Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5d/59294c-0f24-40c5-b5c3-6eac62e60df7/1/1-F4UyzGX1WBPDm9Gxzm47e1_-Ck.roa
File: 1-F4UyzGX1WBPDm9Gxzm47e1_-Ck.roa (raw, json)
Hash identifier: WGOLBWTFD0uJUF0VWRC6fJZ8ZGS86ieq3Dy3yEWp5jE=
Subject key identifier: F8:5E:14:CB:31:97:D5:60:4F:0E:6F:46:C7:39:B8:ED:ED:7F:F8:29
Certificate issuer: /CN=21021b252222997bfe33b7e4b315ac8d5e067954
Certificate serial: 03B99E17
Authority key identifier: 21:02:1B:25:22:22:99:7B:FE:33:B7:E4:B3:15:AC:8D:5E:06:79:54
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IQIbJSIimXv-M7fksxWsjV4GeVQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5d/59294c-0f24-40c5-b5c3-6eac62e60df7/1/1-F4UyzGX1WBPDm9Gxzm47e1_-Ck.roa
Signing time: Sat 01 Jan 2022 14:08:25 +0000
ROA not before: Sat 01 Jan 2022 14:08:25 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 174
IP address blocks: 2a07:4a80::/29 maxlen: 29
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 62496279 (0x3b99e17)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=21021b252222997bfe33b7e4b315ac8d5e067954
Validity
Not Before: Jan 1 14:08:25 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f85e14cb3197d5604f0e6f46c739b8eded7ff829
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:29:c5:c2:c2:af:77:4a:0d:64:17:c6:4f:e5:
01:36:49:28:75:4d:8c:dd:5a:d3:8a:a6:49:b5:58:
01:f3:29:8f:9d:58:2c:7e:f3:bc:96:fa:ac:c3:81:
df:4e:8a:76:7c:85:40:5f:36:b2:91:94:a8:77:2c:
a1:70:bf:87:1d:27:18:b8:51:9f:cb:4f:b3:07:c8:
3a:f9:8e:e0:72:28:19:b7:af:bc:30:d9:70:2a:3b:
ce:30:ba:c9:7a:61:b1:08:b1:93:c1:f4:12:c1:98:
02:f3:e4:cf:25:9a:0c:7c:55:c3:3d:ec:b2:28:86:
1f:5f:4d:82:3e:82:34:b9:92:44:0f:92:fc:e1:15:
d3:e8:d0:f2:46:ec:c8:09:da:8b:e3:c8:0f:a3:fe:
c8:36:e4:ba:b6:dd:3d:71:c7:e4:da:0c:b4:35:14:
4e:be:15:80:c1:b9:e1:a1:7a:c7:a3:6c:1a:26:00:
4b:47:b6:3c:f7:89:45:31:ad:fe:16:cf:00:be:1b:
21:3a:0a:c2:12:0a:24:ad:7e:00:e1:cd:97:85:94:
59:47:57:0f:dd:46:e2:71:44:b6:19:10:94:d9:6b:
21:9f:a0:67:11:6d:c0:df:78:6c:9e:13:20:52:df:
ad:b6:18:20:82:cb:ed:f3:18:41:9f:c4:13:f9:91:
f5:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:5E:14:CB:31:97:D5:60:4F:0E:6F:46:C7:39:B8:ED:ED:7F:F8:29
X509v3 Authority Key Identifier:
keyid:21:02:1B:25:22:22:99:7B:FE:33:B7:E4:B3:15:AC:8D:5E:06:79:54
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IQIbJSIimXv-M7fksxWsjV4GeVQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/59294c-0f24-40c5-b5c3-6eac62e60df7/1/1-F4UyzGX1WBPDm9Gxzm47e1_-Ck.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/59294c-0f24-40c5-b5c3-6eac62e60df7/1/IQIbJSIimXv-M7fksxWsjV4GeVQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a07:4a80::/29
Signature Algorithm: sha256WithRSAEncryption
9d:55:0c:35:91:8d:f1:80:13:fa:56:f0:4e:b5:3c:9d:d2:a5:
62:2b:8f:66:50:0f:d2:a4:d1:af:c6:39:00:ca:2c:2f:4e:87:
72:ac:19:38:c5:46:48:41:aa:5d:3c:04:1f:a5:c9:a7:59:ae:
e2:fa:f5:e3:ce:24:22:01:48:10:8d:33:dc:c7:83:69:b6:fe:
4e:13:6f:9f:67:38:96:45:ad:ed:37:9a:82:79:fc:d3:20:d5:
f1:62:de:c4:21:40:5e:75:6c:3c:f5:37:11:f3:a3:a3:ae:61:
6f:d4:e0:2c:6f:9c:5f:9e:b3:83:89:67:70:d0:a6:26:00:98:
ad:0a:34:af:7b:1d:ea:ad:f9:74:c5:18:63:cd:51:aa:00:9a:
24:26:54:b2:0a:15:87:ec:27:b5:64:0f:79:59:83:dc:3d:cd:
30:40:41:2a:8b:1a:c9:82:59:98:d4:65:69:a1:0b:7d:03:cf:
60:e7:8e:35:e1:cb:53:ec:59:f3:47:50:36:74:1c:44:7b:0f:
d1:a6:36:28:e3:34:6d:da:5e:2a:54:5d:75:c9:c1:74:88:c0:
80:da:cd:9e:d1:9b:1b:a7:b3:e2:5d:0f:d0:9e:87:7b:59:d9:
d3:7f:4a:f5:2b:fe:0e:6f:ee:37:db:8d:00:fc:bc:fc:04:12:
93:60:43:a9
-----BEGIN CERTIFICATE-----
MIIE8TCCA9mgAwIBAgIEA7meFzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
MTAyMWIyNTIyMjI5OTdiZmUzM2I3ZTRiMzE1YWM4ZDVlMDY3OTU0MB4XDTIyMDEw
MTE0MDgyNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZjg1ZTE0Y2IzMTk3
ZDU2MDRmMGU2ZjQ2YzczOWI4ZWRlZDdmZjgyOTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMwpxcLCr3dKDWQXxk/lATZJKHVNjN1a04qmSbVYAfMpj51Y
LH7zvJb6rMOB306KdnyFQF82spGUqHcsoXC/hx0nGLhRn8tPswfIOvmO4HIoGbev
vDDZcCo7zjC6yXphsQixk8H0EsGYAvPkzyWaDHxVwz3ssiiGH19Ngj6CNLmSRA+S
/OEV0+jQ8kbsyAnai+PID6P+yDbkurbdPXHH5NoMtDUUTr4VgMG54aF6x6NsGiYA
S0e2PPeJRTGt/hbPAL4bIToKwhIKJK1+AOHNl4WUWUdXD91G4nFEthkQlNlrIZ+g
ZxFtwN94bJ4TIFLfrbYYIILL7fMYQZ/EE/mR9dkCAwEAAaOCAgswggIHMB0GA1Ud
DgQWBBT4XhTLMZfVYE8Ob0bHObjt7X/4KTAfBgNVHSMEGDAWgBQhAhslIiKZe/4z
t+SzFayNXgZ5VDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0lRSWJKU0lpbVh2LU03ZmtzeFdzalY0R2VWUS5jZXIwgY4GCCsGAQUFBwELBIGB
MH8wfQYIKwYBBQUHMAuGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNWQvNTkyOTRjLTBmMjQtNDBjNS1iNWMzLTZlYWM2MmU2MGRmNy8x
LzEtRjRVeXpHWDFXQlBEbTlHeHptNDdlMV8tQ2sucm9hMIGBBgNVHR8EejB4MHag
dKByhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzVk
LzU5Mjk0Yy0wZjI0LTQwYzUtYjVjMy02ZWFjNjJlNjBkZjcvMS9JUUliSlNJaW1Y
di1NN2Zrc3hXc2pWNEdlVlEuY3JsMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIw
IAYIKwYBBQUHAQcBAf8EETAPMA0EAgACMAcDBQMqB0qAMA0GCSqGSIb3DQEBCwUA
A4IBAQCdVQw1kY3xgBP6VvBOtTyd0qViK49mUA/SpNGvxjkAyiwvTodyrBk4xUZI
QapdPAQfpcmnWa7i+vXjziQiAUgQjTPcx4Nptv5OE2+fZziWRa3tN5qCefzTINXx
Yt7EIUBedWw89TcR86OjrmFv1OAsb5xfnrODiWdw0KYmAJitCjSvex3qrfl0xRhj
zVGqAJokJlSyChWH7Ce1ZA95WYPcPc0wQEEqixrJglmY1GVpoQt9A89g54414ctT
7FnzR1A2dBxEew/RpjYo4zRt2l4qVF11ycF0iMCA2s2e0Zsbp7PiXQ/Qnod7WdnT
f0r1K/4Ob+43240A/Lz8BBKTYEOp
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:41:03 2023 by rpki-client on console.sobornost.net