Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/76/1be999-5a59-4c10-92ff-da1b58618841/1/RUHOUPUlC4SkdvYyHd80EzzuP9Y.roa
File: RUHOUPUlC4SkdvYyHd80EzzuP9Y.roa (raw, json)
Hash identifier: D87bLxsfPbeh/iZNdPI6I6Mgl1oOUdDA48J61yhcU7w=
Subject key identifier: 45:41:CE:50:F5:25:0B:84:A4:76:F6:32:1D:DF:34:13:3C:EE:3F:D6
Certificate issuer: /CN=eefbe8369a7bbc03a86fbe639b7efaa02b717287
Certificate serial: 018CC5DC0C0369569E2C211C36CDAFAD57DB
Authority key identifier: EE:FB:E8:36:9A:7B:BC:03:A8:6F:BE:63:9B:7E:FA:A0:2B:71:72:87
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7vvoNpp7vAOob75jm376oCtxcoc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/76/1be999-5a59-4c10-92ff-da1b58618841/1/RUHOUPUlC4SkdvYyHd80EzzuP9Y.roa
Signing time: Mon 01 Jan 2024 16:29:41 +0000
ROA not before: Mon 01 Jan 2024 16:29:41 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 205719
IP address blocks: 2a0f:6287:10::/48 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dc:0c:03:69:56:9e:2c:21:1c:36:cd:af:ad:57:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=eefbe8369a7bbc03a86fbe639b7efaa02b717287
Validity
Not Before: Jan 1 16:29:41 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4541ce50f5250b84a476f6321ddf34133cee3fd6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:1b:b7:61:ba:24:77:ea:56:1a:65:ce:72:7b:
1e:a5:56:2e:2b:8c:f2:97:81:95:bd:0d:f2:d3:3f:
49:75:c2:8e:18:77:c0:0b:76:1e:ad:d4:e4:a9:77:
04:25:3f:fe:33:73:fd:a8:e7:18:1e:e1:7f:4e:05:
82:9d:43:e8:c2:9f:d1:8c:40:3c:77:32:a2:a9:b7:
1b:ad:ed:46:65:2c:3d:e9:51:bb:c4:70:a9:de:95:
4d:bb:dc:ab:20:01:71:90:7f:cc:10:c4:4f:e6:57:
0f:40:4b:b5:a6:76:b8:16:9b:f0:d8:b9:55:98:68:
65:e3:7d:d9:2f:ba:e5:1c:f8:a3:6a:8f:f9:3a:c6:
c1:fd:87:53:96:38:a0:57:8b:7b:f4:7b:8e:32:a4:
28:47:72:fa:57:94:bd:a7:39:83:20:2b:ad:d7:18:
36:a6:09:fb:8e:25:1d:c2:ea:41:e8:89:6e:a1:a9:
de:6c:43:db:bb:2f:2f:ca:52:e8:35:3f:d4:20:23:
8f:b8:ed:bf:62:64:44:16:8a:b5:15:90:8b:db:ca:
62:5a:bd:a7:a9:77:9b:91:f1:e3:aa:3c:f1:73:ed:
36:fa:d1:0c:ab:e9:dd:89:cd:14:2d:d5:96:64:a4:
43:d7:5b:73:9b:a6:f4:c6:6b:79:da:d6:ec:7f:df:
05:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:41:CE:50:F5:25:0B:84:A4:76:F6:32:1D:DF:34:13:3C:EE:3F:D6
X509v3 Authority Key Identifier:
keyid:EE:FB:E8:36:9A:7B:BC:03:A8:6F:BE:63:9B:7E:FA:A0:2B:71:72:87
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7vvoNpp7vAOob75jm376oCtxcoc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/76/1be999-5a59-4c10-92ff-da1b58618841/1/RUHOUPUlC4SkdvYyHd80EzzuP9Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/76/1be999-5a59-4c10-92ff-da1b58618841/1/7vvoNpp7vAOob75jm376oCtxcoc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:6287:10::/48
Signature Algorithm: sha256WithRSAEncryption
18:1f:ff:00:ca:6a:56:f1:05:0a:27:e3:02:d2:fc:ad:bd:17:
62:09:1c:c2:20:bb:8c:38:d6:9a:0d:ca:a9:ab:e3:00:89:15:
2a:67:07:cd:1b:55:d2:55:0e:15:15:c0:87:b5:86:55:6d:ef:
9a:bc:e7:15:15:13:fe:1c:31:6b:fd:9e:e3:1b:1d:39:6e:3f:
bf:c3:55:60:21:c1:0d:e3:7d:37:48:14:14:c3:62:9c:aa:6b:
9c:b2:aa:87:44:d8:65:ff:ce:ff:d4:13:1c:fd:6a:3a:b9:74:
14:67:87:b2:1e:42:ca:8b:67:a1:8e:de:57:09:62:ae:34:50:
8e:47:8c:f2:1e:2b:d5:b5:28:25:b5:e8:d6:f4:19:36:71:b2:
56:01:2f:a4:28:e8:05:d7:c3:55:b0:24:52:2f:b0:bd:1d:16:
b4:2b:64:dd:d0:3f:85:68:24:2f:07:59:59:e6:ff:15:fe:c1:
eb:c5:96:c5:d1:e5:f6:57:86:a3:3d:3a:16:4d:a8:30:52:47:
de:59:7b:94:49:82:64:6a:a6:f3:0b:22:52:55:e6:be:25:2a:
50:b8:5a:15:27:3d:4e:cd:c5:46:fc:7b:f4:c9:3a:fc:e2:88:
19:99:ba:fa:83:89:b7:5a:35:13:23:a1:78:72:e9:cd:6e:6f:
ce:7d:e0:2a
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYzF3AwDaVaeLCEcNs2vrVfbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVlZmJlODM2OWE3YmJjMDNhODZmYmU2MzliN2VmYWEwMmI3
MTcyODcwHhcNMjQwMTAxMTYyOTQxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NTQxY2U1MGY1MjUwYjg0YTQ3NmY2MzIxZGRmMzQxMzNjZWUzZmQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjBu3Ybokd+pWGmXOcnsepVYuK4zy
l4GVvQ3y0z9JdcKOGHfAC3YerdTkqXcEJT/+M3P9qOcYHuF/TgWCnUPowp/RjEA8
dzKiqbcbre1GZSw96VG7xHCp3pVNu9yrIAFxkH/MEMRP5lcPQEu1pna4Fpvw2LlV
mGhl433ZL7rlHPijao/5OsbB/YdTljigV4t79HuOMqQoR3L6V5S9pzmDICut1xg2
pgn7jiUdwupB6IluoanebEPbuy8vylLoNT/UICOPuO2/YmREFoq1FZCL28piWr2n
qXebkfHjqjzxc+02+tEMq+ndic0ULdWWZKRD11tzm6b0xmt52tbsf98FaQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFEVBzlD1JQuEpHb2Mh3fNBM87j/WMB8GA1UdIwQY
MBaAFO776Daae7wDqG++Y5t++qArcXKHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN3Z2b05wcDd2QU9vYjc1am0zNzZvQ3R4Y29jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ni8xYmU5OTktNWE1OS00YzEwLTkyZmYt
ZGExYjU4NjE4ODQxLzEvUlVIT1VQVWxDNFNrZHZZeUhkODBFenp1UDlZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ni8xYmU5OTktNWE1OS00YzEwLTkyZmYtZGExYjU4NjE4ODQx
LzEvN3Z2b05wcDd2QU9vYjc1am0zNzZvQ3R4Y29jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg9ihwAQ
MA0GCSqGSIb3DQEBCwUAA4IBAQAYH/8AympW8QUKJ+MC0vytvRdiCRzCILuMONaa
Dcqpq+MAiRUqZwfNG1XSVQ4VFcCHtYZVbe+avOcVFRP+HDFr/Z7jGx05bj+/w1Vg
IcEN4303SBQUw2KcqmucsqqHRNhl/87/1BMc/Wo6uXQUZ4eyHkLKi2ehjt5XCWKu
NFCOR4zyHivVtSgltejW9Bk2cbJWAS+kKOgF18NVsCRSL7C9HRa0K2Td0D+FaCQv
B1lZ5v8V/sHrxZbF0eX2V4ajPToWTagwUkfeWXuUSYJkaqbzCyJSVea+JSpQuFoV
Jz1OzcVG/Hv0yTr84ogZmbr6g4m3WjUTI6F4cunNbm/OfeAq
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:17:00 2025 by rpki-client