Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/RpG8lQoaHezRGypG2xLWPnKeRl8.roa
File: RpG8lQoaHezRGypG2xLWPnKeRl8.roa (raw, json)
Hash identifier: bpl+o6NIYemyRE5d4sZQ9dgFT3Xd3XOdmkKNLFdpfkQ=
Subject key identifier: 46:91:BC:95:0A:1A:1D:EC:D1:1B:2A:46:DB:12:D6:3E:72:9E:46:5F
Certificate issuer: /CN=5da3941c27cfe5c234c4bf221ecb2a579b2deaab
Certificate serial: 0181DFB88F980F228A5912970DC3A60E89EA
Authority key identifier: 5D:A3:94:1C:27:CF:E5:C2:34:C4:BF:22:1E:CB:2A:57:9B:2D:EA:AB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XaOUHCfP5cI0xL8iHssqV5st6qs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/RpG8lQoaHezRGypG2xLWPnKeRl8.roa
Signing time: Fri 08 Jul 2022 21:30:23 +0000
ROA not before: Fri 08 Jul 2022 21:30:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 210662
IP address blocks: 2a0d:acc0::/29 maxlen: 29
2a0e:2280::/29 maxlen: 29
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:81:df:b8:8f:98:0f:22:8a:59:12:97:0d:c3:a6:0e:89:ea
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5da3941c27cfe5c234c4bf221ecb2a579b2deaab
Validity
Not Before: Jul 8 21:30:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=4691bc950a1a1decd11b2a46db12d63e729e465f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:de:19:69:63:5f:1c:33:fc:24:94:e9:5a:51:
81:f0:65:93:4d:0f:92:a7:02:a4:16:37:ea:8b:c0:
4e:58:29:fa:69:01:bb:26:59:43:83:04:da:ea:16:
1e:c4:ce:af:7b:4b:43:f1:a2:e9:64:d3:7e:88:a7:
4a:e1:3d:39:60:2a:cd:86:e5:1d:61:fa:2a:85:fd:
af:f0:19:cd:78:93:26:c6:b3:bd:d1:23:d2:a7:84:
3a:81:7c:07:0f:f2:42:53:e0:14:74:7f:8b:57:42:
54:df:5d:0a:ee:29:c7:bf:91:0b:05:27:74:66:bc:
d2:ba:e0:ee:e2:a9:a5:11:8a:fe:e6:59:ec:d6:ca:
44:86:dc:fa:69:7d:10:9c:34:c6:6e:68:30:d6:c9:
c3:80:c1:ee:4d:c7:d9:eb:41:51:17:94:5f:06:40:
3b:73:a7:78:af:41:97:53:d3:5b:eb:28:6d:11:de:
ee:27:e4:6c:de:d6:f4:2a:4d:46:9b:db:1a:67:1e:
a2:b6:9e:ce:81:a2:c8:a3:c7:72:9d:dc:1b:43:f0:
a6:9b:ca:08:41:1d:97:4a:4d:96:1d:10:65:94:d7:
11:1f:d3:d5:f7:8f:3d:08:64:79:f0:a1:2d:bc:d1:
75:ca:8c:ea:3f:ca:0e:cf:e2:bb:bb:ce:ee:4a:59:
dc:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
46:91:BC:95:0A:1A:1D:EC:D1:1B:2A:46:DB:12:D6:3E:72:9E:46:5F
X509v3 Authority Key Identifier:
keyid:5D:A3:94:1C:27:CF:E5:C2:34:C4:BF:22:1E:CB:2A:57:9B:2D:EA:AB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XaOUHCfP5cI0xL8iHssqV5st6qs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/RpG8lQoaHezRGypG2xLWPnKeRl8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/XaOUHCfP5cI0xL8iHssqV5st6qs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0d:acc0::/29
2a0e:2280::/29
Signature Algorithm: sha256WithRSAEncryption
74:a6:87:ca:70:d1:4c:01:0b:6c:73:aa:3f:eb:76:d5:35:52:
b9:37:e3:b4:c7:15:a9:df:0d:49:61:b8:c4:db:e9:e5:39:22:
b7:6f:27:eb:b7:34:52:b8:82:b0:db:07:4a:43:34:48:33:03:
0c:61:77:e1:dc:90:10:3e:67:d0:2e:fc:69:97:b3:dc:ba:3d:
89:34:1a:f0:e4:b8:df:fe:db:5f:18:6f:b6:6c:d2:36:b2:00:
c3:b8:9e:2c:eb:43:fd:fb:c4:c4:c9:af:35:1b:f3:06:b9:16:
54:25:5c:3a:a9:9f:b7:27:2b:8c:5a:3d:bb:d0:b3:57:1c:1b:
1f:36:67:1f:87:24:73:ba:03:87:d6:53:2c:53:30:03:b8:a5:
d5:5e:b0:7e:62:36:7d:ac:ee:7e:b7:4e:ea:f7:59:13:c2:3e:
ab:32:9e:42:e8:b5:0d:85:ee:e5:7a:34:48:b5:b3:74:c9:68:
6f:5d:ca:0f:8b:b5:72:32:41:c0:ef:e9:6c:8e:df:ac:64:6a:
59:59:b3:00:f2:28:28:ea:c1:ea:f2:e7:0e:f7:f9:70:1d:0d:
bd:8a:66:28:47:0b:88:77:92:41:a3:4c:6e:8a:87:44:79:b4:
f2:79:97:76:3d:1b:06:43:9c:cc:a5:05:09:cd:67:28:a1:93:
e2:1f:ed:43
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYHfuI+YDyKKWRKXDcOmDonqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkYTM5NDFjMjdjZmU1YzIzNGM0YmYyMjFlY2IyYTU3OWIy
ZGVhYWIwHhcNMjIwNzA4MjEzMDIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NjkxYmM5NTBhMWExZGVjZDExYjJhNDZkYjEyZDYzZTcyOWU0NjVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAod4ZaWNfHDP8JJTpWlGB8GWTTQ+S
pwKkFjfqi8BOWCn6aQG7JllDgwTa6hYexM6ve0tD8aLpZNN+iKdK4T05YCrNhuUd
Yfoqhf2v8BnNeJMmxrO90SPSp4Q6gXwHD/JCU+AUdH+LV0JU310K7inHv5ELBSd0
ZrzSuuDu4qmlEYr+5lns1spEhtz6aX0QnDTGbmgw1snDgMHuTcfZ60FRF5RfBkA7
c6d4r0GXU9Nb6yhtEd7uJ+Rs3tb0Kk1Gm9saZx6itp7OgaLIo8dyndwbQ/Cmm8oI
QR2XSk2WHRBllNcRH9PV9489CGR58KEtvNF1yozqP8oOz+K7u87uSlncTwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFEaRvJUKGh3s0RsqRtsS1j5ynkZfMB8GA1UdIwQY
MBaAFF2jlBwnz+XCNMS/Ih7LKlebLeqrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGFPVUhDZlA1Y0kweEw4aUhzc3FWNXN0NnFzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC8zMGVkM2UtYzRjNC00ZGU4LWI0ZjEt
ZjExYTM5ZjI2YzNiLzEvUnBHOGxRb2FIZXpSR3lwRzJ4TFdQbktlUmw4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC8zMGVkM2UtYzRjNC00ZGU4LWI0ZjEtZjExYTM5ZjI2YzNi
LzEvWGFPVUhDZlA1Y0kweEw4aUhzc3FWNXN0NnFzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAAjAOAwUDKg2swAMF
AyoOIoAwDQYJKoZIhvcNAQELBQADggEBAHSmh8pw0UwBC2xzqj/rdtU1Urk347TH
FanfDUlhuMTb6eU5IrdvJ+u3NFK4grDbB0pDNEgzAwxhd+HckBA+Z9Au/GmXs9y6
PYk0GvDkuN/+218Yb7Zs0jayAMO4nizrQ/37xMTJrzUb8wa5FlQlXDqpn7cnK4xa
PbvQs1ccGx82Zx+HJHO6A4fWUyxTMAO4pdVesH5iNn2s7n63Tur3WRPCPqsynkLo
tQ2F7uV6NEi1s3TJaG9dyg+LtXIyQcDv6WyO36xkallZswDyKCjqwery5w73+XAd
Db2KZihHC4h3kkGjTG6Kh0R5tPJ5l3Y9GwZDnMylBQnNZyihk+If7UM=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:36:47 2024 by rpki-client on console-fra.rpki-client.org