Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/VDegibjc88E29xd4yDsroKW914o.roa
File: VDegibjc88E29xd4yDsroKW914o.roa (raw, json)
Hash identifier: Rt5DScfyGIGay6u9tC1Z1Hu/81fQOrmgEn4SjI5YEP8=
Subject key identifier: 54:37:A0:89:B8:DC:F3:C1:36:F7:17:78:C8:3B:2B:A0:A5:BD:D7:8A
Certificate issuer: /CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Certificate serial: 01871E319130EC76DDE5B52D5075E28F6130
Authority key identifier: B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/VDegibjc88E29xd4yDsroKW914o.roa
Signing time: Sun 26 Mar 2023 13:52:57 +0000
ROA not before: Sun 26 Mar 2023 13:52:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60262
IP address blocks: 2a0f:2b40::/29 maxlen: 29
2a0f:30c0::/29 maxlen: 29
2a0f:3640::/29 maxlen: 29
2a0f:1740::/29 maxlen: 29
2a0f:2240::/29 maxlen: 29
2a0f:2d40::/29 maxlen: 29
2a0f:27c0::/29 maxlen: 29
2a0f:32c0::/29 maxlen: 29
2a0f:1940::/29 maxlen: 29
2a06:6ec0::/29 maxlen: 29
2a0f:2f40::/29 maxlen: 29
2a0f:29c0::/29 maxlen: 29
2a0f:34c0::/29 maxlen: 29
2a0e:c740::/29 maxlen: 29
2a0f:15c0::/29 maxlen: 29
2a0e:ee80::/29 maxlen: 29
2a0f:35c0::/29 maxlen: 29
2a0f:16c0::/29 maxlen: 29
2a0f:21c0::/29 maxlen: 29
2a0e:a3c0::/29 maxlen: 29
2a0e:8780::/29 maxlen: 29
2a0f:2cc0::/29 maxlen: 29
2a0f:3240::/29 maxlen: 29
2a0f:18c0::/29 maxlen: 29
2a0f:2940::/29 maxlen: 29
2a0f:2ec0::/29 maxlen: 29
2a0f:fc0::/29 maxlen: 29
2a0e:be80::/29 maxlen: 29
2a0f:3440::/29 maxlen: 29
2a0f:a40::/29 maxlen: 29
2a0f:1540::/29 maxlen: 29
2a0f:1ac0::/29 maxlen: 29
2a0f:2040::/29 maxlen: 29
2a0f:1640::/29 maxlen: 29
2a0f:2140::/29 maxlen: 29
2a0f:2c40::/29 maxlen: 29
2a0f:31c0::/29 maxlen: 29
2a0f:3740::/29 maxlen: 29
2a0f:1840::/29 maxlen: 29
2a0e:c180::/29 maxlen: 29
2a0e:a280::/29 maxlen: 29
2a0f:2e40::/29 maxlen: 29
2a0f:28c0::/29 maxlen: 29
2a0f:33c0::/29 maxlen: 29
2a0f:f40::/29 maxlen: 29
2a0f:1a40::/29 maxlen: 29
2a0f:14c0::/29 maxlen: 29
2a0f:1fc0::/29 maxlen: 29
2a0f:3040::/29 maxlen: 29
2a0f:2ac0::/29 maxlen: 29
2a0e:a580::/29 maxlen: 29
2a0f:20c0::/29 maxlen: 29
2a0f:2bc0::/29 maxlen: 29
2a0f:36c0::/29 maxlen: 29
2a0f:3140::/29 maxlen: 29
2a0f:17c0::/29 maxlen: 29
2a0f:2840::/29 maxlen: 29
2a0f:2dc0::/29 maxlen: 29
2a0e:8880::/29 maxlen: 29
2a0f:3340::/29 maxlen: 29
2a0e:bac0::/29 maxlen: 29
2a0e:6c40::/29 maxlen: 29
2a0f:19c0::/29 maxlen: 29
2a0f:2a40::/29 maxlen: 29
2a0f:3540::/29 maxlen: 29
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:1e:31:91:30:ec:76:dd:e5:b5:2d:50:75:e2:8f:61:30
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Validity
Not Before: Mar 26 13:52:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5437a089b8dcf3c136f71778c83b2ba0a5bdd78a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:7e:fa:10:82:d7:d7:93:79:c3:7e:55:64:11:
81:04:1b:44:fc:19:26:87:8c:3d:7b:a7:73:13:f3:
0d:9b:bd:7c:b8:9c:e7:12:a8:f2:37:9a:8a:b8:ad:
02:cf:34:31:ae:06:9b:01:d5:34:66:29:f2:1d:2e:
9a:2a:49:4b:7d:d7:a7:06:4d:1f:0c:07:22:a8:68:
01:3c:d7:19:21:82:0e:4b:ad:fd:16:fa:04:59:0d:
ed:c1:4b:6c:f5:5d:e4:2e:ad:46:35:e2:a1:aa:bd:
94:ee:f3:1a:75:3e:49:fc:c6:14:56:f1:b4:01:a2:
57:fc:c0:f8:4a:e3:cb:ed:69:46:94:11:ce:d4:5e:
10:9a:25:c8:c3:68:a1:05:dc:d9:fc:52:e9:4c:13:
ff:6f:5e:ca:72:00:de:7c:d6:dd:e6:72:2b:b0:97:
b7:85:35:cf:55:a2:c1:61:98:71:7d:f2:bb:2d:a4:
a7:89:fe:5e:e3:f4:c8:31:93:71:4f:6d:fe:81:2e:
f3:5e:b6:f3:87:b9:b9:90:e8:7e:a5:c4:a2:b0:25:
81:d4:55:a1:c7:75:ff:9e:71:f6:33:0b:27:f9:3f:
e9:96:7b:73:0e:03:c9:b9:7f:eb:54:60:c5:e6:67:
55:db:53:09:2a:30:72:48:e5:ba:03:10:82:4f:fb:
f0:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:37:A0:89:B8:DC:F3:C1:36:F7:17:78:C8:3B:2B:A0:A5:BD:D7:8A
X509v3 Authority Key Identifier:
keyid:B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/VDegibjc88E29xd4yDsroKW914o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:6ec0::/29
2a0e:6c40::/29
2a0e:8780::/29
2a0e:8880::/29
2a0e:a280::/29
2a0e:a3c0::/29
2a0e:a580::/29
2a0e:bac0::/29
2a0e:be80::/29
2a0e:c180::/29
2a0e:c740::/29
2a0e:ee80::/29
2a0f:a40::/29
2a0f:f40::/29
2a0f:fc0::/29
2a0f:14c0::/29
2a0f:1540::/29
2a0f:15c0::/29
2a0f:1640::/29
2a0f:16c0::/29
2a0f:1740::/29
2a0f:17c0::/29
2a0f:1840::/29
2a0f:18c0::/29
2a0f:1940::/29
2a0f:19c0::/29
2a0f:1a40::/29
2a0f:1ac0::/29
2a0f:1fc0::/29
2a0f:2040::/29
2a0f:20c0::/29
2a0f:2140::/29
2a0f:21c0::/29
2a0f:2240::/29
2a0f:27c0::/29
2a0f:2840::/29
2a0f:28c0::/29
2a0f:2940::/29
2a0f:29c0::/29
2a0f:2a40::/29
2a0f:2ac0::/29
2a0f:2b40::/29
2a0f:2bc0::/29
2a0f:2c40::/29
2a0f:2cc0::/29
2a0f:2d40::/29
2a0f:2dc0::/29
2a0f:2e40::/29
2a0f:2ec0::/29
2a0f:2f40::/29
2a0f:3040::/29
2a0f:30c0::/29
2a0f:3140::/29
2a0f:31c0::/29
2a0f:3240::/29
2a0f:32c0::/29
2a0f:3340::/29
2a0f:33c0::/29
2a0f:3440::/29
2a0f:34c0::/29
2a0f:3540::/29
2a0f:35c0::/29
2a0f:3640::/29
2a0f:36c0::/29
2a0f:3740::/29
Signature Algorithm: sha256WithRSAEncryption
53:83:63:08:4b:72:d6:f0:fc:fc:03:e9:36:2c:9e:aa:72:a3:
9c:24:a7:17:90:84:f9:25:9b:2c:19:5a:06:bc:de:99:c1:ae:
b8:ba:5e:b9:19:d9:13:e9:83:a9:c2:cd:3e:2b:7b:e7:e0:cf:
1b:19:60:ba:a1:f7:80:a8:9f:65:d6:f6:75:76:91:f4:48:ab:
47:7f:91:d6:a1:88:98:0f:43:96:05:5a:04:61:01:fe:e1:d2:
3e:46:d6:27:84:97:25:24:b3:86:2f:ec:db:e0:c3:8e:96:46:
8f:33:df:9e:81:b4:f1:74:d9:48:f2:f6:f4:e4:cd:9d:44:b8:
51:fa:fa:b3:d7:c7:1d:87:d6:34:67:d3:6d:9b:c5:6f:be:22:
70:b6:f8:42:e6:54:23:95:51:20:74:0f:5a:b7:95:71:4e:67:
c5:b1:62:31:1f:a8:2c:59:7b:2e:cf:90:d9:aa:d0:0f:d4:5d:
fb:e1:0a:05:fd:97:85:2f:15:e6:6d:83:1e:f8:70:b2:03:db:
4e:dc:c8:32:c5:75:82:b4:51:7f:0c:b7:a6:0c:19:e5:ef:20:
66:a6:fe:03:4d:4c:de:c1:3e:ec:3d:11:05:9b:b6:28:d4:5b:
38:0f:57:fb:c8:6c:f1:85:54:ae:60:cb:f4:6c:66:5f:90:d8:
2e:d6:00:d8
-----BEGIN CERTIFICATE-----
MIIGyDCCBbCgAwIBAgISAYceMZEw7Hbd5bUtUHXij2EwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxNTUwMDljM2RlNDIxY2M0ZTY3YjlhOWFlNDIzYmIzNWRl
MGI5MjYwHhcNMjMwMzI2MTM1MjU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NDM3YTA4OWI4ZGNmM2MxMzZmNzE3NzhjODNiMmJhMGE1YmRkNzhhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsn76EILX15N5w35VZBGBBBtE/Bkm
h4w9e6dzE/MNm718uJznEqjyN5qKuK0CzzQxrgabAdU0ZinyHS6aKklLfdenBk0f
DAciqGgBPNcZIYIOS639FvoEWQ3twUts9V3kLq1GNeKhqr2U7vMadT5J/MYUVvG0
AaJX/MD4SuPL7WlGlBHO1F4QmiXIw2ihBdzZ/FLpTBP/b17KcgDefNbd5nIrsJe3
hTXPVaLBYZhxffK7LaSnif5e4/TIMZNxT23+gS7zXrbzh7m5kOh+pcSisCWB1FWh
x3X/nnH2Mwsn+T/plntzDgPJuX/rVGDF5mdV21MJKjBySOW6AxCCT/vwqwIDAQAB
o4ID1DCCA9AwHQYDVR0OBBYEFFQ3oIm43PPBNvcXeMg7K6ClvdeKMB8GA1UdIwQY
MBaAFLFVAJw95CHMTme5qa5CO7Nd4LkmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYt
NzM4NTZhZjQ5ZjNlLzEvVkRlZ2liamM4OEUyOXhkNHlEc3JvS1c5MTRvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYtNzM4NTZhZjQ5ZjNl
LzEvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIB6AYIKwYBBQUHAQcBAf8EggHXMIIB0zCCAc8EAgACMIIB
xwMFAyoGbsADBQMqDmxAAwUDKg6HgAMFAyoOiIADBQMqDqKAAwUDKg6jwAMFAyoO
pYADBQMqDrrAAwUDKg6+gAMFAyoOwYADBQMqDsdAAwUDKg7ugAMFAyoPCkADBQMq
Dw9AAwUDKg8PwAMFAyoPFMADBQMqDxVAAwUDKg8VwAMFAyoPFkADBQMqDxbAAwUD
Kg8XQAMFAyoPF8ADBQMqDxhAAwUDKg8YwAMFAyoPGUADBQMqDxnAAwUDKg8aQAMF
AyoPGsADBQMqDx/AAwUDKg8gQAMFAyoPIMADBQMqDyFAAwUDKg8hwAMFAyoPIkAD
BQMqDyfAAwUDKg8oQAMFAyoPKMADBQMqDylAAwUDKg8pwAMFAyoPKkADBQMqDyrA
AwUDKg8rQAMFAyoPK8ADBQMqDyxAAwUDKg8swAMFAyoPLUADBQMqDy3AAwUDKg8u
QAMFAyoPLsADBQMqDy9AAwUDKg8wQAMFAyoPMMADBQMqDzFAAwUDKg8xwAMFAyoP
MkADBQMqDzLAAwUDKg8zQAMFAyoPM8ADBQMqDzRAAwUDKg80wAMFAyoPNUADBQMq
DzXAAwUDKg82QAMFAyoPNsADBQMqDzdAMA0GCSqGSIb3DQEBCwUAA4IBAQBTg2MI
S3LW8Pz8A+k2LJ6qcqOcJKcXkIT5JZssGVoGvN6Zwa64ul65GdkT6YOpws0+K3vn
4M8bGWC6ofeAqJ9l1vZ1dpH0SKtHf5HWoYiYD0OWBVoEYQH+4dI+RtYnhJclJLOG
L+zb4MOOlkaPM9+egbTxdNlI8vb05M2dRLhR+vqz18cdh9Y0Z9Ntm8VvviJwtvhC
5lQjlVEgdA9at5VxTmfFsWIxH6gsWXsuz5DZqtAP1F374QoF/ZeFLxXmbYMe+HCy
A9tO3MgyxXWCtFF/DLemDBnl7yBmpv4DTUzewT7sPREFm7Yo1Fs4D1f7yGzxhVSu
YMv0bGZfkNgu1gDY
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:05:24 2023 by rpki-client on console-ams.rpki-client.org