Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/546ade-daa1-49f1-8bbe-b9eb871f6d96/1/vNKWyi5AuOo5an_LEzcjsg4-xGg.roa
File: vNKWyi5AuOo5an_LEzcjsg4-xGg.roa (raw, json)
Hash identifier: jHXja4R5Ak8yAXkPETh+i28lQW/RCglZYRFUtwCD54k=
Subject key identifier: BC:D2:96:CA:2E:40:B8:EA:39:6A:7F:CB:13:37:23:B2:0E:3E:C4:68
Certificate issuer: /CN=64ded85d9a05b1df689a8b6c313f8128c7a00b67
Certificate serial: 01856F392497483D2A504ECC0927CC7AF650
Authority key identifier: 64:DE:D8:5D:9A:05:B1:DF:68:9A:8B:6C:31:3F:81:28:C7:A0:0B:67
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZN7YXZoFsd9omotsMT-BKMegC2c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/546ade-daa1-49f1-8bbe-b9eb871f6d96/1/vNKWyi5AuOo5an_LEzcjsg4-xGg.roa
Signing time: Sun 01 Jan 2023 21:24:53 +0000
ROA not before: Sun 01 Jan 2023 21:24:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42910
IP address blocks: 46.28.232.0/21 maxlen: 21
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:39:24:97:48:3d:2a:50:4e:cc:09:27:cc:7a:f6:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=64ded85d9a05b1df689a8b6c313f8128c7a00b67
Validity
Not Before: Jan 1 21:24:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bcd296ca2e40b8ea396a7fcb133723b20e3ec468
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:bc:29:9d:a1:29:c2:a5:ee:ce:6e:90:b1:5d:
2b:a5:2a:c7:46:d5:ab:a5:4d:ec:18:3c:20:cc:50:
7e:e3:e5:39:52:1c:70:5f:60:7b:17:05:36:80:54:
75:5f:12:aa:25:c2:2d:98:49:3d:70:5f:79:54:5c:
6e:73:8a:65:e6:b5:63:7c:ca:4c:8c:be:b8:f4:88:
80:ad:88:0a:e4:91:9b:46:a0:54:7a:f5:c1:48:65:
91:37:38:57:28:ea:5b:63:a9:be:a9:ff:dd:bb:68:
d4:94:e2:19:58:5a:16:54:aa:06:01:c7:31:10:c3:
96:8c:29:eb:1e:99:b9:1f:b2:50:d8:50:5a:5c:3a:
7a:51:cb:56:3b:49:3a:d8:7b:da:ee:12:76:9e:b5:
9f:17:2d:a5:cf:e4:1f:4e:e1:45:91:ce:65:1a:d8:
bf:e0:e3:5c:fc:33:92:0a:e0:d1:76:10:25:39:a9:
d5:57:58:5f:5f:b9:24:48:fe:55:e2:da:25:11:e7:
47:fa:ab:97:c8:fd:ba:f5:e6:9e:2d:61:09:62:01:
4b:2a:a3:09:3f:6c:09:c7:62:ba:50:48:67:71:af:
09:ca:a2:a9:85:ed:89:5b:e2:1d:35:6a:fd:52:d3:
e6:68:73:1e:98:ba:f2:69:b5:03:99:4e:f1:ab:f1:
ce:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:D2:96:CA:2E:40:B8:EA:39:6A:7F:CB:13:37:23:B2:0E:3E:C4:68
X509v3 Authority Key Identifier:
keyid:64:DE:D8:5D:9A:05:B1:DF:68:9A:8B:6C:31:3F:81:28:C7:A0:0B:67
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZN7YXZoFsd9omotsMT-BKMegC2c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/546ade-daa1-49f1-8bbe-b9eb871f6d96/1/vNKWyi5AuOo5an_LEzcjsg4-xGg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/546ade-daa1-49f1-8bbe-b9eb871f6d96/1/ZN7YXZoFsd9omotsMT-BKMegC2c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.28.232.0/21
Signature Algorithm: sha256WithRSAEncryption
7c:2f:87:24:a3:bb:35:99:6e:f5:ed:1a:3a:2e:25:3f:22:1c:
0d:48:ad:71:b2:9e:a7:f1:41:c2:48:38:92:1b:6c:b6:3b:13:
5b:6e:5b:21:9a:ca:d1:14:7f:2a:b2:f7:a0:a6:f7:d3:82:3a:
ff:a7:cc:bc:60:9f:53:10:47:3e:fe:7e:6d:91:18:df:1b:01:
8a:cf:ec:8d:77:2a:14:f1:d2:ba:c5:c0:7c:d0:1c:70:d9:8b:
83:29:ae:58:ff:a4:13:ab:b7:58:72:64:10:74:a9:94:0a:2d:
4e:11:54:d2:fe:48:5b:65:db:dc:86:5d:d4:37:d5:1c:25:24:
78:bd:ed:ae:90:55:f7:d8:37:0b:3f:bf:08:a2:b5:74:8f:f8:
02:c1:77:a4:10:cd:a2:7d:f9:54:15:30:a5:65:f4:5b:3d:77:
ae:e5:be:73:fa:90:da:dd:6e:76:98:88:79:4f:fc:45:03:76:
26:c5:c0:21:c4:5c:3f:df:fb:a0:cb:8e:10:ad:61:28:dc:d0:
09:3c:02:7b:1b:04:85:d5:b5:24:4f:f3:3f:cb:b1:60:7a:50:
9a:d5:2b:7b:27:a4:dc:e4:bf:8d:b4:a0:2b:14:df:7b:2d:53:
fe:48:4a:bc:ea:ae:44:86:66:1c:16:7d:f2:53:c7:13:be:d3:
c6:81:ff:e8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvOSSXSD0qUE7MCSfMevZQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY0ZGVkODVkOWEwNWIxZGY2ODlhOGI2YzMxM2Y4MTI4Yzdh
MDBiNjcwHhcNMjMwMTAxMjEyNDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiY2QyOTZjYTJlNDBiOGVhMzk2YTdmY2IxMzM3MjNiMjBlM2VjNDY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtrwpnaEpwqXuzm6QsV0rpSrHRtWr
pU3sGDwgzFB+4+U5UhxwX2B7FwU2gFR1XxKqJcItmEk9cF95VFxuc4pl5rVjfMpM
jL649IiArYgK5JGbRqBUevXBSGWRNzhXKOpbY6m+qf/du2jUlOIZWFoWVKoGAccx
EMOWjCnrHpm5H7JQ2FBaXDp6UctWO0k62Hva7hJ2nrWfFy2lz+QfTuFFkc5lGti/
4ONc/DOSCuDRdhAlOanVV1hfX7kkSP5V4tolEedH+quXyP269eaeLWEJYgFLKqMJ
P2wJx2K6UEhnca8JyqKphe2JW+IdNWr9UtPmaHMemLryabUDmU7xq/HOcwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLzSlsouQLjqOWp/yxM3I7IOPsRoMB8GA1UdIwQY
MBaAFGTe2F2aBbHfaJqLbDE/gSjHoAtnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWk43WVhab0ZzZDlvbW90c01ULUJLTWVnQzJjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny81NDZhZGUtZGFhMS00OWYxLThiYmUt
YjllYjg3MWY2ZDk2LzEvdk5LV3lpNUF1T281YW5fTEV6Y2pzZzQteEdnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny81NDZhZGUtZGFhMS00OWYxLThiYmUtYjllYjg3MWY2ZDk2
LzEvWk43WVhab0ZzZDlvbW90c01ULUJLTWVnQzJjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDLhzoMA0G
CSqGSIb3DQEBCwUAA4IBAQB8L4cko7s1mW717Ro6LiU/IhwNSK1xsp6n8UHCSDiS
G2y2OxNbblshmsrRFH8qsvegpvfTgjr/p8y8YJ9TEEc+/n5tkRjfGwGKz+yNdyoU
8dK6xcB80Bxw2YuDKa5Y/6QTq7dYcmQQdKmUCi1OEVTS/khbZdvchl3UN9UcJSR4
ve2ukFX32DcLP78IorV0j/gCwXekEM2ifflUFTClZfRbPXeu5b5z+pDa3W52mIh5
T/xFA3YmxcAhxFw/3/ugy44QrWEo3NAJPAJ7GwSF1bUkT/M/y7FgelCa1St7J6Tc
5L+NtKArFN97LVP+SEq86q5EhmYcFn3yU8cTvtPGgf/o
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:10:40 2024 by rpki-client on console-ams.rpki-client.org