Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/1df143-7caa-4934-b076-f8bd004c3089/1/3QJqF7DcgPqFk_MJvgBv7XjeAkQ.roa
File: 3QJqF7DcgPqFk_MJvgBv7XjeAkQ.roa (raw, json)
Hash identifier: G3QT+Q9DO9DphuwxdS9kVD6shzfxwy750qqe27Ngq+8=
Subject key identifier: DD:02:6A:17:B0:DC:80:FA:85:93:F3:09:BE:00:6F:ED:78:DE:02:44
Certificate issuer: /CN=755f9dbbc025feece07237bec0bbd05e201c84bd
Certificate serial: 2CCB3F
Authority key identifier: 75:5F:9D:BB:C0:25:FE:EC:E0:72:37:BE:C0:BB:D0:5E:20:1C:84:BD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dV-du8Al_uzgcje-wLvQXiAchL0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/1df143-7caa-4934-b076-f8bd004c3089/1/3QJqF7DcgPqFk_MJvgBv7XjeAkQ.roa
Signing time: Tue 22 Feb 2022 10:59:13 +0000
ROA not before: Tue 22 Feb 2022 10:59:13 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 210189
IP address blocks: 2001:67c:8f4::/48 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2935615 (0x2ccb3f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=755f9dbbc025feece07237bec0bbd05e201c84bd
Validity
Not Before: Feb 22 10:59:13 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=dd026a17b0dc80fa8593f309be006fed78de0244
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:83:60:f1:6b:28:9c:6c:ff:49:82:10:89:7a:
29:82:57:79:d0:e0:05:d2:d4:22:7d:31:2c:60:64:
0c:45:76:7b:f3:33:83:94:63:5c:68:78:00:be:69:
53:36:d1:ff:ac:0c:51:dd:db:af:0f:a2:7d:66:f8:
a8:ab:ff:ee:9a:ea:02:e2:fe:44:bc:1b:43:ab:37:
06:a7:ab:64:64:b3:b2:44:db:9e:d0:fd:14:ba:f8:
98:1a:0f:9d:85:64:d1:b3:9c:41:a2:64:f1:11:09:
8f:e5:c2:ef:5f:fc:b1:57:86:44:90:67:49:62:d2:
d5:4a:61:8f:34:77:85:61:16:36:0d:5f:4c:91:a5:
83:26:51:98:c1:e7:dd:50:c4:1b:c7:2e:2a:88:60:
2a:d4:a8:0a:60:af:d8:de:28:4f:29:67:13:ed:c6:
64:d0:43:98:0f:05:c0:7f:1f:49:5a:a3:6a:82:c7:
65:98:6d:bd:54:ed:df:e3:c8:58:9b:fe:cc:91:5d:
91:b7:53:6f:d4:5d:17:dd:35:3d:c3:55:05:8b:09:
0c:29:d8:63:79:d5:35:16:12:8f:20:ef:05:a5:e8:
02:58:86:c7:2e:cf:81:80:7e:35:e6:46:f7:79:c5:
e1:94:d6:be:20:39:9e:8d:d5:ff:db:6d:cc:d6:8c:
2d:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:02:6A:17:B0:DC:80:FA:85:93:F3:09:BE:00:6F:ED:78:DE:02:44
X509v3 Authority Key Identifier:
keyid:75:5F:9D:BB:C0:25:FE:EC:E0:72:37:BE:C0:BB:D0:5E:20:1C:84:BD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dV-du8Al_uzgcje-wLvQXiAchL0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/1df143-7caa-4934-b076-f8bd004c3089/1/3QJqF7DcgPqFk_MJvgBv7XjeAkQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/1df143-7caa-4934-b076-f8bd004c3089/1/dV-du8Al_uzgcje-wLvQXiAchL0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:8f4::/48
Signature Algorithm: sha256WithRSAEncryption
44:87:f8:c4:cb:8a:b9:01:69:5e:8a:b5:62:4d:35:a4:8e:13:
4b:d8:77:b8:4e:b0:52:2e:34:69:6f:cb:01:85:ca:24:eb:39:
4f:92:1b:1b:be:d6:f7:d1:a0:99:1f:de:a5:b7:2b:7e:1c:c1:
15:2f:03:1f:6b:ce:7f:29:aa:30:29:07:73:3c:2c:0d:c1:4d:
7b:d7:01:bf:6e:68:1f:0a:02:63:86:0e:b9:b0:c0:0a:5d:51:
64:e4:14:00:48:5f:b0:c6:a9:be:4e:67:7f:01:3a:4c:1e:b4:
87:a0:05:32:d3:15:81:cc:7f:78:6c:ef:f5:23:07:27:b3:8d:
a1:5a:72:4d:29:1f:eb:33:05:1a:41:6a:5b:77:7a:48:18:0b:
cb:ba:c6:f0:e7:2a:79:a0:ec:e0:39:1c:cd:1b:80:5b:49:b3:
42:86:84:33:cf:bb:1c:9c:c5:ad:a0:e8:eb:08:b6:02:07:a8:
5b:78:57:e9:b1:f7:29:11:cf:83:1c:e8:f8:c3:8d:10:83:83:
b0:dd:bc:68:d1:1f:da:8e:3f:c7:69:9d:97:da:35:54:5d:26:
ec:11:8d:c9:fc:1b:40:da:dc:63:cd:de:32:85:81:c7:14:dd:
68:2c:89:68:e8:9c:29:57:ab:95:e6:46:ad:a2:9d:c2:3e:be:
cb:a7:db:b3
-----BEGIN CERTIFICATE-----
MIIE8TCCA9mgAwIBAgIDLMs/MA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDc1
NWY5ZGJiYzAyNWZlZWNlMDcyMzdiZWMwYmJkMDVlMjAxYzg0YmQwHhcNMjIwMjIy
MTA1OTEzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyhkZDAyNmExN2IwZGM4
MGZhODU5M2YzMDliZTAwNmZlZDc4ZGUwMjQ0MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEA3oNg8WsonGz/SYIQiXopgld50OAF0tQifTEsYGQMRXZ78zOD
lGNcaHgAvmlTNtH/rAxR3duvD6J9Zvioq//umuoC4v5EvBtDqzcGp6tkZLOyRNue
0P0UuviYGg+dhWTRs5xBomTxEQmP5cLvX/yxV4ZEkGdJYtLVSmGPNHeFYRY2DV9M
kaWDJlGYwefdUMQbxy4qiGAq1KgKYK/Y3ihPKWcT7cZk0EOYDwXAfx9JWqNqgsdl
mG29VO3f48hYm/7MkV2Rt1Nv1F0X3TU9w1UFiwkMKdhjedU1FhKPIO8FpegCWIbH
Ls+BgH415kb3ecXhlNa+IDmejdX/223M1owt5QIDAQABo4ICDDCCAggwHQYDVR0O
BBYEFN0Cahew3ID6hZPzCb4Ab+143gJEMB8GA1UdIwQYMBaAFHVfnbvAJf7s4HI3
vsC70F4gHIS9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
ZFYtZHU4QWxfdXpnY2plLXdMdlFYaUFjaEwwLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9jZC8xZGYxNDMtN2NhYS00OTM0LWIwNzYtZjhiZDAwNGMzMDg5LzEv
M1FKcUY3RGNnUHFGa19NSnZnQnY3WGplQWtRLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC8x
ZGYxNDMtN2NhYS00OTM0LWIwNzYtZjhiZDAwNGMzMDg5LzEvZFYtZHU4QWxfdXpn
Y2plLXdMdlFYaUFjaEwwLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIG
CCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGfAj0MA0GCSqGSIb3DQEBCwUA
A4IBAQBEh/jEy4q5AWleirViTTWkjhNL2He4TrBSLjRpb8sBhcok6zlPkhsbvtb3
0aCZH96ltyt+HMEVLwMfa85/KaowKQdzPCwNwU171wG/bmgfCgJjhg65sMAKXVFk
5BQASF+wxqm+Tmd/ATpMHrSHoAUy0xWBzH94bO/1Iwcns42hWnJNKR/rMwUaQWpb
d3pIGAvLusbw5yp5oOzgORzNG4BbSbNChoQzz7scnMWtoOjrCLYCB6hbeFfpsfcp
Ec+DHOj4w40Qg4Ow3bxo0R/ajj/HaZ2X2jVUXSbsEY3J/BtA2txjzd4yhYHHFN1o
LIlo6JwpV6uV5katop3CPr7Lp9uz
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:04:06 2023 by rpki-client on console-fra.rpki-client.org