Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/98/207934-9edc-4a89-820e-d8488b3ab42f/1/0ao5Nqm-xZV1yIz4TqXoAn4KNG0.roa
File: 0ao5Nqm-xZV1yIz4TqXoAn4KNG0.roa (raw, json)
Hash identifier: fo6vSDU9OhTepXfUH59P02lVaqxZ206CNYIf/yC1Q40=
Subject key identifier: D1:AA:39:36:A9:BE:C5:95:75:C8:8C:F8:4E:A5:E8:02:7E:0A:34:6D
Certificate issuer: /CN=81c8b73ab7bdeb76ff48b2ca099616edbe71c426
Certificate serial: 0184E755F222CD56045350138A3BE037EB45
Authority key identifier: 81:C8:B7:3A:B7:BD:EB:76:FF:48:B2:CA:09:96:16:ED:BE:71:C4:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gci3Ore963b_SLLKCZYW7b5xxCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/98/207934-9edc-4a89-820e-d8488b3ab42f/1/0ao5Nqm-xZV1yIz4TqXoAn4KNG0.roa
Signing time: Tue 06 Dec 2022 12:08:00 +0000
ROA not before: Tue 06 Dec 2022 12:08:00 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 202044
IP address blocks: 2a0a:1f47::/32 maxlen: 32
2a0a:1f40::/32 maxlen: 32
2a0a:1f46::/32 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:e7:55:f2:22:cd:56:04:53:50:13:8a:3b:e0:37:eb:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=81c8b73ab7bdeb76ff48b2ca099616edbe71c426
Validity
Not Before: Dec 6 12:08:00 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d1aa3936a9bec59575c88cf84ea5e8027e0a346d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:87:dd:e2:79:f2:fe:72:9a:15:eb:69:c4:66:
41:fe:51:e3:c0:d3:47:2a:ad:1e:a9:51:22:d5:c6:
84:5b:d0:85:1d:15:f9:12:f0:62:a3:d4:4b:60:10:
6b:55:f0:4a:d1:97:11:de:28:2a:44:63:86:3f:34:
95:90:54:12:2c:26:8d:88:68:8d:59:26:f6:58:2c:
ba:6f:cf:55:e9:dc:25:e7:87:11:aa:7b:b6:18:5a:
0f:e0:05:ba:44:f1:b7:91:dd:eb:76:74:29:64:f9:
72:8f:be:8a:00:85:e3:4c:27:f3:d4:28:d0:48:61:
6b:eb:e4:db:9a:b1:de:3b:ef:40:e2:f0:7b:a6:ba:
c7:f6:9f:06:78:14:c0:93:2b:59:e0:a5:14:44:b3:
55:32:19:c4:95:f6:03:5a:da:73:19:b6:76:e8:78:
da:d1:cb:f0:a0:6b:c9:5e:14:f8:8e:46:d1:28:30:
cb:1b:37:0c:2f:14:17:ba:db:8e:c0:c9:b3:70:7f:
df:a9:82:05:07:3e:41:e6:ce:92:6b:87:3c:be:75:
6e:31:7d:64:4d:f6:82:ef:18:8c:e4:19:28:5f:4c:
30:46:19:25:20:b8:b7:cc:fd:e3:c2:31:ea:40:20:
49:be:62:c8:04:c9:5b:d1:de:73:60:38:4c:38:35:
da:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:AA:39:36:A9:BE:C5:95:75:C8:8C:F8:4E:A5:E8:02:7E:0A:34:6D
X509v3 Authority Key Identifier:
keyid:81:C8:B7:3A:B7:BD:EB:76:FF:48:B2:CA:09:96:16:ED:BE:71:C4:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gci3Ore963b_SLLKCZYW7b5xxCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/98/207934-9edc-4a89-820e-d8488b3ab42f/1/0ao5Nqm-xZV1yIz4TqXoAn4KNG0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/98/207934-9edc-4a89-820e-d8488b3ab42f/1/gci3Ore963b_SLLKCZYW7b5xxCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0a:1f40::/32
2a0a:1f46::/31
Signature Algorithm: sha256WithRSAEncryption
32:42:68:d1:08:c8:e8:c6:cc:7a:f6:5a:f8:b7:5a:aa:b0:06:
a7:b6:15:68:84:a7:67:ca:6d:66:b4:65:c6:ee:4a:e3:63:04:
2b:47:85:9d:89:18:bd:02:15:79:43:c5:6a:86:4b:4d:58:cc:
60:46:ac:75:fe:c7:8f:48:6e:d7:3a:b4:75:99:bd:47:3a:a0:
16:c2:79:35:58:ce:ac:d8:eb:a9:03:ab:14:b0:84:fb:df:f7:
85:2a:7a:fa:27:24:31:2d:ea:aa:de:43:43:be:be:33:09:1a:
f0:fb:1b:c0:9b:d1:79:4d:bc:eb:29:f8:2c:77:c2:73:78:17:
6f:36:7f:c1:86:9e:d8:61:33:b3:a6:19:75:76:9a:3e:04:18:
4c:fb:f0:1f:63:2d:08:8c:04:bc:b7:6e:ec:e6:f7:14:5f:e8:
56:52:a2:12:70:64:62:13:81:c1:5f:0c:aa:d8:d6:72:4b:36:
2d:95:77:dd:19:a3:06:0c:6d:17:50:2c:0d:28:6f:93:fc:91:
fc:18:07:ad:57:11:da:07:4b:df:48:89:aa:48:8c:aa:40:06:
1d:ab:b1:db:de:95:c4:59:8b:79:3e:7b:74:a7:2e:3f:ce:e8:
a5:8d:fd:10:db:e0:96:a4:21:f7:f9:be:f9:7b:21:0b:36:e4:
ce:3c:7e:c4
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYTnVfIizVYEU1ATijvgN+tFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgxYzhiNzNhYjdiZGViNzZmZjQ4YjJjYTA5OTYxNmVkYmU3
MWM0MjYwHhcNMjIxMjA2MTIwODAwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMWFhMzkzNmE5YmVjNTk1NzVjODhjZjg0ZWE1ZTgwMjdlMGEzNDZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoYfd4nny/nKaFetpxGZB/lHjwNNH
Kq0eqVEi1caEW9CFHRX5EvBio9RLYBBrVfBK0ZcR3igqRGOGPzSVkFQSLCaNiGiN
WSb2WCy6b89V6dwl54cRqnu2GFoP4AW6RPG3kd3rdnQpZPlyj76KAIXjTCfz1CjQ
SGFr6+TbmrHeO+9A4vB7prrH9p8GeBTAkytZ4KUURLNVMhnElfYDWtpzGbZ26Hja
0cvwoGvJXhT4jkbRKDDLGzcMLxQXutuOwMmzcH/fqYIFBz5B5s6Sa4c8vnVuMX1k
TfaC7xiM5BkoX0wwRhklILi3zP3jwjHqQCBJvmLIBMlb0d5zYDhMODXa1wIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFNGqOTapvsWVdciM+E6l6AJ+CjRtMB8GA1UdIwQY
MBaAFIHItzq3vet2/0iyygmWFu2+ccQmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ2NpM09yZTk2M2JfU0xMS0NaWVc3YjV4eENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OC8yMDc5MzQtOWVkYy00YTg5LTgyMGUt
ZDg0ODhiM2FiNDJmLzEvMGFvNU5xbS14WlYxeUl6NFRxWG9BbjRLTkcwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OC8yMDc5MzQtOWVkYy00YTg5LTgyMGUtZDg0ODhiM2FiNDJm
LzEvZ2NpM09yZTk2M2JfU0xMS0NaWVc3YjV4eENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAAjAOAwUAKgofQAMF
ASoKH0YwDQYJKoZIhvcNAQELBQADggEBADJCaNEIyOjGzHr2Wvi3WqqwBqe2FWiE
p2fKbWa0ZcbuSuNjBCtHhZ2JGL0CFXlDxWqGS01YzGBGrHX+x49Ibtc6tHWZvUc6
oBbCeTVYzqzY66kDqxSwhPvf94UqevonJDEt6qreQ0O+vjMJGvD7G8Cb0XlNvOsp
+Cx3wnN4F282f8GGnthhM7OmGXV2mj4EGEz78B9jLQiMBLy3buzm9xRf6FZSohJw
ZGITgcFfDKrY1nJLNi2Vd90ZowYMbRdQLA0ob5P8kfwYB61XEdoHS99IiapIjKpA
Bh2rsdvelcRZi3k+e3SnLj/O6KWN/RDb4JakIff5vvl7IQs25M48fsQ=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:25:02 2024 by rpki-client on console-ams.rpki-client.org