Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/bb6e7e-ab1d-4da5-9c96-ff68e9225f7d/1/RCZPUplIUDDVBYvLnt71g05jRA0.roa
File: RCZPUplIUDDVBYvLnt71g05jRA0.roa (raw, json)
Hash identifier: yEAzQReQ3M+oudVKXqXjT1hBYnoVr4mEW91Z8/26tSY=
Subject key identifier: 44:26:4F:52:99:48:50:30:D5:05:8B:CB:9E:DE:F5:83:4E:63:44:0D
Certificate issuer: /CN=9334a82fdc08f0e8de5d848d377e0cc5d97799bf
Certificate serial: 01924745F0D56F92AABD58D4822452A9A25F
Authority key identifier: 93:34:A8:2F:DC:08:F0:E8:DE:5D:84:8D:37:7E:0C:C5:D9:77:99:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kzSoL9wI8OjeXYSNN34Mxdl3mb8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/da/bb6e7e-ab1d-4da5-9c96-ff68e9225f7d/1/RCZPUplIUDDVBYvLnt71g05jRA0.roa
Signing time: Tue 01 Oct 2024 08:50:18 +0000
ROA not before: Tue 01 Oct 2024 08:50:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 35600
IP address blocks: 2a01:4fe0::/32 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:47:45:f0:d5:6f:92:aa:bd:58:d4:82:24:52:a9:a2:5f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9334a82fdc08f0e8de5d848d377e0cc5d97799bf
Validity
Not Before: Oct 1 08:50:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=44264f5299485030d5058bcb9edef5834e63440d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:44:30:3b:9d:10:78:03:6c:38:37:9d:52:93:
e3:a6:cb:d0:c9:2c:bf:71:23:e0:23:a5:99:ae:43:
12:d4:7b:5d:df:3a:17:56:9d:b7:e6:41:e0:cf:82:
20:e9:0a:02:fa:58:48:40:63:2b:80:45:d7:55:d5:
6a:80:d3:2d:4e:6f:a7:08:ad:fc:b0:13:29:4c:f8:
43:1c:a7:5e:4d:07:d3:40:d3:f8:38:bd:ad:d2:61:
43:d8:80:33:63:57:52:3f:49:23:57:45:0b:e9:b2:
5c:2e:9a:1d:32:a8:d8:c3:a6:43:12:7e:6a:21:64:
9f:97:da:b9:5a:43:a6:66:43:dc:e7:0d:35:69:53:
5b:c1:80:e1:4b:36:ec:93:d7:71:3e:24:6b:a4:e9:
ca:51:3b:01:51:3a:df:c9:66:51:5a:e4:66:82:90:
6d:cb:93:1a:c6:93:a6:55:40:8f:6a:79:1e:3c:d1:
50:1c:e1:ac:44:18:9d:36:3d:6f:7c:d6:07:b0:3e:
af:f5:11:f0:2b:8d:9d:a5:15:9f:4c:8b:2a:59:76:
30:db:04:5b:61:07:5f:c8:9b:3d:f9:b7:d5:fa:65:
b6:ba:86:3c:1e:b4:60:78:4f:c6:e6:3e:ce:2a:f4:
c1:94:13:b9:13:3c:5b:ca:9a:80:e6:26:a7:34:2c:
00:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:26:4F:52:99:48:50:30:D5:05:8B:CB:9E:DE:F5:83:4E:63:44:0D
X509v3 Authority Key Identifier:
keyid:93:34:A8:2F:DC:08:F0:E8:DE:5D:84:8D:37:7E:0C:C5:D9:77:99:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kzSoL9wI8OjeXYSNN34Mxdl3mb8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/bb6e7e-ab1d-4da5-9c96-ff68e9225f7d/1/RCZPUplIUDDVBYvLnt71g05jRA0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/da/bb6e7e-ab1d-4da5-9c96-ff68e9225f7d/1/kzSoL9wI8OjeXYSNN34Mxdl3mb8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a01:4fe0::/32
Signature Algorithm: sha256WithRSAEncryption
4a:44:fb:58:fa:79:ed:a3:36:70:28:b2:a4:04:38:ae:71:80:
52:f7:87:cc:76:2e:5b:11:40:c7:be:5d:94:19:d7:39:37:2f:
a0:5e:db:8a:a7:9e:8c:26:53:29:6a:1a:5d:96:5c:d8:e6:10:
7d:4d:56:48:f1:47:eb:60:4c:c7:c6:ab:ff:41:9a:4e:0d:df:
9d:ee:60:a5:ed:9e:0f:a0:e5:4e:46:f4:d7:55:4a:5b:84:e3:
81:ba:75:e9:ea:bd:fc:52:58:34:ba:97:7a:7c:84:71:7a:ea:
34:4c:1a:17:14:8a:36:c1:bb:3a:74:7f:8f:c8:17:e7:6b:f8:
6e:37:b6:57:77:0f:2f:6e:7a:4c:e7:ff:15:34:93:bf:a8:54:
07:97:5f:ad:64:78:8d:ce:83:d8:a8:b8:ca:92:86:66:04:8d:
15:1a:cb:cd:b7:41:27:45:18:cd:06:1c:8b:64:1f:40:6c:5c:
f2:07:e2:fb:d2:64:d6:ab:e9:50:42:65:94:2b:ca:84:65:42:
b4:6b:be:a9:57:24:2a:8a:95:70:03:de:9f:78:48:f2:46:10:
f1:c2:6e:a6:74:71:aa:a7:07:81:45:ea:80:cd:bd:cf:d2:da:
f7:ee:6e:a3:8e:3c:b4:4b:ab:a9:a3:f6:fb:a7:66:b2:f4:38:
00:76:75:a0
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZJHRfDVb5KqvVjUgiRSqaJfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkzMzRhODJmZGMwOGYwZThkZTVkODQ4ZDM3N2UwY2M1ZDk3
Nzk5YmYwHhcNMjQxMDAxMDg1MDE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NDI2NGY1Mjk5NDg1MDMwZDUwNThiY2I5ZWRlZjU4MzRlNjM0NDBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoEQwO50QeANsODedUpPjpsvQySy/
cSPgI6WZrkMS1Htd3zoXVp235kHgz4Ig6QoC+lhIQGMrgEXXVdVqgNMtTm+nCK38
sBMpTPhDHKdeTQfTQNP4OL2t0mFD2IAzY1dSP0kjV0UL6bJcLpodMqjYw6ZDEn5q
IWSfl9q5WkOmZkPc5w01aVNbwYDhSzbsk9dxPiRrpOnKUTsBUTrfyWZRWuRmgpBt
y5MaxpOmVUCPankePNFQHOGsRBidNj1vfNYHsD6v9RHwK42dpRWfTIsqWXYw2wRb
YQdfyJs9+bfV+mW2uoY8HrRgeE/G5j7OKvTBlBO5EzxbypqA5ianNCwAGQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFEQmT1KZSFAw1QWLy57e9YNOY0QNMB8GA1UdIwQY
MBaAFJM0qC/cCPDo3l2EjTd+DMXZd5m/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3pTb0w5d0k4T2plWFlTTk4zNE14ZGwzbWI4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS9iYjZlN2UtYWIxZC00ZGE1LTljOTYt
ZmY2OGU5MjI1ZjdkLzEvUkNaUFVwbElVRERWQll2TG50NzFnMDVqUkEwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYS9iYjZlN2UtYWIxZC00ZGE1LTljOTYtZmY2OGU5MjI1Zjdk
LzEva3pTb0w5d0k4T2plWFlTTk4zNE14ZGwzbWI4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKgFP4DAN
BgkqhkiG9w0BAQsFAAOCAQEASkT7WPp57aM2cCiypAQ4rnGAUveHzHYuWxFAx75d
lBnXOTcvoF7biqeejCZTKWoaXZZc2OYQfU1WSPFH62BMx8ar/0GaTg3fne5gpe2e
D6DlTkb011VKW4Tjgbp16eq9/FJYNLqXenyEcXrqNEwaFxSKNsG7OnR/j8gX52v4
bje2V3cPL256TOf/FTSTv6hUB5dfrWR4jc6D2Ki4ypKGZgSNFRrLzbdBJ0UYzQYc
i2QfQGxc8gfi+9Jk1qvpUEJllCvKhGVCtGu+qVckKoqVcAPen3hI8kYQ8cJupnRx
qqcHgUXqgM29z9La9+5uo448tEurqaP2+6dmsvQ4AHZ1oA==
-----END CERTIFICATE-----
Generated at Wed Oct 2 15:13:49 2024 by rpki-client on console-fra.rpki-client.org