Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/04b446-4ae1-4fe5-b646-59ae09edbeb9/1/6uaZG4S_vsx_bEChdIwjMUrGAmk.roa
File: 6uaZG4S_vsx_bEChdIwjMUrGAmk.roa (raw, json)
Hash identifier: UAfD013UKXN7zwctDYCMBalAlWHoNhp3pkWU3SuxlUo=
Subject key identifier: EA:E6:99:1B:84:BF:BE:CC:7F:6C:40:A1:74:8C:23:31:4A:C6:02:69
Certificate issuer: /CN=c2d21e804ab7713ad7877dde603aa7824b31983c
Certificate serial: 01856EC22A23FA8E9019CDB55D954BF61289
Authority key identifier: C2:D2:1E:80:4A:B7:71:3A:D7:87:7D:DE:60:3A:A7:82:4B:31:98:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wtIegEq3cTrXh33eYDqngksxmDw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/04b446-4ae1-4fe5-b646-59ae09edbeb9/1/6uaZG4S_vsx_bEChdIwjMUrGAmk.roa
Signing time: Sun 01 Jan 2023 19:14:56 +0000
ROA not before: Sun 01 Jan 2023 19:14:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204790
IP address blocks: 2a10:2480::/29 maxlen: 29
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:c2:2a:23:fa:8e:90:19:cd:b5:5d:95:4b:f6:12:89
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c2d21e804ab7713ad7877dde603aa7824b31983c
Validity
Not Before: Jan 1 19:14:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=eae6991b84bfbecc7f6c40a1748c23314ac60269
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:26:d3:81:45:0d:d9:01:73:f3:f0:27:69:b2:
ca:70:25:c0:5e:c5:3b:3f:32:1b:86:e8:84:0a:04:
32:b7:a6:36:22:70:fc:a9:ec:33:fd:69:7d:62:c2:
bd:1e:c7:bd:9d:65:1c:0c:7f:24:3b:d0:0b:46:ce:
21:1e:79:d9:28:51:c9:97:6a:67:11:3d:99:09:f1:
62:fd:f0:fa:10:40:11:5a:4d:ad:f5:bf:53:ab:21:
2a:62:fd:d8:de:16:a0:ed:cc:f1:58:e3:e6:86:30:
16:3b:8b:50:08:c7:dd:56:0b:df:91:fa:33:62:49:
15:18:4d:ea:04:c7:17:90:8b:8c:6e:ec:ea:90:ae:
7d:83:ff:25:b4:76:5b:67:a1:5c:6e:c5:2d:bc:28:
cb:d8:0b:1e:fe:67:e4:fe:7a:50:7b:eb:49:45:35:
1f:4f:aa:14:71:92:0b:04:a8:15:48:2a:a7:6d:f5:
c0:d3:ec:f8:cc:95:11:05:25:e9:be:f5:3d:60:0c:
e3:d3:3f:a7:be:c9:1e:ed:4e:59:90:22:4c:d7:69:
c7:fe:bb:c1:65:d4:dc:51:49:f0:d8:ba:0c:15:39:
ab:41:bd:d7:a2:b3:89:e7:aa:bf:24:dd:e0:ce:b3:
83:55:9a:87:fa:b6:5d:d5:23:c1:4d:f4:1d:10:26:
35:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EA:E6:99:1B:84:BF:BE:CC:7F:6C:40:A1:74:8C:23:31:4A:C6:02:69
X509v3 Authority Key Identifier:
keyid:C2:D2:1E:80:4A:B7:71:3A:D7:87:7D:DE:60:3A:A7:82:4B:31:98:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wtIegEq3cTrXh33eYDqngksxmDw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/04b446-4ae1-4fe5-b646-59ae09edbeb9/1/6uaZG4S_vsx_bEChdIwjMUrGAmk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/04b446-4ae1-4fe5-b646-59ae09edbeb9/1/wtIegEq3cTrXh33eYDqngksxmDw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a10:2480::/29
Signature Algorithm: sha256WithRSAEncryption
45:37:67:75:87:ee:2a:3c:24:23:0f:e7:aa:ab:c4:05:bf:13:
3e:9d:fd:d7:e0:21:64:ec:4b:ff:53:80:70:f2:c2:2a:71:59:
04:03:d9:c6:d1:09:a5:6e:bd:9b:fc:94:5e:d9:2e:66:03:ed:
c5:07:6f:d6:9d:04:4e:87:08:f1:d6:95:fb:47:8d:87:4f:49:
40:dc:cb:72:07:69:38:a1:58:e2:d7:f7:34:9a:da:bc:3b:d9:
6c:0a:9a:25:83:bf:a2:cc:e3:be:5d:5e:2a:53:df:ed:54:a8:
c4:0d:32:d2:0f:90:21:93:a7:ab:2e:fa:b8:7b:cf:e9:8f:49:
ae:14:5b:e7:22:62:c3:77:be:08:ce:24:ea:bb:af:28:e5:32:
3f:83:d7:1d:f7:47:44:54:6f:46:2d:7a:6a:3b:03:e5:f9:34:
8d:0b:3d:b0:13:aa:9d:bf:f1:8b:80:90:23:0c:d8:3b:19:f8:
9f:5e:0c:b4:78:ad:cf:1e:92:bf:05:ed:27:e2:ca:31:2a:c3:
44:86:f3:9d:e7:0f:7d:ca:18:13:af:00:d5:1a:f9:56:da:ec:
84:cb:b8:37:7a:00:b5:fa:7c:1a:80:a0:af:2d:68:3a:e7:41:
24:7c:57:1d:62:f9:7f:71:d3:d7:bf:72:a3:50:e7:f1:b7:89:
2e:3e:b2:d0
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYVuwioj+o6QGc21XZVL9hKJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyZDIxZTgwNGFiNzcxM2FkNzg3N2RkZTYwM2FhNzgyNGIz
MTk4M2MwHhcNMjMwMTAxMTkxNDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYWU2OTkxYjg0YmZiZWNjN2Y2YzQwYTE3NDhjMjMzMTRhYzYwMjY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4SbTgUUN2QFz8/AnabLKcCXAXsU7
PzIbhuiECgQyt6Y2InD8qewz/Wl9YsK9Hse9nWUcDH8kO9ALRs4hHnnZKFHJl2pn
ET2ZCfFi/fD6EEARWk2t9b9TqyEqYv3Y3hag7czxWOPmhjAWO4tQCMfdVgvfkfoz
YkkVGE3qBMcXkIuMbuzqkK59g/8ltHZbZ6FcbsUtvCjL2Ase/mfk/npQe+tJRTUf
T6oUcZILBKgVSCqnbfXA0+z4zJURBSXpvvU9YAzj0z+nvske7U5ZkCJM12nH/rvB
ZdTcUUnw2LoMFTmrQb3XorOJ56q/JN3gzrODVZqH+rZd1SPBTfQdECY1fwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFOrmmRuEv77Mf2xAoXSMIzFKxgJpMB8GA1UdIwQY
MBaAFMLSHoBKt3E614d93mA6p4JLMZg8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd3RJZWdFcTNjVHJYaDMzZVlEcW5na3N4bUR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wNGI0NDYtNGFlMS00ZmU1LWI2NDYt
NTlhZTA5ZWRiZWI5LzEvNnVhWkc0U192c3hfYkVDaGRJd2pNVXJHQW1rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wNGI0NDYtNGFlMS00ZmU1LWI2NDYtNTlhZTA5ZWRiZWI5
LzEvd3RJZWdFcTNjVHJYaDMzZVlEcW5na3N4bUR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhAkgDAN
BgkqhkiG9w0BAQsFAAOCAQEARTdndYfuKjwkIw/nqqvEBb8TPp391+AhZOxL/1OA
cPLCKnFZBAPZxtEJpW69m/yUXtkuZgPtxQdv1p0ETocI8daV+0eNh09JQNzLcgdp
OKFY4tf3NJravDvZbAqaJYO/oszjvl1eKlPf7VSoxA0y0g+QIZOnqy76uHvP6Y9J
rhRb5yJiw3e+CM4k6ruvKOUyP4PXHfdHRFRvRi16ajsD5fk0jQs9sBOqnb/xi4CQ
IwzYOxn4n14MtHitzx6SvwXtJ+LKMSrDRIbznecPfcoYE68A1Rr5VtrshMu4N3oA
tfp8GoCgry1oOudBJHxXHWL5f3HT179yo1Dn8beJLj6y0A==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:03:01 2023 by rpki-client on console-ams.rpki-client.org