Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/99/3d6407-72da-4568-843f-37641e999b8d/1/nTCMihBubkk6bIkVplfn3w42JC4.roa
File: nTCMihBubkk6bIkVplfn3w42JC4.roa (raw, json)
Hash identifier: hcTFEJiXcsP6JTDD40O+mNNMBm3OQoefJqO9Qs8LY2A=
Subject key identifier: 9D:30:8C:8A:10:6E:6E:49:3A:6C:89:15:A6:57:E7:DF:0E:36:24:2E
Certificate issuer: /CN=34f3891c7528e1c9ed08b2cbe3dc3607afb37a4c
Certificate serial: 01856C5CB2921FE11DA68D7C9A2046854638
Authority key identifier: 34:F3:89:1C:75:28:E1:C9:ED:08:B2:CB:E3:DC:36:07:AF:B3:7A:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NPOJHHUo4cntCLLL49w2B6-zekw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/99/3d6407-72da-4568-843f-37641e999b8d/1/nTCMihBubkk6bIkVplfn3w42JC4.roa
Signing time: Sun 01 Jan 2023 08:04:52 +0000
ROA not before: Sun 01 Jan 2023 08:04:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204790
IP address blocks: 2a11:a480::/29 maxlen: 29
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:5c:b2:92:1f:e1:1d:a6:8d:7c:9a:20:46:85:46:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=34f3891c7528e1c9ed08b2cbe3dc3607afb37a4c
Validity
Not Before: Jan 1 08:04:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9d308c8a106e6e493a6c8915a657e7df0e36242e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:0b:79:2e:ab:2a:a7:4e:96:a8:43:b2:ff:33:
1a:40:63:ab:a5:3d:bd:69:e2:9c:de:94:d7:46:d0:
17:51:40:44:81:fc:1a:f4:f2:9f:d2:59:6b:8d:c9:
a6:f3:b4:09:3f:22:13:e5:e2:77:b4:ea:c0:f1:f0:
93:38:32:d3:f0:3d:12:28:f3:cb:b3:95:ec:55:45:
41:4e:b3:52:90:f2:ef:27:91:c6:ff:5d:5e:e9:10:
e7:ae:b5:37:7f:9d:e0:5d:75:11:3f:89:c5:12:99:
4f:e3:23:51:5d:b9:da:28:90:ee:e6:cd:c4:46:4a:
7e:f6:70:e1:22:43:da:21:5f:1d:cd:c4:71:dc:f5:
d1:4e:dd:e1:29:0d:eb:4d:c3:17:b4:d2:d0:4f:6f:
59:a3:c9:ea:38:af:60:7f:d0:06:af:cf:d2:e9:9d:
bb:2b:a1:58:4d:f2:6d:e6:2e:fb:1c:00:d9:be:00:
12:a6:d6:e1:84:2a:f1:b3:b7:6b:a8:69:79:cd:b8:
ba:2f:14:9d:97:7d:5b:dc:0d:5b:5b:36:61:51:54:
ca:93:36:88:3c:36:7b:f1:a4:9e:20:de:53:82:ca:
15:11:2a:e5:fb:cd:c2:8b:41:46:ec:77:de:de:2d:
ff:6f:b2:f4:df:0f:63:e5:a0:7f:f6:a8:13:07:d6:
cf:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:30:8C:8A:10:6E:6E:49:3A:6C:89:15:A6:57:E7:DF:0E:36:24:2E
X509v3 Authority Key Identifier:
keyid:34:F3:89:1C:75:28:E1:C9:ED:08:B2:CB:E3:DC:36:07:AF:B3:7A:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NPOJHHUo4cntCLLL49w2B6-zekw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/3d6407-72da-4568-843f-37641e999b8d/1/nTCMihBubkk6bIkVplfn3w42JC4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/99/3d6407-72da-4568-843f-37641e999b8d/1/NPOJHHUo4cntCLLL49w2B6-zekw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:a480::/29
Signature Algorithm: sha256WithRSAEncryption
60:00:d5:1a:69:a9:ea:9f:67:8f:a5:33:75:09:f5:44:f3:bf:
59:f0:5b:bc:ea:1e:59:dc:f0:46:35:12:7f:20:02:0f:eb:4c:
c7:f9:27:0c:c9:39:27:14:53:09:97:55:10:1e:80:fd:6d:da:
1a:e6:92:f4:33:fa:74:b6:e1:e2:27:48:6c:4c:c7:0f:bf:4f:
bc:94:7d:15:7d:eb:e2:88:59:c5:06:64:db:42:b1:c6:28:32:
da:84:3e:9b:84:47:94:47:c0:5c:ec:67:2f:8d:97:2e:c5:be:
c3:9c:a6:62:d0:29:be:53:b6:28:e7:7b:2c:40:04:9b:3c:df:
57:2c:31:61:b4:a1:a0:6e:86:18:79:30:32:1b:5b:b0:c0:3f:
de:91:ba:14:a0:c2:72:0e:c5:06:35:e2:04:0a:96:21:f7:44:
f4:65:29:2a:66:b1:06:5d:ed:fd:86:03:a8:4b:e6:0d:5e:0c:
3e:ec:1a:fc:d8:5c:2c:ee:05:5d:d9:f3:91:15:09:05:eb:a2:
d7:af:db:b5:ad:46:d9:2f:d5:df:e1:ad:49:49:be:5d:f2:2f:
61:63:4b:f3:30:ce:7d:2e:7b:4e:cd:4b:22:bc:c8:cd:d9:28:
1e:3f:f8:23:f1:bf:b0:48:e4:7c:f8:4b:3d:5f:30:37:f0:3b:
d4:7b:d9:c3
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYVsXLKSH+Edpo18miBGhUY4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0ZjM4OTFjNzUyOGUxYzllZDA4YjJjYmUzZGMzNjA3YWZi
MzdhNGMwHhcNMjMwMTAxMDgwNDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZDMwOGM4YTEwNmU2ZTQ5M2E2Yzg5MTVhNjU3ZTdkZjBlMzYyNDJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3At5Lqsqp06WqEOy/zMaQGOrpT29
aeKc3pTXRtAXUUBEgfwa9PKf0llrjcmm87QJPyIT5eJ3tOrA8fCTODLT8D0SKPPL
s5XsVUVBTrNSkPLvJ5HG/11e6RDnrrU3f53gXXURP4nFEplP4yNRXbnaKJDu5s3E
Rkp+9nDhIkPaIV8dzcRx3PXRTt3hKQ3rTcMXtNLQT29Zo8nqOK9gf9AGr8/S6Z27
K6FYTfJt5i77HADZvgASptbhhCrxs7drqGl5zbi6LxSdl31b3A1bWzZhUVTKkzaI
PDZ78aSeIN5TgsoVESrl+83Ci0FG7Hfe3i3/b7L03w9j5aB/9qgTB9bPnQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFJ0wjIoQbm5JOmyJFaZX598ONiQuMB8GA1UdIwQY
MBaAFDTziRx1KOHJ7Qiyy+PcNgevs3pMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTlBPSkhIVW80Y250Q0xMTDQ5dzJCNi16ZWt3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OS8zZDY0MDctNzJkYS00NTY4LTg0M2Yt
Mzc2NDFlOTk5YjhkLzEvblRDTWloQnVia2s2YklrVnBsZm4zdzQySkM0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OS8zZDY0MDctNzJkYS00NTY4LTg0M2YtMzc2NDFlOTk5Yjhk
LzEvTlBPSkhIVW80Y250Q0xMTDQ5dzJCNi16ZWt3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhGkgDAN
BgkqhkiG9w0BAQsFAAOCAQEAYADVGmmp6p9nj6UzdQn1RPO/WfBbvOoeWdzwRjUS
fyACD+tMx/knDMk5JxRTCZdVEB6A/W3aGuaS9DP6dLbh4idIbEzHD79PvJR9FX3r
4ohZxQZk20Kxxigy2oQ+m4RHlEfAXOxnL42XLsW+w5ymYtApvlO2KOd7LEAEmzzf
VywxYbShoG6GGHkwMhtbsMA/3pG6FKDCcg7FBjXiBAqWIfdE9GUpKmaxBl3t/YYD
qEvmDV4MPuwa/NhcLO4FXdnzkRUJBeui16/bta1G2S/V3+GtSUm+XfIvYWNL8zDO
fS57Ts1LIrzIzdkoHj/4I/G/sEjkfPhLPV8wN/A71HvZww==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:03:35 2023 by rpki-client on console-ams.rpki-client.org