Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/98/207934-9edc-4a89-820e-d8488b3ab42f/1/qDSzFLuHHu1bDS73KMI1D8Ulnkc.roa
File: qDSzFLuHHu1bDS73KMI1D8Ulnkc.roa (raw, json)
Hash identifier: 5MQhocy4fVhCsm4CueS/+WUEVKrg52M3tHCTjA0Aitk=
Subject key identifier: A8:34:B3:14:BB:87:1E:ED:5B:0D:2E:F7:28:C2:35:0F:C5:25:9E:47
Certificate issuer: /CN=81c8b73ab7bdeb76ff48b2ca099616edbe71c426
Certificate serial: 018CC727508B4408A45AA78607140221EBD9
Authority key identifier: 81:C8:B7:3A:B7:BD:EB:76:FF:48:B2:CA:09:96:16:ED:BE:71:C4:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gci3Ore963b_SLLKCZYW7b5xxCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/98/207934-9edc-4a89-820e-d8488b3ab42f/1/qDSzFLuHHu1bDS73KMI1D8Ulnkc.roa
Signing time: Mon 01 Jan 2024 22:31:31 +0000
ROA not before: Mon 01 Jan 2024 22:31:31 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 51082
IP address blocks: 2a0a:1f46::/32 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:27:50:8b:44:08:a4:5a:a7:86:07:14:02:21:eb:d9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=81c8b73ab7bdeb76ff48b2ca099616edbe71c426
Validity
Not Before: Jan 1 22:31:31 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a834b314bb871eed5b0d2ef728c2350fc5259e47
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:41:c3:b0:f9:66:0c:5f:c7:f4:46:b3:29:5f:
f6:fd:02:3d:cc:8d:8e:b5:50:1f:9b:e7:6c:fe:ce:
f8:3c:87:e6:c8:f6:95:17:14:a9:40:31:f5:b5:6f:
7d:38:3f:3f:ca:d6:e2:45:6f:3e:9b:ed:93:19:f8:
94:e1:c3:13:71:39:5a:8d:71:e3:38:e3:00:f3:2f:
09:91:96:6d:c1:2d:1e:79:f1:92:20:a5:27:15:d5:
23:2e:1b:b5:33:fe:ad:ba:d7:bc:99:f1:ee:08:30:
6a:cb:94:5f:fa:cb:be:3c:eb:2b:a0:05:06:d5:94:
89:f4:79:78:8f:1d:44:bb:98:9a:2c:95:02:82:5e:
d8:45:65:52:32:97:65:2c:73:de:3f:72:65:94:b9:
cc:79:40:3c:99:8b:85:f6:2c:91:a1:53:5f:10:31:
56:e2:09:0b:7c:fc:d6:b1:13:d8:24:1c:55:58:db:
f2:57:66:66:b1:31:9f:8f:8e:22:96:1b:00:a4:d1:
e9:2d:38:cd:1c:7e:b5:4e:37:12:97:f9:ba:4c:b5:
9a:1a:6c:e6:8f:98:b6:67:65:0d:d9:18:20:64:b8:
77:8f:4b:e3:6d:1a:ab:ad:de:a2:96:e7:2e:48:92:
19:9c:19:f9:ad:76:3f:b6:37:c4:87:dd:3c:92:b2:
32:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:34:B3:14:BB:87:1E:ED:5B:0D:2E:F7:28:C2:35:0F:C5:25:9E:47
X509v3 Authority Key Identifier:
keyid:81:C8:B7:3A:B7:BD:EB:76:FF:48:B2:CA:09:96:16:ED:BE:71:C4:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gci3Ore963b_SLLKCZYW7b5xxCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/98/207934-9edc-4a89-820e-d8488b3ab42f/1/qDSzFLuHHu1bDS73KMI1D8Ulnkc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/98/207934-9edc-4a89-820e-d8488b3ab42f/1/gci3Ore963b_SLLKCZYW7b5xxCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0a:1f46::/32
Signature Algorithm: sha256WithRSAEncryption
24:1b:14:76:ef:98:91:b8:48:ca:2b:a7:cf:68:62:67:99:15:
3d:ae:64:08:30:ec:7b:4c:ff:1a:dc:69:f0:f4:ef:ff:8e:bf:
cf:e8:95:f8:23:48:d3:77:a3:da:90:4f:ad:b7:f6:51:02:8f:
89:36:8c:40:ca:2a:e1:39:d7:ab:59:60:97:0a:e4:9d:c1:b6:
81:27:27:6c:87:c7:56:55:dd:47:10:8c:95:73:8e:45:ac:7d:
93:b5:f5:a4:77:1a:00:e4:65:1d:93:60:a1:c0:6d:7a:fc:91:
86:d2:fd:9a:bf:4b:6e:eb:e7:df:c2:ea:10:f2:07:41:b9:06:
d1:ba:72:35:3b:d2:d0:b9:61:96:7b:ea:76:be:8d:c4:f2:cc:
3a:a2:c3:1c:13:f5:29:7b:66:ef:e9:de:5c:11:07:3e:db:40:
1b:61:2c:ca:ac:0a:74:ef:4a:8d:54:2f:80:5b:b8:72:f8:66:
2e:93:da:04:50:c6:cf:e7:8a:3b:bf:7b:45:23:59:12:54:c3:
a1:8d:85:2b:8c:d8:e0:e2:bd:8b:48:85:6a:9d:76:dc:5e:f1:
fa:b3:45:a0:c3:3e:42:c5:80:49:78:7f:d7:0b:98:5c:6e:50:
01:c6:6f:92:a6:a7:38:65:5b:11:da:fe:e1:0f:20:ef:7b:21:
c4:f8:60:1e
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYzHJ1CLRAikWqeGBxQCIevZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgxYzhiNzNhYjdiZGViNzZmZjQ4YjJjYTA5OTYxNmVkYmU3
MWM0MjYwHhcNMjQwMTAxMjIzMTMxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhODM0YjMxNGJiODcxZWVkNWIwZDJlZjcyOGMyMzUwZmM1MjU5ZTQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg0HDsPlmDF/H9EazKV/2/QI9zI2O
tVAfm+ds/s74PIfmyPaVFxSpQDH1tW99OD8/ytbiRW8+m+2TGfiU4cMTcTlajXHj
OOMA8y8JkZZtwS0eefGSIKUnFdUjLhu1M/6tute8mfHuCDBqy5Rf+su+POsroAUG
1ZSJ9Hl4jx1Eu5iaLJUCgl7YRWVSMpdlLHPeP3JllLnMeUA8mYuF9iyRoVNfEDFW
4gkLfPzWsRPYJBxVWNvyV2ZmsTGfj44ilhsApNHpLTjNHH61TjcSl/m6TLWaGmzm
j5i2Z2UN2RggZLh3j0vjbRqrrd6ilucuSJIZnBn5rXY/tjfEh908krIyKQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFKg0sxS7hx7tWw0u9yjCNQ/FJZ5HMB8GA1UdIwQY
MBaAFIHItzq3vet2/0iyygmWFu2+ccQmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ2NpM09yZTk2M2JfU0xMS0NaWVc3YjV4eENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OC8yMDc5MzQtOWVkYy00YTg5LTgyMGUt
ZDg0ODhiM2FiNDJmLzEvcURTekZMdUhIdTFiRFM3M0tNSTFEOFVsbmtjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OC8yMDc5MzQtOWVkYy00YTg5LTgyMGUtZDg0ODhiM2FiNDJm
LzEvZ2NpM09yZTk2M2JfU0xMS0NaWVc3YjV4eENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKgofRjAN
BgkqhkiG9w0BAQsFAAOCAQEAJBsUdu+YkbhIyiunz2hiZ5kVPa5kCDDse0z/Gtxp
8PTv/46/z+iV+CNI03ej2pBPrbf2UQKPiTaMQMoq4TnXq1lglwrkncG2gScnbIfH
VlXdRxCMlXOORax9k7X1pHcaAORlHZNgocBtevyRhtL9mr9Lbuvn38LqEPIHQbkG
0bpyNTvS0Llhlnvqdr6NxPLMOqLDHBP1KXtm7+neXBEHPttAG2EsyqwKdO9KjVQv
gFu4cvhmLpPaBFDGz+eKO797RSNZElTDoY2FK4zY4OK9i0iFap123F7x+rNFoMM+
QsWASXh/1wuYXG5QAcZvkqanOGVbEdr+4Q8g73shxPhgHg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:40:08 2024 by rpki-client on console-fra.rpki-client.org