Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/88/b30fdb-32e3-4eb2-841f-8b20aa3baae9/1/Y4TDlXDkvUtO7D86MtODMUaebos.roa
File: Y4TDlXDkvUtO7D86MtODMUaebos.roa (raw, json)
Hash identifier: ZW9Ubpk66TUJgqhovlYo/e3qDlNDIDdgJGLy87b8vu4=
Subject key identifier: 63:84:C3:95:70:E4:BD:4B:4E:EC:3F:3A:32:D3:83:31:46:9E:6E:8B
Certificate issuer: /CN=0d03df51f0818531d8ade8208eb8225354116e80
Certificate serial: 0183EB40222D20F581BE2066B433559A2EF8
Authority key identifier: 0D:03:DF:51:F0:81:85:31:D8:AD:E8:20:8E:B8:22:53:54:11:6E:80
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DQPfUfCBhTHYreggjrgiU1QRboA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/88/b30fdb-32e3-4eb2-841f-8b20aa3baae9/1/Y4TDlXDkvUtO7D86MtODMUaebos.roa
Signing time: Tue 18 Oct 2022 13:19:52 +0000
ROA not before: Tue 18 Oct 2022 13:19:52 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 47251
IP address blocks: 2001:678:254::/48 maxlen: 48
2a10:9980::/29 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:eb:40:22:2d:20:f5:81:be:20:66:b4:33:55:9a:2e:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d03df51f0818531d8ade8208eb8225354116e80
Validity
Not Before: Oct 18 13:19:52 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6384c39570e4bd4b4eec3f3a32d38331469e6e8b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:ac:7e:46:4a:23:6e:0a:6f:57:92:dc:15:cd:
95:60:01:86:7e:43:7f:d2:4e:e2:db:a2:fd:59:23:
60:92:4c:d6:83:f9:cd:e0:cd:53:46:ff:d6:98:a3:
2a:8d:52:33:d4:91:90:f6:28:c0:36:88:a5:78:38:
e5:03:7d:d7:5f:5d:c0:7b:e8:f8:42:bb:6f:29:60:
93:e8:8b:85:30:ff:69:5f:5c:5d:4e:7a:97:55:dc:
97:8e:ba:c3:10:db:ce:dd:cc:37:df:1c:47:94:18:
30:0d:a0:b4:cf:2d:38:5b:83:ce:04:38:11:90:87:
1e:b2:64:3f:64:38:58:2e:b7:e2:6b:84:71:59:86:
e2:9b:3a:8c:e1:cb:e4:88:b0:b8:bc:bd:75:19:30:
81:48:25:47:29:6e:df:44:b7:e6:6d:06:7b:13:d7:
d1:04:81:00:55:78:b2:8f:79:20:20:88:1f:e6:3f:
a8:e8:a8:59:6e:b5:d3:be:f8:d3:74:2b:ab:0f:a8:
d3:b6:1d:be:44:24:8a:71:33:5e:ce:27:51:e0:c4:
09:a6:8e:6e:eb:34:f7:a2:fd:f2:a6:c3:76:b8:4f:
66:99:b5:6b:94:0c:49:a6:9e:24:17:f2:19:09:0a:
05:e0:17:5b:78:50:90:96:a9:0b:27:d0:76:ae:01:
62:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:84:C3:95:70:E4:BD:4B:4E:EC:3F:3A:32:D3:83:31:46:9E:6E:8B
X509v3 Authority Key Identifier:
keyid:0D:03:DF:51:F0:81:85:31:D8:AD:E8:20:8E:B8:22:53:54:11:6E:80
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DQPfUfCBhTHYreggjrgiU1QRboA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/88/b30fdb-32e3-4eb2-841f-8b20aa3baae9/1/Y4TDlXDkvUtO7D86MtODMUaebos.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/88/b30fdb-32e3-4eb2-841f-8b20aa3baae9/1/DQPfUfCBhTHYreggjrgiU1QRboA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:678:254::/48
2a10:9980::/29
Signature Algorithm: sha256WithRSAEncryption
cb:ab:80:86:cf:39:31:8e:22:6c:ac:62:2b:2c:32:04:ee:f1:
46:79:61:f2:fb:05:ff:e0:c7:e3:49:6e:28:9f:91:2d:96:c0:
0e:31:62:e4:a0:06:02:78:f1:d3:f0:bf:d0:34:c2:fc:3a:95:
32:64:a6:38:ca:aa:6a:58:dc:6e:a0:1d:ea:87:c0:fd:6f:3b:
af:c0:4e:7d:86:8a:b3:b5:21:42:47:49:4f:94:ac:53:54:76:
3b:8d:59:a9:e7:8b:7e:3f:9a:ed:d2:cd:96:cc:95:f2:3d:f4:
bd:ff:b1:f9:6f:60:d7:be:18:f3:dd:54:43:f4:25:d7:9e:eb:
5b:e3:92:70:61:81:30:ae:89:29:61:e4:69:43:01:db:a7:46:
82:77:0d:e7:46:9e:dc:90:2a:49:eb:e6:01:1e:20:1c:b5:bd:
68:26:a8:00:45:e9:d0:28:52:77:2e:5a:c7:e0:f7:90:70:e3:
48:b9:94:e0:35:be:62:06:2f:18:73:15:c9:33:9e:b9:ee:f0:
ff:d1:47:0e:54:61:2b:ec:3a:99:cb:6d:e0:c3:07:e7:50:73:
d5:54:f3:bf:b0:fa:0d:7e:ab:74:a6:32:36:dc:e0:46:61:4b:
d5:8e:dd:0a:ea:cc:b3:c2:1c:ae:a3:f2:3f:95:7c:32:9e:b5:
36:48:27:2a
-----BEGIN CERTIFICATE-----
MIIFBzCCA++gAwIBAgISAYPrQCItIPWBviBmtDNVmi74MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkMDNkZjUxZjA4MTg1MzFkOGFkZTgyMDhlYjgyMjUzNTQx
MTZlODAwHhcNMjIxMDE4MTMxOTUyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2Mzg0YzM5NTcwZTRiZDRiNGVlYzNmM2EzMmQzODMzMTQ2OWU2ZThiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm6x+RkojbgpvV5LcFc2VYAGGfkN/
0k7i26L9WSNgkkzWg/nN4M1TRv/WmKMqjVIz1JGQ9ijANoileDjlA33XX13Ae+j4
QrtvKWCT6IuFMP9pX1xdTnqXVdyXjrrDENvO3cw33xxHlBgwDaC0zy04W4POBDgR
kIcesmQ/ZDhYLrfia4RxWYbimzqM4cvkiLC4vL11GTCBSCVHKW7fRLfmbQZ7E9fR
BIEAVXiyj3kgIIgf5j+o6KhZbrXTvvjTdCurD6jTth2+RCSKcTNezidR4MQJpo5u
6zT3ov3ypsN2uE9mmbVrlAxJpp4kF/IZCQoF4BdbeFCQlqkLJ9B2rgFiZQIDAQAB
o4ICEzCCAg8wHQYDVR0OBBYEFGOEw5Vw5L1LTuw/OjLTgzFGnm6LMB8GA1UdIwQY
MBaAFA0D31HwgYUx2K3oII64IlNUEW6AMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFFQZlVmQ0JoVEhZcmVnZ2pyZ2lVMVFSYm9BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OC9iMzBmZGItMzJlMy00ZWIyLTg0MWYt
OGIyMGFhM2JhYWU5LzEvWTRURGxYRGt2VXRPN0Q4Nk10T0RNVWFlYm9zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OC9iMzBmZGItMzJlMy00ZWIyLTg0MWYtOGIyMGFhM2JhYWU5
LzEvRFFQZlVmQ0JoVEhZcmVnZ2pyZ2lVMVFSYm9BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCkGCCsGAQUFBwEHAQH/BBowGDAWBAIAAjAQAwcAIAEGeAJU
AwUDKhCZgDANBgkqhkiG9w0BAQsFAAOCAQEAy6uAhs85MY4ibKxiKywyBO7xRnlh
8vsF/+DH40luKJ+RLZbADjFi5KAGAnjx0/C/0DTC/DqVMmSmOMqqaljcbqAd6ofA
/W87r8BOfYaKs7UhQkdJT5SsU1R2O41ZqeeLfj+a7dLNlsyV8j30vf+x+W9g174Y
891UQ/Ql157rW+OScGGBMK6JKWHkaUMB26dGgncN50ae3JAqSevmAR4gHLW9aCao
AEXp0ChSdy5ax+D3kHDjSLmU4DW+YgYvGHMVyTOeue7w/9FHDlRhK+w6mctt4MMH
51Bz1VTzv7D6DX6rdKYyNtzgRmFL1Y7dCurMs8IcrqPyP5V8Mp61NkgnKg==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:02:39 2023 by rpki-client on console-ams.rpki-client.org