Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/76/1be999-5a59-4c10-92ff-da1b58618841/1/8M5zTIJwwRfh8ogw2FDk_6xbPd8.roa
File: 8M5zTIJwwRfh8ogw2FDk_6xbPd8.roa (raw, json)
Hash identifier: 99Z0JtZVHPT/msvOTZFqDZFddVUM0s5osIOmfhj/W7k=
Subject key identifier: F0:CE:73:4C:82:70:C1:17:E1:F2:88:30:D8:50:E4:FF:AC:5B:3D:DF
Certificate issuer: /CN=eefbe8369a7bbc03a86fbe639b7efaa02b717287
Certificate serial: 018410037173C95E3E07B981149F4DFA4A05
Authority key identifier: EE:FB:E8:36:9A:7B:BC:03:A8:6F:BE:63:9B:7E:FA:A0:2B:71:72:87
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7vvoNpp7vAOob75jm376oCtxcoc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/76/1be999-5a59-4c10-92ff-da1b58618841/1/8M5zTIJwwRfh8ogw2FDk_6xbPd8.roa
Signing time: Tue 25 Oct 2022 16:39:31 +0000
ROA not before: Tue 25 Oct 2022 16:39:31 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 0
IP address blocks: 2a0f:6283::/32 maxlen: 40
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:10:03:71:73:c9:5e:3e:07:b9:81:14:9f:4d:fa:4a:05
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=eefbe8369a7bbc03a86fbe639b7efaa02b717287
Validity
Not Before: Oct 25 16:39:31 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f0ce734c8270c117e1f28830d850e4ffac5b3ddf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:74:b8:fe:7a:6c:40:97:80:49:6d:96:2e:b2:
e5:8d:0e:5c:f7:39:17:f3:2d:dc:cc:31:c8:cb:cf:
58:e6:01:a8:46:d2:ff:ba:64:0a:52:ab:95:84:d4:
35:6d:e3:ea:67:34:60:33:17:ef:b6:28:e9:09:c2:
dd:32:81:58:c7:78:f3:5f:9f:54:a2:94:5d:c5:b6:
dc:56:ca:fd:4c:f0:ad:ff:a6:bf:3d:39:34:ea:e8:
fb:52:90:e2:94:bf:60:2b:d9:e5:1c:8e:55:e9:5b:
d8:4c:dd:fb:15:66:4e:55:3f:fb:62:7b:70:26:b5:
44:d0:24:9c:b0:97:4b:5c:dc:b6:ec:47:66:55:87:
df:67:f8:1f:cf:13:35:d7:67:24:d1:63:cb:3d:32:
39:16:51:38:19:4d:3f:2c:2e:26:7a:f9:26:c9:17:
75:8a:5e:dd:e3:c0:2e:80:9e:38:9d:73:37:44:8d:
fc:87:33:8e:0b:ef:5c:52:9c:b4:ea:a3:47:d4:1c:
05:8e:10:2a:ff:42:1e:c6:55:76:db:c9:69:af:0e:
aa:b7:86:44:92:d3:bc:ae:29:f2:73:8e:06:d4:a2:
4f:a6:af:5c:8b:37:1a:c2:74:f8:b0:b5:06:b1:26:
4e:94:42:0d:fa:ff:40:24:65:87:91:11:70:05:9e:
57:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:CE:73:4C:82:70:C1:17:E1:F2:88:30:D8:50:E4:FF:AC:5B:3D:DF
X509v3 Authority Key Identifier:
keyid:EE:FB:E8:36:9A:7B:BC:03:A8:6F:BE:63:9B:7E:FA:A0:2B:71:72:87
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7vvoNpp7vAOob75jm376oCtxcoc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/76/1be999-5a59-4c10-92ff-da1b58618841/1/8M5zTIJwwRfh8ogw2FDk_6xbPd8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/76/1be999-5a59-4c10-92ff-da1b58618841/1/7vvoNpp7vAOob75jm376oCtxcoc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:6283::/32
Signature Algorithm: sha256WithRSAEncryption
60:41:78:2d:ce:b8:64:49:e7:87:ee:df:8a:80:c0:bf:98:2d:
ba:f7:ec:29:59:7e:4d:75:69:b8:d7:0d:da:47:96:ee:28:f1:
18:19:18:ac:44:c4:24:1d:fc:73:a3:0d:e9:0e:b2:ed:aa:d2:
ab:96:ab:45:36:fc:3b:c7:fa:2c:6d:6f:bc:e0:51:38:05:9f:
0d:00:3a:28:8f:b5:64:6e:06:da:b7:7d:3a:dc:f2:59:af:dd:
f7:ff:e1:3b:d2:f4:1e:49:cd:a6:81:a3:97:b0:81:60:ee:74:
03:66:e5:8a:0e:79:db:8a:d2:d2:23:b8:18:65:ba:a5:1b:ac:
e9:2f:b4:2d:c7:9d:4c:2b:4e:65:61:f3:99:23:81:2b:e5:20:
83:73:c2:7a:8a:4f:1d:02:1f:9f:7d:85:89:6c:ae:a8:6c:80:
e6:33:6b:ef:59:ee:41:1a:a8:a1:35:fc:3d:af:9d:d5:a7:0f:
7f:3d:de:c9:de:3e:5a:b0:77:7d:07:37:eb:c4:dd:33:be:7c:
45:4b:8c:5f:ad:59:0f:3d:73:5a:9d:1f:b7:0a:c4:99:76:f4:
83:d4:79:f2:54:27:0f:a8:3f:e7:ff:1d:86:92:ce:d5:ba:b2:
a1:02:15:d4:69:87:cc:97:c4:6e:c7:21:a3:cd:b3:32:c7:c6:
be:40:30:b6
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYQQA3FzyV4+B7mBFJ9N+koFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVlZmJlODM2OWE3YmJjMDNhODZmYmU2MzliN2VmYWEwMmI3
MTcyODcwHhcNMjIxMDI1MTYzOTMxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMGNlNzM0YzgyNzBjMTE3ZTFmMjg4MzBkODUwZTRmZmFjNWIzZGRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5HS4/npsQJeASW2WLrLljQ5c9zkX
8y3czDHIy89Y5gGoRtL/umQKUquVhNQ1bePqZzRgMxfvtijpCcLdMoFYx3jzX59U
opRdxbbcVsr9TPCt/6a/PTk06uj7UpDilL9gK9nlHI5V6VvYTN37FWZOVT/7Yntw
JrVE0CScsJdLXNy27EdmVYffZ/gfzxM112ck0WPLPTI5FlE4GU0/LC4mevkmyRd1
il7d48AugJ44nXM3RI38hzOOC+9cUpy06qNH1BwFjhAq/0IexlV228lprw6qt4ZE
ktO8rinyc44G1KJPpq9cizcawnT4sLUGsSZOlEIN+v9AJGWHkRFwBZ5XnwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFPDOc0yCcMEX4fKIMNhQ5P+sWz3fMB8GA1UdIwQY
MBaAFO776Daae7wDqG++Y5t++qArcXKHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN3Z2b05wcDd2QU9vYjc1am0zNzZvQ3R4Y29jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ni8xYmU5OTktNWE1OS00YzEwLTkyZmYt
ZGExYjU4NjE4ODQxLzEvOE01elRJSnd3UmZoOG9ndzJGRGtfNnhiUGQ4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ni8xYmU5OTktNWE1OS00YzEwLTkyZmYtZGExYjU4NjE4ODQx
LzEvN3Z2b05wcDd2QU9vYjc1am0zNzZvQ3R4Y29jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKg9igzAN
BgkqhkiG9w0BAQsFAAOCAQEAYEF4Lc64ZEnnh+7fioDAv5gtuvfsKVl+TXVpuNcN
2keW7ijxGBkYrETEJB38c6MN6Q6y7arSq5arRTb8O8f6LG1vvOBROAWfDQA6KI+1
ZG4G2rd9OtzyWa/d9//hO9L0HknNpoGjl7CBYO50A2blig5524rS0iO4GGW6pRus
6S+0LcedTCtOZWHzmSOBK+Ugg3PCeopPHQIfn32FiWyuqGyA5jNr71nuQRqooTX8
Pa+d1acPfz3eyd4+WrB3fQc368TdM758RUuMX61ZDz1zWp0ftwrEmXb0g9R58lQn
D6g/5/8dhpLO1bqyoQIV1GmHzJfEbscho82zMsfGvkAwtg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:18:23 2024 by rpki-client on console-ams.rpki-client.org