Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/98/207934-9edc-4a89-820e-d8488b3ab42f/1/SfCRBibeuMP4soxT9Usv4HOH26Q.roa
File: SfCRBibeuMP4soxT9Usv4HOH26Q.roa (raw, json)
Hash identifier: o7fi6aQ7cwcAucPiXcc+6AeeWv4lKpJ/9UHiYJ72Po0=
Subject key identifier: 49:F0:91:06:26:DE:B8:C3:F8:B2:8C:53:F5:4B:2F:E0:73:87:DB:A4
Certificate issuer: /CN=81c8b73ab7bdeb76ff48b2ca099616edbe71c426
Certificate serial: 06F0E451
Authority key identifier: 81:C8:B7:3A:B7:BD:EB:76:FF:48:B2:CA:09:96:16:ED:BE:71:C4:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gci3Ore963b_SLLKCZYW7b5xxCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/98/207934-9edc-4a89-820e-d8488b3ab42f/1/SfCRBibeuMP4soxT9Usv4HOH26Q.roa
Signing time: Mon 23 May 2022 15:15:29 +0000
ROA not before: Mon 23 May 2022 15:15:29 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 212144
IP address blocks: 2a09:dc00::/32 maxlen: 32
2a0a:1f45::/32 maxlen: 32
2a0a:1f41::/32 maxlen: 32
2a0a:1f44::/32 maxlen: 32
2a0a:da40::/29 maxlen: 29
2a09:dc03::/32 maxlen: 32
2a09:dc00::/29 maxlen: 29
2a0a:1f43::/32 maxlen: 32
2a09:dc06::/32 maxlen: 32
2a09:dc05::/32 maxlen: 32
2a09:dc02::/32 maxlen: 32
2a0a:1f40::/32 maxlen: 32
2a09:dc01::/32 maxlen: 32
2a09:dc04::/32 maxlen: 32
2a09:dc07::/32 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 116450385 (0x6f0e451)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=81c8b73ab7bdeb76ff48b2ca099616edbe71c426
Validity
Not Before: May 23 15:15:29 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=49f0910626deb8c3f8b28c53f54b2fe07387dba4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:ea:03:51:43:12:a5:be:9e:28:ab:90:2a:3d:
62:ac:cd:bf:9e:9a:0f:e2:3f:fb:64:15:db:32:fb:
96:16:a9:35:25:41:f7:59:52:cf:3f:49:e6:a3:03:
68:20:be:2e:8b:32:5c:06:d8:8c:9d:d4:3d:1e:f4:
84:c7:48:60:d6:2a:ee:d0:ec:f7:d8:a4:5e:2e:bc:
d2:c4:9c:70:87:10:a5:9e:dd:bc:6c:4f:5b:12:8b:
b9:be:a0:a3:dd:ce:30:dc:af:22:e9:78:f6:10:e7:
fb:3e:2a:e7:89:43:db:2f:ec:ea:34:0f:bc:56:37:
2b:f3:5f:4f:79:0b:ca:f2:f2:60:29:6b:01:8b:ad:
bc:1d:2e:73:a3:97:f7:9c:e3:ea:1f:85:6a:9a:89:
85:f0:12:8f:5b:1a:fb:e0:75:f8:0e:25:11:23:83:
76:a0:97:56:3b:f2:9c:09:73:70:eb:cb:ca:2a:20:
ba:20:25:bf:14:51:05:20:51:a9:86:78:87:b5:73:
07:20:09:67:d3:4a:d0:80:31:c2:dc:29:8f:cb:81:
aa:6e:48:30:a5:b9:37:d2:0f:1a:3f:33:4f:a9:ab:
27:21:a0:55:8a:2e:42:7f:d9:43:1e:72:e1:c2:64:
c5:bc:16:c5:fc:c2:34:01:b6:ba:74:b5:46:21:0f:
f5:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:F0:91:06:26:DE:B8:C3:F8:B2:8C:53:F5:4B:2F:E0:73:87:DB:A4
X509v3 Authority Key Identifier:
keyid:81:C8:B7:3A:B7:BD:EB:76:FF:48:B2:CA:09:96:16:ED:BE:71:C4:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gci3Ore963b_SLLKCZYW7b5xxCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/98/207934-9edc-4a89-820e-d8488b3ab42f/1/SfCRBibeuMP4soxT9Usv4HOH26Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/98/207934-9edc-4a89-820e-d8488b3ab42f/1/gci3Ore963b_SLLKCZYW7b5xxCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a09:dc00::/29
2a0a:1f40::/31
2a0a:1f43::-2a0a:1f45:ffff:ffff:ffff:ffff:ffff:ffff
2a0a:da40::/29
Signature Algorithm: sha256WithRSAEncryption
40:9d:e0:ba:70:aa:fb:b3:2e:10:bf:0e:ac:b4:e1:c0:e1:75:
ae:4e:b1:b7:a8:a7:d2:30:ec:67:76:8f:57:6b:eb:24:5c:11:
13:59:70:74:1e:2d:40:cb:96:3b:6c:87:13:bd:fe:3f:eb:d1:
18:84:81:ca:44:63:eb:ab:88:f7:cb:5e:23:28:fe:65:87:c5:
40:7b:7a:8b:6d:d4:be:c8:b3:37:48:9b:31:95:95:f5:7a:2f:
1b:68:b7:72:bb:45:ef:7d:70:5e:83:48:ae:46:b1:fd:3f:74:
d4:64:e0:51:8d:54:c3:ef:34:35:9d:55:b3:10:7d:d6:13:75:
eb:a0:bb:62:60:8e:fd:72:95:8d:00:d4:aa:67:11:9b:ef:83:
be:4f:e5:1e:62:d6:a9:60:c6:9c:d5:c9:c0:77:ab:d8:a9:e5:
b7:8e:3d:57:34:c6:39:28:f4:c0:6e:f7:2e:a4:18:14:f3:e0:
28:88:91:75:53:1e:97:97:9f:36:8f:bb:40:e0:58:44:27:5b:
34:b5:8b:0f:51:35:10:ba:14:28:07:8a:14:87:ff:37:b9:a8:
36:f4:da:24:5c:42:6e:62:7e:2d:8b:9e:6f:9e:37:7f:24:8c:
41:e1:b6:22:51:d5:80:5c:b4:2b:9a:75:d9:8f:c0:df:44:27:
66:10:88:14
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgIEBvDkUTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
MWM4YjczYWI3YmRlYjc2ZmY0OGIyY2EwOTk2MTZlZGJlNzFjNDI2MB4XDTIyMDUy
MzE1MTUyOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNDlmMDkxMDYyNmRl
YjhjM2Y4YjI4YzUzZjU0YjJmZTA3Mzg3ZGJhNDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAN7qA1FDEqW+niirkCo9YqzNv56aD+I/+2QV2zL7lhapNSVB
91lSzz9J5qMDaCC+LosyXAbYjJ3UPR70hMdIYNYq7tDs99ikXi680sSccIcQpZ7d
vGxPWxKLub6go93OMNyvIul49hDn+z4q54lD2y/s6jQPvFY3K/NfT3kLyvLyYClr
AYutvB0uc6OX95zj6h+FapqJhfASj1sa++B1+A4lESODdqCXVjvynAlzcOvLyiog
uiAlvxRRBSBRqYZ4h7VzByAJZ9NK0IAxwtwpj8uBqm5IMKW5N9IPGj8zT6mrJyGg
VYouQn/ZQx5y4cJkxbwWxfzCNAG2unS1RiEP9ecCAwEAAaOCAigwggIkMB0GA1Ud
DgQWBBRJ8JEGJt64w/iyjFP1Sy/gc4fbpDAfBgNVHSMEGDAWgBSByLc6t73rdv9I
ssoJlhbtvnHEJjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2djaTNPcmU5NjNiX1NMTEtDWllXN2I1eHhDWS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOTgvMjA3OTM0LTllZGMtNGE4OS04MjBlLWQ4NDg4YjNhYjQyZi8x
L1NmQ1JCaWJldU1QNHNveFQ5VXN2NEhPSDI2US5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOTgv
MjA3OTM0LTllZGMtNGE4OS04MjBlLWQ4NDg4YjNhYjQyZi8xL2djaTNPcmU5NjNi
X1NMTEtDWllXN2I1eHhDWS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA+
BggrBgEFBQcBBwEB/wQvMC0wKwQCAAIwJQMFAyoJ3AADBQEqCh9AMA4DBQAqCh9D
AwUBKgofRAMFAyoK2kAwDQYJKoZIhvcNAQELBQADggEBAECd4LpwqvuzLhC/Dqy0
4cDhda5Osbeop9Iw7Gd2j1dr6yRcERNZcHQeLUDLljtshxO9/j/r0RiEgcpEY+ur
iPfLXiMo/mWHxUB7eott1L7IszdImzGVlfV6Lxtot3K7Re99cF6DSK5Gsf0/dNRk
4FGNVMPvNDWdVbMQfdYTdeugu2Jgjv1ylY0A1KpnEZvvg75P5R5i1qlgxpzVycB3
q9ip5beOPVc0xjko9MBu9y6kGBTz4CiIkXVTHpeXnzaPu0DgWEQnWzS1iw9RNRC6
FCgHihSH/ze5qDb02iRcQm5ifi2Lnm+eN38kjEHhtiJR1YBctCuaddmPwN9EJ2YQ
iBQ=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:40:08 2024 by rpki-client on console-fra.rpki-client.org