Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/810d24-acbe-4cb2-9ac5-9d5875d86373/1/Q-VSYLjsBRXV0-ZsCsKpcPpoKAI.roa
File: Q-VSYLjsBRXV0-ZsCsKpcPpoKAI.roa (raw, json)
Hash identifier: eF9lEf5tovrF2PlfURwdMjRIjG3YcFuuFncIGNnxvWQ=
Subject key identifier: 43:E5:52:60:B8:EC:05:15:D5:D3:E6:6C:0A:C2:A9:70:FA:68:28:02
Certificate issuer: /CN=ada25aafe3a9870e9524afa0265987ed5a5a4da3
Certificate serial: 073D4854
Authority key identifier: AD:A2:5A:AF:E3:A9:87:0E:95:24:AF:A0:26:59:87:ED:5A:5A:4D:A3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/raJar-Ophw6VJK-gJlmH7VpaTaM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/81/810d24-acbe-4cb2-9ac5-9d5875d86373/1/Q-VSYLjsBRXV0-ZsCsKpcPpoKAI.roa
Signing time: Sat 01 Jan 2022 03:57:56 +0000
ROA not before: Sat 01 Jan 2022 03:57:56 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 174
IP address blocks: 2a0d:c3c6::/32 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 121456724 (0x73d4854)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ada25aafe3a9870e9524afa0265987ed5a5a4da3
Validity
Not Before: Jan 1 03:57:56 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=43e55260b8ec0515d5d3e66c0ac2a970fa682802
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:06:f9:67:ed:22:8c:19:04:79:72:58:c4:c5:
66:3d:7b:48:d6:f6:b3:37:09:39:4e:7b:e1:bf:dd:
27:d9:b1:19:21:ab:ba:3e:a2:f3:3e:25:b2:91:87:
8b:fc:23:fc:c0:10:bb:23:c9:e8:08:71:db:05:3f:
0d:82:37:5b:e2:76:bd:9c:eb:6f:58:9c:89:49:78:
58:ac:13:65:e6:39:fc:0b:06:ae:ac:eb:e6:24:27:
e6:b5:89:f3:d5:fc:aa:46:fa:2b:9e:8b:88:1a:ba:
90:e4:fc:2c:ec:f2:89:17:1a:32:26:c0:c6:10:84:
f9:0e:ed:f8:e8:cd:b2:fd:43:83:e9:2e:cb:f7:d7:
f3:50:a8:30:32:47:5e:44:83:5e:63:11:5f:29:e9:
c2:c1:6c:63:3d:58:a8:75:99:03:20:82:bc:90:6b:
3a:38:38:54:e9:f8:ac:01:c6:51:06:9f:64:5c:d4:
c7:97:40:29:15:a8:31:f8:58:a1:1f:16:4f:28:67:
bd:f9:fd:4d:a5:aa:c3:fc:2e:ee:94:ea:63:54:c3:
24:3f:3e:b8:89:48:c0:0f:22:0f:95:06:11:1e:ed:
83:45:c0:ed:3c:7b:ef:c7:d0:51:d4:1e:92:45:31:
b9:05:69:4c:bf:bc:94:7d:8a:fd:ac:61:be:34:a8:
d1:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:E5:52:60:B8:EC:05:15:D5:D3:E6:6C:0A:C2:A9:70:FA:68:28:02
X509v3 Authority Key Identifier:
keyid:AD:A2:5A:AF:E3:A9:87:0E:95:24:AF:A0:26:59:87:ED:5A:5A:4D:A3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/raJar-Ophw6VJK-gJlmH7VpaTaM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/810d24-acbe-4cb2-9ac5-9d5875d86373/1/Q-VSYLjsBRXV0-ZsCsKpcPpoKAI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/81/810d24-acbe-4cb2-9ac5-9d5875d86373/1/raJar-Ophw6VJK-gJlmH7VpaTaM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0d:c3c6::/32
Signature Algorithm: sha256WithRSAEncryption
0a:8f:d9:69:27:15:00:19:25:06:17:92:58:66:88:b1:34:cf:
61:c1:ae:e5:fa:07:38:79:f0:5a:f1:d9:ef:4a:19:c5:f2:b8:
e2:a2:11:a2:68:e3:6b:60:2a:2e:c0:14:36:35:12:3b:c1:55:
6d:32:d1:01:de:80:ca:8a:0c:6e:3a:9b:f0:49:ba:c6:4a:88:
42:b9:1d:e8:89:db:29:da:76:af:95:cf:a7:5e:ee:e2:b5:8e:
28:f1:24:db:1d:c6:97:50:ce:21:ea:86:33:4d:f6:56:e4:60:
63:7a:24:ef:62:0d:22:92:f9:aa:d9:a5:93:53:cf:a5:37:d8:
06:6a:e9:4e:f6:a8:5c:aa:ae:8a:d1:ae:07:f1:ea:96:aa:2c:
06:b9:2e:2b:a7:73:58:85:96:a9:31:f6:29:60:c8:03:5d:7f:
27:e8:c2:be:07:29:ff:f7:a1:ae:83:da:12:ae:0a:c8:d9:40:
3a:35:c5:81:99:62:01:b9:1c:03:e4:87:93:c1:79:46:e9:e8:
d3:c9:cc:5f:01:d7:bb:9b:9b:ac:51:d3:25:f4:da:53:99:39:
ab:44:5a:e1:2d:e2:73:b8:43:71:70:33:e8:af:05:f1:66:3a:
d6:83:9e:ef:0b:00:d6:bc:bf:56:ea:64:50:c5:68:39:6a:07:
22:15:16:41
-----BEGIN CERTIFICATE-----
MIIE8DCCA9igAwIBAgIEBz1IVDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
ZGEyNWFhZmUzYTk4NzBlOTUyNGFmYTAyNjU5ODdlZDVhNWE0ZGEzMB4XDTIyMDEw
MTAzNTc1NloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNDNlNTUyNjBiOGVj
MDUxNWQ1ZDNlNjZjMGFjMmE5NzBmYTY4MjgwMjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALcG+WftIowZBHlyWMTFZj17SNb2szcJOU574b/dJ9mxGSGr
uj6i8z4lspGHi/wj/MAQuyPJ6Ahx2wU/DYI3W+J2vZzrb1iciUl4WKwTZeY5/AsG
rqzr5iQn5rWJ89X8qkb6K56LiBq6kOT8LOzyiRcaMibAxhCE+Q7t+OjNsv1Dg+ku
y/fX81CoMDJHXkSDXmMRXynpwsFsYz1YqHWZAyCCvJBrOjg4VOn4rAHGUQafZFzU
x5dAKRWoMfhYoR8WTyhnvfn9TaWqw/wu7pTqY1TDJD8+uIlIwA8iD5UGER7tg0XA
7Tx778fQUdQekkUxuQVpTL+8lH2K/axhvjSo0R8CAwEAAaOCAgowggIGMB0GA1Ud
DgQWBBRD5VJguOwFFdXT5mwKwqlw+mgoAjAfBgNVHSMEGDAWgBStolqv46mHDpUk
r6AmWYftWlpNozAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3JhSmFyLU9waHc2VkpLLWdKbG1IN1ZwYVRhTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvODEvODEwZDI0LWFjYmUtNGNiMi05YWM1LTlkNTg3NWQ4NjM3My8x
L1EtVlNZTGpzQlJYVjAtWnNDc0twY1Bwb0tBSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODEv
ODEwZDI0LWFjYmUtNGNiMi05YWM1LTlkNTg3NWQ4NjM3My8xL3JhSmFyLU9waHc2
VkpLLWdKbG1IN1ZwYVRhTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAg
BggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACoNw8YwDQYJKoZIhvcNAQELBQAD
ggEBAAqP2WknFQAZJQYXklhmiLE0z2HBruX6Bzh58Frx2e9KGcXyuOKiEaJo42tg
Ki7AFDY1EjvBVW0y0QHegMqKDG46m/BJusZKiEK5HeiJ2ynadq+Vz6de7uK1jijx
JNsdxpdQziHqhjNN9lbkYGN6JO9iDSKS+arZpZNTz6U32AZq6U72qFyqrorRrgfx
6paqLAa5Liunc1iFlqkx9ilgyANdfyfowr4HKf/3oa6D2hKuCsjZQDo1xYGZYgG5
HAPkh5PBeUbp6NPJzF8B17ubm6xR0yX02lOZOatEWuEt4nO4Q3FwM+ivBfFmOtaD
nu8LANa8v1bqZFDFaDlqByIVFkE=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:37:01 2024 by rpki-client on console-fra.rpki-client.org