Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/5a3d20-ecaa-40ea-9db2-d59845fb9b3d/1/1eWJfXL4eEUJ98Dth8fRpmHo95o.roa
File: 1eWJfXL4eEUJ98Dth8fRpmHo95o.roa (raw, json)
Hash identifier: DWV158hNpsIZMhEB+bXpoCu9g+/AMig+vIxfqGbZGlY=
Subject key identifier: D5:E5:89:7D:72:F8:78:45:09:F7:C0:ED:87:C7:D1:A6:61:E8:F7:9A
Certificate issuer: /CN=c3a8e8648e0ba36a323ab9df6341d668bda6b4d2
Certificate serial: D96854
Authority key identifier: C3:A8:E8:64:8E:0B:A3:6A:32:3A:B9:DF:63:41:D6:68:BD:A6:B4:D2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w6joZI4Lo2oyOrnfY0HWaL2mtNI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/5a3d20-ecaa-40ea-9db2-d59845fb9b3d/1/1eWJfXL4eEUJ98Dth8fRpmHo95o.roa
Signing time: Sat 01 Jan 2022 07:54:26 +0000
ROA not before: Sat 01 Jan 2022 07:54:26 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 204790
IP address blocks: 2a11:3780::/29 maxlen: 29
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 14248020 (0xd96854)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c3a8e8648e0ba36a323ab9df6341d668bda6b4d2
Validity
Not Before: Jan 1 07:54:26 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d5e5897d72f8784509f7c0ed87c7d1a661e8f79a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:5d:2b:40:bb:9a:c7:10:15:67:3c:6f:7d:8c:
d7:8d:cb:d3:e4:11:e5:e9:ac:38:43:7b:ec:6d:da:
2a:e4:df:42:79:61:5c:cb:33:60:b8:d8:a9:f0:81:
e6:b7:b5:d7:8e:89:ca:48:4d:d9:5d:b9:b0:5d:4d:
58:c2:11:01:7d:37:51:c4:a9:e3:17:b0:df:f2:d1:
0b:7d:24:26:51:39:8d:7a:31:fe:76:59:01:34:9b:
3c:1e:68:d2:10:3e:b2:bf:69:93:6a:29:ee:5f:3c:
e3:6a:6c:b6:31:a6:22:23:5e:f9:9e:b2:1b:7e:d5:
b8:98:39:d7:f0:58:3e:c1:fc:f2:77:d4:6b:bb:e8:
e7:62:ed:8f:cd:af:b2:1b:61:03:a1:9b:df:4a:57:
d9:71:0c:10:c8:f2:90:ff:3c:57:de:bc:77:3b:ef:
fd:4a:b3:44:16:0e:83:31:b9:14:2b:42:04:1c:32:
44:47:ea:9e:2a:17:6b:f5:ee:a3:bc:56:67:f6:aa:
14:c8:c5:e4:3f:c0:22:72:8e:77:b1:bf:ad:80:d3:
0d:f5:3f:df:40:5b:04:34:84:57:d4:c2:c9:63:c2:
8b:20:f7:aa:be:c5:b9:f9:d6:94:79:7a:af:7d:66:
f0:ab:23:ad:27:42:62:f0:2a:86:a5:51:8a:ec:d5:
01:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:E5:89:7D:72:F8:78:45:09:F7:C0:ED:87:C7:D1:A6:61:E8:F7:9A
X509v3 Authority Key Identifier:
keyid:C3:A8:E8:64:8E:0B:A3:6A:32:3A:B9:DF:63:41:D6:68:BD:A6:B4:D2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w6joZI4Lo2oyOrnfY0HWaL2mtNI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/5a3d20-ecaa-40ea-9db2-d59845fb9b3d/1/1eWJfXL4eEUJ98Dth8fRpmHo95o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/5a3d20-ecaa-40ea-9db2-d59845fb9b3d/1/w6joZI4Lo2oyOrnfY0HWaL2mtNI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:3780::/29
Signature Algorithm: sha256WithRSAEncryption
5e:96:0f:44:2e:44:ef:2a:9d:fd:68:46:6b:80:b3:01:7f:8e:
ad:93:c7:f3:5c:fc:85:7e:5a:0a:89:50:47:67:de:9f:a5:3a:
19:ae:74:e2:e7:36:0c:49:c2:75:f7:aa:08:aa:6b:38:49:61:
fd:08:17:d1:98:ae:e0:0d:fc:56:9c:9a:31:3a:94:a7:ed:e1:
92:15:13:c8:fd:e9:47:a1:f8:0f:ab:02:72:f8:c4:5e:e2:cf:
26:34:85:f4:a4:95:97:2b:c4:ac:45:1f:06:42:a0:91:1a:70:
07:84:78:34:0f:58:c1:ae:fa:83:e0:29:98:c5:b1:94:4f:64:
f6:87:2c:1c:0c:8e:a8:ab:39:c0:63:71:b9:ad:d8:4e:86:64:
b1:a8:4c:b5:5f:88:87:c5:cc:ff:13:7f:17:87:ea:23:ac:f0:
d6:cf:0c:a5:1a:31:88:ea:42:e8:5e:ee:fb:07:15:ad:f4:ea:
e4:24:ed:85:dc:d4:b4:41:ff:9f:2a:08:be:d2:ae:d3:ac:91:
fd:13:00:64:15:04:58:c1:06:5b:fc:c2:97:ee:73:a7:86:c1:
a6:99:7c:f2:b7:6a:ac:29:e9:2b:2e:97:6a:c9:8f:2b:37:58:
eb:22:68:66:c3:9a:3b:c5:b4:cb:76:b6:7d:60:18:f7:ce:04:
76:89:35:ad
-----BEGIN CERTIFICATE-----
MIIE8DCCA9igAwIBAgIEANloVDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
M2E4ZTg2NDhlMGJhMzZhMzIzYWI5ZGY2MzQxZDY2OGJkYTZiNGQyMB4XDTIyMDEw
MTA3NTQyNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZDVlNTg5N2Q3MmY4
Nzg0NTA5ZjdjMGVkODdjN2QxYTY2MWU4Zjc5YTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJJdK0C7mscQFWc8b32M143L0+QR5emsOEN77G3aKuTfQnlh
XMszYLjYqfCB5re1146JykhN2V25sF1NWMIRAX03UcSp4xew3/LRC30kJlE5jXox
/nZZATSbPB5o0hA+sr9pk2op7l8842pstjGmIiNe+Z6yG37VuJg51/BYPsH88nfU
a7vo52Ltj82vshthA6Gb30pX2XEMEMjykP88V968dzvv/UqzRBYOgzG5FCtCBBwy
REfqnioXa/Xuo7xWZ/aqFMjF5D/AInKOd7G/rYDTDfU/30BbBDSEV9TCyWPCiyD3
qr7FufnWlHl6r31m8KsjrSdCYvAqhqVRiuzVARECAwEAAaOCAgowggIGMB0GA1Ud
DgQWBBTV5Yl9cvh4RQn3wO2Hx9GmYej3mjAfBgNVHSMEGDAWgBTDqOhkjgujajI6
ud9jQdZovaa00jAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3c2am9aSTRMbzJveU9ybmZZMEhXYUwybXROSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYzAvNWEzZDIwLWVjYWEtNDBlYS05ZGIyLWQ1OTg0NWZiOWIzZC8x
LzFlV0pmWEw0ZUVVSjk4RHRoOGZScG1Ibzk1by5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYzAv
NWEzZDIwLWVjYWEtNDBlYS05ZGIyLWQ1OTg0NWZiOWIzZC8xL3c2am9aSTRMbzJv
eU9ybmZZMEhXYUwybXROSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAg
BggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFAyoRN4AwDQYJKoZIhvcNAQELBQAD
ggEBAF6WD0QuRO8qnf1oRmuAswF/jq2Tx/Nc/IV+WgqJUEdn3p+lOhmudOLnNgxJ
wnX3qgiqazhJYf0IF9GYruAN/FacmjE6lKft4ZIVE8j96Ueh+A+rAnL4xF7izyY0
hfSklZcrxKxFHwZCoJEacAeEeDQPWMGu+oPgKZjFsZRPZPaHLBwMjqirOcBjcbmt
2E6GZLGoTLVfiIfFzP8TfxeH6iOs8NbPDKUaMYjqQuhe7vsHFa306uQk7YXc1LRB
/58qCL7SrtOskf0TAGQVBFjBBlv8wpfuc6eGwaaZfPK3aqwp6Ssul2rJjys3WOsi
aGbDmjvFtMt2tn1gGPfOBHaJNa0=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:42:13 2024 by rpki-client on console-ams.rpki-client.org