Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/75/c072ae-15d7-42a8-bfc2-bc93ca679e1f/1/mwaG4NJTYrks3DUQ9il5d21CRpc.roa
File: mwaG4NJTYrks3DUQ9il5d21CRpc.roa (raw, json)
Hash identifier: 1evp8kykSnLTfg6MglC0IbynzLi/6TuPXBQZMrJrGWo=
Subject key identifier: 9B:06:86:E0:D2:53:62:B9:2C:DC:35:10:F6:29:79:77:6D:42:46:97
Certificate issuer: /CN=215266435617fa0f1fd2837ec80c6d83b0b9d608
Certificate serial: 018F2527493D74305EA709F2D63C428C6D10
Authority key identifier: 21:52:66:43:56:17:FA:0F:1F:D2:83:7E:C8:0C:6D:83:B0:B9:D6:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IVJmQ1YX-g8f0oN-yAxtg7C51gg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/75/c072ae-15d7-42a8-bfc2-bc93ca679e1f/1/mwaG4NJTYrks3DUQ9il5d21CRpc.roa
Signing time: Sun 28 Apr 2024 14:41:22 +0000
ROA not before: Sun 28 Apr 2024 14:41:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215480
IP address blocks: 2a05:9080:6::/48 maxlen: 48
2a05:9080:8::/48 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:25:27:49:3d:74:30:5e:a7:09:f2:d6:3c:42:8c:6d:10
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=215266435617fa0f1fd2837ec80c6d83b0b9d608
Validity
Not Before: Apr 28 14:41:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9b0686e0d25362b92cdc3510f62979776d424697
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:e7:36:fb:fc:ca:31:e5:2c:71:c6:d7:72:48:
25:e3:04:4b:5a:7b:d8:f4:e7:83:dd:09:10:10:90:
e4:8b:dd:03:32:d4:c3:4d:ea:99:b8:3e:ca:ce:c4:
36:ca:ce:6f:f8:09:9e:25:0b:9f:05:04:06:0d:15:
d0:39:49:59:07:e0:53:85:63:b6:a1:87:a8:9c:c1:
ac:ee:b5:f9:f5:2f:22:38:3c:24:93:81:07:19:a1:
82:d7:b3:84:da:21:b4:6b:6f:d7:26:31:61:b0:64:
f4:c9:62:5a:7b:e5:0a:0b:16:2c:24:9a:98:1c:48:
5d:65:78:89:32:78:2c:ea:a6:b4:01:3b:62:cf:00:
bb:ea:51:67:01:0c:43:94:76:b8:f8:79:6e:0c:de:
47:bf:84:d5:6d:08:f9:14:e8:7b:4e:c9:dd:c8:a0:
2b:d5:ac:f6:63:bb:bd:d6:fa:84:9e:36:23:05:d3:
8f:63:53:ca:e9:d8:07:a8:77:ea:06:84:d0:c8:cf:
82:0e:28:33:51:45:c8:20:89:12:17:90:b9:47:c1:
9c:54:c7:af:12:d0:4e:a2:ea:4f:8f:5c:44:bf:31:
21:df:03:c7:be:46:cb:6b:8b:29:fe:9e:4f:2e:33:
8a:be:06:fc:6b:ae:47:ec:2a:a0:a6:16:51:29:f3:
0b:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:06:86:E0:D2:53:62:B9:2C:DC:35:10:F6:29:79:77:6D:42:46:97
X509v3 Authority Key Identifier:
keyid:21:52:66:43:56:17:FA:0F:1F:D2:83:7E:C8:0C:6D:83:B0:B9:D6:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IVJmQ1YX-g8f0oN-yAxtg7C51gg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/75/c072ae-15d7-42a8-bfc2-bc93ca679e1f/1/mwaG4NJTYrks3DUQ9il5d21CRpc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/75/c072ae-15d7-42a8-bfc2-bc93ca679e1f/1/IVJmQ1YX-g8f0oN-yAxtg7C51gg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:9080:6::/48
2a05:9080:8::/48
Signature Algorithm: sha256WithRSAEncryption
4b:19:1b:9a:69:bc:54:d0:19:ca:b1:88:d3:5f:8f:7c:89:93:
17:45:3b:4e:3c:60:9b:a2:5b:8f:6f:52:69:ca:81:b8:4e:0a:
17:d1:b7:c9:43:f2:55:cc:ec:b8:d5:75:e3:ca:6e:c7:2f:97:
5e:0e:83:1d:ae:e9:f8:77:bb:24:0d:3e:1d:14:44:18:78:0f:
b2:1b:db:a2:97:0d:19:80:13:7b:b7:6e:a4:81:08:de:e2:ec:
87:72:95:6e:6e:a8:d3:aa:7d:f5:05:59:1d:1f:c7:35:e7:57:
aa:c3:b6:c7:27:03:2b:0f:01:a6:28:51:db:48:1a:6c:b3:a5:
07:d9:84:4f:ca:82:fc:ae:70:32:ae:07:bd:78:3f:06:9f:a8:
7b:47:6d:dc:9a:40:5a:e4:46:61:86:ab:83:fe:65:a5:cf:e7:
e4:e6:a8:48:6f:f1:d9:87:d5:08:37:8d:d8:9b:80:cc:e5:3c:
2f:cb:24:be:5f:32:d6:0f:c1:55:79:72:8d:4b:9c:ba:71:b1:
72:c4:21:18:79:ea:ec:c2:ec:cb:e9:4c:38:8d:68:64:0d:de:
aa:0e:ed:44:31:30:33:80:e4:2a:de:96:59:1b:fe:c3:02:fc:
9e:ed:08:b9:ef:63:32:a3:5a:56:e7:01:02:a8:85:5e:67:75:
19:a7:bd:2a
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY8lJ0k9dDBepwny1jxCjG0QMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxNTI2NjQzNTYxN2ZhMGYxZmQyODM3ZWM4MGM2ZDgzYjBi
OWQ2MDgwHhcNMjQwNDI4MTQ0MTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YjA2ODZlMGQyNTM2MmI5MmNkYzM1MTBmNjI5Nzk3NzZkNDI0Njk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq+c2+/zKMeUsccbXckgl4wRLWnvY
9OeD3QkQEJDki90DMtTDTeqZuD7KzsQ2ys5v+AmeJQufBQQGDRXQOUlZB+BThWO2
oYeonMGs7rX59S8iODwkk4EHGaGC17OE2iG0a2/XJjFhsGT0yWJae+UKCxYsJJqY
HEhdZXiJMngs6qa0ATtizwC76lFnAQxDlHa4+HluDN5Hv4TVbQj5FOh7TsndyKAr
1az2Y7u91vqEnjYjBdOPY1PK6dgHqHfqBoTQyM+CDigzUUXIIIkSF5C5R8GcVMev
EtBOoupPj1xEvzEh3wPHvkbLa4sp/p5PLjOKvgb8a65H7CqgphZRKfMLeQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFJsGhuDSU2K5LNw1EPYpeXdtQkaXMB8GA1UdIwQY
MBaAFCFSZkNWF/oPH9KDfsgMbYOwudYIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVZKbVExWVgtZzhmMG9OLXlBeHRnN0M1MWdnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NS9jMDcyYWUtMTVkNy00MmE4LWJmYzIt
YmM5M2NhNjc5ZTFmLzEvbXdhRzROSlRZcmtzM0RVUTlpbDVkMjFDUnBjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NS9jMDcyYWUtMTVkNy00MmE4LWJmYzItYmM5M2NhNjc5ZTFm
LzEvSVZKbVExWVgtZzhmMG9OLXlBeHRnN0M1MWdnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcAKgWQgAAG
AwcAKgWQgAAIMA0GCSqGSIb3DQEBCwUAA4IBAQBLGRuaabxU0BnKsYjTX498iZMX
RTtOPGCboluPb1JpyoG4TgoX0bfJQ/JVzOy41XXjym7HL5deDoMdrun4d7skDT4d
FEQYeA+yG9uilw0ZgBN7t26kgQje4uyHcpVubqjTqn31BVkdH8c151eqw7bHJwMr
DwGmKFHbSBpss6UH2YRPyoL8rnAyrge9eD8Gn6h7R23cmkBa5EZhhquD/mWlz+fk
5qhIb/HZh9UIN43Ym4DM5TwvyyS+XzLWD8FVeXKNS5y6cbFyxCEYeerswuzL6Uw4
jWhkDd6qDu1EMTAzgOQq3pZZG/7DAvye7Qi572Myo1pW5wECqIVeZ3UZp70q
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:15:30 2025 by rpki-client