Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/76/1be999-5a59-4c10-92ff-da1b58618841/1/sLHnYlD4mQ6coMQCbq8Bw8qmY_Q.roa
File: sLHnYlD4mQ6coMQCbq8Bw8qmY_Q.roa (raw, json)
Hash identifier: hMa8w2IAZ+KFAQyIXn4tYpzDf1yNFi0Xar7qx9WAHQc=
Subject key identifier: B0:B1:E7:62:50:F8:99:0E:9C:A0:C4:02:6E:AF:01:C3:CA:A6:63:F4
Certificate issuer: /CN=eefbe8369a7bbc03a86fbe639b7efaa02b717287
Certificate serial: 018F5B6A2FBCE1150666547C89B9CB1705CD
Authority key identifier: EE:FB:E8:36:9A:7B:BC:03:A8:6F:BE:63:9B:7E:FA:A0:2B:71:72:87
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7vvoNpp7vAOob75jm376oCtxcoc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/76/1be999-5a59-4c10-92ff-da1b58618841/1/sLHnYlD4mQ6coMQCbq8Bw8qmY_Q.roa
Signing time: Thu 09 May 2024 03:33:56 +0000
ROA not before: Thu 09 May 2024 03:33:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 205719
IP address blocks: 2a0f:6280::/29 maxlen: 29
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:5b:6a:2f:bc:e1:15:06:66:54:7c:89:b9:cb:17:05:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=eefbe8369a7bbc03a86fbe639b7efaa02b717287
Validity
Not Before: May 9 03:33:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b0b1e76250f8990e9ca0c4026eaf01c3caa663f4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:9f:14:f4:de:f2:d1:02:8a:96:8f:5b:48:75:
e3:fc:76:63:a0:0a:fb:e0:f4:85:bf:2e:6c:62:16:
45:ef:31:8c:39:7a:ad:c5:ef:c6:bd:b6:c1:ba:8c:
79:96:a3:1e:ca:bd:68:a4:82:42:aa:9d:15:a4:1c:
72:0d:84:ee:6d:67:86:e9:8f:63:a2:f9:29:54:f0:
0f:b5:a6:14:97:c5:df:df:ed:02:a0:6c:7f:93:6e:
05:e4:15:78:eb:92:be:15:55:2c:c4:11:66:6f:05:
8e:f8:9c:88:a2:16:f7:3a:65:2c:c3:ca:f7:38:68:
d6:1e:56:29:04:0f:12:ae:5b:dd:6a:52:8f:36:26:
0f:3f:6b:f7:71:c1:4c:90:43:a7:5c:2d:1c:97:1e:
0c:1a:ed:fd:9f:bd:68:58:e8:8c:2e:83:ae:a3:bc:
ab:f0:be:61:c5:7c:cb:c8:95:a3:81:a2:fd:c3:82:
3e:57:b7:e2:71:4a:93:14:ad:a2:be:4b:96:3e:d0:
bc:b1:2a:e7:c2:5c:41:ba:c3:f8:6b:9a:b5:d3:07:
90:2d:a4:f3:32:13:60:e1:1a:d0:f7:a8:2d:b3:99:
07:65:d6:dc:35:f0:53:6c:44:1c:3e:16:f4:31:4a:
69:f7:87:34:af:6d:d2:63:27:96:16:d7:df:79:c6:
54:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:B1:E7:62:50:F8:99:0E:9C:A0:C4:02:6E:AF:01:C3:CA:A6:63:F4
X509v3 Authority Key Identifier:
keyid:EE:FB:E8:36:9A:7B:BC:03:A8:6F:BE:63:9B:7E:FA:A0:2B:71:72:87
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7vvoNpp7vAOob75jm376oCtxcoc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/76/1be999-5a59-4c10-92ff-da1b58618841/1/sLHnYlD4mQ6coMQCbq8Bw8qmY_Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/76/1be999-5a59-4c10-92ff-da1b58618841/1/7vvoNpp7vAOob75jm376oCtxcoc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:6280::/29
Signature Algorithm: sha256WithRSAEncryption
7a:b2:e5:77:23:9d:2e:8b:03:09:ad:72:2f:34:4d:32:d7:92:
8d:a9:9a:54:88:e6:c4:71:be:87:85:7f:72:ba:0d:f0:fa:a0:
a0:18:e0:61:54:f7:a3:da:30:9d:0a:7a:cb:76:8c:ba:2c:a7:
05:fb:25:5b:b5:aa:07:41:6e:47:6d:e4:2f:10:e5:5a:87:d9:
e8:27:45:fa:bd:90:2a:0d:16:92:f6:40:9a:73:9a:b6:11:80:
34:4b:4d:1d:d5:65:e4:0c:39:d7:26:4e:7b:25:e4:24:e3:f9:
e8:a2:a5:1b:19:01:81:c2:5b:84:8b:2f:b5:92:f8:93:0d:9b:
92:f2:70:8f:7e:e1:72:e2:98:7c:27:42:aa:45:17:d3:24:73:
ef:7c:e5:28:04:97:1e:ea:67:12:9d:38:2f:37:4f:38:bb:35:
8d:8c:c7:a1:30:73:af:c0:e1:19:93:f8:38:d4:9a:fd:66:b6:
63:17:a4:0d:d4:79:dc:cf:b0:b8:51:43:b8:37:2f:c3:43:e6:
76:f8:c7:1f:96:66:26:5b:29:41:4f:23:e4:3a:a1:bb:58:48:
3f:8f:19:c7:97:e3:7e:a9:62:7e:37:df:94:7e:93:48:52:e2:
3c:5a:51:a7:86:81:8e:e1:1a:78:46:bc:cd:b2:c9:ee:f2:67:
9a:63:fc:bb
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAY9bai+84RUGZlR8ibnLFwXNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVlZmJlODM2OWE3YmJjMDNhODZmYmU2MzliN2VmYWEwMmI3
MTcyODcwHhcNMjQwNTA5MDMzMzU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMGIxZTc2MjUwZjg5OTBlOWNhMGM0MDI2ZWFmMDFjM2NhYTY2M2Y0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsZ8U9N7y0QKKlo9bSHXj/HZjoAr7
4PSFvy5sYhZF7zGMOXqtxe/GvbbBuox5lqMeyr1opIJCqp0VpBxyDYTubWeG6Y9j
ovkpVPAPtaYUl8Xf3+0CoGx/k24F5BV465K+FVUsxBFmbwWO+JyIohb3OmUsw8r3
OGjWHlYpBA8SrlvdalKPNiYPP2v3ccFMkEOnXC0clx4MGu39n71oWOiMLoOuo7yr
8L5hxXzLyJWjgaL9w4I+V7ficUqTFK2ivkuWPtC8sSrnwlxBusP4a5q10weQLaTz
MhNg4RrQ96gts5kHZdbcNfBTbEQcPhb0MUpp94c0r23SYyeWFtffecZUVQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFLCx52JQ+JkOnKDEAm6vAcPKpmP0MB8GA1UdIwQY
MBaAFO776Daae7wDqG++Y5t++qArcXKHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN3Z2b05wcDd2QU9vYjc1am0zNzZvQ3R4Y29jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ni8xYmU5OTktNWE1OS00YzEwLTkyZmYt
ZGExYjU4NjE4ODQxLzEvc0xIbllsRDRtUTZjb01RQ2JxOEJ3OHFtWV9RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ni8xYmU5OTktNWE1OS00YzEwLTkyZmYtZGExYjU4NjE4ODQx
LzEvN3Z2b05wcDd2QU9vYjc1am0zNzZvQ3R4Y29jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKg9igDAN
BgkqhkiG9w0BAQsFAAOCAQEAerLldyOdLosDCa1yLzRNMteSjamaVIjmxHG+h4V/
croN8PqgoBjgYVT3o9ownQp6y3aMuiynBfslW7WqB0FuR23kLxDlWofZ6CdF+r2Q
Kg0WkvZAmnOathGANEtNHdVl5Aw51yZOeyXkJOP56KKlGxkBgcJbhIsvtZL4kw2b
kvJwj37hcuKYfCdCqkUX0yRz73zlKASXHupnEp04LzdPOLs1jYzHoTBzr8DhGZP4
ONSa/Wa2YxekDdR53M+wuFFDuDcvw0PmdvjHH5ZmJlspQU8j5Dqhu1hIP48Zx5fj
fqlifjfflH6TSFLiPFpRp4aBjuEaeEa8zbLJ7vJnmmP8uw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:18:23 2024 by rpki-client on console-ams.rpki-client.org