Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/76/1be999-5a59-4c10-92ff-da1b58618841/1/rP7ru3NExi-2iG2HjWOM4oB1pTk.roa
File: rP7ru3NExi-2iG2HjWOM4oB1pTk.roa (raw, json)
Hash identifier: 95dvHgHDk9vtDLOze6iam0W3pBB7QGgkXsdtKxpwx70=
Subject key identifier: AC:FE:EB:BB:73:44:C6:2F:B6:88:6D:87:8D:63:8C:E2:80:75:A5:39
Certificate issuer: /CN=eefbe8369a7bbc03a86fbe639b7efaa02b717287
Certificate serial: 0182B91F59454E904D24FAFB6638348F80C8
Authority key identifier: EE:FB:E8:36:9A:7B:BC:03:A8:6F:BE:63:9B:7E:FA:A0:2B:71:72:87
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7vvoNpp7vAOob75jm376oCtxcoc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/76/1be999-5a59-4c10-92ff-da1b58618841/1/rP7ru3NExi-2iG2HjWOM4oB1pTk.roa
Signing time: Sat 20 Aug 2022 02:40:15 +0000
ROA not before: Sat 20 Aug 2022 02:40:15 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 0
IP address blocks: 2a0f:6287:1::/48 maxlen: 48
2a0f:6287:3::/48 maxlen: 48
2a0f:6287::/48 maxlen: 48
2a0f:6287:2::/48 maxlen: 48
2a0f:6287:4::/48 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:b9:1f:59:45:4e:90:4d:24:fa:fb:66:38:34:8f:80:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=eefbe8369a7bbc03a86fbe639b7efaa02b717287
Validity
Not Before: Aug 20 02:40:15 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=acfeebbb7344c62fb6886d878d638ce28075a539
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:82:44:22:b7:3d:6b:a2:f9:06:ef:d6:a9:73:
87:78:4c:02:08:2d:41:2e:9a:7d:67:5c:a4:ef:27:
67:9e:3b:32:16:af:ed:6a:ba:4c:ff:eb:59:5d:bc:
60:4a:0f:16:c7:58:c8:e7:75:00:98:ba:18:1b:e4:
6e:7b:9f:e3:87:e1:d1:a4:05:1c:0c:35:7c:b3:02:
66:a8:19:84:a9:4e:91:1d:1c:f0:85:cf:78:48:3b:
fd:72:20:ca:0b:5c:df:1e:de:45:5a:8c:9f:c6:fc:
b1:f3:8a:20:55:16:95:59:35:64:f4:e5:20:d2:c3:
dd:89:99:07:95:09:d0:0e:20:2f:ee:29:61:9f:be:
fd:3e:22:e6:ca:1b:23:b0:58:df:ae:e5:5f:04:de:
ee:82:40:94:d0:e5:b9:38:88:24:01:35:bf:73:3e:
db:40:02:df:c1:92:11:76:b2:55:ac:ad:e2:6f:d0:
3e:3c:06:94:95:7b:f9:bf:d5:43:19:e4:d4:89:b2:
cd:9c:c2:3b:81:84:fc:05:44:f7:10:ce:fd:1f:48:
a3:6f:6f:ea:a9:21:62:3e:6c:d5:2a:b3:a7:ac:0b:
9d:d9:c7:10:eb:de:58:14:5f:f0:4e:db:5d:0f:0a:
83:7d:42:d0:72:83:38:13:99:af:d7:f6:b5:e8:78:
3a:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:FE:EB:BB:73:44:C6:2F:B6:88:6D:87:8D:63:8C:E2:80:75:A5:39
X509v3 Authority Key Identifier:
keyid:EE:FB:E8:36:9A:7B:BC:03:A8:6F:BE:63:9B:7E:FA:A0:2B:71:72:87
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7vvoNpp7vAOob75jm376oCtxcoc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/76/1be999-5a59-4c10-92ff-da1b58618841/1/rP7ru3NExi-2iG2HjWOM4oB1pTk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/76/1be999-5a59-4c10-92ff-da1b58618841/1/7vvoNpp7vAOob75jm376oCtxcoc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:6287::-2a0f:6287:4:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
32:4c:3d:aa:27:37:48:51:f1:e2:6f:34:12:8a:c7:29:b7:ed:
90:b9:a9:28:a7:8a:e3:5d:5d:aa:b4:28:ce:7a:53:66:0f:10:
09:7c:bd:66:4b:a2:08:33:51:0a:d5:31:67:d8:34:de:c4:92:
f9:96:43:1a:66:5f:ee:89:1d:d8:5e:50:b8:23:97:5c:e4:8b:
6f:c1:ef:65:70:79:eb:bf:60:32:d5:7d:d1:a0:2b:88:51:10:
d8:31:f5:1b:07:85:cc:89:ac:49:5e:a9:1e:e6:31:0a:59:53:
59:34:ee:b7:5a:66:6b:a5:94:68:e4:e7:be:36:7f:a2:55:13:
0d:39:aa:84:58:72:04:a0:fb:7b:e0:2b:1b:21:03:15:a5:04:
00:41:14:f7:5d:ba:9b:da:88:8d:a3:f0:ee:d3:36:59:c0:a1:
9e:45:de:de:10:1e:7d:15:3f:41:ee:ab:b3:a6:6f:1d:6b:d9:
63:6b:c8:ab:f3:f7:f0:27:01:59:d5:2d:fb:db:9b:3d:f9:03:
f7:f7:79:21:f1:1c:a7:a9:c8:8f:10:5a:5b:a5:77:f3:6d:54:
47:c6:9c:92:ea:7c:13:7f:d6:4b:21:b4:1f:66:72:8a:dd:e8:
15:cf:9a:6d:18:e5:55:d5:83:70:5b:3f:8b:6d:b5:df:7f:d7:
ae:08:4b:84
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYK5H1lFTpBNJPr7Zjg0j4DIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVlZmJlODM2OWE3YmJjMDNhODZmYmU2MzliN2VmYWEwMmI3
MTcyODcwHhcNMjIwODIwMDI0MDE1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhY2ZlZWJiYjczNDRjNjJmYjY4ODZkODc4ZDYzOGNlMjgwNzVhNTM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3YJEIrc9a6L5Bu/WqXOHeEwCCC1B
Lpp9Z1yk7ydnnjsyFq/tarpM/+tZXbxgSg8Wx1jI53UAmLoYG+Rue5/jh+HRpAUc
DDV8swJmqBmEqU6RHRzwhc94SDv9ciDKC1zfHt5FWoyfxvyx84ogVRaVWTVk9OUg
0sPdiZkHlQnQDiAv7ilhn779PiLmyhsjsFjfruVfBN7ugkCU0OW5OIgkATW/cz7b
QALfwZIRdrJVrK3ib9A+PAaUlXv5v9VDGeTUibLNnMI7gYT8BUT3EM79H0ijb2/q
qSFiPmzVKrOnrAud2ccQ695YFF/wTttdDwqDfULQcoM4E5mv1/a16Hg6GwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFKz+67tzRMYvtohth41jjOKAdaU5MB8GA1UdIwQY
MBaAFO776Daae7wDqG++Y5t++qArcXKHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN3Z2b05wcDd2QU9vYjc1am0zNzZvQ3R4Y29jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ni8xYmU5OTktNWE1OS00YzEwLTkyZmYt
ZGExYjU4NjE4ODQxLzEvclA3cnUzTkV4aS0yaUcySGpXT000b0IxcFRrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ni8xYmU5OTktNWE1OS00YzEwLTkyZmYtZGExYjU4NjE4ODQx
LzEvN3Z2b05wcDd2QU9vYjc1am0zNzZvQ3R4Y29jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASMBADBQAqD2KH
AwcAKg9ihwAEMA0GCSqGSIb3DQEBCwUAA4IBAQAyTD2qJzdIUfHibzQSiscpt+2Q
uakop4rjXV2qtCjOelNmDxAJfL1mS6IIM1EK1TFn2DTexJL5lkMaZl/uiR3YXlC4
I5dc5Itvwe9lcHnrv2Ay1X3RoCuIURDYMfUbB4XMiaxJXqke5jEKWVNZNO63WmZr
pZRo5Oe+Nn+iVRMNOaqEWHIEoPt74CsbIQMVpQQAQRT3Xbqb2oiNo/Du0zZZwKGe
Rd7eEB59FT9B7quzpm8da9lja8ir8/fwJwFZ1S3725s9+QP393kh8RynqciPEFpb
pXfzbVRHxpyS6nwTf9ZLIbQfZnKK3egVz5ptGOVV1YNwWz+LbbXff9euCEuE
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:04:59 2025 by rpki-client