Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/3253d973-d5bf-4541-bcc1-276543a25c7d/0/326130613a363034313a3a2f33322d3332203d3e2030.roa
File: 326130613a363034313a3a2f33322d3332203d3e2030.roa (raw, json)
Hash identifier: 2PnZgD0HkQK2oJEdYfO0W7hGqdqsxYSW7wNArVd3u4s=
Subject key identifier: D3:75:42:A9:AA:BA:23:4E:4F:A3:3D:1B:EF:0C:7F:71:E2:B5:8C:0A
Certificate issuer: /CN=57A9746FE543EB3EA0D449534244C93FC88F8503
Certificate serial: 22E049BD1FD18978B287724CBC2DA1A1E907BEEE
Authority key identifier: 57:A9:74:6F:E5:43:EB:3E:A0:D4:49:53:42:44:C9:3F:C8:8F:85:03
Authority info access: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/57A9746FE543EB3EA0D449534244C93FC88F8503.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/3253d973-d5bf-4541-bcc1-276543a25c7d/0/326130613a363034313a3a2f33322d3332203d3e2030.roa
Signing time: Mon 22 Jul 2024 09:54:34 +0000
ROA not before: Mon 22 Jul 2024 09:49:34 +0000
ROA not after: Mon 21 Jul 2025 09:54:34 +0000
asID: 0
IP address blocks: 2a0a:6041::/32 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
22:e0:49:bd:1f:d1:89:78:b2:87:72:4c:bc:2d:a1:a1:e9:07:be:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=57A9746FE543EB3EA0D449534244C93FC88F8503
Validity
Not Before: Jul 22 09:49:34 2024 GMT
Not After : Jul 21 09:54:34 2025 GMT
Subject: CN=D37542A9AABA234E4FA33D1BEF0C7F71E2B58C0A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:c6:da:57:85:0e:da:71:e7:51:88:ad:95:bb:
d5:df:88:71:44:2c:a3:69:ad:0e:db:7c:7c:c4:ef:
c0:e6:b1:85:56:54:2d:fd:5c:ca:ea:ec:c5:90:96:
54:87:81:6f:ce:ff:1c:bd:47:50:b8:c3:06:5f:de:
ae:0e:05:66:88:98:fd:b8:09:00:3b:35:03:36:42:
15:57:53:8c:65:42:ae:7c:38:43:37:16:19:ce:82:
54:12:de:dd:63:71:1a:29:cf:37:74:2b:69:9c:89:
ce:95:99:2d:e4:be:3a:e5:54:f4:0c:68:68:f5:12:
e0:e4:2d:28:0f:db:57:86:73:20:78:f0:e0:ea:40:
8b:b8:dd:7c:34:b0:e2:2c:cd:a4:98:e2:09:97:08:
2d:de:8c:7b:01:9c:df:86:fb:ad:d3:eb:c2:29:1f:
7e:26:80:e1:0f:2d:52:d3:10:12:09:0a:cf:f4:5b:
63:07:29:82:41:ee:3b:b0:e3:c2:02:57:67:ed:55:
16:df:e6:da:30:4e:f8:40:b0:19:a2:97:eb:f3:15:
f4:88:18:b1:ef:b4:b4:0c:91:91:1e:f8:a9:59:8f:
69:aa:5b:a7:e0:b1:40:16:f0:6a:f0:46:05:7d:97:
4f:6c:bf:9a:5b:60:79:d3:8b:fd:05:8e:21:f3:3d:
3e:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:75:42:A9:AA:BA:23:4E:4F:A3:3D:1B:EF:0C:7F:71:E2:B5:8C:0A
X509v3 Authority Key Identifier:
keyid:57:A9:74:6F:E5:43:EB:3E:A0:D4:49:53:42:44:C9:3F:C8:8F:85:03
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/3253d973-d5bf-4541-bcc1-276543a25c7d/0/57A9746FE543EB3EA0D449534244C93FC88F8503.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/57A9746FE543EB3EA0D449534244C93FC88F8503.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/3253d973-d5bf-4541-bcc1-276543a25c7d/0/326130613a363034313a3a2f33322d3332203d3e2030.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0a:6041::/32
Signature Algorithm: sha256WithRSAEncryption
4f:5f:f5:22:e5:8f:e8:9e:56:63:f1:75:69:e1:a1:52:a2:7a:
e0:69:47:de:1d:13:3e:40:24:cc:d3:ac:41:4d:96:bf:ba:c9:
53:5a:4f:80:85:60:30:92:5b:6b:4b:8c:76:ec:7b:ca:44:88:
09:84:68:58:49:e9:00:08:50:db:21:11:42:37:9f:3a:1c:5e:
cc:18:e4:b1:8e:91:2b:51:cf:0a:0b:49:22:78:0e:ae:de:13:
fc:5a:7f:58:12:b1:06:bd:20:36:7e:91:5d:cf:54:c9:19:00:
22:4c:0e:1f:0c:c9:b2:d3:6d:bb:a1:75:bb:a7:fd:eb:f3:03:
6d:6e:80:79:4e:0f:60:de:38:95:f8:76:bc:53:22:95:f5:42:
63:99:e6:72:52:05:9f:3e:7e:ea:1e:d0:39:47:38:94:27:cc:
31:5f:72:3b:49:a5:dd:4a:43:d7:97:21:fa:f2:22:10:ff:f4:
6d:d5:af:b5:e1:67:7b:5b:82:55:fb:06:42:a7:2f:d4:88:e7:
fd:8f:c0:84:27:ea:b5:a1:8a:1d:89:6d:0f:ce:20:eb:9c:a5:
39:75:5b:3c:3c:56:b5:fb:c0:6d:f2:82:e1:c7:94:41:79:b1:
91:8c:97:8c:35:34:5e:e4:28:e7:ae:33:68:bd:c5:7a:7a:1f:
56:0b:96:5b
-----BEGIN CERTIFICATE-----
MIIFWjCCBEKgAwIBAgIUIuBJvR/RiXiyh3JMvC2hoekHvu4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNTdBOTc0NkZFNTQzRUIzRUEwRDQ0OTUzNDI0NEM5M0ZD
ODhGODUwMzAeFw0yNDA3MjIwOTQ5MzRaFw0yNTA3MjEwOTU0MzRaMDMxMTAvBgNV
BAMTKEQzNzU0MkE5QUFCQTIzNEU0RkEzM0QxQkVGMEM3RjcxRTJCNThDMEEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCuxtpXhQ7acedRiK2Vu9XfiHFE
LKNprQ7bfHzE78DmsYVWVC39XMrq7MWQllSHgW/O/xy9R1C4wwZf3q4OBWaImP24
CQA7NQM2QhVXU4xlQq58OEM3FhnOglQS3t1jcRopzzd0K2mcic6VmS3kvjrlVPQM
aGj1EuDkLSgP21eGcyB48ODqQIu43Xw0sOIszaSY4gmXCC3ejHsBnN+G+63T68Ip
H34mgOEPLVLTEBIJCs/0W2MHKYJB7juw48ICV2ftVRbf5towTvhAsBmil+vzFfSI
GLHvtLQMkZEe+KlZj2mqW6fgsUAW8GrwRgV9l09sv5pbYHnTi/0FjiHzPT6hAgMB
AAGjggJkMIICYDAdBgNVHQ4EFgQU03VCqaq6I05Poz0b7wx/ceK1jAowHwYDVR0j
BBgwFoAUV6l0b+VD6z6g1ElTQkTJP8iPhQMwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMzI1M2Q5NzMtZDViZi00NTQxLWJjYzEtMjc2NTQzYTI1
YzdkLzAvNTdBOTc0NkZFNTQzRUIzRUEwRDQ0OTUzNDI0NEM5M0ZDODhGODUwMy5j
cmwwgZMGCCsGAQUFBwEBBIGGMIGDMIGABggrBgEFBQcwAoZ0cnN5bmM6Ly9ycGtp
LXJwcy5hcmluLm5ldC9yZXBvc2l0b3J5LzhhODQ4YWRmODUwZDA2M2UwMTg1NzU1
YzkxYmUzZjlkLzIvNTdBOTc0NkZFNTQzRUIzRUEwRDQ0OTUzNDI0NEM5M0ZDODhG
ODUwMy5jZXIwgaMGCCsGAQUFBwELBIGWMIGTMIGQBggrBgEFBQcwC4aBg3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMzI1M2Q5NzMt
ZDViZi00NTQxLWJjYzEtMjc2NTQzYTI1YzdkLzAvMzI2MTMwNjEzYTM2MzAzNDMx
M2EzYTJmMzMzMjJkMzMzMjIwM2QzZTIwMzAucm9hMBgGA1UdIAEB/wQOMAwwCgYI
KwYBBQUHDgIwIAYIKwYBBQUHAQcBAf8EETAPMA0EAgACMAcDBQAqCmBBMA0GCSqG
SIb3DQEBCwUAA4IBAQBPX/Ui5Y/onlZj8XVp4aFSonrgaUfeHRM+QCTM06xBTZa/
uslTWk+AhWAwkltrS4x27HvKRIgJhGhYSekACFDbIRFCN586HF7MGOSxjpErUc8K
C0kieA6u3hP8Wn9YErEGvSA2fpFdz1TJGQAiTA4fDMmy0227oXW7p/3r8wNtboB5
Tg9g3jiV+Ha8UyKV9UJjmeZyUgWfPn7qHtA5RziUJ8wxX3I7SaXdSkPXlyH68iIQ
//Rt1a+14Wd7W4JV+wZCpy/UiOf9j8CEJ+q1oYodiW0PziDrnKU5dVs8PFa1+8Bt
8oLhx5RBebGRjJeMNTRe5CjnrjNovcV6eh9WC5Zb
-----END CERTIFICATE-----
Generated at Thu Jul 25 05:34:00 2024 by rpki-client on console-ams.rpki-client.org