Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/j9hoS7Wl60BBETmjuNf836wpfTk.roa
File: j9hoS7Wl60BBETmjuNf836wpfTk.roa (raw, json)
Hash identifier: k/dzN9Odqe93C6qSZH/vMPU20DQmy19k23V2euX2SKE=
Subject key identifier: 8F:D8:68:4B:B5:A5:EB:40:41:11:39:A3:B8:D7:FC:DF:AC:29:7D:39
Certificate issuer: /CN=ccd76159bfd9e337523ee930f3df111d6bae7306
Certificate serial: 018699C4F12327281A065331AB2762D6A176
Authority key identifier: CC:D7:61:59:BF:D9:E3:37:52:3E:E9:30:F3:DF:11:1D:6B:AE:73:06
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zNdhWb_Z4zdSPukw898RHWuucwY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/j9hoS7Wl60BBETmjuNf836wpfTk.roa
Signing time: Tue 28 Feb 2023 20:44:26 +0000
ROA not before: Tue 28 Feb 2023 20:44:26 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204339
IP address blocks: 2a06:77c7::/32 maxlen: 32
2a09:4286::/32 maxlen: 32
2a09:af86::/32 maxlen: 32
2a0e:c486::/32 maxlen: 32
2a09:4287::/32 maxlen: 32
2a09:7b86::/32 maxlen: 32
2a09:7b87::/32 maxlen: 32
2a06:77c6::/32 maxlen: 32
2a0e:c487::/32 maxlen: 32
2a09:af87::/32 maxlen: 32
2a09:9386::/32 maxlen: 32
2a09:3a86::/32 maxlen: 32
2a09:9987::/32 maxlen: 32
2a09:7886::/32 maxlen: 32
2a09:3a87::/32 maxlen: 32
2a0e:e686::/32 maxlen: 32
2a09:e706::/32 maxlen: 32
2a09:4486::/32 maxlen: 32
2a09:9387::/32 maxlen: 32
2a09:e707::/32 maxlen: 32
2a09:4487::/32 maxlen: 32
2a09:7887::/32 maxlen: 32
2a0e:e687::/32 maxlen: 32
2a09:9986::/32 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:99:c4:f1:23:27:28:1a:06:53:31:ab:27:62:d6:a1:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ccd76159bfd9e337523ee930f3df111d6bae7306
Validity
Not Before: Feb 28 20:44:26 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8fd8684bb5a5eb40411139a3b8d7fcdfac297d39
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:6f:82:75:44:9b:ba:42:1f:36:20:65:2b:3e:
7a:08:6d:09:bf:56:e5:c6:e3:e8:3d:3a:f1:e1:d4:
55:a2:90:2b:b9:6e:f8:4e:48:ac:c9:dc:0e:a6:06:
3c:67:48:93:5e:04:77:09:67:76:74:a1:13:85:05:
b1:d0:0c:66:9a:5b:86:e7:93:d4:d1:fe:bd:e5:a7:
0f:da:08:23:0a:1e:b0:70:80:57:d5:0a:9a:cd:0b:
b1:e1:73:5e:bc:be:fe:96:b5:6b:a2:bb:97:62:b7:
91:10:52:3c:55:c2:ad:fb:f4:89:61:bb:05:8c:bb:
1b:01:99:66:a7:4b:5d:a6:f8:69:b9:d6:45:f2:e7:
f3:7d:8d:cb:df:05:ed:fd:b8:13:a2:c9:66:bd:bb:
82:ca:47:cf:5d:04:48:07:81:9f:58:3e:2e:fe:4d:
42:59:36:b9:87:f4:a4:4b:f6:7a:e5:5d:11:f7:df:
c7:c4:01:c3:32:ac:c7:6a:df:3b:bf:82:71:a3:72:
e1:b3:ef:37:d4:5a:f7:85:70:18:60:c8:75:0f:28:
7a:f0:78:ba:31:04:ea:4a:e6:98:65:bd:95:c0:73:
d0:1d:51:c2:11:a6:d2:0b:51:bb:a9:2c:47:a9:30:
63:51:19:cd:29:6c:af:94:d8:05:3f:d8:a2:5e:9a:
56:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:D8:68:4B:B5:A5:EB:40:41:11:39:A3:B8:D7:FC:DF:AC:29:7D:39
X509v3 Authority Key Identifier:
keyid:CC:D7:61:59:BF:D9:E3:37:52:3E:E9:30:F3:DF:11:1D:6B:AE:73:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zNdhWb_Z4zdSPukw898RHWuucwY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/j9hoS7Wl60BBETmjuNf836wpfTk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/zNdhWb_Z4zdSPukw898RHWuucwY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:77c6::/31
2a09:3a86::/31
2a09:4286::/31
2a09:4486::/31
2a09:7886::/31
2a09:7b86::/31
2a09:9386::/31
2a09:9986::/31
2a09:af86::/31
2a09:e706::/31
2a0e:c486::/31
2a0e:e686::/31
Signature Algorithm: sha256WithRSAEncryption
9b:e1:ec:2f:31:76:ff:17:65:f9:53:80:9a:21:bb:53:17:24:
72:57:b1:fa:93:55:68:71:b5:63:50:8e:bc:1d:fb:dc:35:00:
da:89:54:69:99:1f:4a:75:3a:bb:df:d0:e2:73:f5:ce:a9:6a:
fc:82:cf:e1:e3:be:4b:c2:59:03:f3:d1:41:fd:2b:eb:34:73:
47:5d:77:42:0f:62:f0:46:28:1f:e6:93:0f:02:50:a0:6f:19:
55:b0:11:81:57:7f:89:27:3c:59:80:34:d8:4f:ca:e9:77:81:
6e:f9:5d:a9:b2:2f:ad:77:12:c6:7c:44:7f:30:cb:0d:af:ae:
cb:11:8b:28:69:46:6e:44:c6:bb:5f:64:7a:f7:fb:b5:ee:b7:
e5:11:3a:76:de:27:b8:d4:2f:91:2b:cf:fa:be:27:eb:bb:e5:
dd:a1:b5:12:68:06:a1:59:b2:a6:1b:e0:0d:a6:2d:7b:fd:97:
ca:39:76:d9:64:36:8b:2e:92:37:d2:18:bd:74:b6:84:e9:4b:
d2:02:d3:5a:09:3b:89:b0:fc:53:92:3a:05:ca:c5:6a:fd:6b:
f3:6a:c3:09:20:fc:00:11:17:e9:56:13:3d:1f:83:e0:f5:d0:
a5:f1:7b:58:70:fb:35:be:1d:3c:92:1f:db:ab:78:f7:14:b6:
27:d6:7e:57
-----BEGIN CERTIFICATE-----
MIIFSzCCBDOgAwIBAgISAYaZxPEjJygaBlMxqydi1qF2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNjZDc2MTU5YmZkOWUzMzc1MjNlZTkzMGYzZGYxMTFkNmJh
ZTczMDYwHhcNMjMwMjI4MjA0NDI2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZmQ4Njg0YmI1YTVlYjQwNDExMTM5YTNiOGQ3ZmNkZmFjMjk3ZDM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjW+CdUSbukIfNiBlKz56CG0Jv1bl
xuPoPTrx4dRVopAruW74TkisydwOpgY8Z0iTXgR3CWd2dKEThQWx0AxmmluG55PU
0f695acP2ggjCh6wcIBX1QqazQux4XNevL7+lrVroruXYreREFI8VcKt+/SJYbsF
jLsbAZlmp0tdpvhpudZF8ufzfY3L3wXt/bgToslmvbuCykfPXQRIB4GfWD4u/k1C
WTa5h/SkS/Z65V0R99/HxAHDMqzHat87v4Jxo3Lhs+831Fr3hXAYYMh1Dyh68Hi6
MQTqSuaYZb2VwHPQHVHCEabSC1G7qSxHqTBjURnNKWyvlNgFP9iiXppW0QIDAQAB
o4ICVzCCAlMwHQYDVR0OBBYEFI/YaEu1petAQRE5o7jX/N+sKX05MB8GA1UdIwQY
MBaAFMzXYVm/2eM3Uj7pMPPfER1rrnMGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvek5kaFdiX1o0emRTUHVrdzg5OFJIV3V1Y3dZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MC9mNmFkYTEtN2U4YS00YjNlLWI3ZTgt
Zjg1ODlmNjgyNjkxLzEvajlob1M3V2w2MEJCRVRtanVOZjgzNndwZlRrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MC9mNmFkYTEtN2U4YS00YjNlLWI3ZTgtZjg1ODlmNjgyNjkx
LzEvek5kaFdiX1o0emRTUHVrdzg5OFJIV3V1Y3dZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG0GCCsGAQUFBwEHAQH/BF4wXDBaBAIAAjBUAwUBKgZ3xgMF
ASoJOoYDBQEqCUKGAwUBKglEhgMFASoJeIYDBQEqCXuGAwUBKgmThgMFASoJmYYD
BQEqCa+GAwUBKgnnBgMFASoOxIYDBQEqDuaGMA0GCSqGSIb3DQEBCwUAA4IBAQCb
4ewvMXb/F2X5U4CaIbtTFyRyV7H6k1VocbVjUI68HfvcNQDaiVRpmR9KdTq739Di
c/XOqWr8gs/h475LwlkD89FB/SvrNHNHXXdCD2LwRigf5pMPAlCgbxlVsBGBV3+J
JzxZgDTYT8rpd4Fu+V2psi+tdxLGfER/MMsNr67LEYsoaUZuRMa7X2R69/u17rfl
ETp23ie41C+RK8/6vifru+XdobUSaAahWbKmG+ANpi17/ZfKOXbZZDaLLpI30hi9
dLaE6UvSAtNaCTuJsPxTkjoFysVq/WvzasMJIPwAERfpVhM9H4Pg9dCl8XtYcPs1
vh08kh/bq3j3FLYn1n5X
-----END CERTIFICATE-----
Generated at Wed Apr 30 00:13:24 2025 by rpki-client