Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/4b0995-6274-4259-bb4e-310d6c715c24/1/ZP8-9craBHGD0-VSvzt4MvMwhF4.roa
File: ZP8-9craBHGD0-VSvzt4MvMwhF4.roa (raw, json)
Hash identifier: QFiAZfwQpPO7lFdRxOC94ztqf0J8RXoqWEpbqO1rHfI=
Subject key identifier: 64:FF:3E:F5:CA:DA:04:71:83:D3:E5:52:BF:3B:78:32:F3:30:84:5E
Certificate issuer: /CN=fdcd4516a27bb83848110cb32082bcfca9f36890
Certificate serial: 01856D0A88233D4A727FF75DA5D233E830FF
Authority key identifier: FD:CD:45:16:A2:7B:B8:38:48:11:0C:B3:20:82:BC:FC:A9:F3:68:90
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_c1FFqJ7uDhIEQyzIIK8_KnzaJA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/4b0995-6274-4259-bb4e-310d6c715c24/1/ZP8-9craBHGD0-VSvzt4MvMwhF4.roa
Signing time: Sun 01 Jan 2023 11:14:44 +0000
ROA not before: Sun 01 Jan 2023 11:14:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204790
IP address blocks: 2a0c:7e80::/29 maxlen: 29
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:0a:88:23:3d:4a:72:7f:f7:5d:a5:d2:33:e8:30:ff
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fdcd4516a27bb83848110cb32082bcfca9f36890
Validity
Not Before: Jan 1 11:14:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=64ff3ef5cada047183d3e552bf3b7832f330845e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:d4:8d:a4:15:99:69:6f:fc:76:25:b7:27:aa:
1d:4f:e3:48:c0:67:41:dd:62:8e:b1:d1:7b:b8:69:
01:e1:82:9f:98:15:18:dd:ae:2a:d1:09:da:ef:af:
6a:ed:3d:e1:56:d0:2b:e8:78:a3:45:2a:82:5a:d9:
e7:a0:f3:28:8f:33:5a:ed:ad:71:5b:3c:69:44:ba:
d5:f2:13:58:a2:a6:88:3e:b5:a6:ca:c6:a8:dc:43:
49:ea:3c:06:b1:74:14:e0:a5:8a:77:54:d3:05:fb:
45:43:a6:dd:f9:77:82:2b:e5:b3:75:1c:bb:a2:dc:
d4:6e:c4:81:81:aa:67:41:75:d3:da:59:4b:66:36:
cd:ec:18:76:17:6f:fe:1c:bc:bc:2b:2c:8a:38:1c:
5e:e3:01:6a:31:c5:ca:8c:94:94:e4:70:99:a0:f1:
a5:2b:37:94:ad:e3:3a:8b:98:aa:9f:a8:75:e8:41:
4a:5e:d3:00:5c:db:77:36:98:a1:18:4c:bd:2e:ae:
fa:3b:3f:5f:6b:47:2d:d0:a3:8c:0f:97:66:3c:c7:
d0:d7:66:f8:29:d1:02:6b:b4:21:eb:52:60:b1:76:
3a:ae:d1:4e:49:d7:68:db:e0:a4:bc:75:d6:d8:b2:
d9:1d:dc:b7:de:23:27:52:ec:3c:15:6c:54:47:2c:
2f:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:FF:3E:F5:CA:DA:04:71:83:D3:E5:52:BF:3B:78:32:F3:30:84:5E
X509v3 Authority Key Identifier:
keyid:FD:CD:45:16:A2:7B:B8:38:48:11:0C:B3:20:82:BC:FC:A9:F3:68:90
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_c1FFqJ7uDhIEQyzIIK8_KnzaJA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/4b0995-6274-4259-bb4e-310d6c715c24/1/ZP8-9craBHGD0-VSvzt4MvMwhF4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/4b0995-6274-4259-bb4e-310d6c715c24/1/_c1FFqJ7uDhIEQyzIIK8_KnzaJA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0c:7e80::/29
Signature Algorithm: sha256WithRSAEncryption
61:5e:fd:c1:a7:48:8b:f4:fd:50:ac:e7:5b:19:15:85:41:41:
fa:29:2e:ff:b0:3c:3b:10:1d:78:d8:77:99:0b:3f:08:68:15:
8e:80:20:27:61:31:9f:c8:a4:0f:f8:53:bf:0c:9b:9c:09:d7:
db:46:1a:32:e5:a9:42:c2:e6:d2:a4:61:ac:9d:05:30:50:bf:
b4:63:49:8f:e2:59:ec:74:9f:7b:19:47:04:f5:1d:14:7e:9d:
4e:89:50:45:7d:ea:fd:23:74:8d:e1:55:2f:f6:aa:ce:3a:3f:
88:52:e0:17:9d:f1:92:5b:64:27:44:74:fa:b6:ba:48:57:23:
7d:02:6c:2d:c1:44:97:b3:b7:7a:c8:94:03:e6:6a:23:95:76:
ef:18:b7:84:af:75:43:9c:ab:e8:ac:d5:c4:6b:58:12:b3:0e:
b9:e7:32:ca:45:30:c3:7f:b3:4d:db:18:7c:56:e0:58:f8:37:
95:85:9f:7c:d3:fa:75:db:fa:f8:ea:99:d8:e9:df:74:52:ec:
71:8f:a5:72:37:5d:bf:24:eb:b9:cf:ba:11:d6:fa:03:d9:2f:
99:ed:d2:ad:58:8d:02:ab:51:63:74:07:10:a5:d0:a7:fc:f4:
5e:4c:33:26:cf:5c:cd:31:88:f9:fa:7b:a9:60:7f:59:05:9b:
ff:33:a4:2e
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYVtCogjPUpyf/ddpdIz6DD/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZkY2Q0NTE2YTI3YmI4Mzg0ODExMGNiMzIwODJiY2ZjYTlm
MzY4OTAwHhcNMjMwMTAxMTExNDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NGZmM2VmNWNhZGEwNDcxODNkM2U1NTJiZjNiNzgzMmYzMzA4NDVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5tSNpBWZaW/8diW3J6odT+NIwGdB
3WKOsdF7uGkB4YKfmBUY3a4q0Qna769q7T3hVtAr6HijRSqCWtnnoPMojzNa7a1x
WzxpRLrV8hNYoqaIPrWmysao3ENJ6jwGsXQU4KWKd1TTBftFQ6bd+XeCK+WzdRy7
otzUbsSBgapnQXXT2llLZjbN7Bh2F2/+HLy8KyyKOBxe4wFqMcXKjJSU5HCZoPGl
KzeUreM6i5iqn6h16EFKXtMAXNt3NpihGEy9Lq76Oz9fa0ct0KOMD5dmPMfQ12b4
KdECa7Qh61JgsXY6rtFOSddo2+CkvHXW2LLZHdy33iMnUuw8FWxURywvXwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFGT/PvXK2gRxg9PlUr87eDLzMIReMB8GA1UdIwQY
MBaAFP3NRRaie7g4SBEMsyCCvPyp82iQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX2MxRkZxSjd1RGhJRVF5eklJSzhfS256YUpBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80YjA5OTUtNjI3NC00MjU5LWJiNGUt
MzEwZDZjNzE1YzI0LzEvWlA4LTljcmFCSEdEMC1WU3Z6dDRNdk13aEY0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80YjA5OTUtNjI3NC00MjU5LWJiNGUtMzEwZDZjNzE1YzI0
LzEvX2MxRkZxSjd1RGhJRVF5eklJSzhfS256YUpBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKgx+gDAN
BgkqhkiG9w0BAQsFAAOCAQEAYV79wadIi/T9UKznWxkVhUFB+iku/7A8OxAdeNh3
mQs/CGgVjoAgJ2Exn8ikD/hTvwybnAnX20YaMuWpQsLm0qRhrJ0FMFC/tGNJj+JZ
7HSfexlHBPUdFH6dTolQRX3q/SN0jeFVL/aqzjo/iFLgF53xkltkJ0R0+ra6SFcj
fQJsLcFEl7O3esiUA+ZqI5V27xi3hK91Q5yr6KzVxGtYErMOuecyykUww3+zTdsY
fFbgWPg3lYWffNP6ddv6+OqZ2OnfdFLscY+lcjddvyTruc+6Edb6A9kvme3SrViN
AqtRY3QHEKXQp/z0XkwzJs9czTGI+fp7qWB/WQWb/zOkLg==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:03:21 2023 by rpki-client on console-fra.rpki-client.org