Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/04b446-4ae1-4fe5-b646-59ae09edbeb9/1/6KddmXrK59MPDo6tkHJf6VL1akY.roa
File: 6KddmXrK59MPDo6tkHJf6VL1akY.roa (raw, json)
Hash identifier: nfh6g0K9wDWQ2cH+3rmpxIL0sF2zvJIqce9K0lUKCMc=
Subject key identifier: E8:A7:5D:99:7A:CA:E7:D3:0F:0E:8E:AD:90:72:5F:E9:52:F5:6A:46
Certificate issuer: /CN=c2d21e804ab7713ad7877dde603aa7824b31983c
Certificate serial: 0186071602DF4575C19ADD18B3086E8F86F4
Authority key identifier: C2:D2:1E:80:4A:B7:71:3A:D7:87:7D:DE:60:3A:A7:82:4B:31:98:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wtIegEq3cTrXh33eYDqngksxmDw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/04b446-4ae1-4fe5-b646-59ae09edbeb9/1/6KddmXrK59MPDo6tkHJf6VL1akY.roa
Signing time: Tue 31 Jan 2023 09:08:48 +0000
ROA not before: Tue 31 Jan 2023 09:08:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 22773
IP address blocks: 2a10:5c80::/29 maxlen: 29
2a10:5a80::/29 maxlen: 29
2a10:5880::/29 maxlen: 29
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:07:16:02:df:45:75:c1:9a:dd:18:b3:08:6e:8f:86:f4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c2d21e804ab7713ad7877dde603aa7824b31983c
Validity
Not Before: Jan 31 09:08:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e8a75d997acae7d30f0e8ead90725fe952f56a46
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:b2:14:5e:c5:7e:d9:22:0b:ee:7f:68:18:d7:
27:59:73:a3:ad:f6:08:c8:65:60:ff:e7:c9:f4:a8:
57:9c:34:c7:b4:d7:31:b8:17:09:6e:df:88:12:da:
c3:8d:c4:5b:47:46:d7:3e:22:8c:82:18:f5:77:a9:
e8:1f:37:a2:aa:63:b8:9f:02:c4:3c:6f:8e:71:7a:
9d:d3:fd:83:3d:47:be:d9:c6:23:90:50:ae:08:23:
a1:28:2d:a9:fd:28:7c:f5:42:c3:b1:42:54:d4:93:
4d:e3:b2:a7:62:92:a3:cb:be:61:cc:fa:02:c5:66:
20:7d:ae:62:73:50:49:09:ea:95:56:8f:a0:1a:aa:
8c:c5:d4:49:9b:aa:7b:13:85:01:37:f8:88:59:ac:
72:63:12:1c:da:21:c9:c4:f0:07:02:e6:7d:8e:ea:
6f:83:93:b1:73:3f:a1:1b:aa:0c:87:ff:92:f2:37:
75:1a:00:91:28:c3:72:cc:23:92:41:b1:ab:42:4f:
f4:3c:1e:d8:12:2e:b0:52:9f:dd:85:5a:93:95:31:
3b:b1:7e:a5:ba:b6:80:1b:3c:22:97:92:d4:2f:1b:
05:68:bb:2d:00:e8:2e:5d:4d:02:41:37:51:3e:e7:
45:67:4e:82:ff:e2:64:a2:c9:f8:df:94:b0:b0:55:
3a:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E8:A7:5D:99:7A:CA:E7:D3:0F:0E:8E:AD:90:72:5F:E9:52:F5:6A:46
X509v3 Authority Key Identifier:
keyid:C2:D2:1E:80:4A:B7:71:3A:D7:87:7D:DE:60:3A:A7:82:4B:31:98:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wtIegEq3cTrXh33eYDqngksxmDw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/04b446-4ae1-4fe5-b646-59ae09edbeb9/1/6KddmXrK59MPDo6tkHJf6VL1akY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/04b446-4ae1-4fe5-b646-59ae09edbeb9/1/wtIegEq3cTrXh33eYDqngksxmDw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a10:5880::/29
2a10:5a80::/29
2a10:5c80::/29
Signature Algorithm: sha256WithRSAEncryption
1f:94:7e:ed:bf:df:e8:dc:a1:17:59:2e:1f:a2:fb:b4:be:c0:
f1:79:d1:5e:6a:58:bb:0e:50:6b:d8:69:b9:41:e9:42:3a:35:
c1:86:3f:e7:e2:3e:95:38:e2:8c:46:b2:da:a4:9a:88:12:31:
be:f5:12:f8:58:1b:11:c3:48:fe:67:47:d4:5a:4b:09:fb:ed:
c1:3b:3e:92:c4:e5:4f:25:ff:b0:4a:ec:91:ec:a6:87:4a:4b:
6e:9d:24:76:c9:eb:9a:49:03:83:c8:e5:60:af:a9:e9:3b:b0:
9b:56:67:51:70:2e:d6:8a:18:a2:f5:cf:0c:ba:5a:8b:f0:cb:
d6:b7:f7:e3:47:2a:7e:de:c8:07:45:b3:e1:f2:a6:2c:96:56:
39:2e:87:b2:eb:68:11:de:cc:15:2f:c2:25:28:fa:98:db:18:
95:3a:76:91:c9:20:d9:b8:68:9f:f4:ee:29:6b:2d:75:29:61:
f9:37:aa:b4:aa:95:47:cb:b1:9b:44:80:fe:41:af:8a:92:bc:
50:71:e4:5f:70:8f:69:68:71:00:a1:8e:b1:94:5e:07:f0:b9:
19:0b:7c:95:59:9e:4c:fc:1b:79:ea:df:b0:f9:c1:d2:06:65:
d6:f4:81:e3:66:aa:94:f9:7b:e3:a1:ba:2c:dd:ba:e1:27:0c:
78:a3:45:24
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYYHFgLfRXXBmt0Yswhuj4b0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyZDIxZTgwNGFiNzcxM2FkNzg3N2RkZTYwM2FhNzgyNGIz
MTk4M2MwHhcNMjMwMTMxMDkwODQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlOGE3NWQ5OTdhY2FlN2QzMGYwZThlYWQ5MDcyNWZlOTUyZjU2YTQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuLIUXsV+2SIL7n9oGNcnWXOjrfYI
yGVg/+fJ9KhXnDTHtNcxuBcJbt+IEtrDjcRbR0bXPiKMghj1d6noHzeiqmO4nwLE
PG+OcXqd0/2DPUe+2cYjkFCuCCOhKC2p/Sh89ULDsUJU1JNN47KnYpKjy75hzPoC
xWYgfa5ic1BJCeqVVo+gGqqMxdRJm6p7E4UBN/iIWaxyYxIc2iHJxPAHAuZ9jupv
g5Oxcz+hG6oMh/+S8jd1GgCRKMNyzCOSQbGrQk/0PB7YEi6wUp/dhVqTlTE7sX6l
uraAGzwil5LULxsFaLstAOguXU0CQTdRPudFZ06C/+Jkosn435SwsFU6OwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFOinXZl6yufTDw6OrZByX+lS9WpGMB8GA1UdIwQY
MBaAFMLSHoBKt3E614d93mA6p4JLMZg8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd3RJZWdFcTNjVHJYaDMzZVlEcW5na3N4bUR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wNGI0NDYtNGFlMS00ZmU1LWI2NDYt
NTlhZTA5ZWRiZWI5LzEvNktkZG1Ycks1OU1QRG82dGtISmY2VkwxYWtZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wNGI0NDYtNGFlMS00ZmU1LWI2NDYtNTlhZTA5ZWRiZWI5
LzEvd3RJZWdFcTNjVHJYaDMzZVlEcW5na3N4bUR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAbBAIAAjAVAwUDKhBYgAMF
AyoQWoADBQMqEFyAMA0GCSqGSIb3DQEBCwUAA4IBAQAflH7tv9/o3KEXWS4fovu0
vsDxedFeali7DlBr2Gm5QelCOjXBhj/n4j6VOOKMRrLapJqIEjG+9RL4WBsRw0j+
Z0fUWksJ++3BOz6SxOVPJf+wSuyR7KaHSktunSR2yeuaSQODyOVgr6npO7CbVmdR
cC7Wihii9c8MulqL8MvWt/fjRyp+3sgHRbPh8qYsllY5Loey62gR3swVL8IlKPqY
2xiVOnaRySDZuGif9O4pay11KWH5N6q0qpVHy7GbRID+Qa+KkrxQceRfcI9paHEA
oY6xlF4H8LkZC3yVWZ5M/Bt56t+w+cHSBmXW9IHjZqqU+Xvjobos3brhJwx4o0Uk
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:03:01 2023 by rpki-client on console-ams.rpki-client.org