Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a4/9a787c-6a9d-4689-b979-c9baeda06515/1/nE5Btpx8UahtACxm3l3nY2UB_eE.roa
File: nE5Btpx8UahtACxm3l3nY2UB_eE.roa (raw, json)
Hash identifier: uZwZo9fKO0LN+TEFnashNT96MCFC/Cv83myJ+5iElOM=
Subject key identifier: 9C:4E:41:B6:9C:7C:51:A8:6D:00:2C:66:DE:5D:E7:63:65:01:FD:E1
Certificate issuer: /CN=75620e5666518bb700409fb4087a875c99f37211
Certificate serial: 01856D2F2FB1CA367301396565288015DA1E
Authority key identifier: 75:62:0E:56:66:51:8B:B7:00:40:9F:B4:08:7A:87:5C:99:F3:72:11
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dWIOVmZRi7cAQJ-0CHqHXJnzchE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a4/9a787c-6a9d-4689-b979-c9baeda06515/1/nE5Btpx8UahtACxm3l3nY2UB_eE.roa
Signing time: Sun 01 Jan 2023 11:54:46 +0000
ROA not before: Sun 01 Jan 2023 11:54:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204790
IP address blocks: 2a11:97c0::/29 maxlen: 29
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:2f:2f:b1:ca:36:73:01:39:65:65:28:80:15:da:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=75620e5666518bb700409fb4087a875c99f37211
Validity
Not Before: Jan 1 11:54:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9c4e41b69c7c51a86d002c66de5de7636501fde1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:f0:fa:c3:88:f8:98:2d:75:07:83:46:85:96:
d5:44:40:a3:a2:a4:ec:c7:2e:b9:d5:19:ad:ad:ac:
79:33:05:e3:96:71:da:d1:8f:a7:f0:89:3e:ba:e7:
10:de:37:b1:2d:2e:76:ed:c0:5d:e8:c4:25:5c:29:
6e:03:f1:24:ea:c7:3c:a5:23:fa:c0:c0:6d:16:e0:
a9:70:88:b6:9d:f4:fd:06:5e:d2:a8:67:14:55:81:
e9:32:0f:31:04:0c:ff:a5:ef:6d:1e:60:77:78:6e:
76:58:9f:8f:c6:d9:fd:0a:33:c3:0a:ac:0e:5d:a3:
9e:83:86:54:ce:f5:02:68:3d:36:db:35:1a:72:bd:
31:02:08:9f:bb:55:96:d8:0d:35:5a:f2:09:0e:ad:
6a:34:cf:8d:b0:86:83:c7:fc:cd:ed:05:ef:b4:7f:
b2:37:e2:2b:79:c9:8d:9d:1d:d6:6b:3b:70:1f:20:
08:00:d3:44:15:f9:12:17:97:52:9a:4d:57:a9:90:
19:79:0e:18:40:60:df:a0:7f:83:7b:6d:34:89:af:
72:da:5b:64:92:28:ac:dd:50:f8:f3:a2:8f:11:7c:
81:a0:fd:67:f6:18:1d:1a:92:c7:1a:68:e5:d0:29:
8f:cd:ce:30:94:68:07:fb:55:38:bf:a3:4f:fa:8d:
c8:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:4E:41:B6:9C:7C:51:A8:6D:00:2C:66:DE:5D:E7:63:65:01:FD:E1
X509v3 Authority Key Identifier:
keyid:75:62:0E:56:66:51:8B:B7:00:40:9F:B4:08:7A:87:5C:99:F3:72:11
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dWIOVmZRi7cAQJ-0CHqHXJnzchE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/9a787c-6a9d-4689-b979-c9baeda06515/1/nE5Btpx8UahtACxm3l3nY2UB_eE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/9a787c-6a9d-4689-b979-c9baeda06515/1/dWIOVmZRi7cAQJ-0CHqHXJnzchE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:97c0::/29
Signature Algorithm: sha256WithRSAEncryption
44:8b:67:8f:c4:9e:d7:d4:7b:b0:7c:6d:13:42:92:39:97:82:
f1:70:c8:d7:5b:ef:5b:b8:fe:01:35:d3:cc:8e:a9:41:b0:cc:
f6:6d:5c:47:be:18:9e:2b:dc:d4:e2:3e:2f:5f:3e:ad:a9:14:
b4:19:b9:a3:cc:fe:b9:b0:c1:20:da:1e:12:1a:d7:c4:38:3f:
ec:03:3b:25:c7:b7:c9:26:fc:6c:43:73:9f:79:39:2e:ac:80:
0d:35:78:78:c5:cf:ac:ae:85:3e:65:15:19:d0:f9:67:04:01:
46:5e:dc:07:03:15:bb:b5:4b:99:4b:40:6d:a2:7a:fc:43:bf:
4f:33:5e:2a:ad:9d:42:cf:bb:35:d6:99:fc:62:87:0d:a5:ba:
c7:6c:f9:26:e4:10:aa:d0:45:80:6a:59:9c:a4:84:62:55:5f:
36:e4:d0:2e:65:4f:b9:1d:dd:53:0d:74:8b:0d:f0:1e:be:27:
cc:25:84:de:b8:ec:e1:ae:62:09:18:6b:9d:37:13:52:b5:09:
e2:a1:a3:73:0f:60:2f:d4:87:e5:bd:b8:be:bf:d2:28:f5:7b:
8c:80:81:ff:60:10:e5:a7:51:c0:55:da:8c:97:c0:cd:d6:e0:
31:62:e8:f8:e1:dd:e8:19:20:1e:87:08:12:2c:ae:47:ed:ea:
a1:96:2b:a4
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYVtLy+xyjZzATllZSiAFdoeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1NjIwZTU2NjY1MThiYjcwMDQwOWZiNDA4N2E4NzVjOTlm
MzcyMTEwHhcNMjMwMTAxMTE1NDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YzRlNDFiNjljN2M1MWE4NmQwMDJjNjZkZTVkZTc2MzY1MDFmZGUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhPD6w4j4mC11B4NGhZbVRECjoqTs
xy651Rmtrax5MwXjlnHa0Y+n8Ik+uucQ3jexLS527cBd6MQlXCluA/Ek6sc8pSP6
wMBtFuCpcIi2nfT9Bl7SqGcUVYHpMg8xBAz/pe9tHmB3eG52WJ+Pxtn9CjPDCqwO
XaOeg4ZUzvUCaD022zUacr0xAgifu1WW2A01WvIJDq1qNM+NsIaDx/zN7QXvtH+y
N+IrecmNnR3WaztwHyAIANNEFfkSF5dSmk1XqZAZeQ4YQGDfoH+De200ia9y2ltk
kiis3VD486KPEXyBoP1n9hgdGpLHGmjl0CmPzc4wlGgH+1U4v6NP+o3IowIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFJxOQbacfFGobQAsZt5d52NlAf3hMB8GA1UdIwQY
MBaAFHViDlZmUYu3AECftAh6h1yZ83IRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZFdJT1ZtWlJpN2NBUUotMENIcUhYSm56Y2hFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNC85YTc4N2MtNmE5ZC00Njg5LWI5Nzkt
YzliYWVkYTA2NTE1LzEvbkU1QnRweDhVYWh0QUN4bTNsM25ZMlVCX2VFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNC85YTc4N2MtNmE5ZC00Njg5LWI5NzktYzliYWVkYTA2NTE1
LzEvZFdJT1ZtWlJpN2NBUUotMENIcUhYSm56Y2hFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhGXwDAN
BgkqhkiG9w0BAQsFAAOCAQEARItnj8Se19R7sHxtE0KSOZeC8XDI11vvW7j+ATXT
zI6pQbDM9m1cR74Ynivc1OI+L18+rakUtBm5o8z+ubDBINoeEhrXxDg/7AM7Jce3
ySb8bENzn3k5LqyADTV4eMXPrK6FPmUVGdD5ZwQBRl7cBwMVu7VLmUtAbaJ6/EO/
TzNeKq2dQs+7NdaZ/GKHDaW6x2z5JuQQqtBFgGpZnKSEYlVfNuTQLmVPuR3dUw10
iw3wHr4nzCWE3rjs4a5iCRhrnTcTUrUJ4qGjcw9gL9SH5b24vr/SKPV7jICB/2AQ
5adRwFXajJfAzdbgMWLo+OHd6BkgHocIEiyuR+3qoZYrpA==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:05:35 2023 by rpki-client on console-ams.rpki-client.org