Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/98/207934-9edc-4a89-820e-d8488b3ab42f/1/1-34IK-Q8iDfzHWExnyVpCoGtvZo.roa
File: 1-34IK-Q8iDfzHWExnyVpCoGtvZo.roa (raw, json)
Hash identifier: ktdN4G4RpIaUT5QpAPB6L6URhFZahiabV2IwdDWFCUI=
Subject key identifier: FB:7E:08:2B:E4:3C:88:37:F3:1D:61:31:9F:25:69:0A:81:AD:BD:9A
Certificate issuer: /CN=81c8b73ab7bdeb76ff48b2ca099616edbe71c426
Certificate serial: 01856FCB999A16478771789AC878F4927F80
Authority key identifier: 81:C8:B7:3A:B7:BD:EB:76:FF:48:B2:CA:09:96:16:ED:BE:71:C4:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gci3Ore963b_SLLKCZYW7b5xxCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/98/207934-9edc-4a89-820e-d8488b3ab42f/1/1-34IK-Q8iDfzHWExnyVpCoGtvZo.roa
Signing time: Mon 02 Jan 2023 00:04:52 +0000
ROA not before: Mon 02 Jan 2023 00:04:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212238
IP address blocks: 2a0a:da40::/29 maxlen: 29
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:cb:99:9a:16:47:87:71:78:9a:c8:78:f4:92:7f:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=81c8b73ab7bdeb76ff48b2ca099616edbe71c426
Validity
Not Before: Jan 2 00:04:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fb7e082be43c8837f31d61319f25690a81adbd9a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:4b:2c:a6:ae:51:9a:4e:f7:41:12:f3:9d:d6:
14:9a:a2:05:fd:5c:72:f7:69:41:ab:e7:ee:af:f1:
05:df:79:c4:83:e6:23:da:40:2e:22:2a:f8:32:a4:
17:61:43:36:b7:d2:03:7e:bb:d7:78:47:ae:69:d6:
98:d4:29:cc:d7:1b:af:15:e6:ea:96:80:44:5b:1e:
0b:11:d9:37:bb:cb:83:cd:08:cb:e2:29:f7:5c:29:
ed:bf:2b:9d:27:75:aa:11:93:f8:1a:fa:09:ac:1f:
26:7a:88:52:ce:ef:31:97:55:38:69:4d:46:1c:cb:
20:93:24:8a:69:df:87:3a:22:76:1b:be:99:ac:f2:
a5:20:5d:6d:10:1d:f7:3d:7e:52:25:7c:1b:5b:23:
fd:6c:c0:7f:fb:f4:a2:d0:ab:08:17:18:cc:9e:80:
46:7e:7c:fa:d9:02:00:c7:a9:bf:eb:e6:68:5f:e7:
61:de:62:e1:2c:c6:c7:5d:3a:8d:ae:fc:02:46:c8:
21:53:24:4a:5c:21:04:9a:db:a4:fc:2c:8e:22:66:
39:dc:0f:22:2e:e2:c0:52:55:6b:3d:e3:25:5a:2c:
84:a1:a0:9c:15:03:90:62:67:a2:98:3b:33:27:22:
45:35:1a:3d:fb:58:52:47:48:5a:d8:59:1c:a5:6c:
3b:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:7E:08:2B:E4:3C:88:37:F3:1D:61:31:9F:25:69:0A:81:AD:BD:9A
X509v3 Authority Key Identifier:
keyid:81:C8:B7:3A:B7:BD:EB:76:FF:48:B2:CA:09:96:16:ED:BE:71:C4:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gci3Ore963b_SLLKCZYW7b5xxCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/98/207934-9edc-4a89-820e-d8488b3ab42f/1/1-34IK-Q8iDfzHWExnyVpCoGtvZo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/98/207934-9edc-4a89-820e-d8488b3ab42f/1/gci3Ore963b_SLLKCZYW7b5xxCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0a:da40::/29
Signature Algorithm: sha256WithRSAEncryption
4b:ac:20:4b:2f:96:25:b7:55:1b:bc:1e:a0:9f:1d:90:9c:20:
ba:d2:25:5f:ca:08:7e:92:a3:a3:03:73:f6:30:25:6b:d5:26:
77:56:0c:30:ff:80:06:a2:d4:3a:97:36:ac:d1:42:b1:d9:c7:
92:5d:38:dd:fe:92:e6:0d:0c:ca:e7:f8:46:9e:b7:f3:4e:5f:
cf:57:76:a0:58:57:4d:d2:7d:db:32:48:b9:98:67:db:c9:98:
dd:ab:07:d6:b7:60:64:61:cf:3c:95:fc:ef:ed:87:78:59:36:
9a:ce:ab:b6:ea:f6:58:2d:9e:79:45:a2:72:27:6f:7e:a3:03:
3a:c0:05:17:36:3e:f4:5a:5a:64:fe:6f:09:fc:33:2c:fa:82:
1c:d9:26:47:ab:a4:85:58:0d:2e:f4:17:c9:23:fd:f6:6c:22:
4b:23:7b:30:32:9a:87:32:da:2c:7a:90:bc:22:30:bb:85:8b:
38:05:ec:c2:64:61:36:a8:3a:06:91:5a:7b:98:56:b0:7a:4d:
3f:df:ce:f7:8c:c4:c0:0a:63:47:a4:08:47:a8:cc:fb:12:bd:
21:71:05:ff:1e:68:16:05:f7:e0:6d:35:16:7f:c0:d7:b0:2f:
e4:de:a5:e3:32:28:38:4c:e9:6c:9c:58:f4:e6:5f:46:73:f2:
d3:0e:35:81
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYVvy5maFkeHcXiayHj0kn+AMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgxYzhiNzNhYjdiZGViNzZmZjQ4YjJjYTA5OTYxNmVkYmU3
MWM0MjYwHhcNMjMwMTAyMDAwNDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYjdlMDgyYmU0M2M4ODM3ZjMxZDYxMzE5ZjI1NjkwYTgxYWRiZDlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqEsspq5Rmk73QRLzndYUmqIF/Vxy
92lBq+fur/EF33nEg+Yj2kAuIir4MqQXYUM2t9IDfrvXeEeuadaY1CnM1xuvFebq
loBEWx4LEdk3u8uDzQjL4in3XCntvyudJ3WqEZP4GvoJrB8meohSzu8xl1U4aU1G
HMsgkySKad+HOiJ2G76ZrPKlIF1tEB33PX5SJXwbWyP9bMB/+/Si0KsIFxjMnoBG
fnz62QIAx6m/6+ZoX+dh3mLhLMbHXTqNrvwCRsghUyRKXCEEmtuk/CyOImY53A8i
LuLAUlVrPeMlWiyEoaCcFQOQYmeimDszJyJFNRo9+1hSR0ha2FkcpWw77QIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFPt+CCvkPIg38x1hMZ8laQqBrb2aMB8GA1UdIwQY
MBaAFIHItzq3vet2/0iyygmWFu2+ccQmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ2NpM09yZTk2M2JfU0xMS0NaWVc3YjV4eENZLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OC8yMDc5MzQtOWVkYy00YTg5LTgyMGUt
ZDg0ODhiM2FiNDJmLzEvMS0zNElLLVE4aURmekhXRXhueVZwQ29HdHZaby5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvOTgvMjA3OTM0LTllZGMtNGE4OS04MjBlLWQ4NDg4YjNhYjQy
Zi8xL2djaTNPcmU5NjNiX1NMTEtDWllXN2I1eHhDWS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFAyoK2kAw
DQYJKoZIhvcNAQELBQADggEBAEusIEsvliW3VRu8HqCfHZCcILrSJV/KCH6So6MD
c/YwJWvVJndWDDD/gAai1DqXNqzRQrHZx5JdON3+kuYNDMrn+Eaet/NOX89XdqBY
V03SfdsySLmYZ9vJmN2rB9a3YGRhzzyV/O/th3hZNprOq7bq9lgtnnlFonInb36j
AzrABRc2PvRaWmT+bwn8Myz6ghzZJkerpIVYDS70F8kj/fZsIksjezAymocy2ix6
kLwiMLuFizgF7MJkYTaoOgaRWnuYVrB6TT/fzveMxMAKY0ekCEeozPsSvSFxBf8e
aBYF9+BtNRZ/wNewL+TepeMyKDhM6WycWPTmX0Zz8tMONYE=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:25:02 2024 by rpki-client on console-ams.rpki-client.org