Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/98/207934-9edc-4a89-820e-d8488b3ab42f/1/1--TX_d3OxZSgk4CEdcKPd_ejgnE.roa
File: 1--TX_d3OxZSgk4CEdcKPd_ejgnE.roa (raw, json)
Hash identifier: kYK1PiUX97FpVBcLu449eQw03YAacwpikHSf7s5wsPU=
Subject key identifier: FB:E4:D7:FD:DD:CE:C5:94:A0:93:80:84:75:C2:8F:77:F7:A3:82:71
Certificate issuer: /CN=81c8b73ab7bdeb76ff48b2ca099616edbe71c426
Certificate serial: 01891FA2BD20A9C51A3FF4250B79A831E237
Authority key identifier: 81:C8:B7:3A:B7:BD:EB:76:FF:48:B2:CA:09:96:16:ED:BE:71:C4:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gci3Ore963b_SLLKCZYW7b5xxCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/98/207934-9edc-4a89-820e-d8488b3ab42f/1/1--TX_d3OxZSgk4CEdcKPd_ejgnE.roa
Signing time: Tue 04 Jul 2023 06:41:46 +0000
ROA not before: Tue 04 Jul 2023 06:41:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 51082
IP address blocks: 2a0a:1f46::/32 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:1f:a2:bd:20:a9:c5:1a:3f:f4:25:0b:79:a8:31:e2:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=81c8b73ab7bdeb76ff48b2ca099616edbe71c426
Validity
Not Before: Jul 4 06:41:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fbe4d7fdddcec594a093808475c28f77f7a38271
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:fb:cb:ff:3a:f2:63:ec:af:dc:7b:21:8b:66:
77:81:6b:09:90:f7:53:73:1f:2b:57:5f:00:e7:96:
cf:f7:41:cf:bf:47:d9:3a:6e:c9:26:4e:2f:ef:80:
b1:2d:b4:bb:16:db:2d:ca:35:a9:2d:a4:37:a5:bc:
5a:42:1e:7e:14:a5:66:59:f9:6f:ac:bd:8b:70:81:
b6:88:1c:6b:79:db:eb:f5:36:91:28:08:67:f0:c8:
00:b3:fc:4e:f8:2f:82:d3:f8:cd:aa:d5:b3:1b:ad:
48:da:b7:01:36:12:ff:4d:4f:9e:85:dc:ed:80:80:
ee:b8:6e:25:59:f5:13:06:97:0d:8c:1e:8c:61:21:
d7:34:04:28:fe:99:69:c2:03:ae:c0:db:24:b9:5a:
40:33:9f:32:4c:3b:12:28:53:1f:d7:af:5e:4e:bf:
33:bb:ca:4e:8e:d4:0a:9e:17:36:92:98:3d:a0:69:
94:7a:26:e4:f6:97:48:3c:d7:4f:47:2d:78:28:f3:
cc:cb:04:d6:ac:75:21:43:c6:b6:c1:fd:3b:35:a0:
ce:d0:05:d1:26:5d:3a:3a:a3:1e:10:da:42:b9:5d:
24:05:8f:b6:3c:50:ab:32:40:ef:90:66:ff:84:c6:
d8:3b:9b:f1:50:a2:1b:2a:37:cf:d5:3c:58:7f:fc:
37:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:E4:D7:FD:DD:CE:C5:94:A0:93:80:84:75:C2:8F:77:F7:A3:82:71
X509v3 Authority Key Identifier:
keyid:81:C8:B7:3A:B7:BD:EB:76:FF:48:B2:CA:09:96:16:ED:BE:71:C4:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gci3Ore963b_SLLKCZYW7b5xxCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/98/207934-9edc-4a89-820e-d8488b3ab42f/1/1--TX_d3OxZSgk4CEdcKPd_ejgnE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/98/207934-9edc-4a89-820e-d8488b3ab42f/1/gci3Ore963b_SLLKCZYW7b5xxCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0a:1f46::/32
Signature Algorithm: sha256WithRSAEncryption
10:c0:ca:22:08:89:5e:1c:81:90:2d:df:c3:1c:a9:b1:bb:a9:
bb:74:0f:17:87:83:be:22:dd:b9:56:08:76:81:61:71:c6:0b:
fc:b0:87:01:07:50:05:71:48:2d:37:82:5c:0c:1d:61:ca:3b:
c6:56:12:47:bb:a0:95:7b:e8:92:63:76:af:25:db:78:33:3b:
81:7a:7b:1b:b1:f4:dd:5c:ae:ea:ed:6c:99:04:c2:f7:b2:ee:
5a:dc:8f:a7:48:a4:4a:22:99:8d:ac:d2:d9:f8:13:51:9c:aa:
c3:c9:c5:54:94:d8:6a:67:0c:f2:08:d7:e9:5f:5b:38:be:5e:
3b:02:67:e5:66:17:7f:7b:e7:78:aa:aa:ff:9b:57:1e:db:0b:
34:28:26:e1:ac:4f:dc:48:ee:c3:c5:75:e9:ea:e8:c1:ab:db:
0c:46:02:d0:b1:dc:18:a4:ee:f3:bd:1d:4b:31:61:04:a0:a2:
1b:44:6e:d2:b0:6a:15:b0:aa:6f:47:54:90:de:f8:69:35:b3:
2a:54:64:89:35:62:6b:3b:59:59:4a:5c:51:cc:8b:1b:78:d9:
59:ca:a6:22:13:53:e2:d8:3f:11:f0:9d:e2:a3:e9:94:83:a3:
a0:b9:db:c6:6e:1c:f5:e7:4f:d8:e5:23:18:9f:e7:ee:8f:90:
20:71:cd:bc
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYkfor0gqcUaP/QlC3moMeI3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgxYzhiNzNhYjdiZGViNzZmZjQ4YjJjYTA5OTYxNmVkYmU3
MWM0MjYwHhcNMjMwNzA0MDY0MTQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYmU0ZDdmZGRkY2VjNTk0YTA5MzgwODQ3NWMyOGY3N2Y3YTM4MjcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu/vL/zryY+yv3Hshi2Z3gWsJkPdT
cx8rV18A55bP90HPv0fZOm7JJk4v74CxLbS7FtstyjWpLaQ3pbxaQh5+FKVmWflv
rL2LcIG2iBxredvr9TaRKAhn8MgAs/xO+C+C0/jNqtWzG61I2rcBNhL/TU+ehdzt
gIDuuG4lWfUTBpcNjB6MYSHXNAQo/plpwgOuwNskuVpAM58yTDsSKFMf169eTr8z
u8pOjtQKnhc2kpg9oGmUeibk9pdIPNdPRy14KPPMywTWrHUhQ8a2wf07NaDO0AXR
Jl06OqMeENpCuV0kBY+2PFCrMkDvkGb/hMbYO5vxUKIbKjfP1TxYf/w3owIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFPvk1/3dzsWUoJOAhHXCj3f3o4JxMB8GA1UdIwQY
MBaAFIHItzq3vet2/0iyygmWFu2+ccQmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ2NpM09yZTk2M2JfU0xMS0NaWVc3YjV4eENZLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OC8yMDc5MzQtOWVkYy00YTg5LTgyMGUt
ZDg0ODhiM2FiNDJmLzEvMS0tVFhfZDNPeFpTZ2s0Q0VkY0tQZF9lamduRS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvOTgvMjA3OTM0LTllZGMtNGE4OS04MjBlLWQ4NDg4YjNhYjQy
Zi8xL2djaTNPcmU5NjNiX1NMTEtDWllXN2I1eHhDWS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACoKH0Yw
DQYJKoZIhvcNAQELBQADggEBABDAyiIIiV4cgZAt38McqbG7qbt0DxeHg74i3blW
CHaBYXHGC/ywhwEHUAVxSC03glwMHWHKO8ZWEke7oJV76JJjdq8l23gzO4F6exux
9N1crurtbJkEwvey7lrcj6dIpEoimY2s0tn4E1GcqsPJxVSU2GpnDPII1+lfWzi+
XjsCZ+VmF39753iqqv+bVx7bCzQoJuGsT9xI7sPFdenq6MGr2wxGAtCx3Bik7vO9
HUsxYQSgohtEbtKwahWwqm9HVJDe+Gk1sypUZIk1Yms7WVlKXFHMixt42VnKpiIT
U+LYPxHwneKj6ZSDo6C528ZuHPXnT9jlIxif5+6PkCBxzbw=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:40:08 2024 by rpki-client on console-fra.rpki-client.org