Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/3c034f-c243-4a88-9070-6879cc26d7b6/1/AQOi8QKsZz_B5un0p7e6XzDHnNE.roa
File: AQOi8QKsZz_B5un0p7e6XzDHnNE.roa (raw, json)
Hash identifier: OYnvhGob/ToM0UqIlUNbEfI2hzmlrxbSbBuB97PcaHA=
Subject key identifier: 01:03:A2:F1:02:AC:67:3F:C1:E6:E9:F4:A7:B7:BA:5F:30:C7:9C:D1
Certificate issuer: /CN=9c3cfcde13b660b5c831dafbe1bfbf68df9fbe39
Certificate serial: 018FEEC521F664FC16333A78577BDDA34F0E
Authority key identifier: 9C:3C:FC:DE:13:B6:60:B5:C8:31:DA:FB:E1:BF:BF:68:DF:9F:BE:39
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nDz83hO2YLXIMdr74b-_aN-fvjk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a2/3c034f-c243-4a88-9070-6879cc26d7b6/1/AQOi8QKsZz_B5un0p7e6XzDHnNE.roa
Signing time: Thu 06 Jun 2024 18:17:27 +0000
ROA not before: Thu 06 Jun 2024 18:17:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215427
IP address blocks: 2a14:5740::/29 maxlen: 29
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:ee:c5:21:f6:64:fc:16:33:3a:78:57:7b:dd:a3:4f:0e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9c3cfcde13b660b5c831dafbe1bfbf68df9fbe39
Validity
Not Before: Jun 6 18:17:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0103a2f102ac673fc1e6e9f4a7b7ba5f30c79cd1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:f8:75:f7:c7:c6:c8:b1:bb:ad:77:b4:0a:e0:
8d:0b:b9:02:10:42:09:30:db:57:0f:3b:7d:ab:06:
b1:1c:b2:69:b3:51:07:ee:e2:42:95:c1:4b:57:30:
a7:4c:c0:e2:97:28:32:a4:e0:05:b2:be:9e:59:db:
0d:62:eb:76:72:de:69:9f:1c:fe:26:4f:98:cf:de:
da:56:d1:8d:fa:cb:4b:d3:1c:ec:9f:10:7e:5c:87:
5f:68:88:c8:41:bb:5e:b4:36:8b:33:e0:ce:0e:b6:
af:fb:4a:cd:49:40:7d:56:8d:12:13:7a:0d:15:2c:
36:36:b0:81:9a:b4:77:83:e5:60:f7:b7:a2:2d:bb:
99:ba:c0:d2:49:91:06:d9:52:37:91:7a:e3:4a:02:
b0:f1:25:18:d4:c1:94:01:ff:eb:6a:f7:5e:03:b0:
de:b9:5e:ec:ec:dc:8b:99:5a:bb:86:83:91:c1:a1:
37:d6:5b:35:c6:a4:8c:a7:b9:6d:72:32:b6:1c:05:
0d:b1:71:d6:44:68:2c:48:d9:38:3b:4e:65:d2:27:
65:9a:df:23:ad:f2:d2:1c:5d:03:9a:5e:80:4b:5e:
89:c9:08:c5:4b:c5:60:a3:bc:74:99:34:2f:66:52:
ea:ac:86:4b:cb:03:ca:9c:70:17:e1:e2:a7:ae:f7:
8a:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:03:A2:F1:02:AC:67:3F:C1:E6:E9:F4:A7:B7:BA:5F:30:C7:9C:D1
X509v3 Authority Key Identifier:
keyid:9C:3C:FC:DE:13:B6:60:B5:C8:31:DA:FB:E1:BF:BF:68:DF:9F:BE:39
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nDz83hO2YLXIMdr74b-_aN-fvjk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/3c034f-c243-4a88-9070-6879cc26d7b6/1/AQOi8QKsZz_B5un0p7e6XzDHnNE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/3c034f-c243-4a88-9070-6879cc26d7b6/1/nDz83hO2YLXIMdr74b-_aN-fvjk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:5740::/29
Signature Algorithm: sha256WithRSAEncryption
04:df:d9:89:6f:04:ef:dc:bd:4d:62:40:be:ad:95:20:75:84:
83:45:c5:a5:de:65:61:04:9d:91:37:d6:36:db:17:79:b7:30:
3a:b0:fe:0c:e8:dd:da:70:e5:ee:88:5f:9a:56:4a:46:1d:62:
c0:57:46:77:86:49:43:8f:ec:e1:65:5f:0e:00:f7:61:21:d3:
e4:35:79:ae:6a:50:a9:a2:b2:41:9c:a0:10:dd:f5:41:f0:91:
e5:e7:da:08:9d:88:04:bc:c3:fd:c9:dd:05:b8:dc:c0:3f:21:
28:09:49:55:b6:2d:02:b0:05:f2:37:96:8c:06:d1:70:7b:40:
36:12:5a:d0:48:46:93:22:a2:c8:98:0d:a8:fa:16:1d:db:e1:
2b:7e:5e:96:0c:b9:75:98:a0:43:c3:05:2b:b5:fe:4a:53:30:
f1:b6:25:7d:2d:a6:1e:d4:ed:cb:ab:10:2b:14:5d:3b:0a:92:
37:1b:f0:43:f0:48:22:4c:c3:82:b5:6c:ee:8f:1a:bb:97:4a:
d2:f9:91:37:8f:42:a4:f2:3c:3d:ef:0d:34:4b:36:24:e4:55:
3a:9c:dd:e5:5b:79:70:f7:0c:69:70:59:2b:03:cf:cf:e7:a3:
ad:da:ef:97:84:50:e0:12:ac:d4:29:5a:ae:cc:a9:87:69:ae:
83:dd:8b:c1
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAY/uxSH2ZPwWMzp4V3vdo08OMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDljM2NmY2RlMTNiNjYwYjVjODMxZGFmYmUxYmZiZjY4ZGY5
ZmJlMzkwHhcNMjQwNjA2MTgxNzI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMTAzYTJmMTAyYWM2NzNmYzFlNmU5ZjRhN2I3YmE1ZjMwYzc5Y2QxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt/h198fGyLG7rXe0CuCNC7kCEEIJ
MNtXDzt9qwaxHLJps1EH7uJClcFLVzCnTMDilygypOAFsr6eWdsNYut2ct5pnxz+
Jk+Yz97aVtGN+stL0xzsnxB+XIdfaIjIQbtetDaLM+DODrav+0rNSUB9Vo0SE3oN
FSw2NrCBmrR3g+Vg97eiLbuZusDSSZEG2VI3kXrjSgKw8SUY1MGUAf/ravdeA7De
uV7s7NyLmVq7hoORwaE31ls1xqSMp7ltcjK2HAUNsXHWRGgsSNk4O05l0idlmt8j
rfLSHF0Dml6AS16JyQjFS8Vgo7x0mTQvZlLqrIZLywPKnHAX4eKnrveKVwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFAEDovECrGc/webp9Ke3ul8wx5zRMB8GA1UdIwQY
MBaAFJw8/N4TtmC1yDHa++G/v2jfn745MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbkR6ODNoTzJZTFhJTWRyNzRiLV9hTi1mdmprLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi8zYzAzNGYtYzI0My00YTg4LTkwNzAt
Njg3OWNjMjZkN2I2LzEvQVFPaThRS3Nael9CNXVuMHA3ZTZYekRIbk5FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMi8zYzAzNGYtYzI0My00YTg4LTkwNzAtNjg3OWNjMjZkN2I2
LzEvbkR6ODNoTzJZTFhJTWRyNzRiLV9hTi1mdmprLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhRXQDAN
BgkqhkiG9w0BAQsFAAOCAQEABN/ZiW8E79y9TWJAvq2VIHWEg0XFpd5lYQSdkTfW
NtsXebcwOrD+DOjd2nDl7ohfmlZKRh1iwFdGd4ZJQ4/s4WVfDgD3YSHT5DV5rmpQ
qaKyQZygEN31QfCR5efaCJ2IBLzD/cndBbjcwD8hKAlJVbYtArAF8jeWjAbRcHtA
NhJa0EhGkyKiyJgNqPoWHdvhK35elgy5dZigQ8MFK7X+SlMw8bYlfS2mHtTty6sQ
KxRdOwqSNxvwQ/BIIkzDgrVs7o8au5dK0vmRN49CpPI8Pe8NNEs2JORVOpzd5Vt5
cPcMaXBZKwPPz+ejrdrvl4RQ4BKs1Clarsyph2mug92LwQ==
-----END CERTIFICATE-----
Generated at Wed Jul 3 16:42:01 2024 by rpki-client on console-ams.rpki-client.org