Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8f/ff94f1-ba63-40d6-beca-5e624a3038cf/1/H_HK6svHE3Rck6aYJkYYG1VT0V0.roa
File: H_HK6svHE3Rck6aYJkYYG1VT0V0.roa (raw, json)
Hash identifier: gvjWojsU9rx/qIiMuFRoBK9iMk+RpmYUCQLumdr34aM=
Subject key identifier: 1F:F1:CA:EA:CB:C7:13:74:5C:93:A6:98:26:46:18:1B:55:53:D1:5D
Certificate issuer: /CN=9c1aed9913f8880af7557eef3ef02d6e0ff3fd49
Certificate serial: 01833CB5E1468BEE1161915A2145A1F30643
Authority key identifier: 9C:1A:ED:99:13:F8:88:0A:F7:55:7E:EF:3E:F0:2D:6E:0F:F3:FD:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nBrtmRP4iAr3VX7vPvAtbg_z_Uk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8f/ff94f1-ba63-40d6-beca-5e624a3038cf/1/H_HK6svHE3Rck6aYJkYYG1VT0V0.roa
Signing time: Wed 14 Sep 2022 15:54:56 +0000
ROA not before: Wed 14 Sep 2022 15:54:56 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 61439
IP address blocks: 2a0d:8041::/32 maxlen: 32
2a0f:a1c1::/32 maxlen: 32
2a0d:8044::/32 maxlen: 32
2a0f:a1c4::/32 maxlen: 32
2a0d:8045::/32 maxlen: 32
2a0f:a1c5::/32 maxlen: 32
2a0f:a1c2::/32 maxlen: 32
2a0d:8042::/32 maxlen: 32
2a0d:8043::/32 maxlen: 32
2a0f:a1c3::/32 maxlen: 32
2a0f:a1c7::/32 maxlen: 32
2a0d:8047::/32 maxlen: 32
2a0d:8040::/32 maxlen: 32
2a0f:a1c0::/32 maxlen: 32
2a0d:8046::/32 maxlen: 32
2a0f:a1c6::/32 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:3c:b5:e1:46:8b:ee:11:61:91:5a:21:45:a1:f3:06:43
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9c1aed9913f8880af7557eef3ef02d6e0ff3fd49
Validity
Not Before: Sep 14 15:54:56 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=1ff1caeacbc713745c93a6982646181b5553d15d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:b4:c3:6a:a8:52:e5:ee:b9:b1:19:bd:57:e5:
a3:17:d7:f0:af:a3:a2:f2:88:d9:51:95:5d:2b:e4:
b9:31:cf:0d:ef:f8:c9:6e:68:63:de:dd:ab:92:4e:
ef:a6:3d:a5:78:82:fd:51:f4:4c:80:b5:96:bb:96:
b5:c0:5c:15:ee:05:7f:d1:83:94:8f:94:40:7e:71:
76:a1:f3:84:be:a5:6b:05:27:67:b2:95:57:cb:04:
88:c1:bf:93:b4:ca:92:ae:ce:dd:14:e6:b0:f0:00:
ba:90:f4:84:fd:58:05:c5:d3:6a:c0:54:3a:f7:5b:
fe:ff:cd:ff:cb:42:5b:f6:3f:f1:19:38:44:81:8b:
10:54:de:d1:40:f5:23:4f:53:5f:fb:48:c9:7a:3c:
b3:e8:a7:5d:d2:7c:0e:13:6d:ef:01:b0:be:1b:1c:
cf:17:b4:57:f8:42:e0:cc:44:ac:40:2f:d6:8a:81:
f6:3e:14:91:1d:03:5b:d4:6c:14:dd:41:e2:59:33:
1a:22:a1:0e:61:ca:5b:47:56:af:c8:fa:19:1a:a6:
22:48:59:59:bb:1b:4d:fd:91:b7:5c:82:2d:38:70:
e9:d6:cc:4a:18:cd:14:fc:f7:e1:41:fc:82:65:be:
20:7e:75:a0:09:3f:e8:91:d7:4d:a0:f3:7c:b2:cd:
0c:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:F1:CA:EA:CB:C7:13:74:5C:93:A6:98:26:46:18:1B:55:53:D1:5D
X509v3 Authority Key Identifier:
keyid:9C:1A:ED:99:13:F8:88:0A:F7:55:7E:EF:3E:F0:2D:6E:0F:F3:FD:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nBrtmRP4iAr3VX7vPvAtbg_z_Uk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/ff94f1-ba63-40d6-beca-5e624a3038cf/1/H_HK6svHE3Rck6aYJkYYG1VT0V0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/ff94f1-ba63-40d6-beca-5e624a3038cf/1/nBrtmRP4iAr3VX7vPvAtbg_z_Uk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0d:8040::/29
2a0f:a1c0::/29
Signature Algorithm: sha256WithRSAEncryption
44:2e:da:96:4b:5d:b5:83:24:05:8d:ac:c5:0c:0b:15:db:3e:
8b:61:37:1f:64:54:0c:73:3c:1a:7f:98:04:f3:a7:05:81:2d:
31:fb:2e:1d:d5:c7:82:bd:93:f2:38:d7:ee:bf:f7:9e:73:0c:
2f:e3:de:e3:c2:e7:b6:6a:21:30:ce:2a:8d:95:d0:78:63:fe:
6f:83:80:53:de:8f:d4:55:98:c2:5c:5e:90:fc:9d:d6:97:76:
14:76:28:9b:f4:f7:12:52:b2:26:c7:67:b6:08:91:99:ac:13:
2f:7b:11:d8:9b:5f:91:32:5d:92:0e:43:90:f0:d3:b3:d3:44:
3d:37:2f:07:10:89:01:ba:1a:d0:70:8c:bb:e8:52:fa:0c:cd:
a7:dc:94:7d:b7:b5:25:a2:c4:ad:c7:39:cb:d7:25:7e:c6:12:
40:5a:02:b8:35:44:cb:eb:da:a7:86:51:b0:d3:9b:0e:67:de:
61:81:95:74:52:9e:ed:82:23:e3:87:cd:f9:e0:7f:1c:26:72:
81:c5:00:7c:0e:2d:bf:31:51:93:78:92:fd:d0:d8:e0:60:ec:
c4:35:7a:12:79:c0:01:12:11:f8:0e:90:77:3c:07:2f:f4:a1:
3d:8b:e2:55:c6:44:8a:a0:39:1e:6e:56:a0:0e:4d:ae:ca:4b:
cf:ab:b0:09
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYM8teFGi+4RYZFaIUWh8wZDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDljMWFlZDk5MTNmODg4MGFmNzU1N2VlZjNlZjAyZDZlMGZm
M2ZkNDkwHhcNMjIwOTE0MTU1NDU2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZmYxY2FlYWNiYzcxMzc0NWM5M2E2OTgyNjQ2MTgxYjU1NTNkMTVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgrTDaqhS5e65sRm9V+WjF9fwr6Oi
8ojZUZVdK+S5Mc8N7/jJbmhj3t2rkk7vpj2leIL9UfRMgLWWu5a1wFwV7gV/0YOU
j5RAfnF2ofOEvqVrBSdnspVXywSIwb+TtMqSrs7dFOaw8AC6kPSE/VgFxdNqwFQ6
91v+/83/y0Jb9j/xGThEgYsQVN7RQPUjT1Nf+0jJejyz6Kdd0nwOE23vAbC+GxzP
F7RX+ELgzESsQC/WioH2PhSRHQNb1GwU3UHiWTMaIqEOYcpbR1avyPoZGqYiSFlZ
uxtN/ZG3XIItOHDp1sxKGM0U/PfhQfyCZb4gfnWgCT/okddNoPN8ss0MuQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFB/xyurLxxN0XJOmmCZGGBtVU9FdMB8GA1UdIwQY
MBaAFJwa7ZkT+IgK91V+7z7wLW4P8/1JMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbkJydG1SUDRpQXIzVlg3dlB2QXRiZ196X1VrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Zi9mZjk0ZjEtYmE2My00MGQ2LWJlY2Et
NWU2MjRhMzAzOGNmLzEvSF9ISzZzdkhFM1JjazZhWUprWVlHMVZUMFYwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Zi9mZjk0ZjEtYmE2My00MGQ2LWJlY2EtNWU2MjRhMzAzOGNm
LzEvbkJydG1SUDRpQXIzVlg3dlB2QXRiZ196X1VrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAAjAOAwUDKg2AQAMF
AyoPocAwDQYJKoZIhvcNAQELBQADggEBAEQu2pZLXbWDJAWNrMUMCxXbPothNx9k
VAxzPBp/mATzpwWBLTH7Lh3Vx4K9k/I41+6/955zDC/j3uPC57ZqITDOKo2V0Hhj
/m+DgFPej9RVmMJcXpD8ndaXdhR2KJv09xJSsibHZ7YIkZmsEy97EdibX5EyXZIO
Q5Dw07PTRD03LwcQiQG6GtBwjLvoUvoMzafclH23tSWixK3HOcvXJX7GEkBaArg1
RMvr2qeGUbDTmw5n3mGBlXRSnu2CI+OHzfngfxwmcoHFAHwOLb8xUZN4kv3Q2OBg
7MQ1ehJ5wAESEfgOkHc8By/0oT2L4lXGRIqgOR5uVqAOTa7KS8+rsAk=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:23:35 2024 by rpki-client on console-ams.rpki-client.org