Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/810d24-acbe-4cb2-9ac5-9d5875d86373/1/BJsx1xdLQxDvYN-3iHadV9EAcsY.roa
File: BJsx1xdLQxDvYN-3iHadV9EAcsY.roa (raw, json)
Hash identifier: gbWunzB8u+7LyYto5ht6MjopR1EfAc6fkLpaqsN+Qz4=
Subject key identifier: 04:9B:31:D7:17:4B:43:10:EF:60:DF:B7:88:76:9D:57:D1:00:72:C6
Certificate issuer: /CN=ada25aafe3a9870e9524afa0265987ed5a5a4da3
Certificate serial: 018CC5DC2EF3A170928D2AF9467C8DA32BA5
Authority key identifier: AD:A2:5A:AF:E3:A9:87:0E:95:24:AF:A0:26:59:87:ED:5A:5A:4D:A3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/raJar-Ophw6VJK-gJlmH7VpaTaM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/81/810d24-acbe-4cb2-9ac5-9d5875d86373/1/BJsx1xdLQxDvYN-3iHadV9EAcsY.roa
Signing time: Mon 01 Jan 2024 16:29:50 +0000
ROA not before: Mon 01 Jan 2024 16:29:50 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 35913
IP address blocks: 2a11:b1c1::/32 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dc:2e:f3:a1:70:92:8d:2a:f9:46:7c:8d:a3:2b:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ada25aafe3a9870e9524afa0265987ed5a5a4da3
Validity
Not Before: Jan 1 16:29:50 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=049b31d7174b4310ef60dfb788769d57d10072c6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:41:d1:38:01:a6:1a:af:ac:cd:29:fb:c2:6b:
a9:5f:91:a6:54:6d:b1:97:18:2e:c4:96:5d:aa:b7:
99:de:39:fa:c5:2f:05:86:dc:41:59:65:eb:52:2d:
75:e8:6e:0b:49:b8:ec:b3:3a:5c:2a:8d:bc:71:b8:
95:d5:c7:29:7f:01:c0:7f:8b:5a:98:8b:b0:83:8c:
22:d8:37:08:b8:79:24:17:4b:a7:71:ef:94:8c:19:
77:45:19:90:b1:15:84:06:2c:54:57:70:fa:c5:fd:
36:0e:61:b1:42:b8:1d:01:70:ed:7b:0f:17:c8:b9:
99:95:d3:2a:a5:88:2a:0f:33:52:92:86:f6:dc:64:
ed:e0:54:51:19:82:e1:e8:6e:0c:15:9b:17:1f:b9:
a0:c2:db:a0:86:7d:cd:13:72:ab:89:8f:b8:c2:94:
dd:84:4f:b2:64:23:8b:b7:54:e8:26:b6:a7:3c:6b:
67:6a:01:ad:87:b1:ac:09:f5:f4:f4:cb:95:74:5b:
3e:bc:e2:6e:a6:a2:20:01:03:af:7d:90:8e:62:58:
df:d6:c2:cf:c3:0c:fb:d0:59:8b:b5:7b:11:f9:df:
6b:7b:69:2f:5f:5a:bb:57:13:fe:2c:46:1c:5d:04:
8f:11:63:a2:ac:76:4d:ca:7e:5b:84:38:e9:48:a3:
ff:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:9B:31:D7:17:4B:43:10:EF:60:DF:B7:88:76:9D:57:D1:00:72:C6
X509v3 Authority Key Identifier:
keyid:AD:A2:5A:AF:E3:A9:87:0E:95:24:AF:A0:26:59:87:ED:5A:5A:4D:A3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/raJar-Ophw6VJK-gJlmH7VpaTaM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/810d24-acbe-4cb2-9ac5-9d5875d86373/1/BJsx1xdLQxDvYN-3iHadV9EAcsY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/81/810d24-acbe-4cb2-9ac5-9d5875d86373/1/raJar-Ophw6VJK-gJlmH7VpaTaM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:b1c1::/32
Signature Algorithm: sha256WithRSAEncryption
86:9e:e2:b8:a2:69:03:19:6d:bf:46:df:80:13:43:74:54:79:
11:d2:d0:e6:4b:b0:18:ff:32:f7:2c:66:8e:82:cb:2d:03:4a:
1f:18:37:5d:3b:03:e6:30:da:c4:cd:6e:d5:16:21:0f:58:f3:
0a:05:c9:e6:5e:8c:03:29:36:6e:ca:a7:0e:ee:fd:a5:bb:21:
78:4d:5e:ed:5b:98:4c:bf:34:14:68:d4:76:1b:5e:2b:a2:e7:
65:88:30:01:84:1a:b4:99:7d:b9:44:25:51:8d:55:8c:a9:85:
44:5b:ee:0d:77:77:c3:b3:eb:23:da:05:f0:7c:7a:45:c3:ff:
25:c9:24:c7:b7:08:9e:a4:10:eb:41:1b:8d:d1:86:90:54:87:
98:81:24:0f:cf:82:7e:2c:4d:14:9e:5c:0b:bf:22:49:96:ca:
8f:a7:60:0f:1f:81:e1:35:07:59:a9:1f:36:75:5b:7b:2e:be:
ae:18:61:ac:34:2c:ba:ed:d1:9a:04:b2:8b:a5:b3:f4:2e:ad:
e1:8d:6e:6c:07:6f:a8:cb:b6:43:ec:27:e0:ed:2e:a2:79:3e:
93:20:f7:3b:51:3d:1f:97:5d:dc:05:2e:db:a6:ed:1e:17:d8:
0e:95:28:ad:87:2b:13:58:cf:cd:4b:08:b9:9e:19:40:c8:da:
2b:ef:75:81
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYzF3C7zoXCSjSr5RnyNoyulMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFkYTI1YWFmZTNhOTg3MGU5NTI0YWZhMDI2NTk4N2VkNWE1
YTRkYTMwHhcNMjQwMTAxMTYyOTUwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNDliMzFkNzE3NGI0MzEwZWY2MGRmYjc4ODc2OWQ1N2QxMDA3MmM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAukHROAGmGq+szSn7wmupX5GmVG2x
lxguxJZdqreZ3jn6xS8FhtxBWWXrUi116G4LSbjsszpcKo28cbiV1ccpfwHAf4ta
mIuwg4wi2DcIuHkkF0unce+UjBl3RRmQsRWEBixUV3D6xf02DmGxQrgdAXDtew8X
yLmZldMqpYgqDzNSkob23GTt4FRRGYLh6G4MFZsXH7mgwtughn3NE3KriY+4wpTd
hE+yZCOLt1ToJranPGtnagGth7GsCfX09MuVdFs+vOJupqIgAQOvfZCOYljf1sLP
wwz70FmLtXsR+d9re2kvX1q7VxP+LEYcXQSPEWOirHZNyn5bhDjpSKP/RQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFASbMdcXS0MQ72Dft4h2nVfRAHLGMB8GA1UdIwQY
MBaAFK2iWq/jqYcOlSSvoCZZh+1aWk2jMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcmFKYXItT3BodzZWSkstZ0psbUg3VnBhVGFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MS84MTBkMjQtYWNiZS00Y2IyLTlhYzUt
OWQ1ODc1ZDg2MzczLzEvQkpzeDF4ZExReER2WU4tM2lIYWRWOUVBY3NZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MS84MTBkMjQtYWNiZS00Y2IyLTlhYzUtOWQ1ODc1ZDg2Mzcz
LzEvcmFKYXItT3BodzZWSkstZ0psbUg3VnBhVGFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKhGxwTAN
BgkqhkiG9w0BAQsFAAOCAQEAhp7iuKJpAxltv0bfgBNDdFR5EdLQ5kuwGP8y9yxm
joLLLQNKHxg3XTsD5jDaxM1u1RYhD1jzCgXJ5l6MAyk2bsqnDu79pbsheE1e7VuY
TL80FGjUdhteK6LnZYgwAYQatJl9uUQlUY1VjKmFRFvuDXd3w7PrI9oF8Hx6RcP/
Jckkx7cInqQQ60EbjdGGkFSHmIEkD8+CfixNFJ5cC78iSZbKj6dgDx+B4TUHWakf
NnVbey6+rhhhrDQsuu3RmgSyi6Wz9C6t4Y1ubAdvqMu2Q+wn4O0uonk+kyD3O1E9
H5dd3AUu26btHhfYDpUorYcrE1jPzUsIuZ4ZQMjaK+91gQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:37:01 2024 by rpki-client on console-fra.rpki-client.org