Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/8f2093-0318-476c-9e9c-53fc4905629b/1/Wx4_ZQZyyj7CnuqPpUcA6hKh3A4.roa
File: Wx4_ZQZyyj7CnuqPpUcA6hKh3A4.roa (raw, json)
Hash identifier: 2VvP8r8Zqfs4Yrvn+nbkdkShKCw431+CuDXCVGGBdEg=
Subject key identifier: 5B:1E:3F:65:06:72:CA:3E:C2:9E:EA:8F:A5:47:00:EA:12:A1:DC:0E
Certificate issuer: /CN=bde75079618691bae1f47bcbed52314496963891
Certificate serial: 01845BC2A9D0FBB00CA258712C9EDEC8937A
Authority key identifier: BD:E7:50:79:61:86:91:BA:E1:F4:7B:CB:ED:52:31:44:96:96:38:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vedQeWGGkbrh9HvL7VIxRJaWOJE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/8f2093-0318-476c-9e9c-53fc4905629b/1/Wx4_ZQZyyj7CnuqPpUcA6hKh3A4.roa
Signing time: Wed 09 Nov 2022 09:39:54 +0000
ROA not before: Wed 09 Nov 2022 09:39:54 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 54903
IP address blocks: 2a0d:dbc0::/29 maxlen: 29
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:5b:c2:a9:d0:fb:b0:0c:a2:58:71:2c:9e:de:c8:93:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bde75079618691bae1f47bcbed52314496963891
Validity
Not Before: Nov 9 09:39:54 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5b1e3f650672ca3ec29eea8fa54700ea12a1dc0e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:66:4b:dc:33:7d:ac:4b:ed:f0:a0:54:46:a1:
e7:32:ab:6f:de:f6:ac:e8:ec:70:70:a9:5f:a0:5a:
f5:14:26:14:27:d1:d2:4b:e7:66:3e:ad:e9:f3:a4:
10:3c:a2:29:8f:2c:ed:55:72:28:38:d6:f7:39:ed:
db:5d:4b:c8:bd:0b:08:63:50:39:8c:86:59:6f:25:
3a:aa:d0:f5:fc:29:d5:5a:b8:a1:58:b2:12:b7:cd:
db:f1:9e:55:b7:55:19:54:60:07:78:be:fa:e8:2b:
06:fb:5a:e3:2b:35:d7:98:28:7c:a1:7b:83:ed:63:
6e:cb:d1:f5:06:74:10:ad:9a:af:f6:15:20:1a:a9:
3a:cf:3b:e4:d4:c3:05:0b:2b:46:df:f2:c7:16:e7:
46:37:31:b4:a6:97:5a:b4:05:85:7e:7c:99:e6:64:
7a:23:6d:fa:0c:df:6f:95:6d:95:1e:d6:69:e6:95:
0e:e2:c7:bb:ee:bd:26:59:5d:f2:85:72:ed:9b:91:
4d:c0:6d:f1:69:49:f9:bd:7d:b4:c8:83:f3:14:38:
28:e4:61:4e:6a:30:f8:a5:9a:7b:d0:17:78:c3:a0:
2d:8b:69:f7:5a:fe:3c:37:e5:6b:1c:fe:46:3d:92:
b4:0b:4d:be:f7:38:ed:7f:8b:1e:ab:ab:f0:f7:ee:
fd:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:1E:3F:65:06:72:CA:3E:C2:9E:EA:8F:A5:47:00:EA:12:A1:DC:0E
X509v3 Authority Key Identifier:
keyid:BD:E7:50:79:61:86:91:BA:E1:F4:7B:CB:ED:52:31:44:96:96:38:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vedQeWGGkbrh9HvL7VIxRJaWOJE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/8f2093-0318-476c-9e9c-53fc4905629b/1/Wx4_ZQZyyj7CnuqPpUcA6hKh3A4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/8f2093-0318-476c-9e9c-53fc4905629b/1/vedQeWGGkbrh9HvL7VIxRJaWOJE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0d:dbc0::/29
Signature Algorithm: sha256WithRSAEncryption
20:1d:a6:06:67:96:af:0e:65:71:aa:d8:ce:db:22:22:c5:70:
02:93:c1:2c:6f:03:20:ec:26:fc:e5:d8:db:e8:db:e8:59:5b:
1b:6e:a2:c9:52:ec:b1:80:63:10:2c:5c:63:88:0f:6e:ff:31:
fe:1d:5e:ea:6a:a8:e9:4a:58:88:a8:ac:cb:ab:30:2d:36:94:
1b:24:6c:cc:45:b5:be:45:85:dd:ae:6a:86:0e:4b:91:35:76:
75:51:75:71:9a:61:59:d6:d7:0b:19:c9:0a:95:46:13:d8:ee:
ed:2d:98:33:43:e2:15:01:d5:1f:b4:9a:1c:4f:22:13:0f:0d:
14:8a:b4:bf:ab:9b:11:d9:0a:94:a0:76:1a:48:fa:94:df:3c:
40:d2:43:f7:a5:2a:8b:1c:9c:ac:6f:97:05:d0:d0:21:8b:23:
16:b5:f2:b8:88:53:43:b5:16:02:1c:64:3c:42:1e:fb:38:e3:
f0:83:97:43:86:f4:99:eb:24:c0:8b:99:e7:d3:d9:9b:2a:bb:
7a:01:3c:d6:6b:33:a3:bf:cc:0a:3f:88:ac:3d:35:84:65:5a:
73:cc:fa:bd:40:d4:3e:32:d0:16:09:29:ce:1a:d8:59:90:a3:
15:73:98:fd:d6:76:98:b2:2f:70:a8:26:28:33:a3:b8:c6:85:
de:e5:02:92
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYRbwqnQ+7AMolhxLJ7eyJN6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJkZTc1MDc5NjE4NjkxYmFlMWY0N2JjYmVkNTIzMTQ0OTY5
NjM4OTEwHhcNMjIxMTA5MDkzOTU0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YjFlM2Y2NTA2NzJjYTNlYzI5ZWVhOGZhNTQ3MDBlYTEyYTFkYzBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3GZL3DN9rEvt8KBURqHnMqtv3vas
6OxwcKlfoFr1FCYUJ9HSS+dmPq3p86QQPKIpjyztVXIoONb3Oe3bXUvIvQsIY1A5
jIZZbyU6qtD1/CnVWrihWLISt83b8Z5Vt1UZVGAHeL766CsG+1rjKzXXmCh8oXuD
7WNuy9H1BnQQrZqv9hUgGqk6zzvk1MMFCytG3/LHFudGNzG0ppdatAWFfnyZ5mR6
I236DN9vlW2VHtZp5pUO4se77r0mWV3yhXLtm5FNwG3xaUn5vX20yIPzFDgo5GFO
ajD4pZp70Bd4w6Ati2n3Wv48N+VrHP5GPZK0C02+9zjtf4seq6vw9+79YQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFFseP2UGcso+wp7qj6VHAOoSodwOMB8GA1UdIwQY
MBaAFL3nUHlhhpG64fR7y+1SMUSWljiRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdmVkUWVXR0drYnJoOUh2TDdWSXhSSmFXT0pFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi84ZjIwOTMtMDMxOC00NzZjLTllOWMt
NTNmYzQ5MDU2MjliLzEvV3g0X1pRWnl5ajdDbnVxUHBVY0E2aEtoM0E0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi84ZjIwOTMtMDMxOC00NzZjLTllOWMtNTNmYzQ5MDU2Mjli
LzEvdmVkUWVXR0drYnJoOUh2TDdWSXhSSmFXT0pFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKg3bwDAN
BgkqhkiG9w0BAQsFAAOCAQEAIB2mBmeWrw5lcarYztsiIsVwApPBLG8DIOwm/OXY
2+jb6FlbG26iyVLssYBjECxcY4gPbv8x/h1e6mqo6UpYiKisy6swLTaUGyRszEW1
vkWF3a5qhg5LkTV2dVF1cZphWdbXCxnJCpVGE9ju7S2YM0PiFQHVH7SaHE8iEw8N
FIq0v6ubEdkKlKB2Gkj6lN88QNJD96UqixycrG+XBdDQIYsjFrXyuIhTQ7UWAhxk
PEIe+zjj8IOXQ4b0meskwIuZ59PZmyq7egE81mszo7/MCj+IrD01hGVac8z6vUDU
PjLQFgkpzhrYWZCjFXOY/dZ2mLIvcKgmKDOjuMaF3uUCkg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:22:46 2024 by rpki-client on console-ams.rpki-client.org