Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/1-rLnEBE61Tp1MvDMs4tS7LOBqaw.roa
File: 1-rLnEBE61Tp1MvDMs4tS7LOBqaw.roa (raw, json)
Hash identifier: 5QMJ1S5Sr7mmLAtghKorNzx02J3/fPHasV9VaWNXqXE=
Subject key identifier: FA:B2:E7:10:11:3A:D5:3A:75:32:F0:CC:B3:8B:52:EC:B3:81:A9:AC
Certificate issuer: /CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Certificate serial: 0570F91A
Authority key identifier: B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/1-rLnEBE61Tp1MvDMs4tS7LOBqaw.roa
Signing time: Sat 02 Jul 2022 15:23:25 +0000
ROA not before: Sat 02 Jul 2022 15:23:25 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 12608
IP address blocks: 2a0f:7c80::/29 maxlen: 29
2a0f:3380::/29 maxlen: 29
2a0b:e9c0::/29 maxlen: 29
2a09:5300::/29 maxlen: 29
2a03:f7c0::/29 maxlen: 29
2a0b:a300::/32 maxlen: 32
2a0c:74c0::/29 maxlen: 29
2a0f:5580::/29 maxlen: 29
2a0c:5d00::/29 maxlen: 29
2a0f:a500::/29 maxlen: 29
2a0f:7100::/29 maxlen: 29
2a0b:8040::/29 maxlen: 29
2a0f:2380::/29 maxlen: 29
2a0f:a700::/29 maxlen: 29
2a0d:88c0::/29 maxlen: 29
2a0f:7300::/29 maxlen: 29
2a0d:8340::/29 maxlen: 29
2a0b:d900::/29 maxlen: 29
2a0c:5c0::/29 maxlen: 29
2a0f:4580::/29 maxlen: 29
2a0c:7440::/29 maxlen: 29
2a0f:1180::/29 maxlen: 29
2a0f:4680::/29 maxlen: 29
2a0c:7540::/29 maxlen: 29
2a06:ddc0::/29 maxlen: 29
2a0f:7b80::/29 maxlen: 29
2a0c:6980::/29 maxlen: 29
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 91289882 (0x570f91a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Validity
Not Before: Jul 2 15:23:25 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=fab2e710113ad53a7532f0ccb38b52ecb381a9ac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:51:58:d2:89:34:90:bc:1c:8e:4f:f4:55:4a:
d1:b8:f5:70:23:8e:ac:74:b3:2a:0d:05:d0:24:8c:
92:4a:30:6b:d2:8b:59:14:86:7b:36:29:4d:53:66:
12:bc:48:df:a3:cc:61:27:b4:c4:3b:9c:f2:5f:c8:
3d:45:28:9d:d8:01:22:5e:84:ef:f2:9f:9f:3d:4a:
e9:d5:cb:6a:32:de:f0:a0:60:9d:77:bb:56:73:68:
06:aa:02:ff:c5:23:ec:a2:83:c7:d7:40:9b:0c:aa:
c7:de:b5:7e:82:73:9d:a4:db:23:d8:2c:c6:e8:e6:
84:ae:00:15:b2:0b:d8:05:7d:61:ec:30:76:36:8d:
a8:86:77:75:c1:81:d5:d2:4b:e5:f4:53:57:60:02:
ef:2d:85:1c:97:b7:be:77:04:51:c8:33:79:2e:ab:
d0:07:2c:ac:9a:4e:0e:4a:c5:aa:f4:42:c2:23:a5:
13:18:97:83:9d:0c:47:00:96:cb:d3:63:f5:e9:34:
da:6a:92:25:f3:4a:0b:73:23:e8:7b:9d:34:6d:04:
11:96:6e:5f:fa:28:4b:54:a0:fa:71:6c:f0:0c:66:
8f:9d:56:53:e6:c5:ae:09:ce:ff:3a:a3:43:7d:13:
16:52:6f:b9:e8:d7:28:f4:d7:13:eb:5b:a9:97:87:
20:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:B2:E7:10:11:3A:D5:3A:75:32:F0:CC:B3:8B:52:EC:B3:81:A9:AC
X509v3 Authority Key Identifier:
keyid:B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/1-rLnEBE61Tp1MvDMs4tS7LOBqaw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/tPljRdPyLts5XSR_e4bS1z5KAJE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a03:f7c0::/29
2a06:ddc0::/29
2a09:5300::/29
2a0b:8040::/29
2a0b:a300::/32
2a0b:d900::/29
2a0b:e9c0::/29
2a0c:5c0::/29
2a0c:5d00::/29
2a0c:6980::/29
2a0c:7440::/29
2a0c:74c0::/29
2a0c:7540::/29
2a0d:8340::/29
2a0d:88c0::/29
2a0f:1180::/29
2a0f:2380::/29
2a0f:3380::/29
2a0f:4580::/29
2a0f:4680::/29
2a0f:5580::/29
2a0f:7100::/29
2a0f:7300::/29
2a0f:7b80::/29
2a0f:7c80::/29
2a0f:a500::/29
2a0f:a700::/29
Signature Algorithm: sha256WithRSAEncryption
bf:84:04:5d:70:62:21:04:e2:06:e8:e1:a3:1f:1e:0b:d9:80:
fc:4f:48:1d:25:a3:09:32:2a:8c:9d:3d:81:34:f1:91:a5:cc:
03:29:ed:7a:fd:4e:d5:e6:4b:b3:a9:d1:52:3c:f7:52:ee:f4:
cd:49:14:e5:f4:ea:51:07:8a:57:7c:ba:43:2e:ee:d2:8e:0a:
37:f6:d9:01:f7:04:d0:e0:6a:b2:5f:3a:37:1a:d1:a2:aa:9b:
72:95:4a:d7:8d:32:79:10:41:da:67:61:89:16:68:b4:80:74:
ad:b6:cc:d4:d2:8d:5e:c5:81:9f:11:05:04:20:86:eb:45:69:
eb:6d:b6:93:dd:24:89:d2:c2:c8:75:5a:11:d8:94:3e:5d:78:
f6:3e:ab:93:d4:66:e8:63:b4:01:ee:79:25:42:2e:7e:8b:f7:
05:1f:f4:d1:22:14:4e:4b:f9:41:9c:fd:f0:0b:49:9e:ac:e2:
98:db:64:f8:8d:47:1f:f8:ba:c0:60:85:b3:fd:f7:4b:b0:a2:
c3:26:d8:f6:fd:9d:14:fd:6d:23:72:77:f0:85:4e:0d:6e:d8:
91:9c:f4:f5:23:8a:00:13:3c:83:7b:4b:d6:c7:7d:9f:27:c7:
df:99:b8:13:ba:cc:45:be:37:7c:16:e1:d3:5c:82:ed:3d:67:
a3:51:19:78
-----BEGIN CERTIFICATE-----
MIIFrDCCBJSgAwIBAgIEBXD5GjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
NGY5NjM0NWQzZjIyZWRiMzk1ZDI0N2Y3Yjg2ZDJkNzNlNGEwMDkxMB4XDTIyMDcw
MjE1MjMyNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZmFiMmU3MTAxMTNh
ZDUzYTc1MzJmMGNjYjM4YjUyZWNiMzgxYTlhYzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJBRWNKJNJC8HI5P9FVK0bj1cCOOrHSzKg0F0CSMkkowa9KL
WRSGezYpTVNmErxI36PMYSe0xDuc8l/IPUUondgBIl6E7/Kfnz1K6dXLajLe8KBg
nXe7VnNoBqoC/8Uj7KKDx9dAmwyqx961foJznaTbI9gsxujmhK4AFbIL2AV9Yeww
djaNqIZ3dcGB1dJL5fRTV2AC7y2FHJe3vncEUcgzeS6r0AcsrJpODkrFqvRCwiOl
ExiXg50MRwCWy9Nj9ek02mqSJfNKC3Mj6HudNG0EEZZuX/ooS1Sg+nFs8Axmj51W
U+bFrgnO/zqjQ30TFlJvuejXKPTXE+tbqZeHIPUCAwEAAaOCAsYwggLCMB0GA1Ud
DgQWBBT6sucQETrVOnUy8Myzi1Lss4GprDAfBgNVHSMEGDAWgBS0+WNF0/Iu2zld
JH97htLXPkoAkTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3RQbGpSZFB5THRzNVhTUl9lNGJTMXo1S0FKRS5jZXIwgY4GCCsGAQUFBwELBIGB
MH8wfQYIKwYBBQUHMAuGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYzUvOGUxMjFkLTczYjMtNDM4YS04M2M0LTZmYzM0M2Q3N2NkMi8x
LzEtckxuRUJFNjFUcDFNdkRNczR0UzdMT0JxYXcucm9hMIGBBgNVHR8EejB4MHag
dKByhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2M1
LzhlMTIxZC03M2IzLTQzOGEtODNjNC02ZmMzNDNkNzdjZDIvMS90UGxqUmRQeUx0
czVYU1JfZTRiUzF6NUtBSkUuY3JsMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIw
gdoGCCsGAQUFBwEHAQH/BIHKMIHHMIHEBAIAAjCBvQMFAyoD98ADBQMqBt3AAwUD
KglTAAMFAyoLgEADBQAqC6MAAwUDKgvZAAMFAyoL6cADBQMqDAXAAwUDKgxdAAMF
AyoMaYADBQMqDHRAAwUDKgx0wAMFAyoMdUADBQMqDYNAAwUDKg2IwAMFAyoPEYAD
BQMqDyOAAwUDKg8zgAMFAyoPRYADBQMqD0aAAwUDKg9VgAMFAyoPcQADBQMqD3MA
AwUDKg97gAMFAyoPfIADBQMqD6UAAwUDKg+nADANBgkqhkiG9w0BAQsFAAOCAQEA
v4QEXXBiIQTiBujhox8eC9mA/E9IHSWjCTIqjJ09gTTxkaXMAyntev1O1eZLs6nR
Ujz3Uu70zUkU5fTqUQeKV3y6Qy7u0o4KN/bZAfcE0OBqsl86NxrRoqqbcpVK140y
eRBB2mdhiRZotIB0rbbM1NKNXsWBnxEFBCCG60Vp6222k90kidLCyHVaEdiUPl14
9j6rk9Rm6GO0Ae55JUIufov3BR/00SIUTkv5QZz98AtJnqzimNtk+I1HH/i6wGCF
s/33S7CiwybY9v2dFP1tI3J38IVODW7YkZz09SOKABM8g3tL1sd9nyfH35m4E7rM
Rb43fBbh01yC7T1no1EZeA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:43:08 2024 by rpki-client on console-ams.rpki-client.org