Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/76/1be999-5a59-4c10-92ff-da1b58618841/1/xr7gMEYImSEj7MNnetknncjivVc.roa
File: xr7gMEYImSEj7MNnetknncjivVc.roa (raw, json)
Hash identifier: nEm91gGYRrbZVOsYNHNukRtGrEd9h1lNgg4DDEcu1GQ=
Subject key identifier: C6:BE:E0:30:46:08:99:21:23:EC:C3:67:7A:D9:27:9D:C8:E2:BD:57
Certificate issuer: /CN=eefbe8369a7bbc03a86fbe639b7efaa02b717287
Certificate serial: 018F5C8D53C06611C28405EC0C5AAC8ADEB7
Authority key identifier: EE:FB:E8:36:9A:7B:BC:03:A8:6F:BE:63:9B:7E:FA:A0:2B:71:72:87
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7vvoNpp7vAOob75jm376oCtxcoc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/76/1be999-5a59-4c10-92ff-da1b58618841/1/xr7gMEYImSEj7MNnetknncjivVc.roa
Signing time: Thu 09 May 2024 08:51:56 +0000
ROA not before: Thu 09 May 2024 08:51:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 2a0f:6280::/29 maxlen: 29
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:5c:8d:53:c0:66:11:c2:84:05:ec:0c:5a:ac:8a:de:b7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=eefbe8369a7bbc03a86fbe639b7efaa02b717287
Validity
Not Before: May 9 08:51:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c6bee0304608992123ecc3677ad9279dc8e2bd57
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:35:c0:18:c9:49:fd:72:7a:f7:c2:32:2f:fd:
c8:ac:88:e9:fd:a8:fe:ff:0a:da:67:fe:be:46:c3:
9a:da:2a:67:7a:14:d6:63:c1:fb:f2:6f:e9:15:76:
73:89:37:e3:7a:fb:74:2a:96:8e:91:e5:56:ca:d2:
b7:91:6c:47:0c:11:a6:6d:e8:e5:f1:33:c3:86:84:
17:83:d5:5e:7a:7c:fc:51:52:ef:a2:29:c2:dd:4e:
bf:9f:b2:68:87:6e:88:4b:a7:a6:18:b3:5f:54:dc:
b8:79:1d:1d:2b:6a:da:3b:76:cc:3c:05:25:89:e5:
51:41:9c:4b:c6:fd:98:91:f9:2c:33:05:06:97:af:
26:0f:05:cf:9a:37:9c:ee:c6:2f:44:b7:43:a4:e4:
f6:d2:69:86:92:dc:28:71:79:b1:80:14:a3:ed:ed:
af:ca:a0:08:c7:53:b2:28:26:25:20:e7:8f:3d:91:
85:ea:f3:0a:c4:ba:36:ab:50:9e:1f:2d:8b:3a:d7:
51:c2:07:af:0a:54:bd:e9:36:d7:8b:c5:04:75:ab:
79:07:db:40:25:df:68:f8:95:3e:34:92:09:bc:06:
0b:51:87:27:bd:43:98:ab:a5:3e:66:72:00:2b:0f:
0a:44:86:4e:6a:fe:c9:b7:b2:90:92:34:e5:0f:e4:
01:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:BE:E0:30:46:08:99:21:23:EC:C3:67:7A:D9:27:9D:C8:E2:BD:57
X509v3 Authority Key Identifier:
keyid:EE:FB:E8:36:9A:7B:BC:03:A8:6F:BE:63:9B:7E:FA:A0:2B:71:72:87
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7vvoNpp7vAOob75jm376oCtxcoc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/76/1be999-5a59-4c10-92ff-da1b58618841/1/xr7gMEYImSEj7MNnetknncjivVc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/76/1be999-5a59-4c10-92ff-da1b58618841/1/7vvoNpp7vAOob75jm376oCtxcoc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:6280::/29
Signature Algorithm: sha256WithRSAEncryption
0c:c9:90:6a:6a:1e:b1:ee:9c:68:ed:64:3b:04:9a:15:47:00:
88:45:5a:32:ce:b7:14:dd:cb:d9:f3:cb:43:68:20:78:1d:3b:
86:02:e9:bf:c8:cd:ce:85:ed:7e:b1:e7:f0:2f:99:10:03:46:
cf:04:38:6b:e8:5f:4f:b1:c9:e7:6c:f0:32:26:9c:18:6d:0a:
5a:dc:46:1e:29:e3:33:42:85:db:52:e9:98:ea:1a:dd:1a:e9:
10:00:bc:6e:91:be:37:ca:a7:af:ab:41:42:09:37:68:85:7b:
f2:b6:fa:2e:79:3b:db:48:23:f0:02:90:0a:1e:6a:25:df:f7:
af:88:8a:ca:ff:21:9c:47:ba:b1:cf:87:43:85:0c:14:f2:31:
06:8e:7d:b2:64:10:77:6f:7e:9e:73:4f:5f:8b:a3:00:1b:e9:
fa:78:de:f5:5c:a0:87:7d:98:a0:ce:3a:aa:f1:ad:02:37:2d:
8e:b9:51:bf:80:84:4d:66:28:09:94:6f:28:25:1f:70:35:c2:
41:17:e1:89:98:ed:22:fa:80:d3:44:42:98:f1:ed:95:2e:c1:
cc:5e:2e:63:73:c0:05:37:34:9e:10:fb:22:f6:f7:cf:52:26:
3b:47:db:80:e3:50:bc:9f:e4:85:6d:2f:df:e1:5f:69:aa:e2:
72:60:c3:c5
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAY9cjVPAZhHChAXsDFqsit63MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVlZmJlODM2OWE3YmJjMDNhODZmYmU2MzliN2VmYWEwMmI3
MTcyODcwHhcNMjQwNTA5MDg1MTU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNmJlZTAzMDQ2MDg5OTIxMjNlY2MzNjc3YWQ5Mjc5ZGM4ZTJiZDU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6DXAGMlJ/XJ698IyL/3IrIjp/aj+
/wraZ/6+RsOa2ipnehTWY8H78m/pFXZziTfjevt0KpaOkeVWytK3kWxHDBGmbejl
8TPDhoQXg9Veenz8UVLvoinC3U6/n7Joh26IS6emGLNfVNy4eR0dK2raO3bMPAUl
ieVRQZxLxv2YkfksMwUGl68mDwXPmjec7sYvRLdDpOT20mmGktwocXmxgBSj7e2v
yqAIx1OyKCYlIOePPZGF6vMKxLo2q1CeHy2LOtdRwgevClS96TbXi8UEdat5B9tA
Jd9o+JU+NJIJvAYLUYcnvUOYq6U+ZnIAKw8KRIZOav7Jt7KQkjTlD+QBOwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFMa+4DBGCJkhI+zDZ3rZJ53I4r1XMB8GA1UdIwQY
MBaAFO776Daae7wDqG++Y5t++qArcXKHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN3Z2b05wcDd2QU9vYjc1am0zNzZvQ3R4Y29jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ni8xYmU5OTktNWE1OS00YzEwLTkyZmYt
ZGExYjU4NjE4ODQxLzEveHI3Z01FWUltU0VqN01ObmV0a25uY2ppdlZjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ni8xYmU5OTktNWE1OS00YzEwLTkyZmYtZGExYjU4NjE4ODQx
LzEvN3Z2b05wcDd2QU9vYjc1am0zNzZvQ3R4Y29jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKg9igDAN
BgkqhkiG9w0BAQsFAAOCAQEADMmQamoese6caO1kOwSaFUcAiEVaMs63FN3L2fPL
Q2ggeB07hgLpv8jNzoXtfrHn8C+ZEANGzwQ4a+hfT7HJ52zwMiacGG0KWtxGHinj
M0KF21LpmOoa3RrpEAC8bpG+N8qnr6tBQgk3aIV78rb6Lnk720gj8AKQCh5qJd/3
r4iKyv8hnEe6sc+HQ4UMFPIxBo59smQQd29+nnNPX4ujABvp+nje9Vygh32YoM46
qvGtAjctjrlRv4CETWYoCZRvKCUfcDXCQRfhiZjtIvqA00RCmPHtlS7BzF4uY3PA
BTc0nhD7Ivb3z1ImO0fbgONQvJ/khW0v3+FfaaricmDDxQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:18:23 2024 by rpki-client on console-ams.rpki-client.org