Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/8f2093-0318-476c-9e9c-53fc4905629b/1/TrmsKEZKAcNhzrzMebZD5RHo6vs.roa
File: TrmsKEZKAcNhzrzMebZD5RHo6vs.roa (raw, json)
Hash identifier: 0Hm7/zWGHBq/j3seNnPI9IZlkJlvM5wLZOycUxh+yZk=
Subject key identifier: 4E:B9:AC:28:46:4A:01:C3:61:CE:BC:CC:79:B6:43:E5:11:E8:EA:FB
Certificate issuer: /CN=bde75079618691bae1f47bcbed52314496963891
Certificate serial: 046E46F6
Authority key identifier: BD:E7:50:79:61:86:91:BA:E1:F4:7B:CB:ED:52:31:44:96:96:38:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vedQeWGGkbrh9HvL7VIxRJaWOJE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/8f2093-0318-476c-9e9c-53fc4905629b/1/TrmsKEZKAcNhzrzMebZD5RHo6vs.roa
Signing time: Mon 27 Jun 2022 17:05:32 +0000
ROA not before: Mon 27 Jun 2022 17:05:32 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 212660
IP address blocks: 2a09:a400::/29 maxlen: 29
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 74335990 (0x46e46f6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bde75079618691bae1f47bcbed52314496963891
Validity
Not Before: Jun 27 17:05:32 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=4eb9ac28464a01c361cebccc79b643e511e8eafb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:c5:e6:11:96:40:1c:9b:7b:e0:ce:67:e9:d7:
bc:dd:d4:37:79:f6:95:11:b9:b8:49:66:3c:04:50:
83:a8:d4:86:35:19:8c:a0:8c:eb:e6:ff:dc:7c:8f:
2b:81:9f:9b:bd:86:c3:44:1e:0d:cf:3f:93:a6:5a:
5d:22:d3:ff:e3:1e:fb:4e:d2:ae:54:cf:e2:b7:32:
99:81:e0:55:cb:61:3e:06:71:46:0d:9e:06:ef:dc:
e2:16:8c:8c:00:bc:26:ab:51:8f:85:6d:29:6e:06:
6a:5d:88:8d:ce:0c:e3:27:98:1c:c5:07:7b:b4:3d:
cc:e8:09:70:47:96:30:9d:9c:bf:c9:32:99:aa:23:
c5:c8:59:eb:ba:f4:71:06:c4:7d:d8:03:ae:96:8e:
a0:43:08:17:36:f2:02:72:e8:46:05:c3:59:05:cf:
52:24:17:51:7d:1c:a9:b7:48:c3:ba:7c:ca:e2:11:
99:84:2a:c1:65:4d:c1:51:a6:9b:02:49:ef:e5:7c:
53:0e:00:21:77:a8:98:36:72:d4:49:2a:15:ef:b1:
56:5a:ba:d5:5c:be:aa:34:49:ed:96:77:60:f7:03:
77:3e:fd:a8:56:a6:3f:65:8b:a8:e4:55:d6:95:9f:
cd:7e:2a:ac:97:5c:69:6d:ef:91:00:7f:5d:61:77:
e9:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:B9:AC:28:46:4A:01:C3:61:CE:BC:CC:79:B6:43:E5:11:E8:EA:FB
X509v3 Authority Key Identifier:
keyid:BD:E7:50:79:61:86:91:BA:E1:F4:7B:CB:ED:52:31:44:96:96:38:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vedQeWGGkbrh9HvL7VIxRJaWOJE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/8f2093-0318-476c-9e9c-53fc4905629b/1/TrmsKEZKAcNhzrzMebZD5RHo6vs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/8f2093-0318-476c-9e9c-53fc4905629b/1/vedQeWGGkbrh9HvL7VIxRJaWOJE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a09:a400::/29
Signature Algorithm: sha256WithRSAEncryption
25:9a:9c:40:09:13:30:d3:5d:49:ae:d0:81:d5:6e:71:f1:39:
c7:c4:31:dc:0b:36:1f:9a:38:fe:bd:a3:8b:f4:79:ba:d9:3f:
20:e7:85:00:a2:13:c6:09:c6:b3:25:b3:c8:35:ca:d0:c9:fb:
a9:1e:6c:4b:37:b8:07:a2:72:4d:17:0d:d5:ab:b8:8d:3b:84:
07:8e:c7:df:11:a5:60:d8:2f:22:d6:2b:25:54:4d:56:2c:33:
02:76:63:67:47:86:11:42:58:b6:18:ef:99:a6:f9:52:51:50:
4d:4e:d3:3d:9a:e0:3a:d5:c3:37:1d:37:f3:86:80:d4:f5:9b:
08:d0:a6:d2:e7:5a:10:34:d0:6c:24:e9:91:a9:e9:0c:bb:ea:
b5:7a:e1:94:2d:5f:43:3e:1c:f6:aa:fd:48:dc:d1:82:b8:8d:
0d:2d:09:81:46:c1:5b:86:b2:6b:d1:e6:82:8e:47:cd:13:e9:
74:88:25:61:1d:cb:40:e2:8d:69:27:ba:f0:ae:39:b2:b1:df:
b2:04:8f:86:5d:ae:4a:ff:0d:1d:0a:dd:aa:c8:20:0b:ea:8a:
c5:ca:45:ec:0e:cc:ab:58:5f:57:91:e4:f9:17:c9:c6:06:84:
59:b6:43:8f:0e:4d:40:c4:34:01:de:f2:cb:30:5b:55:be:ce:
f4:69:3b:50
-----BEGIN CERTIFICATE-----
MIIE8DCCA9igAwIBAgIEBG5G9jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
ZGU3NTA3OTYxODY5MWJhZTFmNDdiY2JlZDUyMzE0NDk2OTYzODkxMB4XDTIyMDYy
NzE3MDUzMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNGViOWFjMjg0NjRh
MDFjMzYxY2ViY2NjNzliNjQzZTUxMWU4ZWFmYjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAIjF5hGWQBybe+DOZ+nXvN3UN3n2lRG5uElmPARQg6jUhjUZ
jKCM6+b/3HyPK4Gfm72Gw0QeDc8/k6ZaXSLT/+Me+07SrlTP4rcymYHgVcthPgZx
Rg2eBu/c4haMjAC8JqtRj4VtKW4Gal2Ijc4M4yeYHMUHe7Q9zOgJcEeWMJ2cv8ky
maojxchZ67r0cQbEfdgDrpaOoEMIFzbyAnLoRgXDWQXPUiQXUX0cqbdIw7p8yuIR
mYQqwWVNwVGmmwJJ7+V8Uw4AIXeomDZy1EkqFe+xVlq61Vy+qjRJ7ZZ3YPcDdz79
qFamP2WLqORV1pWfzX4qrJdcaW3vkQB/XWF36YECAwEAAaOCAgowggIGMB0GA1Ud
DgQWBBROuawoRkoBw2HOvMx5tkPlEejq+zAfBgNVHSMEGDAWgBS951B5YYaRuuH0
e8vtUjFElpY4kTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3ZlZFFlV0dHa2JyaDlIdkw3Vkl4UkphV09KRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOGIvOGYyMDkzLTAzMTgtNDc2Yy05ZTljLTUzZmM0OTA1NjI5Yi8x
L1RybXNLRVpLQWNOaHpyek1lYlpENVJIbzZ2cy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOGIv
OGYyMDkzLTAzMTgtNDc2Yy05ZTljLTUzZmM0OTA1NjI5Yi8xL3ZlZFFlV0dHa2Jy
aDlIdkw3Vkl4UkphV09KRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAg
BggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFAyoJpAAwDQYJKoZIhvcNAQELBQAD
ggEBACWanEAJEzDTXUmu0IHVbnHxOcfEMdwLNh+aOP69o4v0ebrZPyDnhQCiE8YJ
xrMls8g1ytDJ+6kebEs3uAeick0XDdWruI07hAeOx98RpWDYLyLWKyVUTVYsMwJ2
Y2dHhhFCWLYY75mm+VJRUE1O0z2a4DrVwzcdN/OGgNT1mwjQptLnWhA00Gwk6ZGp
6Qy76rV64ZQtX0M+HPaq/Ujc0YK4jQ0tCYFGwVuGsmvR5oKOR80T6XSIJWEdy0Di
jWknuvCuObKx37IEj4Zdrkr/DR0K3arIIAvqisXKRewOzKtYX1eR5PkXycYGhFm2
Q48OTUDENAHe8sswW1W+zvRpO1A=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:44:18 2025 by rpki-client