Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/0c70401c-7f41-4a6b-9434-cc80dca093e6/0/326130613a363034343a363066383a3a2f34362d3436203d3e20323135393233.roa
File: 326130613a363034343a363066383a3a2f34362d3436203d3e20323135393233.roa (raw, json)
Hash identifier: F6j19L7Hv00Jz2ZGA1lCAM7BHuNIWFSviib/OP7antg=
Subject key identifier: A7:76:37:69:24:57:AF:7D:56:21:19:17:77:DC:F2:0F:17:65:DA:DC
Certificate issuer: /CN=F8B2DD948C881B517A20B8566758AB4ABC7B72D0
Certificate serial: 40DA18F24F18078AEF99D6082A5BA1D458CDD06A
Authority key identifier: F8:B2:DD:94:8C:88:1B:51:7A:20:B8:56:67:58:AB:4A:BC:7B:72:D0
Authority info access: rsync://rsync.paas.rpki.ripe.net/repository/3253d973-d5bf-4541-bcc1-276543a25c7d/0/F8B2DD948C881B517A20B8566758AB4ABC7B72D0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/0c70401c-7f41-4a6b-9434-cc80dca093e6/0/326130613a363034343a363066383a3a2f34362d3436203d3e20323135393233.roa
Signing time: Thu 20 Jun 2024 13:40:17 +0000
ROA not before: Thu 20 Jun 2024 13:35:17 +0000
ROA not after: Thu 19 Jun 2025 13:40:17 +0000
asID: 215923
IP address blocks: 2a0a:6044:60f8::/46 maxlen: 46
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
40:da:18:f2:4f:18:07:8a:ef:99:d6:08:2a:5b:a1:d4:58:cd:d0:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F8B2DD948C881B517A20B8566758AB4ABC7B72D0
Validity
Not Before: Jun 20 13:35:17 2024 GMT
Not After : Jun 19 13:40:17 2025 GMT
Subject: CN=A77637692457AF7D5621191777DCF20F1765DADC
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:f8:57:3b:ce:c1:e9:99:e9:5e:dc:48:24:b1:
52:74:04:d7:de:d3:02:ff:6a:b1:87:f6:99:65:0b:
d6:7a:fd:ff:10:dd:e5:61:77:d6:5f:f9:3d:77:e6:
50:f3:bb:58:3c:d2:a9:8a:f5:95:49:9b:b6:56:03:
d7:fb:a2:51:b9:f5:1d:e0:b6:9e:d6:c8:de:14:79:
dc:d6:e5:fa:0f:9d:53:87:3b:33:df:9f:19:b0:e5:
22:ac:ab:05:a3:77:34:22:3e:3e:40:24:1e:cc:8f:
6e:60:9b:f6:20:30:24:41:92:ee:c6:74:05:c2:34:
30:cb:a5:2c:00:8d:34:ce:74:46:df:1e:3b:80:83:
da:52:bc:ad:b4:ec:75:e3:dd:58:13:7d:02:c1:aa:
db:40:4d:f3:74:ac:67:a7:34:c9:2c:ae:ee:69:6a:
5e:cd:64:47:5a:36:b0:39:c1:b2:d2:63:7f:ba:72:
cf:ee:a6:95:8f:8b:8d:e5:58:75:a6:ad:1b:c8:66:
c4:bf:ed:f5:62:c3:3e:6e:84:f4:c8:60:13:3e:bc:
17:05:48:52:df:37:ba:18:e7:c1:8c:70:10:3a:c5:
8d:af:e1:41:b8:65:71:c0:d9:c8:44:34:eb:cb:63:
07:99:4a:75:67:eb:73:01:20:77:1e:68:2a:b4:65:
21:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:76:37:69:24:57:AF:7D:56:21:19:17:77:DC:F2:0F:17:65:DA:DC
X509v3 Authority Key Identifier:
keyid:F8:B2:DD:94:8C:88:1B:51:7A:20:B8:56:67:58:AB:4A:BC:7B:72:D0
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/0c70401c-7f41-4a6b-9434-cc80dca093e6/0/F8B2DD948C881B517A20B8566758AB4ABC7B72D0.crl
Authority Information Access:
CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/3253d973-d5bf-4541-bcc1-276543a25c7d/0/F8B2DD948C881B517A20B8566758AB4ABC7B72D0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/0c70401c-7f41-4a6b-9434-cc80dca093e6/0/326130613a363034343a363066383a3a2f34362d3436203d3e20323135393233.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0a:6044:60f8::/46
Signature Algorithm: sha256WithRSAEncryption
36:88:79:69:75:f2:9d:a8:45:68:7f:e2:b1:1f:5d:bf:ba:4e:
f6:a8:3c:3d:75:fa:18:2f:55:e3:be:fd:c1:e5:d5:4c:99:aa:
51:46:f7:61:51:d1:7b:2e:d8:7d:8d:14:fc:fa:5a:58:d8:31:
51:99:fc:33:56:ba:24:be:0b:f6:9a:87:0c:a5:d3:21:c3:b8:
b3:ee:21:b0:43:0d:d7:52:ad:89:66:93:f9:15:ac:af:5f:a6:
04:1f:1f:25:33:69:9c:2b:80:16:ea:32:a7:dc:2a:0d:66:e6:
56:7a:08:10:4d:bc:cb:14:e1:e9:a7:4a:85:de:6e:fb:9a:79:
39:c3:1c:5d:3b:26:23:e3:44:59:58:b3:57:17:4a:1f:d7:54:
4a:b1:fe:30:83:ca:19:9b:9c:b1:82:58:c6:43:7d:d5:7b:9d:
37:66:99:b6:39:f1:bb:aa:85:26:d3:4c:9d:5f:2d:16:cb:90:
8a:5d:fa:74:47:c5:b9:4b:a1:b3:69:ec:15:69:a8:b1:ce:90:
c2:0b:8c:5f:48:e5:08:ab:1c:ab:c5:41:a7:40:d9:8e:0b:3d:
4d:a0:44:a9:f6:a8:f1:2b:b3:b6:7a:56:6c:6a:58:37:27:23:
a9:7f:04:83:0a:74:c6:df:67:9a:e9:0e:99:9f:d9:dd:69:11:
ce:bb:84:9e
-----BEGIN CERTIFICATE-----
MIIFezCCBGOgAwIBAgIUQNoY8k8YB4rvmdYIKluh1FjN0GowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRjhCMkREOTQ4Qzg4MUI1MTdBMjBCODU2Njc1OEFCNEFC
QzdCNzJEMDAeFw0yNDA2MjAxMzM1MTdaFw0yNTA2MTkxMzQwMTdaMDMxMTAvBgNV
BAMTKEE3NzYzNzY5MjQ1N0FGN0Q1NjIxMTkxNzc3RENGMjBGMTc2NURBREMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCz+Fc7zsHpmele3EgksVJ0BNfe
0wL/arGH9pllC9Z6/f8Q3eVhd9Zf+T135lDzu1g80qmK9ZVJm7ZWA9f7olG59R3g
tp7WyN4UedzW5foPnVOHOzPfnxmw5SKsqwWjdzQiPj5AJB7Mj25gm/YgMCRBku7G
dAXCNDDLpSwAjTTOdEbfHjuAg9pSvK207HXj3VgTfQLBqttATfN0rGenNMksru5p
al7NZEdaNrA5wbLSY3+6cs/uppWPi43lWHWmrRvIZsS/7fViwz5uhPTIYBM+vBcF
SFLfN7oY58GMcBA6xY2v4UG4ZXHA2chENOvLYweZSnVn63MBIHceaCq0ZSFbAgMB
AAGjggKFMIICgTAdBgNVHQ4EFgQUp3Y3aSRXr31WIRkXd9zyDxdl2twwHwYDVR0j
BBgwFoAU+LLdlIyIG1F6ILhWZ1irSrx7ctAwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMGM3MDQwMWMtN2Y0MS00YTZiLTk0MzQtY2M4MGRjYTA5
M2U2LzAvRjhCMkREOTQ4Qzg4MUI1MTdBMjBCODU2Njc1OEFCNEFCQzdCNzJEMC5j
cmwwgZ4GCCsGAQUFBwEBBIGRMIGOMIGLBggrBgEFBQcwAoZ/cnN5bmM6Ly9yc3lu
Yy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS8zMjUzZDk3My1kNWJmLTQ1
NDEtYmNjMS0yNzY1NDNhMjVjN2QvMC9GOEIyREQ5NDhDODgxQjUxN0EyMEI4NTY2
NzU4QUI0QUJDN0I3MkQwLmNlcjCBtwYIKwYBBQUHAQsEgaowgacwgaQGCCsGAQUF
BzALhoGXcnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS8wYzcwNDAxYy03ZjQxLTRhNmItOTQzNC1jYzgwZGNhMDkzZTYvMC8zMjYxMzA2
MTNhMzYzMDM0MzQzYTM2MzA2NjM4M2EzYTJmMzQzNjJkMzQzNjIwM2QzZTIwMzIz
MTM1MzkzMjMzLnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUF
BwEHAQH/BBMwETAPBAIAAjAJAwcCKgpgRGD4MA0GCSqGSIb3DQEBCwUAA4IBAQA2
iHlpdfKdqEVof+KxH12/uk72qDw9dfoYL1Xjvv3B5dVMmapRRvdhUdF7Lth9jRT8
+lpY2DFRmfwzVrokvgv2mocMpdMhw7iz7iGwQw3XUq2JZpP5FayvX6YEHx8lM2mc
K4AW6jKn3CoNZuZWeggQTbzLFOHpp0qF3m77mnk5wxxdOyYj40RZWLNXF0of11RK
sf4wg8oZm5yxgljGQ33Ve503Zpm2OfG7qoUm00ydXy0Wy5CKXfp0R8W5S6GzaewV
aaixzpDCC4xfSOUIqxyrxUGnQNmOCz1NoESp9qjxK7O2elZsalg3JyOpfwSDCnTG
32ea6Q6Zn9ndaRHOu4Se
-----END CERTIFICATE-----
Generated at Tue Aug 13 11:36:48 2024 by rpki-client on console-ams.rpki-client.org