Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/98/207934-9edc-4a89-820e-d8488b3ab42f/1/pvpDlYX63OLFiLXZ4RuM0hoTX1U.roa
File: pvpDlYX63OLFiLXZ4RuM0hoTX1U.roa (raw, json)
Hash identifier: kZ+yyqP6lA/w2WdVvNkmqpFJqJEK/ksxS1TA1Lcqvt4=
Subject key identifier: A6:FA:43:95:85:FA:DC:E2:C5:88:B5:D9:E1:1B:8C:D2:1A:13:5F:55
Certificate issuer: /CN=81c8b73ab7bdeb76ff48b2ca099616edbe71c426
Certificate serial: 018A21DF591B020E68BA00B641931A06C3F7
Authority key identifier: 81:C8:B7:3A:B7:BD:EB:76:FF:48:B2:CA:09:96:16:ED:BE:71:C4:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gci3Ore963b_SLLKCZYW7b5xxCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/98/207934-9edc-4a89-820e-d8488b3ab42f/1/pvpDlYX63OLFiLXZ4RuM0hoTX1U.roa
Signing time: Wed 23 Aug 2023 10:09:59 +0000
ROA not before: Wed 23 Aug 2023 10:09:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202044
IP address blocks: 2a0a:1f47::/32 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:21:df:59:1b:02:0e:68:ba:00:b6:41:93:1a:06:c3:f7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=81c8b73ab7bdeb76ff48b2ca099616edbe71c426
Validity
Not Before: Aug 23 10:09:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a6fa439585fadce2c588b5d9e11b8cd21a135f55
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:1b:84:0c:dd:47:22:41:85:4c:33:59:e0:68:
dd:a2:d5:1b:01:97:56:1d:53:66:c9:51:50:89:3d:
ef:4b:59:c9:1e:57:bd:47:47:d4:a8:de:65:99:1b:
6b:56:66:a5:c9:51:0c:79:90:92:bc:fa:7f:9e:8f:
8e:0e:c1:3b:d9:eb:fa:91:ff:88:61:31:82:74:19:
04:c6:c4:d6:0d:3b:6e:8f:30:3f:8c:5d:07:7d:76:
ec:b8:74:2d:45:e6:cf:b5:d5:a8:57:d5:91:64:a1:
51:c9:ca:2c:d8:f5:79:98:23:c6:f1:2d:8b:70:75:
22:be:0b:f0:6a:4c:96:c3:68:f7:ec:bf:65:aa:fb:
09:ca:b9:d2:e9:e1:02:d1:eb:48:70:50:5d:e5:aa:
8b:dd:4b:08:83:92:6d:eb:8b:3b:6a:29:dd:23:cb:
c4:cc:95:1a:f6:16:1e:a3:9d:45:53:c4:c6:d1:22:
04:a3:e2:5f:e4:60:5f:b9:6c:63:9c:93:f2:12:e6:
bd:37:a8:c1:c2:94:ae:d2:4f:23:60:21:fe:2f:e9:
1a:0b:ce:6d:91:c1:de:c7:28:aa:70:ab:ed:8a:02:
f8:57:16:3f:b6:c1:db:ca:5a:3e:65:11:19:56:77:
ea:b6:5a:63:d8:85:ae:6c:84:3f:53:5b:b8:82:60:
7c:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:FA:43:95:85:FA:DC:E2:C5:88:B5:D9:E1:1B:8C:D2:1A:13:5F:55
X509v3 Authority Key Identifier:
keyid:81:C8:B7:3A:B7:BD:EB:76:FF:48:B2:CA:09:96:16:ED:BE:71:C4:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gci3Ore963b_SLLKCZYW7b5xxCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/98/207934-9edc-4a89-820e-d8488b3ab42f/1/pvpDlYX63OLFiLXZ4RuM0hoTX1U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/98/207934-9edc-4a89-820e-d8488b3ab42f/1/gci3Ore963b_SLLKCZYW7b5xxCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0a:1f47::/32
Signature Algorithm: sha256WithRSAEncryption
7c:9a:18:34:8d:54:ce:e9:85:d8:2e:b8:0f:78:8f:9b:78:6a:
89:e6:2e:56:19:79:96:02:a8:c1:50:c6:00:a5:c1:be:0d:18:
e0:f2:c3:cc:fe:51:81:8a:39:ea:a1:51:64:17:6b:09:ab:20:
4e:65:0a:e1:7a:93:1c:45:2b:5b:f5:37:64:96:91:38:d0:79:
62:2f:bb:8b:61:8b:e1:35:ae:27:ed:c5:fd:44:ae:6b:ee:bb:
ad:e3:46:5d:f4:30:27:d4:dc:91:89:62:78:b9:a7:37:c5:13:
3c:9e:46:36:56:4d:1d:5c:02:36:6d:0c:5f:50:1c:0a:98:80:
67:72:09:d4:e2:fa:f0:19:7d:fc:43:c4:92:ed:36:f7:e9:85:
50:32:ef:cf:15:b8:c9:ac:3e:e3:0f:10:de:b9:e1:3c:93:6f:
8a:33:d4:73:f4:64:79:ad:8d:04:99:a3:10:fe:3f:54:e2:16:
02:5d:ec:54:73:1a:99:05:ce:ff:bf:ae:7b:65:a6:80:50:bf:
e4:9a:9b:27:23:cc:d9:d1:3f:71:7f:13:8b:50:b2:f3:18:b9:
b7:cf:9c:09:14:d6:b5:1b:b1:1b:75:3f:45:1c:5a:7a:88:06:
96:fe:47:68:28:ff:d3:78:bd:d6:c7:89:e3:d7:63:60:e0:1d:
c2:36:96:09
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYoh31kbAg5ougC2QZMaBsP3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgxYzhiNzNhYjdiZGViNzZmZjQ4YjJjYTA5OTYxNmVkYmU3
MWM0MjYwHhcNMjMwODIzMTAwOTU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNmZhNDM5NTg1ZmFkY2UyYzU4OGI1ZDllMTFiOGNkMjFhMTM1ZjU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuhuEDN1HIkGFTDNZ4GjdotUbAZdW
HVNmyVFQiT3vS1nJHle9R0fUqN5lmRtrVmalyVEMeZCSvPp/no+ODsE72ev6kf+I
YTGCdBkExsTWDTtujzA/jF0HfXbsuHQtRebPtdWoV9WRZKFRycos2PV5mCPG8S2L
cHUivgvwakyWw2j37L9lqvsJyrnS6eEC0etIcFBd5aqL3UsIg5Jt64s7aindI8vE
zJUa9hYeo51FU8TG0SIEo+Jf5GBfuWxjnJPyEua9N6jBwpSu0k8jYCH+L+kaC85t
kcHexyiqcKvtigL4VxY/tsHbylo+ZREZVnfqtlpj2IWubIQ/U1u4gmB8DwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFKb6Q5WF+tzixYi12eEbjNIaE19VMB8GA1UdIwQY
MBaAFIHItzq3vet2/0iyygmWFu2+ccQmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ2NpM09yZTk2M2JfU0xMS0NaWVc3YjV4eENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OC8yMDc5MzQtOWVkYy00YTg5LTgyMGUt
ZDg0ODhiM2FiNDJmLzEvcHZwRGxZWDYzT0xGaUxYWjRSdU0waG9UWDFVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OC8yMDc5MzQtOWVkYy00YTg5LTgyMGUtZDg0ODhiM2FiNDJm
LzEvZ2NpM09yZTk2M2JfU0xMS0NaWVc3YjV4eENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKgofRzAN
BgkqhkiG9w0BAQsFAAOCAQEAfJoYNI1UzumF2C64D3iPm3hqieYuVhl5lgKowVDG
AKXBvg0Y4PLDzP5RgYo56qFRZBdrCasgTmUK4XqTHEUrW/U3ZJaRONB5Yi+7i2GL
4TWuJ+3F/USua+67reNGXfQwJ9TckYlieLmnN8UTPJ5GNlZNHVwCNm0MX1AcCpiA
Z3IJ1OL68Bl9/EPEku029+mFUDLvzxW4yaw+4w8Q3rnhPJNvijPUc/Rkea2NBJmj
EP4/VOIWAl3sVHMamQXO/7+ue2WmgFC/5JqbJyPM2dE/cX8Ti1Cy8xi5t8+cCRTW
tRuxG3U/RRxaeogGlv5HaCj/03i91seJ49djYOAdwjaWCQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:40:08 2024 by rpki-client on console-fra.rpki-client.org