Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a1/19c09a-d79a-4de4-8a86-4a685962f3e8/1/9GI0PtFSMXC20fuiCtEoHtrpkYs.roa
File: 9GI0PtFSMXC20fuiCtEoHtrpkYs.roa (raw, json)
Hash identifier: 7WPs/9X56YIfxXiODJ8LM5hzJxbDOiemKmh4HPF+qxI=
Subject key identifier: F4:62:34:3E:D1:52:31:70:B6:D1:FB:A2:0A:D1:28:1E:DA:E9:91:8B
Certificate issuer: /CN=eb500c9002321f03964583710b7baa4597341213
Certificate serial: 0A2D2013
Authority key identifier: EB:50:0C:90:02:32:1F:03:96:45:83:71:0B:7B:AA:45:97:34:12:13
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/61AMkAIyHwOWRYNxC3uqRZc0EhM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a1/19c09a-d79a-4de4-8a86-4a685962f3e8/1/9GI0PtFSMXC20fuiCtEoHtrpkYs.roa
Signing time: Sat 01 Jan 2022 04:57:09 +0000
ROA not before: Sat 01 Jan 2022 04:57:09 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 62200
IP address blocks: 2a09:f907::/32 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 170729491 (0xa2d2013)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=eb500c9002321f03964583710b7baa4597341213
Validity
Not Before: Jan 1 04:57:09 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f462343ed1523170b6d1fba20ad1281edae9918b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:25:c5:17:72:5c:31:8e:1a:4d:35:a9:e6:3b:
f3:36:c4:a1:d3:fe:7f:87:84:42:19:5a:e7:54:59:
6e:fc:32:9b:af:15:80:fb:56:1c:f8:0f:9c:a1:e1:
10:b5:54:64:27:0b:a3:1e:80:46:e3:0d:db:70:57:
b2:e9:81:0d:00:f4:aa:4c:88:a9:a5:3e:0b:42:09:
18:3a:d4:1e:61:18:d5:75:8e:ae:fe:41:99:22:99:
6d:9e:d5:c9:32:95:12:c1:ef:66:81:c6:1e:51:ec:
b7:19:0f:88:eb:3e:c2:97:5d:5c:79:45:6f:da:99:
b3:1b:af:17:42:33:f4:d6:02:be:df:c8:71:a1:ae:
27:99:82:df:a7:ef:cd:fb:22:7c:15:cd:6e:e7:d6:
83:2b:18:d9:f9:1e:bc:67:4d:67:d8:6a:96:6d:1a:
c5:3b:39:66:30:ca:6c:88:a6:e3:26:dd:4a:73:63:
52:c3:4b:be:d7:b7:50:3e:ba:b6:97:8e:37:56:1a:
25:99:68:c7:92:4a:bf:54:9b:dd:0b:0c:31:81:60:
bb:34:26:17:41:2f:4d:8a:1c:e1:5d:ac:22:f8:5f:
ef:86:12:fc:69:46:5d:6a:4c:0c:00:11:47:76:e0:
b0:dd:11:ec:03:2e:23:d4:f6:8f:a8:fa:e6:f3:a5:
8f:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:62:34:3E:D1:52:31:70:B6:D1:FB:A2:0A:D1:28:1E:DA:E9:91:8B
X509v3 Authority Key Identifier:
keyid:EB:50:0C:90:02:32:1F:03:96:45:83:71:0B:7B:AA:45:97:34:12:13
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/61AMkAIyHwOWRYNxC3uqRZc0EhM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/19c09a-d79a-4de4-8a86-4a685962f3e8/1/9GI0PtFSMXC20fuiCtEoHtrpkYs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/19c09a-d79a-4de4-8a86-4a685962f3e8/1/61AMkAIyHwOWRYNxC3uqRZc0EhM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a09:f907::/32
Signature Algorithm: sha256WithRSAEncryption
28:dd:d5:cd:f7:88:6f:8f:4c:ec:c0:12:ce:91:fc:1f:2d:d0:
c7:1c:6d:78:b4:72:a3:5b:46:b8:10:30:4f:e1:9d:2e:31:ee:
7f:b6:3a:cf:b9:63:0a:67:4d:59:7a:e9:8b:d8:59:ba:03:97:
31:39:cc:da:c8:dc:33:bc:79:4f:2f:16:cd:06:9a:6f:20:ab:
1c:de:c6:ca:f0:de:20:06:04:b6:91:bc:78:23:65:a3:a9:76:
df:73:a0:d2:85:99:41:c6:02:62:61:36:e4:dc:f8:ee:5b:75:
fe:67:a1:28:00:2d:7e:1c:62:b3:10:e0:e8:1c:2b:b2:b7:c8:
2f:21:c4:9a:3c:4f:06:4d:93:90:c3:c5:f8:1f:27:0f:62:32:
9f:68:d1:42:c3:b2:6e:64:2f:fb:83:02:11:aa:5f:9e:b7:27:
d1:45:56:70:f8:32:59:43:2e:dc:b1:03:69:5f:3f:78:86:c3:
9c:3c:8e:33:77:cd:f6:7e:12:33:44:6e:23:a8:24:aa:5e:3e:
02:aa:49:e9:db:ba:70:6e:17:06:f3:03:1e:df:dc:af:3e:96:
af:0d:80:23:f5:df:d6:cd:16:7c:8a:98:7b:b2:56:47:4a:a1:
d7:e6:d0:1e:32:46:5d:ef:cb:56:aa:42:44:df:4f:12:1b:da:
bf:79:bc:45
-----BEGIN CERTIFICATE-----
MIIE8DCCA9igAwIBAgIECi0gEzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
YjUwMGM5MDAyMzIxZjAzOTY0NTgzNzEwYjdiYWE0NTk3MzQxMjEzMB4XDTIyMDEw
MTA0NTcwOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZjQ2MjM0M2VkMTUy
MzE3MGI2ZDFmYmEyMGFkMTI4MWVkYWU5OTE4YjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANMlxRdyXDGOGk01qeY78zbEodP+f4eEQhla51RZbvwym68V
gPtWHPgPnKHhELVUZCcLox6ARuMN23BXsumBDQD0qkyIqaU+C0IJGDrUHmEY1XWO
rv5BmSKZbZ7VyTKVEsHvZoHGHlHstxkPiOs+wpddXHlFb9qZsxuvF0Iz9NYCvt/I
caGuJ5mC36fvzfsifBXNbufWgysY2fkevGdNZ9hqlm0axTs5ZjDKbIim4ybdSnNj
UsNLvte3UD66tpeON1YaJZlox5JKv1Sb3QsMMYFguzQmF0EvTYoc4V2sIvhf74YS
/GlGXWpMDAARR3bgsN0R7AMuI9T2j6j65vOljycCAwEAAaOCAgowggIGMB0GA1Ud
DgQWBBT0YjQ+0VIxcLbR+6IK0Sge2umRizAfBgNVHSMEGDAWgBTrUAyQAjIfA5ZF
g3ELe6pFlzQSEzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzYxQU1rQUl5SHdPV1JZTnhDM3VxUlpjMEVoTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYTEvMTljMDlhLWQ3OWEtNGRlNC04YTg2LTRhNjg1OTYyZjNlOC8x
LzlHSTBQdEZTTVhDMjBmdWlDdEVvSHRycGtZcy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTEv
MTljMDlhLWQ3OWEtNGRlNC04YTg2LTRhNjg1OTYyZjNlOC8xLzYxQU1rQUl5SHdP
V1JZTnhDM3VxUlpjMEVoTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAg
BggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACoJ+QcwDQYJKoZIhvcNAQELBQAD
ggEBACjd1c33iG+PTOzAEs6R/B8t0MccbXi0cqNbRrgQME/hnS4x7n+2Os+5Ywpn
TVl66YvYWboDlzE5zNrI3DO8eU8vFs0Gmm8gqxzexsrw3iAGBLaRvHgjZaOpdt9z
oNKFmUHGAmJhNuTc+O5bdf5noSgALX4cYrMQ4OgcK7K3yC8hxJo8TwZNk5DDxfgf
Jw9iMp9o0ULDsm5kL/uDAhGqX563J9FFVnD4MllDLtyxA2lfP3iGw5w8jjN3zfZ+
EjNEbiOoJKpePgKqSenbunBuFwbzAx7f3K8+lq8NgCP139bNFnyKmHuyVkdKodfm
0B4yRl3vy1aqQkTfTxIb2r95vEU=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:35:54 2024 by rpki-client on console-ams.rpki-client.org