Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/75/c072ae-15d7-42a8-bfc2-bc93ca679e1f/1/rqM2DlGn65vRcKIBH8ZEQ6uDsvA.roa
File: rqM2DlGn65vRcKIBH8ZEQ6uDsvA.roa (raw, json)
Hash identifier: tNQKyZgAqB4doIa9VnlnPUmHtRHohm38corUZ6CfKFo=
Subject key identifier: AE:A3:36:0E:51:A7:EB:9B:D1:70:A2:01:1F:C6:44:43:AB:83:B2:F0
Certificate issuer: /CN=215266435617fa0f1fd2837ec80c6d83b0b9d608
Certificate serial: 018EBD394B5708216C559FFB52D617CD4B87
Authority key identifier: 21:52:66:43:56:17:FA:0F:1F:D2:83:7E:C8:0C:6D:83:B0:B9:D6:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IVJmQ1YX-g8f0oN-yAxtg7C51gg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/75/c072ae-15d7-42a8-bfc2-bc93ca679e1f/1/rqM2DlGn65vRcKIBH8ZEQ6uDsvA.roa
Signing time: Mon 08 Apr 2024 10:20:32 +0000
ROA not before: Mon 08 Apr 2024 10:20:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 51889
IP address blocks: 2a05:9080:6::/48 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:bd:39:4b:57:08:21:6c:55:9f:fb:52:d6:17:cd:4b:87
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=215266435617fa0f1fd2837ec80c6d83b0b9d608
Validity
Not Before: Apr 8 10:20:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=aea3360e51a7eb9bd170a2011fc64443ab83b2f0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:a9:ed:9c:ad:42:8c:a3:45:2e:33:63:00:17:
13:49:29:84:64:4b:93:4f:28:91:eb:22:16:4a:40:
2c:7f:4c:cc:1a:4b:82:26:ea:95:a2:4f:51:18:5b:
ea:3e:87:d7:de:d0:60:b7:40:53:cb:4c:06:5b:8a:
58:05:98:19:d1:01:be:60:76:6a:04:28:d3:d8:9f:
8e:24:4c:4e:3f:f6:9f:2c:eb:81:24:a5:42:dd:ba:
83:ca:c4:42:68:10:a0:86:41:34:b8:7f:bc:34:9a:
22:3d:31:cb:52:58:76:59:fd:a1:60:d1:2e:6f:ac:
26:b7:a7:c8:a0:f9:41:12:5f:71:d2:4d:89:b5:cc:
3a:3d:f5:c1:01:70:39:ad:50:26:16:39:26:c5:0b:
75:33:a1:b6:84:be:1e:ae:05:43:97:c6:e3:b1:f0:
c9:5f:2c:f5:97:d9:48:d7:5e:d7:9f:b9:fe:bf:66:
d7:cf:17:aa:fb:98:d7:dc:b4:7d:c5:e6:58:a1:02:
32:0d:e1:cb:54:36:b7:e1:d8:72:b0:fb:36:59:b9:
4a:0b:6b:b4:9f:08:9c:92:bb:a3:fe:2f:de:7d:68:
a7:f8:78:58:0a:c9:b1:e7:18:20:fb:17:71:4a:ee:
67:f1:67:b1:90:76:e5:4e:0f:60:9e:d3:15:bd:6a:
73:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:A3:36:0E:51:A7:EB:9B:D1:70:A2:01:1F:C6:44:43:AB:83:B2:F0
X509v3 Authority Key Identifier:
keyid:21:52:66:43:56:17:FA:0F:1F:D2:83:7E:C8:0C:6D:83:B0:B9:D6:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IVJmQ1YX-g8f0oN-yAxtg7C51gg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/75/c072ae-15d7-42a8-bfc2-bc93ca679e1f/1/rqM2DlGn65vRcKIBH8ZEQ6uDsvA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/75/c072ae-15d7-42a8-bfc2-bc93ca679e1f/1/IVJmQ1YX-g8f0oN-yAxtg7C51gg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:9080:6::/48
Signature Algorithm: sha256WithRSAEncryption
3a:5c:4c:5d:3b:f8:c3:11:f3:df:e9:a9:d5:4b:71:d5:1d:2d:
8f:1b:d7:98:7a:b6:19:82:59:26:7c:ec:2a:e2:f2:66:eb:83:
08:31:44:b0:5b:3b:e8:61:01:5f:3e:04:f9:f2:94:30:4f:9c:
70:2f:d9:87:0a:9e:e2:a6:4b:04:d7:90:8f:9d:66:49:4f:20:
1e:fa:20:90:36:d7:a2:84:4d:74:2f:97:70:73:c0:3e:ea:bb:
0d:df:33:74:5f:ee:56:52:6d:d6:6b:3d:34:7a:21:98:49:8a:
28:e1:a9:90:4c:41:10:de:2b:4d:8e:5b:1a:f3:32:e4:0b:8a:
8b:f0:d4:a8:1f:7f:78:04:71:12:cd:d9:7d:2a:93:4c:71:86:
d6:6d:28:eb:b4:8f:0a:a7:fd:49:fd:07:d4:db:80:e0:79:e8:
95:08:d1:4a:f0:63:20:94:c6:12:da:33:47:f0:ac:96:d7:fe:
f8:eb:a5:79:56:ce:23:47:df:56:b2:c5:ec:4e:b5:58:9e:4b:
05:8e:4f:25:df:6c:ee:8e:08:c8:cf:69:96:a9:f1:2c:11:b1:
07:f9:cf:62:85:44:22:af:98:a3:c0:7b:05:d3:c3:21:e2:69:
cf:56:27:a2:32:d4:23:cc:10:30:52:81:48:fe:ea:be:5b:75:
95:62:22:aa
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAY69OUtXCCFsVZ/7UtYXzUuHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxNTI2NjQzNTYxN2ZhMGYxZmQyODM3ZWM4MGM2ZDgzYjBi
OWQ2MDgwHhcNMjQwNDA4MTAyMDMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZWEzMzYwZTUxYTdlYjliZDE3MGEyMDExZmM2NDQ0M2FiODNiMmYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyqntnK1CjKNFLjNjABcTSSmEZEuT
TyiR6yIWSkAsf0zMGkuCJuqVok9RGFvqPofX3tBgt0BTy0wGW4pYBZgZ0QG+YHZq
BCjT2J+OJExOP/afLOuBJKVC3bqDysRCaBCghkE0uH+8NJoiPTHLUlh2Wf2hYNEu
b6wmt6fIoPlBEl9x0k2Jtcw6PfXBAXA5rVAmFjkmxQt1M6G2hL4ergVDl8bjsfDJ
Xyz1l9lI117Xn7n+v2bXzxeq+5jX3LR9xeZYoQIyDeHLVDa34dhysPs2WblKC2u0
nwickruj/i/efWin+HhYCsmx5xgg+xdxSu5n8WexkHblTg9gntMVvWpznQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFK6jNg5Rp+ub0XCiAR/GREOrg7LwMB8GA1UdIwQY
MBaAFCFSZkNWF/oPH9KDfsgMbYOwudYIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVZKbVExWVgtZzhmMG9OLXlBeHRnN0M1MWdnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NS9jMDcyYWUtMTVkNy00MmE4LWJmYzIt
YmM5M2NhNjc5ZTFmLzEvcnFNMkRsR242NXZSY0tJQkg4WkVRNnVEc3ZBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NS9jMDcyYWUtMTVkNy00MmE4LWJmYzItYmM5M2NhNjc5ZTFm
LzEvSVZKbVExWVgtZzhmMG9OLXlBeHRnN0M1MWdnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgWQgAAG
MA0GCSqGSIb3DQEBCwUAA4IBAQA6XExdO/jDEfPf6anVS3HVHS2PG9eYerYZglkm
fOwq4vJm64MIMUSwWzvoYQFfPgT58pQwT5xwL9mHCp7ipksE15CPnWZJTyAe+iCQ
NteihE10L5dwc8A+6rsN3zN0X+5WUm3Waz00eiGYSYoo4amQTEEQ3itNjlsa8zLk
C4qL8NSoH394BHESzdl9KpNMcYbWbSjrtI8Kp/1J/QfU24DgeeiVCNFK8GMglMYS
2jNH8KyW1/7466V5Vs4jR99WssXsTrVYnksFjk8l32zujgjIz2mWqfEsEbEH+c9i
hUQir5ijwHsF08Mh4mnPVieiMtQjzBAwUoFI/uq+W3WVYiKq
-----END CERTIFICATE-----
Generated at Fri Apr 18 13:44:51 2025 by rpki-client