Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/hk51lVJudZtNWkuqPiI__3giceE.roa
File: hk51lVJudZtNWkuqPiI__3giceE.roa (raw, json)
Hash identifier: SGG517Y1JfYdD+HgphMp7sGbErGHxU2MPgWXB78FAsU=
Subject key identifier: 86:4E:75:95:52:6E:75:9B:4D:5A:4B:AA:3E:22:3F:FF:78:22:71:E1
Certificate issuer: /CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Certificate serial: 1A065D58
Authority key identifier: B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/hk51lVJudZtNWkuqPiI__3giceE.roa
Signing time: Fri 07 Jan 2022 06:35:44 +0000
ROA not before: Fri 07 Jan 2022 06:35:44 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 210662
IP address blocks: 2a0e:8880::/29 maxlen: 29
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 436624728 (0x1a065d58)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Validity
Not Before: Jan 7 06:35:44 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=864e7595526e759b4d5a4baa3e223fff782271e1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:45:d8:6d:21:af:cc:49:1a:5e:e7:fb:15:6a:
76:41:d0:5d:7c:fd:5c:a8:eb:57:a5:72:92:e9:a2:
84:ef:4a:2a:c6:22:e9:9f:61:ba:48:1b:aa:b2:fe:
29:72:3e:8a:6f:1e:88:f0:c9:6f:d2:2e:44:06:d0:
cf:b2:9f:30:40:6f:db:a2:9a:bf:5f:fb:c3:38:b6:
60:ac:bb:91:e1:d8:82:43:dc:c8:a9:0d:f4:26:35:
0b:be:b3:59:3d:55:91:f3:a8:0b:50:89:61:22:2e:
98:ac:be:88:c2:d8:0f:68:85:be:52:e7:a6:25:86:
90:e6:e9:88:dd:99:cf:f7:fb:22:79:9a:eb:ca:90:
13:25:1b:14:4b:c5:79:68:54:0c:82:7f:cc:c7:87:
23:de:e0:85:81:d9:5f:b9:d9:b8:9c:27:e2:1c:c6:
6e:96:3e:6e:2f:48:02:73:df:fb:9e:57:61:f5:50:
0d:19:bd:f8:28:e9:7f:28:ff:20:30:1c:e9:b2:f4:
d9:41:d7:e2:b8:e3:46:2c:9e:90:f1:e5:b9:04:cd:
b8:d8:37:bc:ac:ed:18:fe:aa:73:28:6d:4d:f4:3c:
ed:a2:16:49:9c:f3:af:65:1c:d0:b1:16:2f:0e:df:
14:ce:91:9d:db:9e:79:fc:81:b8:d0:62:12:81:45:
de:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:4E:75:95:52:6E:75:9B:4D:5A:4B:AA:3E:22:3F:FF:78:22:71:E1
X509v3 Authority Key Identifier:
keyid:B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/hk51lVJudZtNWkuqPiI__3giceE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:8880::/29
Signature Algorithm: sha256WithRSAEncryption
60:d2:48:9f:9f:20:eb:83:06:5f:99:91:d9:b3:6e:06:f4:2c:
9c:a4:0f:fa:5b:26:d3:85:0a:90:b5:f5:f7:f5:ac:43:fa:09:
88:b3:6a:fb:d8:74:ee:a4:0a:f4:3d:9e:50:11:9b:b3:75:e6:
a0:55:04:da:00:a2:d4:a6:ff:45:96:14:77:b1:fd:54:5c:eb:
b2:58:22:f1:09:02:52:9d:c8:cc:e5:ac:3e:b5:b7:1b:dc:2f:
21:14:93:2d:d2:58:46:b2:88:8d:aa:9a:de:df:f2:9c:e5:b5:
26:ce:8f:25:82:76:09:dd:bc:84:83:cb:01:ca:c0:78:06:7b:
45:4f:0d:79:a6:10:ba:48:e1:cd:56:57:c6:e9:34:41:83:04:
bc:0d:13:6f:dd:11:10:5b:88:9f:77:30:c6:07:90:fe:c2:e3:
bc:36:57:29:43:05:05:0a:b1:c6:26:bb:a1:12:10:f8:a1:df:
9a:de:ea:2d:22:51:eb:dd:c8:3d:c2:25:ae:a4:61:54:a4:58:
d0:ff:7a:19:79:1f:87:97:45:05:87:12:ac:12:5c:4a:cc:8e:
cb:49:4e:dc:5a:c8:e1:b1:ad:de:62:d6:6e:94:23:e8:37:84:
f8:26:df:06:0d:1d:31:a1:f0:10:df:32:0c:4e:ce:b1:62:72:
2a:9a:75:e1
-----BEGIN CERTIFICATE-----
MIIE8DCCA9igAwIBAgIEGgZdWDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
MTU1MDA5YzNkZTQyMWNjNGU2N2I5YTlhZTQyM2JiMzVkZTBiOTI2MB4XDTIyMDEw
NzA2MzU0NFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoODY0ZTc1OTU1MjZl
NzU5YjRkNWE0YmFhM2UyMjNmZmY3ODIyNzFlMTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALxF2G0hr8xJGl7n+xVqdkHQXXz9XKjrV6VykumihO9KKsYi
6Z9hukgbqrL+KXI+im8eiPDJb9IuRAbQz7KfMEBv26Kav1/7wzi2YKy7keHYgkPc
yKkN9CY1C76zWT1VkfOoC1CJYSIumKy+iMLYD2iFvlLnpiWGkObpiN2Zz/f7Inma
68qQEyUbFEvFeWhUDIJ/zMeHI97ghYHZX7nZuJwn4hzGbpY+bi9IAnPf+55XYfVQ
DRm9+Cjpfyj/IDAc6bL02UHX4rjjRiyekPHluQTNuNg3vKztGP6qcyhtTfQ87aIW
SZzzr2Uc0LEWLw7fFM6RndueefyBuNBiEoFF3vsCAwEAAaOCAgowggIGMB0GA1Ud
DgQWBBSGTnWVUm51m01aS6o+Ij//eCJx4TAfBgNVHSMEGDAWgBSxVQCcPeQhzE5n
uamuQjuzXeC5JjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3NWVUFuRDNrSWN4T1o3bXBya0k3czEzZ3VTWS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYTAvZGU5MDJjLTNkMTMtNDdkMS1hNWU2LTczODU2YWY0OWYzZS8x
L2hrNTFsVkp1ZFp0TldrdXFQaUlfXzNnaWNlRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTAv
ZGU5MDJjLTNkMTMtNDdkMS1hNWU2LTczODU2YWY0OWYzZS8xL3NWVUFuRDNrSWN4
T1o3bXBya0k3czEzZ3VTWS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAg
BggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFAyoOiIAwDQYJKoZIhvcNAQELBQAD
ggEBAGDSSJ+fIOuDBl+Zkdmzbgb0LJykD/pbJtOFCpC19ff1rEP6CYizavvYdO6k
CvQ9nlARm7N15qBVBNoAotSm/0WWFHex/VRc67JYIvEJAlKdyMzlrD61txvcLyEU
ky3SWEayiI2qmt7f8pzltSbOjyWCdgndvISDywHKwHgGe0VPDXmmELpI4c1WV8bp
NEGDBLwNE2/dERBbiJ93MMYHkP7C47w2VylDBQUKscYmu6ESEPih35re6i0iUevd
yD3CJa6kYVSkWND/ehl5H4eXRQWHEqwSXErMjstJTtxayOGxrd5i1m6UI+g3hPgm
3wYNHTGh8BDfMgxOzrFiciqadeE=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:47:52 2024 by rpki-client on console-fra.rpki-client.org