Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/8f2093-0318-476c-9e9c-53fc4905629b/1/yYQASis-hEsOzrCHLNnNxvnBwaU.roa
File: yYQASis-hEsOzrCHLNnNxvnBwaU.roa (raw, json)
Hash identifier: m4Anh23f4w9358UNOjURbJOJoWAI0LvNFXfcuzzvdu4=
Subject key identifier: C9:84:00:4A:2B:3E:84:4B:0E:CE:B0:87:2C:D9:CD:C6:F9:C1:C1:A5
Certificate issuer: /CN=bde75079618691bae1f47bcbed52314496963891
Certificate serial: 01856E5D545DDCB03A5853C7B27A297F836E
Authority key identifier: BD:E7:50:79:61:86:91:BA:E1:F4:7B:CB:ED:52:31:44:96:96:38:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vedQeWGGkbrh9HvL7VIxRJaWOJE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/8f2093-0318-476c-9e9c-53fc4905629b/1/yYQASis-hEsOzrCHLNnNxvnBwaU.roa
Signing time: Sun 01 Jan 2023 17:24:48 +0000
ROA not before: Sun 01 Jan 2023 17:24:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 54903
IP address blocks: 2a0d:dbc0::/29 maxlen: 29
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:5d:54:5d:dc:b0:3a:58:53:c7:b2:7a:29:7f:83:6e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bde75079618691bae1f47bcbed52314496963891
Validity
Not Before: Jan 1 17:24:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c984004a2b3e844b0eceb0872cd9cdc6f9c1c1a5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:bf:c4:ba:2a:f5:88:5d:20:39:10:7a:a4:16:
f1:d9:83:32:f8:e2:b2:d8:14:b6:47:fc:c2:11:b3:
25:a4:41:f2:e8:47:c8:50:88:00:94:fd:91:ff:85:
c8:16:67:17:4e:d7:0b:eb:00:33:8f:2a:15:12:71:
71:9c:43:c4:50:b2:fd:86:ce:bb:6a:8a:35:fc:39:
a8:35:e1:6a:4e:a4:8a:89:58:7c:61:0f:4a:39:04:
cb:89:9c:3e:8c:93:b1:46:7e:4a:83:96:93:81:8b:
32:a4:46:bd:bf:31:14:64:4b:71:13:10:0c:09:88:
4b:5e:14:d3:f0:c3:29:fd:a1:cd:9a:d9:9a:64:db:
19:cc:1d:7b:bc:7a:33:11:dd:b0:86:bf:c2:53:3a:
9d:3b:c0:19:6b:37:11:49:fb:67:09:ce:b6:7c:fa:
a0:f5:40:21:35:fa:25:0e:14:b7:c3:65:aa:17:34:
db:64:95:bf:e9:6e:24:fc:1d:7c:72:2b:29:4b:17:
b2:b2:62:99:49:a4:3e:d9:1d:60:d6:f7:fe:3a:0e:
bc:a8:07:80:fd:45:01:f9:5b:e6:cf:da:cb:d3:67:
ba:81:1d:12:2f:31:3c:3e:e4:55:2b:59:70:57:d3:
34:7a:d7:3e:7b:88:7e:45:73:9f:7e:ac:c8:93:15:
24:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:84:00:4A:2B:3E:84:4B:0E:CE:B0:87:2C:D9:CD:C6:F9:C1:C1:A5
X509v3 Authority Key Identifier:
keyid:BD:E7:50:79:61:86:91:BA:E1:F4:7B:CB:ED:52:31:44:96:96:38:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vedQeWGGkbrh9HvL7VIxRJaWOJE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/8f2093-0318-476c-9e9c-53fc4905629b/1/yYQASis-hEsOzrCHLNnNxvnBwaU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/8f2093-0318-476c-9e9c-53fc4905629b/1/vedQeWGGkbrh9HvL7VIxRJaWOJE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0d:dbc0::/29
Signature Algorithm: sha256WithRSAEncryption
18:01:eb:66:ec:7b:45:90:aa:58:d9:54:32:68:23:f0:79:e9:
ba:e6:e7:75:5a:4e:4b:cf:4c:94:d3:13:4d:01:31:97:52:17:
b3:3c:8c:7e:15:ab:c4:5d:b1:79:55:d0:4c:49:1f:a2:a3:52:
67:c2:cd:ad:19:be:61:a9:ff:19:17:86:2c:39:f5:c5:0a:f7:
d3:61:e5:d9:37:57:54:4f:88:45:c0:dc:4a:46:a6:3a:4e:9d:
be:f8:c1:f9:d7:89:95:5f:af:d1:2a:07:22:55:69:e4:a9:cd:
ba:a7:92:b4:06:4a:21:3b:d5:55:ea:df:56:9d:a6:fa:79:5c:
9f:00:8c:6a:b0:87:0e:6f:3d:4e:a1:90:93:c0:d2:c9:5f:fb:
b5:db:13:53:b0:77:00:c6:02:6d:d2:97:57:31:a8:dc:ce:06:
1f:f6:c4:dd:9b:b7:92:77:80:2f:94:23:26:1a:f1:d1:5c:7e:
81:b7:cd:d7:c2:21:c7:58:80:08:3f:49:3f:7e:6e:46:c1:81:
cb:29:83:17:a2:d4:e3:0d:19:7b:21:1e:6a:65:51:b5:f7:6c:
f4:35:de:7b:67:a9:99:a7:f5:62:d6:9a:c9:7f:87:76:e1:67:
ad:22:f9:74:2c:b0:64:75:2c:d1:cd:26:57:27:cc:c3:57:d6:
c6:ca:49:f6
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYVuXVRd3LA6WFPHsnopf4NuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJkZTc1MDc5NjE4NjkxYmFlMWY0N2JjYmVkNTIzMTQ0OTY5
NjM4OTEwHhcNMjMwMTAxMTcyNDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOTg0MDA0YTJiM2U4NDRiMGVjZWIwODcyY2Q5Y2RjNmY5YzFjMWE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwL/Euir1iF0gORB6pBbx2YMy+OKy
2BS2R/zCEbMlpEHy6EfIUIgAlP2R/4XIFmcXTtcL6wAzjyoVEnFxnEPEULL9hs67
aoo1/DmoNeFqTqSKiVh8YQ9KOQTLiZw+jJOxRn5Kg5aTgYsypEa9vzEUZEtxExAM
CYhLXhTT8MMp/aHNmtmaZNsZzB17vHozEd2whr/CUzqdO8AZazcRSftnCc62fPqg
9UAhNfolDhS3w2WqFzTbZJW/6W4k/B18cispSxeysmKZSaQ+2R1g1vf+Og68qAeA
/UUB+Vvmz9rL02e6gR0SLzE8PuRVK1lwV9M0etc+e4h+RXOffqzIkxUkiwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFMmEAEorPoRLDs6whyzZzcb5wcGlMB8GA1UdIwQY
MBaAFL3nUHlhhpG64fR7y+1SMUSWljiRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdmVkUWVXR0drYnJoOUh2TDdWSXhSSmFXT0pFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi84ZjIwOTMtMDMxOC00NzZjLTllOWMt
NTNmYzQ5MDU2MjliLzEveVlRQVNpcy1oRXNPenJDSExObk54dm5Cd2FVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi84ZjIwOTMtMDMxOC00NzZjLTllOWMtNTNmYzQ5MDU2Mjli
LzEvdmVkUWVXR0drYnJoOUh2TDdWSXhSSmFXT0pFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKg3bwDAN
BgkqhkiG9w0BAQsFAAOCAQEAGAHrZux7RZCqWNlUMmgj8HnpuubndVpOS89MlNMT
TQExl1IXszyMfhWrxF2xeVXQTEkfoqNSZ8LNrRm+Yan/GReGLDn1xQr302Hl2TdX
VE+IRcDcSkamOk6dvvjB+deJlV+v0SoHIlVp5KnNuqeStAZKITvVVerfVp2m+nlc
nwCMarCHDm89TqGQk8DSyV/7tdsTU7B3AMYCbdKXVzGo3M4GH/bE3Zu3kneAL5Qj
Jhrx0Vx+gbfN18Ihx1iACD9JP35uRsGByymDF6LU4w0ZeyEeamVRtfds9DXee2ep
maf1YtaayX+HduFnrSL5dCywZHUs0c0mVyfMw1fWxspJ9g==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:22:46 2024 by rpki-client on console-ams.rpki-client.org