Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9d/c44cb0-119d-47a6-aedd-9e8fc34fc3f2/1/QaeAIBy5pgvt6TYiapwG2ErccMM.roa
File: QaeAIBy5pgvt6TYiapwG2ErccMM.roa (raw, json)
Hash identifier: zpavQcjZjomHsSoFIioSxI2MKtt3kzj9yFUKWmxqlc0=
Subject key identifier: 41:A7:80:20:1C:B9:A6:0B:ED:E9:36:22:6A:9C:06:D8:4A:DC:70:C3
Certificate issuer: /CN=7088b623105722db5289e409ae4a8c079d4f3938
Certificate serial: 018571FA22087AD385A98CCFE53A583E1B95
Authority key identifier: 70:88:B6:23:10:57:22:DB:52:89:E4:09:AE:4A:8C:07:9D:4F:39:38
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cIi2IxBXIttSieQJrkqMB51POTg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9d/c44cb0-119d-47a6-aedd-9e8fc34fc3f2/1/QaeAIBy5pgvt6TYiapwG2ErccMM.roa
Signing time: Mon 02 Jan 2023 10:14:56 +0000
ROA not before: Mon 02 Jan 2023 10:14:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204790
IP address blocks: 2a11:dd80::/29 maxlen: 29
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:fa:22:08:7a:d3:85:a9:8c:cf:e5:3a:58:3e:1b:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7088b623105722db5289e409ae4a8c079d4f3938
Validity
Not Before: Jan 2 10:14:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=41a780201cb9a60bede936226a9c06d84adc70c3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:4b:a7:39:cd:89:50:e5:d7:97:c5:07:4c:ac:
f8:97:75:67:c4:39:cd:a9:a8:77:88:1f:76:51:62:
72:61:2b:35:d9:28:37:15:7c:7d:3e:12:3b:99:f1:
44:83:14:d1:74:1e:0e:3a:1b:11:e2:3c:6e:6d:4b:
02:83:4a:a5:7a:de:54:ea:17:e7:a5:04:1e:3b:a2:
df:a2:ff:27:1e:11:84:9a:05:98:40:9f:88:23:0c:
46:48:da:14:d9:1c:48:f5:aa:98:d8:18:eb:92:92:
ad:b3:15:16:5c:c5:96:ca:2a:08:05:f5:04:c2:9a:
6e:be:e0:31:53:01:15:91:7b:8a:43:9f:28:c9:64:
9a:0a:5a:28:ca:35:1b:16:b9:47:75:a6:e4:06:3d:
e1:e0:0e:e2:e8:07:8a:b1:a4:41:c5:4c:73:47:02:
df:43:60:3f:05:eb:32:47:41:9b:ee:61:23:95:4f:
e0:71:c5:8d:24:4e:6a:8a:d5:7a:4d:d0:43:59:0a:
ae:c1:f6:21:94:aa:8b:13:85:c7:d9:c8:89:e8:f2:
98:3b:25:81:7b:8c:78:4c:42:db:07:69:42:24:58:
1f:80:03:12:f5:1a:59:f1:f0:89:e7:5f:0e:cd:52:
76:44:bd:7a:cd:b9:1e:5a:e1:49:14:c3:64:b3:19:
d8:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:A7:80:20:1C:B9:A6:0B:ED:E9:36:22:6A:9C:06:D8:4A:DC:70:C3
X509v3 Authority Key Identifier:
keyid:70:88:B6:23:10:57:22:DB:52:89:E4:09:AE:4A:8C:07:9D:4F:39:38
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cIi2IxBXIttSieQJrkqMB51POTg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/c44cb0-119d-47a6-aedd-9e8fc34fc3f2/1/QaeAIBy5pgvt6TYiapwG2ErccMM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/c44cb0-119d-47a6-aedd-9e8fc34fc3f2/1/cIi2IxBXIttSieQJrkqMB51POTg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:dd80::/29
Signature Algorithm: sha256WithRSAEncryption
12:da:c7:4a:34:cb:61:2b:14:77:96:37:00:0c:19:00:e1:ce:
c5:38:70:57:d5:a4:9a:8b:c8:7e:1a:77:31:76:b2:2d:e5:5c:
3f:1c:73:07:6b:f7:55:e7:99:a5:44:d1:37:83:59:db:4d:eb:
d1:fc:88:f8:ed:ae:13:3b:87:7e:94:4a:a2:60:15:2d:a7:ab:
97:d5:23:94:ed:d5:34:a1:cd:16:1d:c0:2b:3d:04:42:63:c5:
fd:ea:f0:00:4a:17:32:b8:c8:43:5c:5e:77:2f:22:7b:22:99:
da:1d:04:ba:65:95:52:be:47:2f:33:38:6a:7c:b1:e3:c8:5a:
7b:63:d5:c1:17:c4:72:94:85:bf:4c:51:0a:b3:38:fa:a0:f0:
f1:08:c2:15:96:82:56:02:a8:f0:36:a3:58:1a:5e:e5:7b:be:
91:11:1d:08:1f:fb:6b:6d:a0:d2:23:36:8e:93:99:1f:97:bf:
72:80:0e:8b:90:5e:7e:49:3e:a4:3c:3c:61:18:f0:70:2a:ef:
e1:e2:25:8c:35:b0:d3:88:01:40:d0:40:8a:a1:43:89:d1:8b:
b1:c9:51:41:84:2a:f1:d7:89:5b:7f:97:84:60:d9:6e:83:00:
09:89:e4:76:19:71:92:af:5b:51:82:9b:b6:fb:41:3f:e6:d8:
c7:f9:7e:c9
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYVx+iIIetOFqYzP5TpYPhuVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcwODhiNjIzMTA1NzIyZGI1Mjg5ZTQwOWFlNGE4YzA3OWQ0
ZjM5MzgwHhcNMjMwMTAyMTAxNDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MWE3ODAyMDFjYjlhNjBiZWRlOTM2MjI2YTljMDZkODRhZGM3MGMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAikunOc2JUOXXl8UHTKz4l3VnxDnN
qah3iB92UWJyYSs12Sg3FXx9PhI7mfFEgxTRdB4OOhsR4jxubUsCg0qlet5U6hfn
pQQeO6Lfov8nHhGEmgWYQJ+IIwxGSNoU2RxI9aqY2BjrkpKtsxUWXMWWyioIBfUE
wppuvuAxUwEVkXuKQ58oyWSaClooyjUbFrlHdabkBj3h4A7i6AeKsaRBxUxzRwLf
Q2A/BesyR0Gb7mEjlU/gccWNJE5qitV6TdBDWQquwfYhlKqLE4XH2ciJ6PKYOyWB
e4x4TELbB2lCJFgfgAMS9RpZ8fCJ518OzVJ2RL16zbkeWuFJFMNksxnYFwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFEGngCAcuaYL7ek2ImqcBthK3HDDMB8GA1UdIwQY
MBaAFHCItiMQVyLbUonkCa5KjAedTzk4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY0lpMkl4QlhJdHRTaWVRSnJrcU1CNTFQT1RnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZC9jNDRjYjAtMTE5ZC00N2E2LWFlZGQt
OWU4ZmMzNGZjM2YyLzEvUWFlQUlCeTVwZ3Z0NlRZaWFwd0cyRXJjY01NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZC9jNDRjYjAtMTE5ZC00N2E2LWFlZGQtOWU4ZmMzNGZjM2Yy
LzEvY0lpMkl4QlhJdHRTaWVRSnJrcU1CNTFQT1RnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhHdgDAN
BgkqhkiG9w0BAQsFAAOCAQEAEtrHSjTLYSsUd5Y3AAwZAOHOxThwV9WkmovIfhp3
MXayLeVcPxxzB2v3VeeZpUTRN4NZ203r0fyI+O2uEzuHfpRKomAVLaerl9UjlO3V
NKHNFh3AKz0EQmPF/erwAEoXMrjIQ1xedy8ieyKZ2h0EumWVUr5HLzM4anyx48ha
e2PVwRfEcpSFv0xRCrM4+qDw8QjCFZaCVgKo8DajWBpe5Xu+kREdCB/7a22g0iM2
jpOZH5e/coAOi5Befkk+pDw8YRjwcCrv4eIljDWw04gBQNBAiqFDidGLsclRQYQq
8deJW3+XhGDZboMACYnkdhlxkq9bUYKbtvtBP+bYx/l+yQ==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:00:03 2023 by rpki-client on console-fra.rpki-client.org