Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/98/207934-9edc-4a89-820e-d8488b3ab42f/1/sLzRADMDh0FxGh7E5o0hAT-BIjk.roa
File: sLzRADMDh0FxGh7E5o0hAT-BIjk.roa (raw, json)
Hash identifier: xTau3JpBuIlqGLBiNtLSy0cbDZPrp/rMPeUqbkhWEhU=
Subject key identifier: B0:BC:D1:00:33:03:87:41:71:1A:1E:C4:E6:8D:21:01:3F:81:22:39
Certificate issuer: /CN=81c8b73ab7bdeb76ff48b2ca099616edbe71c426
Certificate serial: 0184E755F32E32B49C29A440DD7D6F76D9B0
Authority key identifier: 81:C8:B7:3A:B7:BD:EB:76:FF:48:B2:CA:09:96:16:ED:BE:71:C4:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gci3Ore963b_SLLKCZYW7b5xxCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/98/207934-9edc-4a89-820e-d8488b3ab42f/1/sLzRADMDh0FxGh7E5o0hAT-BIjk.roa
Signing time: Tue 06 Dec 2022 12:08:00 +0000
ROA not before: Tue 06 Dec 2022 12:08:00 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 212238
IP address blocks: 2a0a:da40::/29 maxlen: 29
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:e7:55:f3:2e:32:b4:9c:29:a4:40:dd:7d:6f:76:d9:b0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=81c8b73ab7bdeb76ff48b2ca099616edbe71c426
Validity
Not Before: Dec 6 12:08:00 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b0bcd10033038741711a1ec4e68d21013f812239
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ef:77:3c:98:09:f7:d3:7f:ad:4c:bc:7b:19:b4:
d4:c4:7d:a0:7f:4c:b7:d8:0b:a9:08:4a:14:72:e1:
c1:3c:d3:d6:c0:fc:4f:bb:4e:9c:25:f2:b8:d7:74:
97:35:01:0d:5c:ad:1c:3c:09:80:56:c7:30:b0:6d:
e6:7f:02:01:50:94:f1:3a:72:0f:c3:36:40:ab:7c:
50:88:27:e6:d2:4e:9e:5f:f9:dd:dc:8a:ff:c9:49:
40:ab:f1:06:9f:c5:2a:a7:7e:12:f9:66:ad:63:cc:
1d:c5:da:37:ab:96:e0:88:d1:77:a1:62:80:76:00:
f0:ab:9f:d1:30:f7:7d:c0:b1:8d:91:b5:a4:e0:44:
71:79:dc:df:c4:a3:2e:3e:53:32:a3:88:70:d6:98:
b2:32:7d:77:ae:a6:e9:e9:a8:5c:0a:06:ed:cd:ab:
18:1c:92:24:a9:97:b1:44:f9:18:08:df:bd:37:ae:
c8:a7:3e:6b:74:6c:7d:65:e7:e4:46:d6:9d:fc:9c:
1e:81:68:6a:06:a0:e6:14:b4:69:dd:3f:28:21:f0:
fa:e2:c4:8a:94:a1:98:9d:ff:f0:42:69:d6:90:0d:
da:1a:fe:54:61:06:81:af:5d:02:c0:6e:f9:24:08:
30:de:cf:c8:a6:0a:4b:c9:6d:b4:dd:b3:d3:86:36:
19:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:BC:D1:00:33:03:87:41:71:1A:1E:C4:E6:8D:21:01:3F:81:22:39
X509v3 Authority Key Identifier:
keyid:81:C8:B7:3A:B7:BD:EB:76:FF:48:B2:CA:09:96:16:ED:BE:71:C4:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gci3Ore963b_SLLKCZYW7b5xxCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/98/207934-9edc-4a89-820e-d8488b3ab42f/1/sLzRADMDh0FxGh7E5o0hAT-BIjk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/98/207934-9edc-4a89-820e-d8488b3ab42f/1/gci3Ore963b_SLLKCZYW7b5xxCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0a:da40::/29
Signature Algorithm: sha256WithRSAEncryption
21:04:d8:3c:b3:32:a1:43:44:d5:ec:f8:dc:2f:e5:d1:4a:76:
9d:03:ba:7a:ff:af:a0:88:d2:2b:99:98:b9:2c:d8:40:97:59:
45:82:38:59:f2:58:73:58:9c:50:b4:1f:af:c0:0f:79:48:83:
b6:da:02:91:ca:9a:a3:be:56:ad:0d:b1:40:e8:e4:28:6b:b7:
49:6b:1d:b8:21:fa:bf:8f:fa:72:fb:cc:b0:26:51:75:d0:c0:
83:e0:2b:7e:a5:10:51:86:29:89:14:a6:8e:9e:83:ea:ce:e4:
12:f4:4d:2c:d3:17:f0:db:d0:7e:f0:1b:ca:8c:fc:8a:2c:93:
79:6a:28:9b:96:c8:63:9c:1c:c6:7f:8b:55:77:ca:84:92:12:
09:18:87:15:05:96:d9:e8:ec:1c:94:08:b0:77:77:85:e4:e2:
cd:bf:08:04:00:9a:83:1b:36:66:68:34:47:8d:48:bc:b8:31:
d9:d5:9e:ab:7a:2d:52:33:d5:5b:3d:a6:e6:43:e7:a3:49:d1:
b8:bf:49:b9:70:e4:49:5d:ff:df:d2:70:53:b4:d6:c1:12:85:
9f:52:9d:f2:f3:42:1f:00:4f:38:c0:22:dc:0d:35:03:d0:12:
76:4e:d0:f6:78:dd:e9:d6:4a:74:59:a1:18:ad:53:41:3e:a0:
15:ee:4e:52
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYTnVfMuMrScKaRA3X1vdtmwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgxYzhiNzNhYjdiZGViNzZmZjQ4YjJjYTA5OTYxNmVkYmU3
MWM0MjYwHhcNMjIxMjA2MTIwODAwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMGJjZDEwMDMzMDM4NzQxNzExYTFlYzRlNjhkMjEwMTNmODEyMjM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA73c8mAn303+tTLx7GbTUxH2gf0y3
2AupCEoUcuHBPNPWwPxPu06cJfK413SXNQENXK0cPAmAVscwsG3mfwIBUJTxOnIP
wzZAq3xQiCfm0k6eX/nd3Ir/yUlAq/EGn8Uqp34S+WatY8wdxdo3q5bgiNF3oWKA
dgDwq5/RMPd9wLGNkbWk4ERxedzfxKMuPlMyo4hw1piyMn13rqbp6ahcCgbtzasY
HJIkqZexRPkYCN+9N67Ipz5rdGx9ZefkRtad/JwegWhqBqDmFLRp3T8oIfD64sSK
lKGYnf/wQmnWkA3aGv5UYQaBr10CwG75JAgw3s/IpgpLyW203bPThjYZtwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFLC80QAzA4dBcRoexOaNIQE/gSI5MB8GA1UdIwQY
MBaAFIHItzq3vet2/0iyygmWFu2+ccQmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ2NpM09yZTk2M2JfU0xMS0NaWVc3YjV4eENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OC8yMDc5MzQtOWVkYy00YTg5LTgyMGUt
ZDg0ODhiM2FiNDJmLzEvc0x6UkFETURoMEZ4R2g3RTVvMGhBVC1CSWprLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OC8yMDc5MzQtOWVkYy00YTg5LTgyMGUtZDg0ODhiM2FiNDJm
LzEvZ2NpM09yZTk2M2JfU0xMS0NaWVc3YjV4eENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKgraQDAN
BgkqhkiG9w0BAQsFAAOCAQEAIQTYPLMyoUNE1ez43C/l0Up2nQO6ev+voIjSK5mY
uSzYQJdZRYI4WfJYc1icULQfr8APeUiDttoCkcqao75WrQ2xQOjkKGu3SWsduCH6
v4/6cvvMsCZRddDAg+ArfqUQUYYpiRSmjp6D6s7kEvRNLNMX8NvQfvAbyoz8iiyT
eWoom5bIY5wcxn+LVXfKhJISCRiHFQWW2ejsHJQIsHd3heTizb8IBACagxs2Zmg0
R41IvLgx2dWeq3otUjPVWz2m5kPno0nRuL9JuXDkSV3/39JwU7TWwRKFn1Kd8vNC
HwBPOMAi3A01A9ASdk7Q9njd6dZKdFmhGK1TQT6gFe5OUg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:25:02 2024 by rpki-client on console-ams.rpki-client.org