Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/8f2093-0318-476c-9e9c-53fc4905629b/1/rwpeFi8uCneQcBbaEbDuK3vPXas.roa
File: rwpeFi8uCneQcBbaEbDuK3vPXas.roa (raw, json)
Hash identifier: r4xORKfbIzrDyC+2///VBRJv/IyL/t+HrjxWfQzntis=
Subject key identifier: AF:0A:5E:16:2F:2E:0A:77:90:70:16:DA:11:B0:EE:2B:7B:CF:5D:AB
Certificate issuer: /CN=bde75079618691bae1f47bcbed52314496963891
Certificate serial: 02E32BAD
Authority key identifier: BD:E7:50:79:61:86:91:BA:E1:F4:7B:CB:ED:52:31:44:96:96:38:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vedQeWGGkbrh9HvL7VIxRJaWOJE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/8f2093-0318-476c-9e9c-53fc4905629b/1/rwpeFi8uCneQcBbaEbDuK3vPXas.roa
Signing time: Sat 01 Jan 2022 10:01:48 +0000
ROA not before: Sat 01 Jan 2022 10:01:48 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 59682
IP address blocks: 2a0b:a0c0::/29 maxlen: 29
2a0d:e000::/29 maxlen: 29
2a0a:d040::/29 maxlen: 29
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 48442285 (0x2e32bad)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bde75079618691bae1f47bcbed52314496963891
Validity
Not Before: Jan 1 10:01:48 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=af0a5e162f2e0a77907016da11b0ee2b7bcf5dab
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:a5:6f:25:a7:a3:e5:b6:bd:12:93:83:46:68:
49:ea:57:6d:f4:bf:f4:3b:52:a6:d1:02:1b:5e:3b:
4b:5c:ff:48:e1:43:bc:46:22:4c:45:e8:de:27:7f:
8b:85:7c:a2:68:43:64:38:36:26:e5:69:e6:97:ac:
57:45:54:8c:d2:b6:1b:cd:3f:bc:27:26:15:bb:8f:
bb:6c:76:53:cf:b1:d2:e3:19:a7:fb:be:04:fd:a2:
19:0d:04:07:78:f8:e3:c0:5c:34:a9:ea:4e:6d:b6:
7f:87:47:b4:0c:d4:2f:7f:48:77:33:5b:9e:85:9c:
03:e3:9b:92:53:f8:0c:d7:e2:53:30:79:4d:19:92:
99:b2:21:56:40:ab:4d:35:44:4f:64:e3:78:46:c5:
8b:0e:80:df:fe:30:8a:59:79:95:d4:b0:68:06:f1:
c5:dc:4e:f6:ca:0d:47:c6:e6:5b:cb:ce:ec:bb:32:
df:24:8d:45:1f:bc:30:02:64:50:16:19:0b:ab:72:
29:c2:58:e3:4a:5b:74:6b:14:15:ed:94:3c:d9:df:
bc:4e:36:f2:6a:8f:ff:b0:cc:59:77:e9:7d:69:84:
9e:e9:07:82:9c:62:34:ae:13:ba:7d:4f:68:ea:bb:
91:b1:73:7d:36:ea:2d:45:bb:e7:c5:1d:6f:2f:b5:
24:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:0A:5E:16:2F:2E:0A:77:90:70:16:DA:11:B0:EE:2B:7B:CF:5D:AB
X509v3 Authority Key Identifier:
keyid:BD:E7:50:79:61:86:91:BA:E1:F4:7B:CB:ED:52:31:44:96:96:38:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vedQeWGGkbrh9HvL7VIxRJaWOJE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/8f2093-0318-476c-9e9c-53fc4905629b/1/rwpeFi8uCneQcBbaEbDuK3vPXas.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/8f2093-0318-476c-9e9c-53fc4905629b/1/vedQeWGGkbrh9HvL7VIxRJaWOJE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0a:d040::/29
2a0b:a0c0::/29
2a0d:e000::/29
Signature Algorithm: sha256WithRSAEncryption
62:74:53:f3:ae:b6:a2:8d:3e:53:1d:51:dc:5c:1d:b2:09:7c:
5b:ad:b5:0a:73:b0:21:27:5c:3a:c6:0f:d0:c9:e6:4a:7c:fc:
58:3d:d8:ab:4b:a3:2f:f2:f0:b3:b9:cb:1c:88:52:51:bd:df:
17:87:58:c7:94:4f:17:47:9d:74:02:75:ab:1c:fc:41:c9:01:
f0:19:de:b9:57:db:ea:10:85:af:ab:a8:82:06:68:03:3e:12:
81:97:e3:1e:2a:c6:a2:19:1b:b7:23:a9:d7:46:fd:fe:96:3f:
3d:7a:53:de:eb:10:39:68:76:f0:e0:43:9b:ca:56:7d:57:cc:
0d:fc:67:5e:74:78:7c:31:0e:db:b9:6b:fa:e6:fc:5d:cb:da:
b8:73:f8:64:45:aa:7a:d7:07:80:31:bf:46:10:85:fa:f4:30:
80:4c:b7:43:99:77:52:8d:96:fc:0f:80:3d:00:25:1b:32:26:
f3:ab:d9:1a:f9:d0:32:79:9a:44:da:bd:ca:ae:4e:39:b4:05:
69:ca:60:f6:54:56:50:1a:3b:13:9f:69:28:d3:2b:59:e7:cb:
35:79:c4:f0:2c:44:75:7d:47:49:5d:cd:1a:1b:d1:ef:89:76:
f2:60:ff:a3:64:c3:b1:36:d5:f0:5f:4a:44:e8:72:1e:81:3f:
44:b5:32:dc
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIEAuMrrTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
ZGU3NTA3OTYxODY5MWJhZTFmNDdiY2JlZDUyMzE0NDk2OTYzODkxMB4XDTIyMDEw
MTEwMDE0OFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYWYwYTVlMTYyZjJl
MGE3NzkwNzAxNmRhMTFiMGVlMmI3YmNmNWRhYjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJylbyWno+W2vRKTg0ZoSepXbfS/9DtSptECG147S1z/SOFD
vEYiTEXo3id/i4V8omhDZDg2JuVp5pesV0VUjNK2G80/vCcmFbuPu2x2U8+x0uMZ
p/u+BP2iGQ0EB3j448BcNKnqTm22f4dHtAzUL39IdzNbnoWcA+ObklP4DNfiUzB5
TRmSmbIhVkCrTTVET2TjeEbFiw6A3/4will5ldSwaAbxxdxO9soNR8bmW8vO7Lsy
3ySNRR+8MAJkUBYZC6tyKcJY40pbdGsUFe2UPNnfvE428mqP/7DMWXfpfWmEnukH
gpxiNK4Tun1PaOq7kbFzfTbqLUW758Udby+1JNcCAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBSvCl4WLy4Kd5BwFtoRsO4re89dqzAfBgNVHSMEGDAWgBS951B5YYaRuuH0
e8vtUjFElpY4kTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3ZlZFFlV0dHa2JyaDlIdkw3Vkl4UkphV09KRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOGIvOGYyMDkzLTAzMTgtNDc2Yy05ZTljLTUzZmM0OTA1NjI5Yi8x
L3J3cGVGaTh1Q25lUWNCYmFFYkR1SzN2UFhhcy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOGIv
OGYyMDkzLTAzMTgtNDc2Yy05ZTljLTUzZmM0OTA1NjI5Yi8xL3ZlZFFlV0dHa2Jy
aDlIdkw3Vkl4UkphV09KRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wGwQCAAIwFQMFAyoK0EADBQMqC6DAAwUDKg3gADAN
BgkqhkiG9w0BAQsFAAOCAQEAYnRT8662oo0+Ux1R3Fwdsgl8W621CnOwISdcOsYP
0MnmSnz8WD3Yq0ujL/Lws7nLHIhSUb3fF4dYx5RPF0eddAJ1qxz8QckB8BneuVfb
6hCFr6uoggZoAz4SgZfjHirGohkbtyOp10b9/pY/PXpT3usQOWh28OBDm8pWfVfM
DfxnXnR4fDEO27lr+ub8XcvauHP4ZEWqetcHgDG/RhCF+vQwgEy3Q5l3Uo2W/A+A
PQAlGzIm86vZGvnQMnmaRNq9yq5OObQFacpg9lRWUBo7E59pKNMrWefLNXnE8CxE
dX1HSV3NGhvR74l28mD/o2TDsTbV8F9KROhyHoE/RLUy3A==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:22:46 2024 by rpki-client on console-ams.rpki-client.org