Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/96/2dcab0-817d-4db4-86cd-808f214ec177/1/WIUbRr1V8qsf7eWsgu72KXG8s-Y.roa
File: WIUbRr1V8qsf7eWsgu72KXG8s-Y.roa (raw, json)
Hash identifier: Ia+JMt5hME6S/cBCmqDF4JG85uNcXk0lsLNoARaRCLU=
Subject key identifier: 58:85:1B:46:BD:55:F2:AB:1F:ED:E5:AC:82:EE:F6:29:71:BC:B3:E6
Certificate issuer: /CN=0692d72f4ef3d742d725a5b7a92fac56160b925c
Certificate serial: 0186210A4FA85049580D156B8562300D8756
Authority key identifier: 06:92:D7:2F:4E:F3:D7:42:D7:25:A5:B7:A9:2F:AC:56:16:0B:92:5C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BpLXL07z10LXJaW3qS-sVhYLklw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/96/2dcab0-817d-4db4-86cd-808f214ec177/1/WIUbRr1V8qsf7eWsgu72KXG8s-Y.roa
Signing time: Sun 05 Feb 2023 10:06:09 +0000
ROA not before: Sun 05 Feb 2023 10:06:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49778
IP address blocks: 2a11:e380::/29 maxlen: 29
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:21:0a:4f:a8:50:49:58:0d:15:6b:85:62:30:0d:87:56
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0692d72f4ef3d742d725a5b7a92fac56160b925c
Validity
Not Before: Feb 5 10:06:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=58851b46bd55f2ab1fede5ac82eef62971bcb3e6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:41:69:46:14:ec:92:ff:ad:19:ef:a7:cb:ce:
82:19:38:cb:68:3d:50:75:7c:df:27:7e:c0:de:7c:
98:70:ba:a5:47:4f:89:24:9b:aa:c5:4e:91:b9:a3:
23:22:ae:26:85:5f:b2:37:c0:3b:1a:3f:65:1f:71:
81:39:0e:30:a7:74:12:af:e2:f0:4c:c4:25:5d:2c:
b2:05:f1:38:e3:37:c1:5b:fc:f2:7b:09:94:63:f4:
e0:5a:2f:e4:7f:a8:9d:76:84:52:e9:24:68:68:17:
6e:ca:d3:b7:0a:ac:07:fb:e0:1b:0b:f2:fd:4a:76:
0d:f8:b1:29:af:b0:7b:0c:cf:5b:81:82:f9:8a:9f:
21:c9:ec:79:00:88:bd:5a:4a:1c:a2:a2:52:83:0a:
cd:68:68:86:3f:ec:61:df:5b:51:4e:58:a0:70:f1:
ff:55:50:79:28:2d:98:d2:5a:bd:bc:4c:ca:dd:f7:
92:10:19:bf:89:68:6e:f6:37:9d:05:dc:6c:33:71:
f1:5f:3f:17:bf:d1:10:c2:ff:00:c4:f1:33:83:55:
81:36:80:2f:d4:c9:e1:81:35:73:fc:cc:07:62:1c:
57:3f:c7:a7:bb:25:f0:52:99:36:b5:7b:ef:83:04:
82:69:d5:7a:9e:53:f5:b3:42:d9:9a:22:9f:9c:7e:
12:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:85:1B:46:BD:55:F2:AB:1F:ED:E5:AC:82:EE:F6:29:71:BC:B3:E6
X509v3 Authority Key Identifier:
keyid:06:92:D7:2F:4E:F3:D7:42:D7:25:A5:B7:A9:2F:AC:56:16:0B:92:5C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BpLXL07z10LXJaW3qS-sVhYLklw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/96/2dcab0-817d-4db4-86cd-808f214ec177/1/WIUbRr1V8qsf7eWsgu72KXG8s-Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/96/2dcab0-817d-4db4-86cd-808f214ec177/1/BpLXL07z10LXJaW3qS-sVhYLklw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:e380::/29
Signature Algorithm: sha256WithRSAEncryption
85:31:b2:c0:fe:cc:4f:b7:26:35:1a:53:8f:48:06:31:cd:d2:
88:88:b3:43:2d:9b:37:65:df:e3:4e:02:3d:7a:95:6c:31:55:
65:77:4c:46:ff:fd:b9:2c:93:bd:e4:d0:a7:d3:23:c6:bf:0f:
be:d6:c0:06:e5:06:fe:4b:ee:30:6f:9b:a0:35:83:f2:6c:11:
87:52:7b:27:27:67:79:50:dd:ac:d0:94:0a:16:41:ff:c9:fc:
bd:2e:82:5d:42:04:0a:3b:a4:29:81:9c:31:53:1e:45:b0:a9:
00:fc:d3:47:de:02:9c:ce:9b:dd:a0:0d:18:81:af:d2:dd:28:
81:f0:7d:ff:cb:d0:2d:c3:27:f1:a8:e0:0b:f5:2a:21:60:67:
3b:6a:94:56:64:ce:e2:fe:32:71:5c:c8:36:60:99:07:d0:f5:
58:d9:46:bf:7b:00:38:4d:e3:23:27:68:8c:1e:ad:f2:9a:2c:
d6:a8:30:e7:2b:6d:c6:df:ed:dc:1d:9f:04:10:80:a8:28:6e:
cf:67:15:06:f7:19:43:7c:44:8d:de:a6:d8:51:47:82:e1:ad:
32:99:1b:e8:01:5e:fa:5e:70:85:e9:36:52:02:ba:95:98:b5:
0a:d9:15:da:60:6a:c1:91:5f:5a:42:a6:67:66:cf:b3:9f:88:
ad:52:4f:d4
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYYhCk+oUElYDRVrhWIwDYdWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA2OTJkNzJmNGVmM2Q3NDJkNzI1YTViN2E5MmZhYzU2MTYw
YjkyNWMwHhcNMjMwMjA1MTAwNjA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ODg1MWI0NmJkNTVmMmFiMWZlZGU1YWM4MmVlZjYyOTcxYmNiM2U2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhkFpRhTskv+tGe+ny86CGTjLaD1Q
dXzfJ37A3nyYcLqlR0+JJJuqxU6RuaMjIq4mhV+yN8A7Gj9lH3GBOQ4wp3QSr+Lw
TMQlXSyyBfE44zfBW/zyewmUY/TgWi/kf6iddoRS6SRoaBduytO3CqwH++AbC/L9
SnYN+LEpr7B7DM9bgYL5ip8hyex5AIi9WkocoqJSgwrNaGiGP+xh31tRTligcPH/
VVB5KC2Y0lq9vEzK3feSEBm/iWhu9jedBdxsM3HxXz8Xv9EQwv8AxPEzg1WBNoAv
1MnhgTVz/MwHYhxXP8enuyXwUpk2tXvvgwSCadV6nlP1s0LZmiKfnH4S9wIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFFiFG0a9VfKrH+3lrILu9ilxvLPmMB8GA1UdIwQY
MBaAFAaS1y9O89dC1yWlt6kvrFYWC5JcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQnBMWEwwN3oxMExYSmFXM3FTLXNWaFlMa2x3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ni8yZGNhYjAtODE3ZC00ZGI0LTg2Y2Qt
ODA4ZjIxNGVjMTc3LzEvV0lVYlJyMVY4cXNmN2VXc2d1NzJLWEc4cy1ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ni8yZGNhYjAtODE3ZC00ZGI0LTg2Y2QtODA4ZjIxNGVjMTc3
LzEvQnBMWEwwN3oxMExYSmFXM3FTLXNWaFlMa2x3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhHjgDAN
BgkqhkiG9w0BAQsFAAOCAQEAhTGywP7MT7cmNRpTj0gGMc3SiIizQy2bN2Xf404C
PXqVbDFVZXdMRv/9uSyTveTQp9Mjxr8PvtbABuUG/kvuMG+boDWD8mwRh1J7Jydn
eVDdrNCUChZB/8n8vS6CXUIECjukKYGcMVMeRbCpAPzTR94CnM6b3aANGIGv0t0o
gfB9/8vQLcMn8ajgC/UqIWBnO2qUVmTO4v4ycVzINmCZB9D1WNlGv3sAOE3jIydo
jB6t8pos1qgw5yttxt/t3B2fBBCAqChuz2cVBvcZQ3xEjd6m2FFHguGtMpkb6AFe
+l5whek2UgK6lZi1CtkV2mBqwZFfWkKmZ2bPs5+IrVJP1A==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:03:28 2023 by rpki-client on console-ams.rpki-client.org