Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/tcM9p1ES0JeDW4Xw1rfZWYBagZs.roa
File: tcM9p1ES0JeDW4Xw1rfZWYBagZs.roa (raw, json)
Hash identifier: jCKOfjdrgiMlBTTc7T85X6xeWTdTBkI9eSLO2Bka+GE=
Subject key identifier: B5:C3:3D:A7:51:12:D0:97:83:5B:85:F0:D6:B7:D9:59:80:5A:81:9B
Certificate issuer: /CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Certificate serial: 018755CBFE2486E0E568A1A9DA9F634FA19F
Authority key identifier: B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/tcM9p1ES0JeDW4Xw1rfZWYBagZs.roa
Signing time: Thu 06 Apr 2023 09:00:44 +0000
ROA not before: Thu 06 Apr 2023 09:00:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60262
IP address blocks: 2a0f:30c0::/29 maxlen: 29
2a0f:3640::/29 maxlen: 29
2a0f:1740::/29 maxlen: 29
2a0f:2d40::/29 maxlen: 29
2a0f:27c0::/29 maxlen: 29
2a0f:32c0::/29 maxlen: 29
2a0f:1940::/29 maxlen: 29
2a06:6ec0::/29 maxlen: 29
2a0f:2f40::/29 maxlen: 29
2a0f:29c0::/29 maxlen: 29
2a0f:34c0::/29 maxlen: 29
2a0e:c740::/29 maxlen: 29
2a0f:15c0::/29 maxlen: 29
2a0e:ee80::/29 maxlen: 29
2a0f:35c0::/29 maxlen: 29
2a0f:16c0::/29 maxlen: 29
2a0e:a3c0::/29 maxlen: 29
2a0e:8780::/29 maxlen: 29
2a0f:3240::/29 maxlen: 29
2a0f:18c0::/29 maxlen: 29
2a0f:2940::/29 maxlen: 29
2a0f:2ec0::/29 maxlen: 29
2a0f:fc0::/29 maxlen: 29
2a0e:be80::/29 maxlen: 29
2a0f:3440::/29 maxlen: 29
2a0f:a40::/29 maxlen: 29
2a0f:1540::/29 maxlen: 29
2a0f:1ac0::/29 maxlen: 29
2a0f:1640::/29 maxlen: 29
2a0f:31c0::/29 maxlen: 29
2a0f:3740::/29 maxlen: 29
2a0f:1840::/29 maxlen: 29
2a0e:c180::/29 maxlen: 29
2a0e:a280::/29 maxlen: 29
2a0f:2e40::/29 maxlen: 29
2a0f:28c0::/29 maxlen: 29
2a0f:33c0::/29 maxlen: 29
2a0f:f40::/29 maxlen: 29
2a0f:1a40::/29 maxlen: 29
2a0f:14c0::/29 maxlen: 29
2a0f:1fc0::/29 maxlen: 29
2a0f:3040::/29 maxlen: 29
2a0e:a580::/29 maxlen: 29
2a0f:36c0::/29 maxlen: 29
2a0f:3140::/29 maxlen: 29
2a0f:17c0::/29 maxlen: 29
2a0f:2840::/29 maxlen: 29
2a0f:2dc0::/29 maxlen: 29
2a0e:8880::/29 maxlen: 29
2a0f:3340::/29 maxlen: 29
2a0e:bac0::/29 maxlen: 29
2a0e:6c40::/29 maxlen: 29
2a0f:19c0::/29 maxlen: 29
2a0f:2a40::/29 maxlen: 29
2a0f:3540::/29 maxlen: 29
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:55:cb:fe:24:86:e0:e5:68:a1:a9:da:9f:63:4f:a1:9f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Validity
Not Before: Apr 6 09:00:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b5c33da75112d097835b85f0d6b7d959805a819b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:ac:5d:cc:1e:5e:33:83:be:e1:3a:0f:80:09:
b4:7f:ee:e1:b9:be:35:04:47:74:0d:ef:19:d6:f2:
12:f9:f8:32:42:f8:b6:f4:48:9e:87:97:73:f8:5c:
38:c5:74:aa:07:d3:1a:e0:b0:77:33:63:97:1c:11:
50:6d:ce:ef:ee:f3:79:5d:ad:dd:8e:3b:13:2e:53:
05:51:c1:11:d0:90:33:69:c2:6c:ad:44:31:1c:5d:
fe:26:6c:18:64:8a:f0:f2:27:21:e0:60:77:91:b6:
23:3a:30:21:2d:5c:88:75:b7:31:7b:a2:ba:63:d3:
e8:0c:f1:d4:14:c2:fc:c9:3f:da:52:c0:ad:d8:bc:
a5:d4:5f:22:72:19:88:d8:bb:40:0c:65:51:b8:b0:
d5:d2:b6:5e:69:5d:a3:7f:40:57:9c:b1:3c:09:ca:
75:32:2b:80:5f:1c:9b:4c:fc:18:67:42:45:0b:be:
84:6b:46:7b:0d:26:40:aa:f2:09:eb:df:38:aa:f4:
8c:72:45:0c:d6:be:99:8b:95:1b:b8:be:bf:02:a1:
d4:37:31:2f:41:db:36:2c:bf:3b:11:64:52:ed:b7:
48:a6:65:cc:d8:d8:bc:ec:ef:7b:e0:b9:f8:d0:d0:
27:a9:fc:90:78:de:d0:37:39:85:6c:04:95:c6:b0:
86:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:C3:3D:A7:51:12:D0:97:83:5B:85:F0:D6:B7:D9:59:80:5A:81:9B
X509v3 Authority Key Identifier:
keyid:B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/tcM9p1ES0JeDW4Xw1rfZWYBagZs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:6ec0::/29
2a0e:6c40::/29
2a0e:8780::/29
2a0e:8880::/29
2a0e:a280::/29
2a0e:a3c0::/29
2a0e:a580::/29
2a0e:bac0::/29
2a0e:be80::/29
2a0e:c180::/29
2a0e:c740::/29
2a0e:ee80::/29
2a0f:a40::/29
2a0f:f40::/29
2a0f:fc0::/29
2a0f:14c0::/29
2a0f:1540::/29
2a0f:15c0::/29
2a0f:1640::/29
2a0f:16c0::/29
2a0f:1740::/29
2a0f:17c0::/29
2a0f:1840::/29
2a0f:18c0::/29
2a0f:1940::/29
2a0f:19c0::/29
2a0f:1a40::/29
2a0f:1ac0::/29
2a0f:1fc0::/29
2a0f:27c0::/29
2a0f:2840::/29
2a0f:28c0::/29
2a0f:2940::/29
2a0f:29c0::/29
2a0f:2a40::/29
2a0f:2d40::/29
2a0f:2dc0::/29
2a0f:2e40::/29
2a0f:2ec0::/29
2a0f:2f40::/29
2a0f:3040::/29
2a0f:30c0::/29
2a0f:3140::/29
2a0f:31c0::/29
2a0f:3240::/29
2a0f:32c0::/29
2a0f:3340::/29
2a0f:33c0::/29
2a0f:3440::/29
2a0f:34c0::/29
2a0f:3540::/29
2a0f:35c0::/29
2a0f:3640::/29
2a0f:36c0::/29
2a0f:3740::/29
Signature Algorithm: sha256WithRSAEncryption
00:21:18:93:6c:40:96:7d:65:49:f2:9e:3a:96:c2:24:38:05:
ae:95:19:e6:90:18:78:ff:da:d8:fa:6d:e2:c9:c5:1c:d0:45:
48:47:7e:68:f3:9c:5b:c6:76:aa:83:d0:2f:19:a2:2b:b4:7f:
67:d8:f4:ec:ce:83:23:94:80:b7:ee:b0:96:a2:aa:e7:be:d7:
85:e3:14:f7:84:f9:a3:c1:e8:e5:28:d4:c7:0d:50:12:bc:80:
e7:9d:21:5d:3d:c0:bf:1b:07:86:c1:5a:da:af:88:e4:3f:d2:
fa:5c:2a:02:2f:20:e1:39:2d:d1:ed:3e:ce:77:79:07:f9:95:
31:f2:c6:00:38:6d:fb:82:0f:87:f9:3f:9b:d4:f1:49:82:f3:
46:45:c2:cf:2f:a5:53:ec:27:26:83:61:b9:55:83:ad:41:99:
74:12:bf:a0:cb:99:9c:9c:10:07:ad:3c:7d:bc:49:40:fa:5d:
9d:c3:c3:7e:54:17:53:79:d6:8b:0d:a2:08:8a:4a:3f:f8:e2:
f6:72:aa:5b:96:b7:26:aa:ee:a3:48:82:67:0c:3d:6c:6a:88:
d9:5a:51:27:51:7e:84:bc:aa:9b:c7:29:bc:2d:73:75:b0:43:
94:03:55:1a:c8:f2:b3:0f:13:c8:68:9b:46:05:07:39:60:1e:
71:9a:36:1e
-----BEGIN CERTIFICATE-----
MIIGgjCCBWqgAwIBAgISAYdVy/4khuDlaKGp2p9jT6GfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxNTUwMDljM2RlNDIxY2M0ZTY3YjlhOWFlNDIzYmIzNWRl
MGI5MjYwHhcNMjMwNDA2MDkwMDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNWMzM2RhNzUxMTJkMDk3ODM1Yjg1ZjBkNmI3ZDk1OTgwNWE4MTliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjKxdzB5eM4O+4ToPgAm0f+7hub41
BEd0De8Z1vIS+fgyQvi29Eieh5dz+Fw4xXSqB9Ma4LB3M2OXHBFQbc7v7vN5Xa3d
jjsTLlMFUcER0JAzacJsrUQxHF3+JmwYZIrw8ich4GB3kbYjOjAhLVyIdbcxe6K6
Y9PoDPHUFML8yT/aUsCt2Lyl1F8ichmI2LtADGVRuLDV0rZeaV2jf0BXnLE8Ccp1
MiuAXxybTPwYZ0JFC76Ea0Z7DSZAqvIJ6984qvSMckUM1r6Zi5UbuL6/AqHUNzEv
Qds2LL87EWRS7bdIpmXM2Ni87O974Ln40NAnqfyQeN7QNzmFbASVxrCGfQIDAQAB
o4IDjjCCA4owHQYDVR0OBBYEFLXDPadREtCXg1uF8Na32VmAWoGbMB8GA1UdIwQY
MBaAFLFVAJw95CHMTme5qa5CO7Nd4LkmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYt
NzM4NTZhZjQ5ZjNlLzEvdGNNOXAxRVMwSmVEVzRYdzFyZlpXWUJhZ1pzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYtNzM4NTZhZjQ5ZjNl
LzEvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBogYIKwYBBQUHAQcBAf8EggGRMIIBjTCCAYkEAgACMIIB
gQMFAyoGbsADBQMqDmxAAwUDKg6HgAMFAyoOiIADBQMqDqKAAwUDKg6jwAMFAyoO
pYADBQMqDrrAAwUDKg6+gAMFAyoOwYADBQMqDsdAAwUDKg7ugAMFAyoPCkADBQMq
Dw9AAwUDKg8PwAMFAyoPFMADBQMqDxVAAwUDKg8VwAMFAyoPFkADBQMqDxbAAwUD
Kg8XQAMFAyoPF8ADBQMqDxhAAwUDKg8YwAMFAyoPGUADBQMqDxnAAwUDKg8aQAMF
AyoPGsADBQMqDx/AAwUDKg8nwAMFAyoPKEADBQMqDyjAAwUDKg8pQAMFAyoPKcAD
BQMqDypAAwUDKg8tQAMFAyoPLcADBQMqDy5AAwUDKg8uwAMFAyoPL0ADBQMqDzBA
AwUDKg8wwAMFAyoPMUADBQMqDzHAAwUDKg8yQAMFAyoPMsADBQMqDzNAAwUDKg8z
wAMFAyoPNEADBQMqDzTAAwUDKg81QAMFAyoPNcADBQMqDzZAAwUDKg82wAMFAyoP
N0AwDQYJKoZIhvcNAQELBQADggEBAAAhGJNsQJZ9ZUnynjqWwiQ4Ba6VGeaQGHj/
2tj6beLJxRzQRUhHfmjznFvGdqqD0C8Zoiu0f2fY9OzOgyOUgLfusJaique+14Xj
FPeE+aPB6OUo1McNUBK8gOedIV09wL8bB4bBWtqviOQ/0vpcKgIvIOE5LdHtPs53
eQf5lTHyxgA4bfuCD4f5P5vU8UmC80ZFws8vpVPsJyaDYblVg61BmXQSv6DLmZyc
EAetPH28SUD6XZ3Dw35UF1N51osNogiKSj/44vZyqluWtyaq7qNIgmcMPWxqiNla
USdRfoS8qpvHKbwtc3WwQ5QDVRrI8rMPE8hom0YFBzlgHnGaNh4=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:35:52 2024 by rpki-client on console-ams.rpki-client.org