Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/f2UymIZl-2sFf4DzI_LBjEGRDjI.roa
File: f2UymIZl-2sFf4DzI_LBjEGRDjI.roa (raw, json)
Hash identifier: kzvZh0lQsiKNRq90nnoAwji0w9R8GkhfWgrsFliIVZY=
Subject key identifier: 7F:65:32:98:86:65:FB:6B:05:7F:80:F3:23:F2:C1:8C:41:91:0E:32
Certificate issuer: /CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Certificate serial: 018A26CEC8EC2DF7BCE700536122F2411619
Authority key identifier: B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/f2UymIZl-2sFf4DzI_LBjEGRDjI.roa
Signing time: Thu 24 Aug 2023 09:10:00 +0000
ROA not before: Thu 24 Aug 2023 09:10:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 12608
IP address blocks: 2a0f:2380::/29 maxlen: 29
2a0f:a700::/29 maxlen: 29
2a0d:88c0::/29 maxlen: 29
2a0f:7300::/29 maxlen: 29
2a09:5300::/29 maxlen: 29
2a0d:8340::/29 maxlen: 29
2a0b:a300::/32 maxlen: 32
2a0c:7440::/29 maxlen: 29
2a0c:74c0::/29 maxlen: 29
2a0f:5580::/29 maxlen: 29
2a0c:7540::/29 maxlen: 29
2a0f:7b80::/29 maxlen: 29
2a0f:7100::/29 maxlen: 29
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:26:ce:c8:ec:2d:f7:bc:e7:00:53:61:22:f2:41:16:19
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Validity
Not Before: Aug 24 09:10:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7f6532988665fb6b057f80f323f2c18c41910e32
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:19:8c:f1:aa:7a:3f:c8:29:27:2f:dc:60:c9:
ec:50:32:5e:bb:fb:a7:b8:74:f6:4a:93:49:fa:88:
76:fc:30:6f:23:34:79:01:31:86:a5:d3:07:fa:25:
dc:6b:93:58:1b:ce:0e:8f:5a:f4:d0:63:ef:75:8d:
92:08:1a:16:0d:eb:14:c8:cf:ab:8d:82:97:64:75:
2a:21:d6:0a:1c:0d:a9:aa:b2:ff:d0:16:f8:6d:c2:
8f:17:ee:5c:f7:76:38:08:35:eb:62:56:d4:be:db:
e7:9a:49:06:f5:5a:8d:cf:f5:ab:9a:72:4f:42:63:
d1:e3:f9:02:92:db:41:f2:f1:02:78:76:02:c1:22:
94:3b:57:a9:5b:fb:54:a2:98:0b:e6:c6:a9:79:fa:
2d:69:37:b9:0e:1f:11:c0:dc:da:67:a4:4d:dc:93:
27:52:5e:6c:88:d2:b2:b1:c8:8b:6b:f9:66:a7:15:
71:f2:d9:6e:1f:73:ab:c9:17:d1:e4:f1:ee:ef:10:
a0:1b:f6:1e:ab:c5:11:d0:06:7d:06:0f:ed:4c:f8:
d6:77:11:39:a4:8a:5a:66:df:a2:ac:d5:89:91:5c:
22:c6:72:e9:70:87:af:a7:60:dd:c9:89:ce:65:b7:
3f:4f:9b:a5:58:05:3f:96:02:ab:b7:46:f1:0c:7c:
fa:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:65:32:98:86:65:FB:6B:05:7F:80:F3:23:F2:C1:8C:41:91:0E:32
X509v3 Authority Key Identifier:
keyid:B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/f2UymIZl-2sFf4DzI_LBjEGRDjI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/tPljRdPyLts5XSR_e4bS1z5KAJE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a09:5300::/29
2a0b:a300::/32
2a0c:7440::/29
2a0c:74c0::/29
2a0c:7540::/29
2a0d:8340::/29
2a0d:88c0::/29
2a0f:2380::/29
2a0f:5580::/29
2a0f:7100::/29
2a0f:7300::/29
2a0f:7b80::/29
2a0f:a700::/29
Signature Algorithm: sha256WithRSAEncryption
32:c1:db:78:1a:0d:43:58:78:2d:d4:8a:ad:0e:df:f4:c2:85:
22:e7:58:fd:c3:8f:5f:33:df:fb:96:18:8d:e8:13:9d:be:28:
8b:b4:c9:97:fd:34:5b:7d:23:7c:93:2d:3d:6f:39:99:76:f4:
72:ee:23:8f:eb:2b:68:a0:10:25:82:a7:54:92:2a:86:2d:ac:
33:f2:cb:13:81:48:92:64:b8:40:54:df:55:2b:01:77:67:97:
75:4f:b1:c2:f3:fc:b9:a3:33:4a:2f:89:47:12:a1:20:3e:b7:
f6:8b:a3:92:c0:d8:8a:ff:6c:67:71:ec:a6:36:af:f5:85:18:
53:0b:53:08:16:50:51:32:25:63:ec:64:14:2c:62:ee:0e:0c:
10:dc:04:af:f3:b2:0b:6b:0b:48:f3:53:8d:d6:32:5f:ec:a5:
56:9c:0b:bc:16:73:f5:36:27:ec:2a:b6:cc:bf:53:5a:75:0e:
3d:da:78:6d:7c:fe:08:cf:13:88:14:b1:cd:ca:c8:11:dd:be:
d6:e2:16:78:ba:c9:09:62:c5:d2:31:da:1e:8c:fb:68:6d:80:
a3:15:9c:44:d9:fb:e1:01:e3:f7:e9:31:9e:bf:58:15:50:7d:
15:82:08:66:5a:d7:78:7e:ed:90:32:25:4f:b9:c8:03:33:8a:
6c:63:7e:36
-----BEGIN CERTIFICATE-----
MIIFUjCCBDqgAwIBAgISAYomzsjsLfe85wBTYSLyQRYZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0Zjk2MzQ1ZDNmMjJlZGIzOTVkMjQ3ZjdiODZkMmQ3M2U0
YTAwOTEwHhcNMjMwODI0MDkxMDAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZjY1MzI5ODg2NjVmYjZiMDU3ZjgwZjMyM2YyYzE4YzQxOTEwZTMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArxmM8ap6P8gpJy/cYMnsUDJeu/un
uHT2SpNJ+oh2/DBvIzR5ATGGpdMH+iXca5NYG84Oj1r00GPvdY2SCBoWDesUyM+r
jYKXZHUqIdYKHA2pqrL/0Bb4bcKPF+5c93Y4CDXrYlbUvtvnmkkG9VqNz/WrmnJP
QmPR4/kCkttB8vECeHYCwSKUO1epW/tUopgL5sapefotaTe5Dh8RwNzaZ6RN3JMn
Ul5siNKysciLa/lmpxVx8tluH3OryRfR5PHu7xCgG/Yeq8UR0AZ9Bg/tTPjWdxE5
pIpaZt+irNWJkVwixnLpcIevp2DdyYnOZbc/T5ulWAU/lgKrt0bxDHz6IQIDAQAB
o4ICXjCCAlowHQYDVR0OBBYEFH9lMpiGZftrBX+A8yPywYxBkQ4yMB8GA1UdIwQY
MBaAFLT5Y0XT8i7bOV0kf3uG0tc+SgCRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQt
NmZjMzQzZDc3Y2QyLzEvZjJVeW1JWmwtMnNGZjREeklfTEJqRUdSRGpJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQtNmZjMzQzZDc3Y2Qy
LzEvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHQGCCsGAQUFBwEHAQH/BGUwYzBhBAIAAjBbAwUDKglTAAMF
ACoLowADBQMqDHRAAwUDKgx0wAMFAyoMdUADBQMqDYNAAwUDKg2IwAMFAyoPI4AD
BQMqD1WAAwUDKg9xAAMFAyoPcwADBQMqD3uAAwUDKg+nADANBgkqhkiG9w0BAQsF
AAOCAQEAMsHbeBoNQ1h4LdSKrQ7f9MKFIudY/cOPXzPf+5YYjegTnb4oi7TJl/00
W30jfJMtPW85mXb0cu4jj+sraKAQJYKnVJIqhi2sM/LLE4FIkmS4QFTfVSsBd2eX
dU+xwvP8uaMzSi+JRxKhID639oujksDYiv9sZ3Hspjav9YUYUwtTCBZQUTIlY+xk
FCxi7g4MENwEr/OyC2sLSPNTjdYyX+ylVpwLvBZz9TYn7Cq2zL9TWnUOPdp4bXz+
CM8TiBSxzcrIEd2+1uIWeLrJCWLF0jHaHoz7aG2AoxWcRNn74QHj9+kxnr9YFVB9
FYIIZlrXeH7tkDIlT7nIAzOKbGN+Ng==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:53:08 2024 by rpki-client on console-fra.rpki-client.org