Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/dffa9b-1d69-4869-9dc4-867d1d877140/1/I9GvH911tURuVXC1lrRh4ZQWDws.roa
File: I9GvH911tURuVXC1lrRh4ZQWDws.roa (raw, json)
Hash identifier: 0lInerxywMT0ry4tS/Y0/nF7aX9MhFAAiNylLyrV/9I=
Subject key identifier: 23:D1:AF:1F:DD:75:B5:44:6E:55:70:B5:96:B4:61:E1:94:16:0F:0B
Certificate issuer: /CN=a0a8631e6e5a7ac66da4fb160fd5b4fca9378805
Certificate serial: 018275225FC20C53B3E02F3529E99BEB3A32
Authority key identifier: A0:A8:63:1E:6E:5A:7A:C6:6D:A4:FB:16:0F:D5:B4:FC:A9:37:88:05
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oKhjHm5aesZtpPsWD9W0_Kk3iAU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/dffa9b-1d69-4869-9dc4-867d1d877140/1/I9GvH911tURuVXC1lrRh4ZQWDws.roa
Signing time: Sat 06 Aug 2022 21:49:23 +0000
ROA not before: Sat 06 Aug 2022 21:49:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 60198
IP address blocks: 46.17.216.0/21 maxlen: 21
46.17.217.0/24 maxlen: 24
46.17.216.0/23 maxlen: 23
46.17.216.0/24 maxlen: 24
46.17.218.0/24 maxlen: 24
46.17.219.0/24 maxlen: 24
46.17.220.0/24 maxlen: 24
2a02:4f61::/32 maxlen: 32
2a02:4f64::/32 maxlen: 32
2a02:4f65::/32 maxlen: 32
2a02:4f62::/32 maxlen: 32
2a02:4f63::/32 maxlen: 32
2a02:4f67::/32 maxlen: 32
2a02:4f60::/32 maxlen: 32
2a02:4f66::/32 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:75:22:5f:c2:0c:53:b3:e0:2f:35:29:e9:9b:eb:3a:32
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a0a8631e6e5a7ac66da4fb160fd5b4fca9378805
Validity
Not Before: Aug 6 21:49:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=23d1af1fdd75b5446e5570b596b461e194160f0b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:bf:b8:ac:6b:fb:f3:a0:6e:0f:67:5d:7c:5e:
0a:d8:aa:63:9a:5e:a9:2c:3d:c4:13:04:18:55:1e:
61:26:de:78:ce:13:03:78:94:a9:98:86:a2:0b:63:
bb:59:a7:a7:76:ed:cb:81:8e:d2:87:33:84:c5:65:
47:5e:fc:f0:5b:36:ea:2e:27:4c:1d:ff:04:3a:0b:
be:15:78:39:69:fa:9d:1d:1d:0b:d4:b8:54:7c:b2:
46:9b:b6:10:b4:ba:31:de:21:c0:b2:0a:c4:04:6e:
b7:66:e6:3c:36:57:3c:77:27:20:81:87:08:dd:6a:
cd:10:cf:e4:76:0d:c0:4f:89:34:3a:c6:05:01:2a:
d9:b2:fb:53:22:5c:12:f1:48:fd:07:30:6f:33:ae:
c7:a2:77:00:90:f1:96:90:3a:e4:cd:8b:9d:c4:95:
7e:a2:20:f1:59:57:b3:de:df:38:5a:5c:9c:73:f2:
b1:df:35:84:08:3e:1d:40:3d:c5:fa:e4:08:8b:64:
03:68:62:38:38:6b:be:1c:0e:b8:21:df:a8:e1:e1:
15:4b:33:4a:0f:d3:8d:2f:21:5a:48:95:23:ba:33:
9e:ee:af:03:6a:09:d0:19:03:9b:73:fc:fd:3a:c0:
42:ff:cc:f5:cb:93:5d:6e:1d:4f:3d:42:0d:26:c4:
d3:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:D1:AF:1F:DD:75:B5:44:6E:55:70:B5:96:B4:61:E1:94:16:0F:0B
X509v3 Authority Key Identifier:
keyid:A0:A8:63:1E:6E:5A:7A:C6:6D:A4:FB:16:0F:D5:B4:FC:A9:37:88:05
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oKhjHm5aesZtpPsWD9W0_Kk3iAU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/dffa9b-1d69-4869-9dc4-867d1d877140/1/I9GvH911tURuVXC1lrRh4ZQWDws.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/dffa9b-1d69-4869-9dc4-867d1d877140/1/oKhjHm5aesZtpPsWD9W0_Kk3iAU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.17.216.0/21
IPv6:
2a02:4f60::/29
Signature Algorithm: sha256WithRSAEncryption
70:4a:32:0e:89:a3:af:1f:04:ac:b2:b9:43:37:e3:71:e5:6b:
0f:4e:c7:d8:68:da:02:e6:75:34:a6:f0:8c:c8:d6:a4:d7:8e:
de:11:28:4f:e9:f1:c7:ae:33:76:7a:d4:01:1e:17:64:9d:41:
05:9d:dc:a1:41:cc:dd:f9:90:1d:c1:10:8a:9b:58:ee:cc:5e:
d2:9a:6f:db:ca:47:43:4c:0b:f9:05:f7:9d:5a:d0:e9:17:e1:
75:74:fe:0f:b4:35:8f:15:41:ff:12:7e:0a:9d:8e:03:43:99:
bb:f7:3c:f3:72:14:99:2b:fb:24:bd:0a:cf:e8:9b:18:3f:38:
26:fd:09:d5:08:cd:f7:58:05:81:64:76:8c:bd:a4:1b:67:52:
30:0f:f9:22:06:62:26:f5:b0:ff:54:df:ae:9c:c2:2b:b5:d8:
e8:bb:a3:70:75:13:2c:83:3d:49:bb:d1:b0:7f:3c:af:31:5d:
65:09:e0:7c:71:d9:e0:a0:90:c8:18:98:9b:9b:88:6d:10:f8:
67:1c:ac:7b:21:bb:4e:f5:51:cc:eb:f7:07:f4:d5:47:72:70:
94:92:46:f1:a3:e6:bf:16:42:e2:27:2a:c5:ba:22:73:26:e5:
61:e0:05:66:4b:12:c8:fe:a5:85:fa:f2:10:35:51:f5:c3:df:
c9:30:d5:e5
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYJ1Il/CDFOz4C81Kemb6zoyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEwYTg2MzFlNmU1YTdhYzY2ZGE0ZmIxNjBmZDViNGZjYTkz
Nzg4MDUwHhcNMjIwODA2MjE0OTIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyM2QxYWYxZmRkNzViNTQ0NmU1NTcwYjU5NmI0NjFlMTk0MTYwZjBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx7+4rGv786BuD2ddfF4K2Kpjml6p
LD3EEwQYVR5hJt54zhMDeJSpmIaiC2O7Waendu3LgY7ShzOExWVHXvzwWzbqLidM
Hf8EOgu+FXg5afqdHR0L1LhUfLJGm7YQtLox3iHAsgrEBG63ZuY8Nlc8dycggYcI
3WrNEM/kdg3AT4k0OsYFASrZsvtTIlwS8Uj9BzBvM67HoncAkPGWkDrkzYudxJV+
oiDxWVez3t84Wlycc/Kx3zWECD4dQD3F+uQIi2QDaGI4OGu+HA64Id+o4eEVSzNK
D9ONLyFaSJUjujOe7q8DagnQGQObc/z9OsBC/8z1y5Ndbh1PPUINJsTT1QIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFCPRrx/ddbVEblVwtZa0YeGUFg8LMB8GA1UdIwQY
MBaAFKCoYx5uWnrGbaT7Fg/VtPypN4gFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb0toakhtNWFlc1p0cFBzV0Q5VzBfS2szaUFVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni9kZmZhOWItMWQ2OS00ODY5LTlkYzQt
ODY3ZDFkODc3MTQwLzEvSTlHdkg5MTF0VVJ1VlhDMWxyUmg0WlFXRHdzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni9kZmZhOWItMWQ2OS00ODY5LTlkYzQtODY3ZDFkODc3MTQw
LzEvb0toakhtNWFlc1p0cFBzV0Q5VzBfS2szaUFVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQDLhHYMA0E
AgACMAcDBQMqAk9gMA0GCSqGSIb3DQEBCwUAA4IBAQBwSjIOiaOvHwSssrlDN+Nx
5WsPTsfYaNoC5nU0pvCMyNak147eEShP6fHHrjN2etQBHhdknUEFndyhQczd+ZAd
wRCKm1juzF7Smm/bykdDTAv5BfedWtDpF+F1dP4PtDWPFUH/En4KnY4DQ5m79zzz
chSZK/skvQrP6JsYPzgm/QnVCM33WAWBZHaMvaQbZ1IwD/kiBmIm9bD/VN+unMIr
tdjou6NwdRMsgz1Ju9GwfzyvMV1lCeB8cdngoJDIGJibm4htEPhnHKx7IbtO9VHM
6/cH9NVHcnCUkkbxo+a/FkLiJyrFuiJzJuVh4AVmSxLI/qWF+vIQNVH1w9/JMNXl
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:15:21 2024 by rpki-client on console-ams.rpki-client.org