Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d6/eb3c94-1de9-4ed3-b7b3-162efdf8283e/1/r2FvMxkwtCv1IhHStBtqWV1amF0.roa
File: r2FvMxkwtCv1IhHStBtqWV1amF0.roa (raw, json)
Hash identifier: 5FOD+vYA0pX9SCiDwnigSGmEX8LG1efi/t5n2BDtB+c=
Subject key identifier: AF:61:6F:33:19:30:B4:2B:F5:22:11:D2:B4:1B:6A:59:5D:5A:98:5D
Certificate issuer: /CN=f8b6ce18102b36aca6f7e97507c65cdcdd1aeea5
Certificate serial: 01856C9CC8A4A807120E79D4747DDA2F0DBD
Authority key identifier: F8:B6:CE:18:10:2B:36:AC:A6:F7:E9:75:07:C6:5C:DC:DD:1A:EE:A5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-LbOGBArNqym9-l1B8Zc3N0a7qU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d6/eb3c94-1de9-4ed3-b7b3-162efdf8283e/1/r2FvMxkwtCv1IhHStBtqWV1amF0.roa
Signing time: Sun 01 Jan 2023 09:14:52 +0000
ROA not before: Sun 01 Jan 2023 09:14:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204790
IP address blocks: 2a11:7ec0::/29 maxlen: 29
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:9c:c8:a4:a8:07:12:0e:79:d4:74:7d:da:2f:0d:bd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f8b6ce18102b36aca6f7e97507c65cdcdd1aeea5
Validity
Not Before: Jan 1 09:14:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=af616f331930b42bf52211d2b41b6a595d5a985d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:3a:80:7d:43:75:b1:00:e8:22:fd:2a:9a:22:
57:e3:9f:d9:b7:40:e4:eb:a7:84:67:51:20:37:e5:
fc:3c:16:08:ce:80:60:71:25:b1:79:58:27:f7:c9:
8b:ee:ff:b6:6d:16:cd:bd:1f:50:bc:47:a9:32:6f:
7a:dd:bb:9f:70:f0:8c:fe:1d:c3:66:81:a0:0c:46:
5b:d1:14:2d:bb:ad:e8:0d:a2:20:b2:c4:93:e0:e4:
e2:1c:10:a1:b4:76:2d:35:77:bc:c6:48:fd:30:0d:
f3:ad:b7:e0:ff:a9:d4:19:35:29:38:35:f6:2e:9f:
7d:69:f1:a9:c4:8d:fb:70:d0:5b:1c:c1:ba:93:4a:
bb:cf:81:2b:1a:4a:88:d8:ec:af:57:b8:51:1a:45:
66:d6:c5:9a:0d:b4:14:b7:c8:95:b8:99:60:31:c0:
bd:52:78:b9:aa:66:3a:ad:a0:86:93:a5:cf:50:fc:
e7:41:9a:df:c0:14:86:d6:bf:fa:73:c3:b9:1c:29:
10:41:77:b6:4c:6c:7f:8f:45:08:fa:0d:c2:00:78:
cc:99:7c:e6:78:e1:b0:9c:22:85:52:bb:2b:55:ad:
a4:ba:ca:9c:6e:07:99:4d:33:84:5a:1f:d1:2b:13:
f2:31:70:d9:c2:ed:bf:e0:b8:1e:b8:41:8e:2f:2b:
a9:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:61:6F:33:19:30:B4:2B:F5:22:11:D2:B4:1B:6A:59:5D:5A:98:5D
X509v3 Authority Key Identifier:
keyid:F8:B6:CE:18:10:2B:36:AC:A6:F7:E9:75:07:C6:5C:DC:DD:1A:EE:A5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-LbOGBArNqym9-l1B8Zc3N0a7qU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d6/eb3c94-1de9-4ed3-b7b3-162efdf8283e/1/r2FvMxkwtCv1IhHStBtqWV1amF0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d6/eb3c94-1de9-4ed3-b7b3-162efdf8283e/1/1-LbOGBArNqym9-l1B8Zc3N0a7qU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:7ec0::/29
Signature Algorithm: sha256WithRSAEncryption
4c:07:69:dc:63:4f:88:10:eb:ed:65:03:2b:86:0e:6a:b7:23:
9c:94:e7:80:ae:d4:bf:a7:46:34:c4:5c:e4:ff:81:43:e4:a3:
0b:d4:1c:de:31:17:25:25:9b:da:12:c6:4b:7d:bc:e0:d9:fc:
36:a4:60:d3:cc:61:63:62:68:b1:26:1d:40:8f:b2:84:4a:47:
73:de:ea:4b:a6:ae:6a:37:1c:40:57:fd:b2:96:ea:67:9e:15:
c4:a9:1e:76:1b:0d:f8:8e:de:45:82:02:b2:05:4c:6d:62:5f:
18:be:78:9b:8f:49:fb:08:1b:17:96:99:d7:ca:b8:be:db:c3:
16:65:64:32:a8:27:cb:6c:2a:b5:8d:98:8a:1d:01:04:60:b5:
47:a4:20:c1:47:e5:9f:ae:a3:57:fc:73:e5:5d:1c:c0:f7:cf:
f9:98:6f:36:0d:b0:c8:00:85:19:63:b4:94:18:9a:5b:09:43:
83:a2:ab:4c:78:7e:d3:ad:ff:4e:a8:12:9f:0d:79:37:54:6b:
fd:bd:35:c5:d2:56:04:a7:cb:da:b0:4c:76:4d:67:9a:8e:98:
15:41:26:a4:11:4e:41:47:a5:67:ba:25:54:84:d3:6a:39:e7:
96:fb:58:58:44:69:d7:8f:f9:c8:9f:05:c0:ce:3a:86:06:0d:
fe:16:2a:69
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVsnMikqAcSDnnUdH3aLw29MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY4YjZjZTE4MTAyYjM2YWNhNmY3ZTk3NTA3YzY1Y2RjZGQx
YWVlYTUwHhcNMjMwMTAxMDkxNDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZjYxNmYzMzE5MzBiNDJiZjUyMjExZDJiNDFiNmE1OTVkNWE5ODVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAozqAfUN1sQDoIv0qmiJX45/Zt0Dk
66eEZ1EgN+X8PBYIzoBgcSWxeVgn98mL7v+2bRbNvR9QvEepMm963bufcPCM/h3D
ZoGgDEZb0RQtu63oDaIgssST4OTiHBChtHYtNXe8xkj9MA3zrbfg/6nUGTUpODX2
Lp99afGpxI37cNBbHMG6k0q7z4ErGkqI2OyvV7hRGkVm1sWaDbQUt8iVuJlgMcC9
Uni5qmY6raCGk6XPUPznQZrfwBSG1r/6c8O5HCkQQXe2TGx/j0UI+g3CAHjMmXzm
eOGwnCKFUrsrVa2kusqcbgeZTTOEWh/RKxPyMXDZwu2/4LgeuEGOLyup0wIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFK9hbzMZMLQr9SIR0rQballdWphdMB8GA1UdIwQY
MBaAFPi2zhgQKzaspvfpdQfGXNzdGu6lMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1MYk9HQkFyTnF5bTktbDFCOFpjM04wYTdxVS5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDYvZWIzYzk0LTFkZTktNGVkMy1iN2Iz
LTE2MmVmZGY4MjgzZS8xL3IyRnZNeGt3dEN2MUloSFN0QnRxV1YxYW1GMC5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvZDYvZWIzYzk0LTFkZTktNGVkMy1iN2IzLTE2MmVmZGY4Mjgz
ZS8xLzEtTGJPR0JBck5xeW05LWwxQjhaYzNOMGE3cVUuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwIAYIKwYBBQUHAQcBAf8EETAPMA0EAgACMAcDBQMqEX7A
MA0GCSqGSIb3DQEBCwUAA4IBAQBMB2ncY0+IEOvtZQMrhg5qtyOclOeArtS/p0Y0
xFzk/4FD5KML1BzeMRclJZvaEsZLfbzg2fw2pGDTzGFjYmixJh1Aj7KESkdz3upL
pq5qNxxAV/2ylupnnhXEqR52Gw34jt5FggKyBUxtYl8Yvnibj0n7CBsXlpnXyri+
28MWZWQyqCfLbCq1jZiKHQEEYLVHpCDBR+WfrqNX/HPlXRzA98/5mG82DbDIAIUZ
Y7SUGJpbCUODoqtMeH7Trf9OqBKfDXk3VGv9vTXF0lYEp8vasEx2TWeajpgVQSak
EU5BR6VnuiVUhNNqOeeW+1hYRGnXj/nInwXAzjqGBg3+Fipp
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:04:40 2023 by rpki-client on console-fra.rpki-client.org