Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/cb3a04-4442-40f9-adcf-c751a612b5c0/1/sA1vezfgmdNMw1TtkrpWqcSFejo.roa
File: sA1vezfgmdNMw1TtkrpWqcSFejo.roa (raw, json)
Hash identifier: 8Fo5BythZ7vAX+TWM0JIJ6gDvkPEGKFJ0BOTsrKLbxk=
Subject key identifier: B0:0D:6F:7B:37:E0:99:D3:4C:C3:54:ED:92:BA:56:A9:C4:85:7A:3A
Certificate issuer: /CN=7ba9977d0c656ce119e6c8a1db34aa3148afa868
Certificate serial: 018693EDE1B74D344F944484E7B4C254D962
Authority key identifier: 7B:A9:97:7D:0C:65:6C:E1:19:E6:C8:A1:DB:34:AA:31:48:AF:A8:68
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/e6mXfQxlbOEZ5sih2zSqMUivqGg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/cb3a04-4442-40f9-adcf-c751a612b5c0/1/sA1vezfgmdNMw1TtkrpWqcSFejo.roa
Signing time: Mon 27 Feb 2023 17:31:25 +0000
ROA not before: Mon 27 Feb 2023 17:31:25 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 44853
IP address blocks: 2a0b:fdc0::/29 maxlen: 29
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:93:ed:e1:b7:4d:34:4f:94:44:84:e7:b4:c2:54:d9:62
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7ba9977d0c656ce119e6c8a1db34aa3148afa868
Validity
Not Before: Feb 27 17:31:25 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b00d6f7b37e099d34cc354ed92ba56a9c4857a3a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:a6:d5:72:55:1b:f4:48:64:78:a4:18:80:b9:
9c:4f:08:0d:81:17:06:89:31:5d:e4:5c:13:79:34:
d0:c9:ff:bc:4b:ba:c5:a5:0d:c3:5f:f1:e5:ec:ac:
f0:bd:e0:23:f9:5c:b1:c2:40:95:66:46:21:a5:74:
7c:66:30:9b:20:03:ea:3b:08:fc:46:8e:4f:89:ed:
61:c7:a7:4c:6c:0e:a3:d4:11:3e:9f:8f:08:34:94:
ef:31:ea:08:70:66:ef:a0:d6:c0:e2:9f:af:a3:c8:
79:a4:66:12:60:ea:ce:bd:e6:2f:58:06:b3:29:5a:
04:a2:90:e3:d6:86:8c:53:bb:e8:d1:6c:e7:cf:b2:
15:81:7a:45:80:5d:14:97:ca:f9:b9:32:d2:1a:1c:
19:6a:92:22:c7:f0:22:65:c2:75:90:8f:66:36:d6:
2c:65:ac:69:8d:be:44:f9:59:18:1d:fc:90:83:ff:
fb:6d:ed:fa:65:ae:f4:33:88:58:41:b5:d5:9b:13:
d2:cc:2a:60:f3:6e:63:06:58:d8:6b:7b:86:7a:31:
e3:c4:1c:72:45:4a:49:66:de:3e:7c:e8:61:a1:80:
a5:d1:18:e9:1a:03:17:8a:7b:15:40:ed:b2:11:3f:
c6:e8:44:7c:98:fa:40:63:f4:63:cd:e4:df:ae:50:
71:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:0D:6F:7B:37:E0:99:D3:4C:C3:54:ED:92:BA:56:A9:C4:85:7A:3A
X509v3 Authority Key Identifier:
keyid:7B:A9:97:7D:0C:65:6C:E1:19:E6:C8:A1:DB:34:AA:31:48:AF:A8:68
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6mXfQxlbOEZ5sih2zSqMUivqGg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/cb3a04-4442-40f9-adcf-c751a612b5c0/1/sA1vezfgmdNMw1TtkrpWqcSFejo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/cb3a04-4442-40f9-adcf-c751a612b5c0/1/e6mXfQxlbOEZ5sih2zSqMUivqGg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0b:fdc0::/29
Signature Algorithm: sha256WithRSAEncryption
5e:8f:e9:d9:8f:ae:c9:22:18:33:5b:2a:8e:31:63:df:da:70:
cc:b7:4d:7a:f8:25:27:9d:55:f1:b8:58:28:63:70:e6:86:17:
19:8c:a3:22:4b:97:36:bd:58:10:e6:dd:a0:a9:25:b5:36:58:
45:8b:ce:06:aa:6f:c9:6a:53:63:5c:ba:3e:d4:9f:81:0e:f8:
00:16:ba:78:96:7e:ef:aa:f2:0d:5d:bb:e6:6e:90:8b:06:5a:
cd:a5:db:1a:b2:8e:76:18:e3:ec:ab:ab:44:44:79:aa:e5:4d:
5c:e8:4b:8c:ca:5e:e0:b5:a2:c6:1a:24:32:3f:a5:e5:fa:c2:
ef:98:6b:91:5e:94:97:ef:79:91:bd:5f:fb:a8:94:e2:cd:56:
25:4b:26:5f:6c:e1:28:0f:4b:2c:e6:49:fe:c7:84:6c:54:8b:
7f:96:5c:06:59:57:8a:60:5d:85:d5:3d:48:e0:f1:2b:2d:04:
ad:99:e1:75:81:1b:98:65:98:86:68:d4:64:00:64:0b:0b:c3:
4f:b3:72:b3:b2:37:8f:71:0d:05:1d:91:88:89:d9:ce:a1:df:
dd:f0:52:80:a1:de:b1:f6:39:cd:68:66:cc:77:24:c6:6c:e7:
78:56:5f:c3:98:13:f1:e8:6f:86:54:d0:60:c3:76:15:9e:55:
70:2d:8f:ad
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYaT7eG3TTRPlESE57TCVNliMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdiYTk5NzdkMGM2NTZjZTExOWU2YzhhMWRiMzRhYTMxNDhh
ZmE4NjgwHhcNMjMwMjI3MTczMTI1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMDBkNmY3YjM3ZTA5OWQzNGNjMzU0ZWQ5MmJhNTZhOWM0ODU3YTNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArabVclUb9EhkeKQYgLmcTwgNgRcG
iTFd5FwTeTTQyf+8S7rFpQ3DX/Hl7KzwveAj+VyxwkCVZkYhpXR8ZjCbIAPqOwj8
Ro5Pie1hx6dMbA6j1BE+n48INJTvMeoIcGbvoNbA4p+vo8h5pGYSYOrOveYvWAaz
KVoEopDj1oaMU7vo0Wznz7IVgXpFgF0Ul8r5uTLSGhwZapIix/AiZcJ1kI9mNtYs
Zaxpjb5E+VkYHfyQg//7be36Za70M4hYQbXVmxPSzCpg825jBljYa3uGejHjxBxy
RUpJZt4+fOhhoYCl0RjpGgMXinsVQO2yET/G6ER8mPpAY/RjzeTfrlBxfQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFLANb3s34JnTTMNU7ZK6VqnEhXo6MB8GA1UdIwQY
MBaAFHupl30MZWzhGebIods0qjFIr6hoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZTZtWGZReGxiT0VaNXNpaDJ6U3FNVWl2cUdnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS9jYjNhMDQtNDQ0Mi00MGY5LWFkY2Yt
Yzc1MWE2MTJiNWMwLzEvc0ExdmV6ZmdtZE5NdzFUdGtycFdxY1NGZWpvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS9jYjNhMDQtNDQ0Mi00MGY5LWFkY2YtYzc1MWE2MTJiNWMw
LzEvZTZtWGZReGxiT0VaNXNpaDJ6U3FNVWl2cUdnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKgv9wDAN
BgkqhkiG9w0BAQsFAAOCAQEAXo/p2Y+uySIYM1sqjjFj39pwzLdNevglJ51V8bhY
KGNw5oYXGYyjIkuXNr1YEObdoKkltTZYRYvOBqpvyWpTY1y6PtSfgQ74ABa6eJZ+
76ryDV275m6QiwZazaXbGrKOdhjj7KurRER5quVNXOhLjMpe4LWixhokMj+l5frC
75hrkV6Ul+95kb1f+6iU4s1WJUsmX2zhKA9LLOZJ/seEbFSLf5ZcBllXimBdhdU9
SODxKy0ErZnhdYEbmGWYhmjUZABkCwvDT7Nys7I3j3ENBR2RiInZzqHf3fBSgKHe
sfY5zWhmzHckxmzneFZfw5gT8ehvhlTQYMN2FZ5VcC2PrQ==
-----END CERTIFICATE-----
Generated at Fri Dec 22 14:56:36 2023 by rpki-client on console-ams.rpki-client.org