Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/0d8c8f-ff2c-4da8-b443-3040bed3cccd/1/fEqvFtzUwI2y0rZNnxGgWJWTRQw.roa
File: fEqvFtzUwI2y0rZNnxGgWJWTRQw.roa (raw, json)
Hash identifier: Zh9g40RaRNWAIBIOldyNjfszROCuYD+bO+a+cvzZ3bY=
Subject key identifier: 7C:4A:AF:16:DC:D4:C0:8D:B2:D2:B6:4D:9F:11:A0:58:95:93:45:0C
Certificate issuer: /CN=2b145a8bdf2bca150f25ed54a277b8f653efdb3e
Certificate serial: 018A8E4D119D2B319762E013DCAA410585C2
Authority key identifier: 2B:14:5A:8B:DF:2B:CA:15:0F:25:ED:54:A2:77:B8:F6:53:EF:DB:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KxRai98ryhUPJe1Uone49lPv2z4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/21/0d8c8f-ff2c-4da8-b443-3040bed3cccd/1/fEqvFtzUwI2y0rZNnxGgWJWTRQw.roa
Signing time: Wed 13 Sep 2023 11:28:50 +0000
ROA not before: Wed 13 Sep 2023 11:28:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212144
IP address blocks: 2a05:9a40::/29 maxlen: 30
2a05:9a40::/30 maxlen: 30
2a10:3c80::/29 maxlen: 29
2a05:9a44::/30 maxlen: 30
2a10:b40::/29 maxlen: 29
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:8e:4d:11:9d:2b:31:97:62:e0:13:dc:aa:41:05:85:c2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2b145a8bdf2bca150f25ed54a277b8f653efdb3e
Validity
Not Before: Sep 13 11:28:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7c4aaf16dcd4c08db2d2b64d9f11a0589593450c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:c6:07:65:b8:42:b8:6c:bc:6d:ef:5f:83:00:
71:d6:62:f3:d1:05:bc:dd:28:df:4a:66:b2:14:40:
73:98:5c:f1:fe:dd:08:62:78:aa:80:05:62:84:e7:
30:06:0d:25:5a:a0:bf:da:c9:3d:94:da:56:11:e8:
cf:8b:30:a8:c7:77:b1:d9:c6:7a:ba:e3:95:f5:bf:
90:2e:32:27:09:58:ac:ed:a8:d1:46:b6:26:64:4a:
de:b8:4b:8d:16:0c:08:52:f6:ab:05:ed:8f:d0:81:
dc:25:35:0e:9a:28:17:c9:2f:b0:20:bf:ca:ce:54:
99:f6:66:17:76:1a:c0:a1:88:1c:47:57:88:c4:50:
a7:92:31:55:65:1e:c6:c0:ee:17:27:1f:ff:c5:c3:
41:69:8e:e5:79:86:9a:26:bb:b5:0c:53:a7:d8:ec:
27:bd:5d:51:32:c6:09:a3:10:85:ff:c0:8b:7c:f4:
da:e5:1e:0a:6d:0e:50:cb:14:6c:57:50:2a:07:a8:
b3:c5:af:02:62:6a:eb:a8:e6:3d:0e:03:7d:cd:73:
82:64:85:dc:e8:5d:21:80:c5:3d:96:bd:e2:14:8c:
00:3b:60:6a:f4:69:fe:b8:75:21:16:9a:ca:82:f2:
6e:68:bd:a0:81:91:d4:75:c1:ba:35:91:f2:72:14:
bb:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:4A:AF:16:DC:D4:C0:8D:B2:D2:B6:4D:9F:11:A0:58:95:93:45:0C
X509v3 Authority Key Identifier:
keyid:2B:14:5A:8B:DF:2B:CA:15:0F:25:ED:54:A2:77:B8:F6:53:EF:DB:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KxRai98ryhUPJe1Uone49lPv2z4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/0d8c8f-ff2c-4da8-b443-3040bed3cccd/1/fEqvFtzUwI2y0rZNnxGgWJWTRQw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/21/0d8c8f-ff2c-4da8-b443-3040bed3cccd/1/KxRai98ryhUPJe1Uone49lPv2z4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:9a40::/29
2a10:b40::/29
2a10:3c80::/29
Signature Algorithm: sha256WithRSAEncryption
03:aa:23:b8:c9:42:13:06:57:f6:0a:43:76:e7:05:5f:23:1b:
15:52:b8:e0:e9:89:c4:a3:22:42:08:cc:e4:e7:bc:dc:51:96:
db:68:e9:10:f0:40:68:52:66:e7:d0:5f:24:ac:95:1c:a6:95:
c8:2e:56:fd:61:b4:3a:b0:d1:fd:73:f1:27:eb:d9:0f:5d:50:
2b:3c:cd:46:1b:b8:13:0e:12:83:0d:8c:61:cf:40:38:9c:42:
c7:45:97:9b:97:b3:49:eb:0f:8e:39:7d:5c:8f:30:4f:3c:cd:
5e:35:09:54:8d:9a:0e:26:08:f8:23:88:13:81:ff:83:50:6c:
bc:c1:93:10:a9:e7:97:18:28:d1:be:a6:15:1f:3d:11:af:22:
84:72:e6:8a:c2:cf:f7:71:00:00:3e:fa:94:04:2e:db:64:d7:
dd:18:1f:29:ae:fa:ca:86:f6:2b:b4:2b:82:d2:f9:a6:e2:52:
4d:a0:cb:67:55:cf:c7:c2:cd:f3:52:00:b3:05:e1:62:ec:a3:
12:fb:81:99:ae:df:9c:ed:b7:44:26:3f:5b:e8:21:aa:78:bb:
50:00:70:59:71:4c:3e:8e:a9:44:5f:67:d7:ef:b8:4a:2f:53:
f7:64:07:78:2d:c6:ef:8c:1c:35:b2:1d:da:94:77:b9:9d:1a:
48:fc:36:dd
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYqOTRGdKzGXYuAT3KpBBYXCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJiMTQ1YThiZGYyYmNhMTUwZjI1ZWQ1NGEyNzdiOGY2NTNl
ZmRiM2UwHhcNMjMwOTEzMTEyODUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YzRhYWYxNmRjZDRjMDhkYjJkMmI2NGQ5ZjExYTA1ODk1OTM0NTBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg8YHZbhCuGy8be9fgwBx1mLz0QW8
3SjfSmayFEBzmFzx/t0IYniqgAVihOcwBg0lWqC/2sk9lNpWEejPizCox3ex2cZ6
uuOV9b+QLjInCVis7ajRRrYmZEreuEuNFgwIUvarBe2P0IHcJTUOmigXyS+wIL/K
zlSZ9mYXdhrAoYgcR1eIxFCnkjFVZR7GwO4XJx//xcNBaY7leYaaJru1DFOn2Own
vV1RMsYJoxCF/8CLfPTa5R4KbQ5QyxRsV1AqB6izxa8CYmrrqOY9DgN9zXOCZIXc
6F0hgMU9lr3iFIwAO2Bq9Gn+uHUhFprKgvJuaL2ggZHUdcG6NZHychS70QIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFHxKrxbc1MCNstK2TZ8RoFiVk0UMMB8GA1UdIwQY
MBaAFCsUWovfK8oVDyXtVKJ3uPZT79s+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3hSYWk5OHJ5aFVQSmUxVW9uZTQ5bFB2Mno0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS8wZDhjOGYtZmYyYy00ZGE4LWI0NDMt
MzA0MGJlZDNjY2NkLzEvZkVxdkZ0elV3STJ5MHJaTm54R2dXSldUUlF3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS8wZDhjOGYtZmYyYy00ZGE4LWI0NDMtMzA0MGJlZDNjY2Nk
LzEvS3hSYWk5OHJ5aFVQSmUxVW9uZTQ5bFB2Mno0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAbBAIAAjAVAwUDKgWaQAMF
AyoQC0ADBQMqEDyAMA0GCSqGSIb3DQEBCwUAA4IBAQADqiO4yUITBlf2CkN25wVf
IxsVUrjg6YnEoyJCCMzk57zcUZbbaOkQ8EBoUmbn0F8krJUcppXILlb9YbQ6sNH9
c/En69kPXVArPM1GG7gTDhKDDYxhz0A4nELHRZebl7NJ6w+OOX1cjzBPPM1eNQlU
jZoOJgj4I4gTgf+DUGy8wZMQqeeXGCjRvqYVHz0RryKEcuaKws/3cQAAPvqUBC7b
ZNfdGB8prvrKhvYrtCuC0vmm4lJNoMtnVc/Hws3zUgCzBeFi7KMS+4GZrt+c7bdE
Jj9b6CGqeLtQAHBZcUw+jqlEX2fX77hKL1P3ZAd4LcbvjBw1sh3alHe5nRpI/Dbd
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:40:34 2023 by rpki-client on console.sobornost.net