Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/x06vmI-QsawPS4f_Qmbux1iYbUE.roa
File: x06vmI-QsawPS4f_Qmbux1iYbUE.roa (raw, json)
Hash identifier: 76CGtnZRvCcliRL5XShnMEYxbgP1qjBneCfErxuZtIw=
Subject key identifier: C7:4E:AF:98:8F:90:B1:AC:0F:4B:87:FF:42:66:EE:C7:58:98:6D:41
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 0DFB1EA8
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/x06vmI-QsawPS4f_Qmbux1iYbUE.roa
Signing time: Mon 25 Apr 2022 07:18:03 +0000
ROA not before: Mon 25 Apr 2022 07:18:03 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 210661
IP address blocks: 2a07:bb40::/29 maxlen: 29
2a0a:2940::/29 maxlen: 29
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 234561192 (0xdfb1ea8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Apr 25 07:18:03 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c74eaf988f90b1ac0f4b87ff4266eec758986d41
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:6a:6b:d6:52:38:7e:7a:12:24:3e:f0:66:92:
05:6f:ee:2c:a7:33:97:f4:d7:22:20:08:14:07:a1:
98:da:c7:71:e5:a9:96:31:73:7e:7a:8e:89:51:a1:
50:86:50:b4:bf:c3:fc:95:86:f8:a4:40:3a:78:d1:
fa:78:02:7e:76:0e:a9:4d:bc:c4:fa:c3:d6:c1:c4:
55:fd:80:c0:15:e1:77:df:11:17:fd:c6:88:91:05:
9b:cb:be:44:a8:37:c2:66:38:cc:01:ec:71:04:86:
6b:ac:0b:ea:7b:0f:77:d3:63:41:55:82:da:5e:26:
47:a6:aa:27:44:22:dd:0e:18:75:aa:82:3a:9e:b4:
0d:b5:55:b0:97:43:22:9b:1f:e0:56:7d:9b:ed:b1:
03:3a:9b:91:a6:e3:05:83:07:0d:0a:f4:de:7b:3d:
c3:47:43:07:dd:ae:ba:55:2a:b1:37:60:eb:aa:58:
d5:6f:1e:18:2f:7d:83:fb:01:3c:82:a4:3d:3a:76:
7a:0c:89:05:75:77:88:b2:bf:a9:ec:89:ef:a1:a2:
d6:22:af:ae:70:bf:3d:8f:51:68:62:9b:83:4d:f1:
0d:38:bc:2c:15:10:74:ce:c4:3d:51:d6:be:d7:32:
e4:92:fa:a6:cb:73:21:9d:5c:ae:f8:6f:67:99:5a:
01:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:4E:AF:98:8F:90:B1:AC:0F:4B:87:FF:42:66:EE:C7:58:98:6D:41
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/x06vmI-QsawPS4f_Qmbux1iYbUE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a07:bb40::/29
2a0a:2940::/29
Signature Algorithm: sha256WithRSAEncryption
3d:ee:53:35:fa:42:81:5c:72:2d:71:d0:e3:23:cd:4f:2c:56:
25:4f:96:5f:65:86:32:c4:a6:e7:a3:b5:3c:c7:49:f7:69:29:
a3:ab:3a:67:5e:e4:30:41:74:69:3a:e8:a6:e7:5d:a1:1c:d9:
c8:a9:b6:4c:b2:b0:7a:39:40:90:d5:56:25:87:ac:7c:7d:39:
08:d5:ab:49:e2:00:5e:50:27:af:f1:92:36:bc:2c:a2:9e:1b:
a9:3f:3c:10:1d:de:bb:1e:32:c8:11:c7:09:31:69:18:6c:f5:
e2:75:fd:f0:6e:89:bb:a5:da:c0:14:2f:ec:15:f6:60:82:79:
5d:1a:3a:c4:46:c8:cd:9c:2e:9a:67:45:96:72:dd:f0:d1:61:
47:87:1b:ec:e4:45:3b:9c:60:7a:8f:0e:f5:da:a5:5e:65:b7:
a3:c6:d7:7a:c6:01:9b:41:c2:49:a3:fc:97:82:69:b3:12:73:
1b:f5:00:a1:31:39:be:02:51:1f:71:5e:10:27:cc:6f:fb:d2:
92:ef:16:67:b1:f4:92:8b:43:33:e9:e1:fd:26:eb:d4:98:fa:
09:85:56:36:0e:7d:e3:94:f2:75:87:3f:93:52:e3:92:91:25:
63:55:7e:85:4a:5c:98:93:ee:1b:e9:41:e7:01:2b:33:30:28:
41:4c:8a:d0
-----BEGIN CERTIFICATE-----
MIIE9zCCA9+gAwIBAgIEDfseqDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
NmMyYTRiN2Q1ZDczYzViNTcwNDYyMjNiZjMwZWI2NTMwMDViMGUyMB4XDTIyMDQy
NTA3MTgwM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYzc0ZWFmOTg4Zjkw
YjFhYzBmNGI4N2ZmNDI2NmVlYzc1ODk4NmQ0MTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALhqa9ZSOH56EiQ+8GaSBW/uLKczl/TXIiAIFAehmNrHceWp
ljFzfnqOiVGhUIZQtL/D/JWG+KRAOnjR+ngCfnYOqU28xPrD1sHEVf2AwBXhd98R
F/3GiJEFm8u+RKg3wmY4zAHscQSGa6wL6nsPd9NjQVWC2l4mR6aqJ0Qi3Q4YdaqC
Op60DbVVsJdDIpsf4FZ9m+2xAzqbkabjBYMHDQr03ns9w0dDB92uulUqsTdg66pY
1W8eGC99g/sBPIKkPTp2egyJBXV3iLK/qeyJ76Gi1iKvrnC/PY9RaGKbg03xDTi8
LBUQdM7EPVHWvtcy5JL6pstzIZ1crvhvZ5laAVMCAwEAAaOCAhEwggINMB0GA1Ud
DgQWBBTHTq+Yj5CxrA9Lh/9CZu7HWJhtQTAfBgNVHSMEGDAWgBQ2wqS31dc8W1cE
YiO/MOtlMAWw4jAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L05zS2t0OVhYUEZ0WEJHSWp2ekRyWlRBRnNPSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYmMvOGRkODVhLWJmOGYtNDI1ZS1hMjRiLTJjY2VkYjk2NmE1OC8x
L3gwNnZtSS1Rc2F3UFM0Zl9RbWJ1eDFpWWJVRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYmMv
OGRkODVhLWJmOGYtNDI1ZS1hMjRiLTJjY2VkYjk2NmE1OC8xL05zS2t0OVhYUEZ0
WEJHSWp2ekRyWlRBRnNPSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAn
BggrBgEFBQcBBwEB/wQYMBYwFAQCAAIwDgMFAyoHu0ADBQMqCilAMA0GCSqGSIb3
DQEBCwUAA4IBAQA97lM1+kKBXHItcdDjI81PLFYlT5ZfZYYyxKbno7U8x0n3aSmj
qzpnXuQwQXRpOuim512hHNnIqbZMsrB6OUCQ1VYlh6x8fTkI1atJ4gBeUCev8ZI2
vCyinhupPzwQHd67HjLIEccJMWkYbPXidf3wbom7pdrAFC/sFfZggnldGjrERsjN
nC6aZ0WWct3w0WFHhxvs5EU7nGB6jw712qVeZbejxtd6xgGbQcJJo/yXgmmzEnMb
9QChMTm+AlEfcV4QJ8xv+9KS7xZnsfSSi0Mz6eH9JuvUmPoJhVY2Dn3jlPJ1hz+T
UuOSkSVjVX6FSlyYk+4b6UHnASszMChBTIrQ
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:49 2024 by rpki-client on console-fra.rpki-client.org