Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/98/207934-9edc-4a89-820e-d8488b3ab42f/1/1-ANG7RNNvJawJQB_QiUfr927hkc.roa
File: 1-ANG7RNNvJawJQB_QiUfr927hkc.roa (raw, json)
Hash identifier: AUOR9R2zRmNvr4Mn372W2XjZNVgHg5qHnIX/zu6T90g=
Subject key identifier: F8:03:46:ED:13:4D:BC:96:B0:25:00:7F:42:25:1F:AF:DD:BB:86:47
Certificate issuer: /CN=81c8b73ab7bdeb76ff48b2ca099616edbe71c426
Certificate serial: 018CC727526B33F3269A05FBDB410E6EC074
Authority key identifier: 81:C8:B7:3A:B7:BD:EB:76:FF:48:B2:CA:09:96:16:ED:BE:71:C4:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gci3Ore963b_SLLKCZYW7b5xxCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/98/207934-9edc-4a89-820e-d8488b3ab42f/1/1-ANG7RNNvJawJQB_QiUfr927hkc.roa
Signing time: Mon 01 Jan 2024 22:31:32 +0000
ROA not before: Mon 01 Jan 2024 22:31:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 202044
IP address blocks: 2a0a:1f47::/32 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:27:52:6b:33:f3:26:9a:05:fb:db:41:0e:6e:c0:74
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=81c8b73ab7bdeb76ff48b2ca099616edbe71c426
Validity
Not Before: Jan 1 22:31:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f80346ed134dbc96b025007f42251fafddbb8647
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:84:cf:b1:6f:15:35:ce:cc:37:68:56:43:2c:
6b:fc:24:7c:a4:7e:b9:fe:9b:40:e0:ae:40:ec:a3:
f3:9c:6e:7e:4e:a8:10:a1:4a:02:25:db:0b:1f:61:
44:a0:0e:8f:db:c2:6e:16:5d:46:fd:de:f3:33:55:
d9:90:46:eb:f6:96:f5:21:4e:ca:28:b3:f6:f0:99:
f1:61:28:95:de:46:3d:39:4d:21:73:bb:ac:ac:4d:
4f:28:70:52:bf:ca:3a:9f:e0:7a:51:f6:d9:a9:b8:
7b:ce:66:f1:59:bf:bd:b6:c8:0b:06:37:65:b7:c6:
a4:49:c2:26:c5:29:e4:27:35:c4:5d:29:5a:e5:fd:
2b:d2:0b:45:32:93:b3:89:8f:a8:f9:6e:1f:31:19:
71:c9:d0:41:a0:88:27:f2:27:f8:fb:e5:3d:89:92:
41:13:4c:f8:2e:b2:1f:55:1c:cb:ce:b0:17:d4:6c:
c6:d2:44:03:6e:12:76:66:af:9d:1b:9d:1c:c6:8c:
e1:6c:f6:ca:de:27:39:8e:98:2a:93:3e:9d:43:1d:
55:14:e6:3c:d6:20:26:8d:51:f0:52:48:f8:94:e6:
c1:2b:7a:f2:7c:51:1e:58:85:33:29:c6:74:ee:0f:
9e:b5:38:06:0a:f7:06:ab:0c:73:44:dd:c6:ea:0f:
fe:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:03:46:ED:13:4D:BC:96:B0:25:00:7F:42:25:1F:AF:DD:BB:86:47
X509v3 Authority Key Identifier:
keyid:81:C8:B7:3A:B7:BD:EB:76:FF:48:B2:CA:09:96:16:ED:BE:71:C4:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gci3Ore963b_SLLKCZYW7b5xxCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/98/207934-9edc-4a89-820e-d8488b3ab42f/1/1-ANG7RNNvJawJQB_QiUfr927hkc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/98/207934-9edc-4a89-820e-d8488b3ab42f/1/gci3Ore963b_SLLKCZYW7b5xxCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0a:1f47::/32
Signature Algorithm: sha256WithRSAEncryption
4e:d7:56:89:d5:a6:4f:62:bf:5c:1b:88:43:14:8d:e8:f1:0a:
a6:db:e5:02:16:83:c4:75:f7:8b:de:ab:8b:6b:b4:51:0f:46:
e0:c6:a1:44:6d:ce:98:14:fe:15:cb:67:88:2f:25:f7:68:cf:
15:90:3a:4e:b9:a7:89:a6:25:a4:1b:57:50:8c:d7:e8:b3:c3:
00:ae:d8:b0:b9:e8:5b:fe:7a:3b:ad:62:51:a6:3c:e0:c0:ef:
0e:9c:e9:a2:48:cf:86:66:84:44:31:28:00:40:8d:d9:40:32:
1a:aa:01:67:28:ed:1e:9c:88:de:6a:02:da:b0:1a:11:dc:31:
b8:38:61:d1:a4:60:ff:5e:04:db:e4:19:52:92:61:5e:45:fb:
e2:62:df:d3:69:17:92:5f:f8:8a:98:84:dc:01:5e:80:c9:f8:
9d:02:2d:45:f7:e8:26:57:6b:0b:5c:4f:40:e0:7c:03:fc:47:
e7:c1:82:84:be:1c:89:eb:9d:1d:05:60:c3:94:66:af:75:52:
78:7a:27:3f:f7:06:7e:aa:6e:d5:ad:75:7c:75:5a:0f:d4:96:
10:68:d5:01:31:01:ba:79:48:63:d5:9c:ed:58:9d:45:26:bf:
10:7d:ad:9f:39:11:0c:0c:88:24:aa:8b:03:cb:a4:33:03:ce:
de:08:68:e0
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYzHJ1JrM/MmmgX720EObsB0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgxYzhiNzNhYjdiZGViNzZmZjQ4YjJjYTA5OTYxNmVkYmU3
MWM0MjYwHhcNMjQwMTAxMjIzMTMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmODAzNDZlZDEzNGRiYzk2YjAyNTAwN2Y0MjI1MWZhZmRkYmI4NjQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw4TPsW8VNc7MN2hWQyxr/CR8pH65
/ptA4K5A7KPznG5+TqgQoUoCJdsLH2FEoA6P28JuFl1G/d7zM1XZkEbr9pb1IU7K
KLP28JnxYSiV3kY9OU0hc7usrE1PKHBSv8o6n+B6UfbZqbh7zmbxWb+9tsgLBjdl
t8akScImxSnkJzXEXSla5f0r0gtFMpOziY+o+W4fMRlxydBBoIgn8if4++U9iZJB
E0z4LrIfVRzLzrAX1GzG0kQDbhJ2Zq+dG50cxozhbPbK3ic5jpgqkz6dQx1VFOY8
1iAmjVHwUkj4lObBK3ryfFEeWIUzKcZ07g+etTgGCvcGqwxzRN3G6g/+VwIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFPgDRu0TTbyWsCUAf0IlH6/du4ZHMB8GA1UdIwQY
MBaAFIHItzq3vet2/0iyygmWFu2+ccQmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ2NpM09yZTk2M2JfU0xMS0NaWVc3YjV4eENZLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OC8yMDc5MzQtOWVkYy00YTg5LTgyMGUt
ZDg0ODhiM2FiNDJmLzEvMS1BTkc3Uk5Odkphd0pRQl9RaVVmcjkyN2hrYy5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvOTgvMjA3OTM0LTllZGMtNGE4OS04MjBlLWQ4NDg4YjNhYjQy
Zi8xL2djaTNPcmU5NjNiX1NMTEtDWllXN2I1eHhDWS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACoKH0cw
DQYJKoZIhvcNAQELBQADggEBAE7XVonVpk9iv1wbiEMUjejxCqbb5QIWg8R194ve
q4trtFEPRuDGoURtzpgU/hXLZ4gvJfdozxWQOk65p4mmJaQbV1CM1+izwwCu2LC5
6Fv+ejutYlGmPODA7w6c6aJIz4ZmhEQxKABAjdlAMhqqAWco7R6ciN5qAtqwGhHc
Mbg4YdGkYP9eBNvkGVKSYV5F++Ji39NpF5Jf+IqYhNwBXoDJ+J0CLUX36CZXawtc
T0DgfAP8R+fBgoS+HInrnR0FYMOUZq91Unh6Jz/3Bn6qbtWtdXx1Wg/UlhBo1QEx
Abp5SGPVnO1YnUUmvxB9rZ85EQwMiCSqiwPLpDMDzt4IaOA=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:25:02 2024 by rpki-client on console-ams.rpki-client.org