Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/98/207934-9edc-4a89-820e-d8488b3ab42f/1/aniW8WWKn_zWO58GFZKVDdoi4KY.roa
File: aniW8WWKn_zWO58GFZKVDdoi4KY.roa (raw, json)
Hash identifier: WzmLbFGE625XcIIAijJYK5NB7ZAIH/Rfx1K1A8g0OmE=
Subject key identifier: 6A:78:96:F1:65:8A:9F:FC:D6:3B:9F:06:15:92:95:0D:DA:22:E0:A6
Certificate issuer: /CN=81c8b73ab7bdeb76ff48b2ca099616edbe71c426
Certificate serial: 01891FA2BDABEFB191DCBA3E27515D24713F
Authority key identifier: 81:C8:B7:3A:B7:BD:EB:76:FF:48:B2:CA:09:96:16:ED:BE:71:C4:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gci3Ore963b_SLLKCZYW7b5xxCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/98/207934-9edc-4a89-820e-d8488b3ab42f/1/aniW8WWKn_zWO58GFZKVDdoi4KY.roa
Signing time: Tue 04 Jul 2023 06:41:46 +0000
ROA not before: Tue 04 Jul 2023 06:41:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202044
IP address blocks: 2a0a:1f47::/32 maxlen: 32
2a0a:1f40::/32 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:1f:a2:bd:ab:ef:b1:91:dc:ba:3e:27:51:5d:24:71:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=81c8b73ab7bdeb76ff48b2ca099616edbe71c426
Validity
Not Before: Jul 4 06:41:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6a7896f1658a9ffcd63b9f061592950dda22e0a6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:e5:77:67:3b:5d:0a:9f:7c:eb:73:9c:5b:bc:
fb:e0:ea:5f:66:c5:f7:14:5a:9e:09:e9:98:7b:eb:
93:bf:6d:86:13:52:35:27:62:24:6a:df:a8:1d:c8:
00:3e:ed:80:79:51:87:26:08:f6:cb:05:4d:fe:0f:
b3:89:ab:0c:53:7f:27:95:99:fe:26:7e:9c:1e:20:
81:08:3e:ed:4b:35:71:d7:81:d6:6d:f6:20:13:87:
12:02:86:ef:a4:4c:7f:d5:b7:ef:7f:2b:03:b2:f2:
f6:7c:da:7d:d5:a7:04:41:08:d1:e0:6c:81:8a:a2:
e1:df:72:b5:2f:44:24:2f:0d:3d:3a:95:af:bb:85:
8a:ec:c9:c2:97:ff:80:5e:9e:49:9e:59:d3:59:32:
25:62:53:58:79:22:8e:e5:4f:a1:ab:27:03:1f:18:
4a:92:c0:0a:87:b4:7d:24:c3:e9:42:79:97:96:6a:
fc:b6:7a:ae:fc:0c:95:c3:29:c0:d8:fe:77:07:fd:
3a:ad:58:fe:86:13:94:49:53:c5:84:c9:e9:f5:45:
35:f7:aa:56:aa:be:7f:1e:46:1a:16:12:fc:78:43:
d5:78:43:1b:8b:10:fb:5f:2a:37:b9:fd:9e:1f:e9:
28:6d:7a:4e:db:e3:c2:fc:95:38:35:e2:cc:9c:66:
03:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:78:96:F1:65:8A:9F:FC:D6:3B:9F:06:15:92:95:0D:DA:22:E0:A6
X509v3 Authority Key Identifier:
keyid:81:C8:B7:3A:B7:BD:EB:76:FF:48:B2:CA:09:96:16:ED:BE:71:C4:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gci3Ore963b_SLLKCZYW7b5xxCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/98/207934-9edc-4a89-820e-d8488b3ab42f/1/aniW8WWKn_zWO58GFZKVDdoi4KY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/98/207934-9edc-4a89-820e-d8488b3ab42f/1/gci3Ore963b_SLLKCZYW7b5xxCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0a:1f40::/32
2a0a:1f47::/32
Signature Algorithm: sha256WithRSAEncryption
56:ee:6f:a9:02:d5:68:f6:8b:4a:ac:48:d3:60:3e:cf:dd:d1:
c7:a8:72:ae:e2:6f:7d:f4:5f:74:65:ac:83:e5:10:da:0a:11:
32:60:7d:23:2a:b1:93:77:6f:03:71:eb:27:eb:e9:0d:71:9d:
3b:e7:01:54:9a:b9:cd:be:69:84:eb:7b:1f:03:f1:c2:02:27:
f2:9f:54:43:97:04:07:70:07:c3:fe:90:70:1f:3b:8c:0f:53:
f2:79:0f:32:87:23:20:25:92:a2:fc:fb:99:dd:ac:c6:91:87:
f0:ac:85:d5:36:cc:72:98:47:5f:ca:7e:11:ee:ad:03:d8:66:
cd:07:b0:a4:c8:00:24:9e:7d:1b:4a:dc:c3:a5:26:97:5d:29:
3a:ee:87:bf:5f:e3:32:49:f5:1e:f6:12:ee:bb:e3:fd:62:b7:
50:22:e3:9b:e0:7b:3a:43:64:b3:3a:cd:fb:4f:20:e5:41:a2:
ae:3b:b6:6f:75:8a:6b:36:d7:c8:26:18:60:ca:0c:d2:05:07:
a0:f0:58:87:2c:be:04:0d:a9:50:85:c7:4e:2f:cf:08:83:75:
c8:ad:ee:b5:55:4a:30:27:21:1c:ca:79:5c:f1:43:44:39:65:
44:45:4b:8c:d9:48:43:08:fc:76:98:1b:62:7c:f0:c6:d7:dc:
05:18:98:4c
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYkfor2r77GR3Lo+J1FdJHE/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgxYzhiNzNhYjdiZGViNzZmZjQ4YjJjYTA5OTYxNmVkYmU3
MWM0MjYwHhcNMjMwNzA0MDY0MTQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YTc4OTZmMTY1OGE5ZmZjZDYzYjlmMDYxNTkyOTUwZGRhMjJlMGE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAseV3ZztdCp9863OcW7z74OpfZsX3
FFqeCemYe+uTv22GE1I1J2Ikat+oHcgAPu2AeVGHJgj2ywVN/g+ziasMU38nlZn+
Jn6cHiCBCD7tSzVx14HWbfYgE4cSAobvpEx/1bfvfysDsvL2fNp91acEQQjR4GyB
iqLh33K1L0QkLw09OpWvu4WK7MnCl/+AXp5JnlnTWTIlYlNYeSKO5U+hqycDHxhK
ksAKh7R9JMPpQnmXlmr8tnqu/AyVwynA2P53B/06rVj+hhOUSVPFhMnp9UU196pW
qr5/HkYaFhL8eEPVeEMbixD7Xyo3uf2eH+kobXpO2+PC/JU4NeLMnGYDmwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFGp4lvFlip/81jufBhWSlQ3aIuCmMB8GA1UdIwQY
MBaAFIHItzq3vet2/0iyygmWFu2+ccQmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ2NpM09yZTk2M2JfU0xMS0NaWVc3YjV4eENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OC8yMDc5MzQtOWVkYy00YTg5LTgyMGUt
ZDg0ODhiM2FiNDJmLzEvYW5pVzhXV0tuX3pXTzU4R0ZaS1ZEZG9pNEtZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OC8yMDc5MzQtOWVkYy00YTg5LTgyMGUtZDg0ODhiM2FiNDJm
LzEvZ2NpM09yZTk2M2JfU0xMS0NaWVc3YjV4eENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAAjAOAwUAKgofQAMF
ACoKH0cwDQYJKoZIhvcNAQELBQADggEBAFbub6kC1Wj2i0qsSNNgPs/d0ceocq7i
b330X3RlrIPlENoKETJgfSMqsZN3bwNx6yfr6Q1xnTvnAVSauc2+aYTrex8D8cIC
J/KfVEOXBAdwB8P+kHAfO4wPU/J5DzKHIyAlkqL8+5ndrMaRh/CshdU2zHKYR1/K
fhHurQPYZs0HsKTIACSefRtK3MOlJpddKTruh79f4zJJ9R72Eu674/1it1Ai45vg
ezpDZLM6zftPIOVBoq47tm91ims218gmGGDKDNIFB6DwWIcsvgQNqVCFx04vzwiD
dcit7rVVSjAnIRzKeVzxQ0Q5ZURFS4zZSEMI/HaYG2J88MbX3AUYmEw=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:25:02 2024 by rpki-client on console-ams.rpki-client.org