w11
R93u0uhgopgErVORQjolwbqkSGAXCmiecK1WGG9JEcoKWnYD29avTJeW3yPLz3CV
qCiV7d+3pixWScXgdDb2/neSytq6FIPlI8GGA6AcWQkNRuT4eE6t7vxYKTVlepIn
KTY8WMmhBf3WdBosRAlgYD9mgPTyVLPJ86VHJY9W4DdN3qPkd8jnVh/9GL8ryAXw
9Yzn6Ml3DdLNN28877Amny5XJjQX00cgZM7WM9emYXNoXUDO
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:18:19 2024 by rpki-client on console-ams.rpki-client.org