Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/t9qHIRCMlAZoRIf4OR8Qyp9aRlg.roa
File: t9qHIRCMlAZoRIf4OR8Qyp9aRlg.roa (raw, json)
Hash identifier: ZYAGwqxAqNKGz1otmqXmPjh/dw/SN3zCLbYB8LuZMMY=
Subject key identifier: B7:DA:87:21:10:8C:94:06:68:44:87:F8:39:1F:10:CA:9F:5A:46:58
Certificate issuer: /CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Certificate serial: 19F41265
Authority key identifier: B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/t9qHIRCMlAZoRIf4OR8Qyp9aRlg.roa
Signing time: Sat 01 Jan 2022 15:56:59 +0000
ROA not before: Sat 01 Jan 2022 15:56:59 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 399975
IP address blocks: 2a0f:2940::/29 maxlen: 29
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 435425893 (0x19f41265)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Validity
Not Before: Jan 1 15:56:59 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b7da8721108c9406684487f8391f10ca9f5a4658
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:23:5e:d2:25:3b:e3:68:7b:0a:3e:c4:a0:ce:
6d:53:bf:27:69:5c:fc:12:5a:e9:f7:cc:3e:50:af:
c4:57:d3:57:93:f7:9f:1c:2a:8a:fb:19:cd:94:00:
92:e2:74:80:4f:2a:c0:c1:16:7b:23:e8:f7:d2:af:
3a:4a:30:4a:bd:b6:d0:d2:40:b1:03:1a:ff:1e:d1:
b4:de:3a:51:09:05:1d:88:f4:2f:3e:09:7e:54:f5:
19:6b:cd:56:a2:f8:3a:4f:8f:0e:ae:39:78:8d:0d:
d2:ae:35:8b:93:e0:5e:e2:78:18:9a:29:f4:d4:fb:
a0:8f:fc:0d:36:5a:1c:a3:57:f1:71:97:db:83:b4:
a9:e5:78:16:80:79:78:24:3e:e2:b7:f6:4c:87:9c:
ca:1e:2e:dc:92:c5:8c:47:9a:b2:fa:cf:51:9d:f9:
fe:ce:06:9c:3d:30:d5:8e:04:06:ab:5e:0f:b2:b0:
f1:95:87:95:ef:cb:e5:b4:e6:88:61:9a:0d:96:b0:
e5:57:55:43:11:bd:a7:8e:db:cb:d7:2a:3a:94:88:
0e:57:4d:48:16:40:c4:92:e0:d4:af:7a:38:c8:75:
4e:92:ae:4d:bf:f0:dc:14:b6:49:7b:85:b3:09:af:
5a:0c:82:cb:86:51:60:08:11:4c:46:53:65:29:11:
93:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:DA:87:21:10:8C:94:06:68:44:87:F8:39:1F:10:CA:9F:5A:46:58
X509v3 Authority Key Identifier:
keyid:B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/t9qHIRCMlAZoRIf4OR8Qyp9aRlg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:2940::/29
Signature Algorithm: sha256WithRSAEncryption
14:14:e7:d3:2f:f9:a9:b2:dc:c6:1a:b8:b0:f5:70:41:47:ff:
ab:57:fb:c9:4f:a0:99:fe:0d:d1:eb:42:c3:a2:29:8c:8c:ac:
26:4f:bb:46:4b:7c:72:dd:73:ea:78:59:1c:2e:1a:51:90:9b:
ac:51:12:b3:b2:7a:81:7f:93:78:1c:36:02:9a:f6:0c:9a:e4:
45:a7:8a:1f:59:9f:ed:9d:13:fe:39:a1:b7:62:39:ed:53:72:
a7:cd:19:11:d5:95:58:c7:46:4b:64:b1:5b:fd:bf:4e:6b:da:
e3:a4:99:1c:f9:c8:26:6f:e3:60:56:62:f6:ee:6e:70:40:46:
65:c7:0f:a4:a7:3b:82:ad:2d:53:ea:ac:c2:bb:16:2c:28:9d:
d7:cb:9d:19:0e:a1:ed:39:fb:68:f6:21:3a:9c:f4:40:0b:12:
d8:5a:05:54:ca:da:16:46:16:80:b3:ce:68:1b:25:7f:68:de:
6c:4f:f1:7c:e8:1a:2e:f3:b4:b5:11:d3:89:78:b7:6b:e6:98:
8e:42:13:89:fe:dd:76:96:01:c0:55:46:5f:9e:2f:42:c3:2a:
31:14:11:a8:05:0a:92:3b:c5:bb:40:b1:46:2c:6a:98:a9:a6:
8f:f2:38:c3:52:00:19:93:74:b5:82:82:5a:d3:c2:92:75:0e:
c4:2b:61:b1
-----BEGIN CERTIFICATE-----
MIIE8DCCA9igAwIBAgIEGfQSZTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
MTU1MDA5YzNkZTQyMWNjNGU2N2I5YTlhZTQyM2JiMzVkZTBiOTI2MB4XDTIyMDEw
MTE1NTY1OVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYjdkYTg3MjExMDhj
OTQwNjY4NDQ4N2Y4MzkxZjEwY2E5ZjVhNDY1ODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK4jXtIlO+Noewo+xKDObVO/J2lc/BJa6ffMPlCvxFfTV5P3
nxwqivsZzZQAkuJ0gE8qwMEWeyPo99KvOkowSr220NJAsQMa/x7RtN46UQkFHYj0
Lz4JflT1GWvNVqL4Ok+PDq45eI0N0q41i5PgXuJ4GJop9NT7oI/8DTZaHKNX8XGX
24O0qeV4FoB5eCQ+4rf2TIecyh4u3JLFjEeasvrPUZ35/s4GnD0w1Y4EBqteD7Kw
8ZWHle/L5bTmiGGaDZaw5VdVQxG9p47by9cqOpSIDldNSBZAxJLg1K96OMh1TpKu
Tb/w3BS2SXuFswmvWgyCy4ZRYAgRTEZTZSkRk88CAwEAAaOCAgowggIGMB0GA1Ud
DgQWBBS32ochEIyUBmhEh/g5HxDKn1pGWDAfBgNVHSMEGDAWgBSxVQCcPeQhzE5n
uamuQjuzXeC5JjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3NWVUFuRDNrSWN4T1o3bXBya0k3czEzZ3VTWS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYTAvZGU5MDJjLTNkMTMtNDdkMS1hNWU2LTczODU2YWY0OWYzZS8x
L3Q5cUhJUkNNbEFab1JJZjRPUjhReXA5YVJsZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTAv
ZGU5MDJjLTNkMTMtNDdkMS1hNWU2LTczODU2YWY0OWYzZS8xL3NWVUFuRDNrSWN4
T1o3bXBya0k3czEzZ3VTWS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAg
BggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFAyoPKUAwDQYJKoZIhvcNAQELBQAD
ggEBABQU59Mv+amy3MYauLD1cEFH/6tX+8lPoJn+DdHrQsOiKYyMrCZPu0ZLfHLd
c+p4WRwuGlGQm6xRErOyeoF/k3gcNgKa9gya5EWnih9Zn+2dE/45obdiOe1TcqfN
GRHVlVjHRktksVv9v05r2uOkmRz5yCZv42BWYvbubnBARmXHD6SnO4KtLVPqrMK7
FiwondfLnRkOoe05+2j2ITqc9EALEthaBVTK2hZGFoCzzmgbJX9o3mxP8XzoGi7z
tLUR04l4t2vmmI5CE4n+3XaWAcBVRl+eL0LDKjEUEagFCpI7xbtAsUYsapippo/y
OMNSABmTdLWCglrTwpJ1DsQrYbE=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:35:52 2024 by rpki-client on console-ams.rpki-client.org