Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/pqp-nJqEd1s7mRbCvHmf8Lf1A-8.roa
File: pqp-nJqEd1s7mRbCvHmf8Lf1A-8.roa (raw, json)
Hash identifier: SwdmdMsZpd/lxZI8jGfAUWEUDDwr/OIqf3GSoGMI7tw=
Subject key identifier: A6:AA:7E:9C:9A:84:77:5B:3B:99:16:C2:BC:79:9F:F0:B7:F5:03:EF
Certificate issuer: /CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
Certificate serial: 0185B15E57506B2506DECAAF2B3AA1631A00
Authority key identifier: 62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/pqp-nJqEd1s7mRbCvHmf8Lf1A-8.roa
Signing time: Sat 14 Jan 2023 17:40:28 +0000
ROA not before: Sat 14 Jan 2023 17:40:28 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 201380
IP address blocks: 2a10:59c0::/32 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:b1:5e:57:50:6b:25:06:de:ca:af:2b:3a:a1:63:1a:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
Validity
Not Before: Jan 14 17:40:28 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a6aa7e9c9a84775b3b9916c2bc799ff0b7f503ef
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:f6:bc:c1:01:e7:69:ab:c8:55:c1:05:5e:68:
62:98:37:60:b6:3c:d1:01:87:57:2f:43:7b:76:00:
79:a1:51:88:75:ba:8c:19:18:93:90:90:c9:76:61:
b9:28:5a:70:54:76:d5:51:4a:c2:21:14:6d:a0:10:
03:e2:ef:25:e9:0b:d6:fd:77:ad:e9:83:bc:95:d6:
a4:02:9c:32:97:ee:eb:58:4d:10:99:9c:6c:03:cb:
4d:85:25:0d:fc:cf:6e:4f:ac:55:0f:07:2e:b5:e1:
5f:5b:d7:93:05:16:34:6f:1b:5e:f9:60:9d:cd:40:
a0:f4:8c:07:fb:9d:21:da:49:a4:ea:ad:b0:7c:14:
fb:d5:df:c3:7b:2e:ba:52:25:91:e3:ff:b3:62:62:
90:b1:45:48:6b:73:2f:dd:ea:8e:92:40:00:8e:9c:
45:06:1b:8d:a3:a6:da:9d:8f:67:0b:1e:9f:b3:26:
1b:33:3a:0d:64:93:f1:9a:8e:3b:ec:2b:32:0c:5c:
b7:ea:00:fd:cd:bc:3b:3f:d3:3e:69:f8:ce:cd:c2:
98:35:9f:c1:66:d6:de:36:0e:85:c8:35:28:05:d8:
7a:25:a6:e3:3c:d7:e3:44:68:5d:7c:e0:83:8b:36:
13:8e:10:76:0a:ac:02:e2:7e:c9:27:4d:93:4e:6c:
00:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:AA:7E:9C:9A:84:77:5B:3B:99:16:C2:BC:79:9F:F0:B7:F5:03:EF
X509v3 Authority Key Identifier:
keyid:62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/pqp-nJqEd1s7mRbCvHmf8Lf1A-8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a10:59c0::/32
Signature Algorithm: sha256WithRSAEncryption
ac:db:0f:c8:53:96:3c:17:52:92:ac:78:f1:4d:49:39:19:14:
ca:d7:b2:c4:69:5c:e8:e8:a9:88:49:e5:23:cb:6c:93:ab:92:
99:10:26:a2:eb:8a:8d:15:66:0d:6c:bb:9d:66:1a:53:44:24:
ea:ae:95:45:73:0f:34:88:4c:71:6b:97:8e:01:97:b5:38:1f:
ce:8c:5c:3b:0e:9d:c2:d2:3d:56:69:64:3a:2e:78:42:ca:1f:
62:66:5d:ea:44:92:e0:9e:d0:df:ab:89:6c:1e:d4:ff:3a:d6:
05:a0:bf:c0:36:b0:50:d4:9a:f8:37:4f:f8:ea:04:e6:54:59:
89:62:e4:5d:94:e5:6b:b1:2e:a1:de:d8:01:1e:85:f1:98:86:
1c:21:79:0d:f6:19:87:15:c6:89:9c:de:2f:9f:e5:9a:3f:4b:
b4:f8:81:1a:a2:de:49:a1:f9:e8:3e:9a:95:c4:c7:81:9f:97:
ee:f9:29:9b:23:00:2b:b8:12:05:1f:b2:9b:ac:f5:72:29:c0:
1f:df:f2:30:d0:3f:f7:9e:0a:c2:b7:d9:11:40:2e:8a:b1:03:
f6:aa:e3:5d:3c:70:2d:57:d1:3b:07:66:df:dc:7e:d7:42:21:
d8:34:66:35:8e:f8:32:5f:ce:2f:a3:36:96:75:ae:d7:43:86:
a6:15:7c:88
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYWxXldQayUG3sqvKzqhYxoAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyZmRiNjc2NTRkZjYxODRlN2Q2MGM0MTUwZWE5NTMzYzJj
Zjk3MDQwHhcNMjMwMTE0MTc0MDI4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNmFhN2U5YzlhODQ3NzViM2I5OTE2YzJiYzc5OWZmMGI3ZjUwM2VmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArPa8wQHnaavIVcEFXmhimDdgtjzR
AYdXL0N7dgB5oVGIdbqMGRiTkJDJdmG5KFpwVHbVUUrCIRRtoBAD4u8l6QvW/Xet
6YO8ldakApwyl+7rWE0QmZxsA8tNhSUN/M9uT6xVDwcuteFfW9eTBRY0bxte+WCd
zUCg9IwH+50h2kmk6q2wfBT71d/Dey66UiWR4/+zYmKQsUVIa3Mv3eqOkkAAjpxF
BhuNo6banY9nCx6fsyYbMzoNZJPxmo477CsyDFy36gD9zbw7P9M+afjOzcKYNZ/B
ZtbeNg6FyDUoBdh6JabjPNfjRGhdfOCDizYTjhB2CqwC4n7JJ02TTmwAuQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFKaqfpyahHdbO5kWwrx5n/C39QPvMB8GA1UdIwQY
MBaAFGL9tnZU32GE59YMQVDqlTPCz5cEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTct
ZTg2MTIxYzU5NGRmLzEvcHFwLW5KcUVkMXM3bVJiQ3ZIbWY4TGYxQS04LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTctZTg2MTIxYzU5NGRm
LzEvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKhBZwDAN
BgkqhkiG9w0BAQsFAAOCAQEArNsPyFOWPBdSkqx48U1JORkUyteyxGlc6OipiEnl
I8tsk6uSmRAmouuKjRVmDWy7nWYaU0Qk6q6VRXMPNIhMcWuXjgGXtTgfzoxcOw6d
wtI9VmlkOi54QsofYmZd6kSS4J7Q36uJbB7U/zrWBaC/wDawUNSa+DdP+OoE5lRZ
iWLkXZTla7Euod7YAR6F8ZiGHCF5DfYZhxXGiZzeL5/lmj9LtPiBGqLeSaH56D6a
lcTHgZ+X7vkpmyMAK7gSBR+ym6z1cinAH9/yMNA/954KwrfZEUAuirED9qrjXTxw
LVfROwdm39x+10Ih2DRmNY74Ml/OL6M2lnWu10OGphV8iA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:50:25 2024 by rpki-client on console-fra.rpki-client.org