Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b9/1d29a0-da4b-41a1-b564-49cc67ba1b63/1/8nJOag0cPg5IH2U5uI2xN7BVZ-M.roa
File: 8nJOag0cPg5IH2U5uI2xN7BVZ-M.roa (raw, json)
Hash identifier: glle9E3WFat2aO5GBUrYtIbeE3Ls53aIDqGc7HkUWl0=
Subject key identifier: F2:72:4E:6A:0D:1C:3E:0E:48:1F:65:39:B8:8D:B1:37:B0:55:67:E3
Certificate issuer: /CN=e8022432529c8c3cc6ab710244e5f035203e70a1
Certificate serial: 01884752
Authority key identifier: E8:02:24:32:52:9C:8C:3C:C6:AB:71:02:44:E5:F0:35:20:3E:70:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6AIkMlKcjDzGq3ECROXwNSA-cKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b9/1d29a0-da4b-41a1-b564-49cc67ba1b63/1/8nJOag0cPg5IH2U5uI2xN7BVZ-M.roa
Signing time: Tue 15 Feb 2022 08:12:52 +0000
ROA not before: Tue 15 Feb 2022 08:12:52 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 212238
IP address blocks: 2a0f:63c0::/29 maxlen: 29
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 25708370 (0x1884752)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e8022432529c8c3cc6ab710244e5f035203e70a1
Validity
Not Before: Feb 15 08:12:52 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f2724e6a0d1c3e0e481f6539b88db137b05567e3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:06:44:73:80:9e:5c:40:06:d0:45:c6:fb:cb:
41:44:97:33:a5:87:d0:09:63:b3:43:bf:ad:8c:25:
06:74:62:3c:31:9a:0d:c4:f4:6a:4f:9b:00:db:ef:
6d:93:d8:16:cb:3e:71:44:3d:bf:a1:ca:74:b0:76:
ae:92:83:b2:51:90:9f:40:fe:99:82:f3:5c:e8:af:
5b:b2:2d:dc:91:f5:87:4c:70:77:d8:37:09:13:3f:
39:2a:ea:57:86:20:dd:0e:c7:54:2a:3a:6e:91:7b:
54:55:82:99:31:9b:32:a1:25:84:69:1b:4a:0f:44:
c9:93:4c:15:13:3b:71:14:c5:4c:3e:39:14:32:21:
56:83:15:b4:9e:06:79:c8:16:12:ae:99:c8:ab:3e:
8d:02:0a:35:a6:a9:47:e4:6c:f2:56:a2:c7:1d:81:
63:15:ad:9b:bc:df:a3:74:30:02:47:21:24:80:a9:
4a:3e:3b:bf:bc:13:06:9f:61:a1:86:3e:63:f5:10:
f3:4c:67:aa:2c:c6:c2:4a:b5:ab:40:4a:ec:68:8b:
df:a7:0e:9d:e6:b7:52:92:88:e8:ca:e6:10:19:73:
42:5e:b7:c8:44:11:25:65:4e:eb:58:e8:92:ec:0f:
8b:ca:2f:90:83:b9:3f:bd:72:ea:d8:55:3a:ff:b7:
14:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:72:4E:6A:0D:1C:3E:0E:48:1F:65:39:B8:8D:B1:37:B0:55:67:E3
X509v3 Authority Key Identifier:
keyid:E8:02:24:32:52:9C:8C:3C:C6:AB:71:02:44:E5:F0:35:20:3E:70:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6AIkMlKcjDzGq3ECROXwNSA-cKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/1d29a0-da4b-41a1-b564-49cc67ba1b63/1/8nJOag0cPg5IH2U5uI2xN7BVZ-M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/1d29a0-da4b-41a1-b564-49cc67ba1b63/1/6AIkMlKcjDzGq3ECROXwNSA-cKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:63c0::/29
Signature Algorithm: sha256WithRSAEncryption
9a:11:43:05:40:bb:ce:9a:40:02:37:f2:e0:10:b8:71:73:70:
d4:4e:b1:8f:b3:3a:ef:da:0f:a7:98:7f:69:a9:2e:87:6b:ec:
70:95:cb:bf:2c:ea:dc:48:67:7a:26:df:e4:2f:46:0b:00:36:
80:d2:8c:77:10:e3:e5:b2:19:6e:6f:ed:4d:bf:bd:09:b0:92:
39:9c:a1:bd:27:49:aa:63:84:d1:3f:e5:67:b2:b9:40:ea:13:
f4:7f:19:bc:95:9d:7b:7a:e9:16:c6:f3:4f:1d:26:aa:2b:fa:
64:a9:21:f2:7d:d4:e4:a1:77:96:c0:4e:29:d9:6f:b7:30:34:
19:58:fa:af:fb:e1:c2:27:5d:9d:27:a8:8a:b3:a0:43:be:1c:
4a:0e:0a:c3:85:f4:95:06:99:58:96:4d:97:3d:0f:98:5c:dd:
41:c7:d4:8a:82:2a:15:05:bd:81:5d:6b:a3:9c:92:4a:62:70:
3e:a1:58:c8:ac:e5:67:fc:ac:eb:13:4e:f1:11:41:55:c2:b2:
d0:5e:a1:c4:98:d3:d9:fb:2c:12:09:81:99:2f:f9:75:01:9f:
5e:d3:92:d1:e1:e9:60:6b:28:4a:66:37:b9:72:b9:3f:11:71:
a1:6a:89:e4:4d:90:5e:10:f7:dd:37:ea:27:da:fe:67:9e:98:
34:25:20:e6
-----BEGIN CERTIFICATE-----
MIIE8DCCA9igAwIBAgIEAYhHUjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
ODAyMjQzMjUyOWM4YzNjYzZhYjcxMDI0NGU1ZjAzNTIwM2U3MGExMB4XDTIyMDIx
NTA4MTI1MloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZjI3MjRlNmEwZDFj
M2UwZTQ4MWY2NTM5Yjg4ZGIxMzdiMDU1NjdlMzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMUGRHOAnlxABtBFxvvLQUSXM6WH0Aljs0O/rYwlBnRiPDGa
DcT0ak+bANvvbZPYFss+cUQ9v6HKdLB2rpKDslGQn0D+mYLzXOivW7It3JH1h0xw
d9g3CRM/OSrqV4Yg3Q7HVCo6bpF7VFWCmTGbMqElhGkbSg9EyZNMFRM7cRTFTD45
FDIhVoMVtJ4GecgWEq6ZyKs+jQIKNaapR+Rs8laixx2BYxWtm7zfo3QwAkchJICp
Sj47v7wTBp9hoYY+Y/UQ80xnqizGwkq1q0BK7GiL36cOnea3UpKI6MrmEBlzQl63
yEQRJWVO61jokuwPi8ovkIO5P71y6thVOv+3FH8CAwEAAaOCAgowggIGMB0GA1Ud
DgQWBBTyck5qDRw+DkgfZTm4jbE3sFVn4zAfBgNVHSMEGDAWgBToAiQyUpyMPMar
cQJE5fA1ID5woTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzZBSWtNbEtjakR6R3EzRUNST1h3TlNBLWNLRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjkvMWQyOWEwLWRhNGItNDFhMS1iNTY0LTQ5Y2M2N2JhMWI2My8x
LzhuSk9hZzBjUGc1SUgyVTV1STJ4TjdCVlotTS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjkv
MWQyOWEwLWRhNGItNDFhMS1iNTY0LTQ5Y2M2N2JhMWI2My8xLzZBSWtNbEtjakR6
R3EzRUNST1h3TlNBLWNLRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAg
BggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFAyoPY8AwDQYJKoZIhvcNAQELBQAD
ggEBAJoRQwVAu86aQAI38uAQuHFzcNROsY+zOu/aD6eYf2mpLodr7HCVy78s6txI
Z3om3+QvRgsANoDSjHcQ4+WyGW5v7U2/vQmwkjmcob0nSapjhNE/5WeyuUDqE/R/
GbyVnXt66RbG808dJqor+mSpIfJ91OShd5bATinZb7cwNBlY+q/74cInXZ0nqIqz
oEO+HEoOCsOF9JUGmViWTZc9D5hc3UHH1IqCKhUFvYFda6OckkpicD6hWMis5Wf8
rOsTTvERQVXCstBeocSY09n7LBIJgZkv+XUBn17TktHh6WBrKEpmN7lyuT8RcaFq
ieRNkF4Q99036ifa/meemDQlIOY=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:02:47 2023 by rpki-client on console-fra.rpki-client.org