Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/dffa9b-1d69-4869-9dc4-867d1d877140/1/gaYnMm0OlerFlajBPY6nL-ZeNgg.roa
File: gaYnMm0OlerFlajBPY6nL-ZeNgg.roa (raw, json)
Hash identifier: z7LEF0P2BoRH1StBxJ64RLhcLV2Gk7hr6i/1Pf7086U=
Subject key identifier: 81:A6:27:32:6D:0E:95:EA:C5:95:A8:C1:3D:8E:A7:2F:E6:5E:36:08
Certificate issuer: /CN=a0a8631e6e5a7ac66da4fb160fd5b4fca9378805
Certificate serial: 0182B657FBF58573251C7FED8FE74482FB3B
Authority key identifier: A0:A8:63:1E:6E:5A:7A:C6:6D:A4:FB:16:0F:D5:B4:FC:A9:37:88:05
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oKhjHm5aesZtpPsWD9W0_Kk3iAU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/dffa9b-1d69-4869-9dc4-867d1d877140/1/gaYnMm0OlerFlajBPY6nL-ZeNgg.roa
Signing time: Fri 19 Aug 2022 13:43:15 +0000
ROA not before: Fri 19 Aug 2022 13:43:15 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 60198
IP address blocks: 46.17.217.0/24 maxlen: 24
46.17.216.0/23 maxlen: 23
46.17.216.0/24 maxlen: 24
46.17.218.0/24 maxlen: 24
46.17.219.0/24 maxlen: 24
46.17.220.0/24 maxlen: 24
2a02:4f61::/32 maxlen: 32
2a02:4f64::/32 maxlen: 32
2a02:4f65::/32 maxlen: 32
2a02:4f62::/32 maxlen: 32
2a02:4f63::/32 maxlen: 32
2a02:4f67::/32 maxlen: 32
2a02:4f60::/32 maxlen: 32
2a02:4f66::/32 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:b6:57:fb:f5:85:73:25:1c:7f:ed:8f:e7:44:82:fb:3b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a0a8631e6e5a7ac66da4fb160fd5b4fca9378805
Validity
Not Before: Aug 19 13:43:15 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=81a627326d0e95eac595a8c13d8ea72fe65e3608
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:5c:93:fc:75:53:ba:3c:3d:78:5a:26:4b:09:
89:23:1d:cb:c4:8e:10:36:c7:36:13:39:00:27:fa:
0e:f6:c0:23:26:bb:64:4a:ec:5e:db:1f:ba:99:8d:
61:81:79:46:64:e7:6e:b3:4d:04:18:97:18:f2:cd:
6f:84:a4:57:4c:ff:41:d7:6a:d5:6d:19:7c:ae:45:
95:ac:88:72:0a:db:11:66:dd:9f:06:2e:c2:19:a6:
0b:bd:ee:85:1b:fd:09:4d:43:27:0c:6a:02:2b:d5:
c8:c5:b1:79:42:c8:50:af:d4:c2:56:cc:62:57:20:
70:9c:a7:c3:73:14:8b:48:98:db:5e:d5:5f:aa:3e:
23:c0:cc:46:67:0e:83:54:23:5d:13:7c:5b:0a:1f:
4f:00:da:3d:fd:b6:1c:db:8a:ee:e0:d2:f9:d4:27:
65:ac:87:41:b0:97:bf:27:b7:a5:14:be:e1:ae:80:
ef:ed:0b:b6:80:10:37:25:e4:4d:d8:9d:51:70:e6:
eb:e6:c4:57:ab:19:c3:df:a5:6e:1c:5b:ce:4f:d6:
25:76:54:00:dc:ac:ab:56:82:05:7b:87:f8:aa:67:
2d:ce:95:31:01:56:bd:90:2b:12:34:09:34:d6:44:
73:5d:20:df:e2:99:35:bf:e1:6d:24:6f:61:ba:13:
a3:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:A6:27:32:6D:0E:95:EA:C5:95:A8:C1:3D:8E:A7:2F:E6:5E:36:08
X509v3 Authority Key Identifier:
keyid:A0:A8:63:1E:6E:5A:7A:C6:6D:A4:FB:16:0F:D5:B4:FC:A9:37:88:05
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oKhjHm5aesZtpPsWD9W0_Kk3iAU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/dffa9b-1d69-4869-9dc4-867d1d877140/1/gaYnMm0OlerFlajBPY6nL-ZeNgg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/dffa9b-1d69-4869-9dc4-867d1d877140/1/oKhjHm5aesZtpPsWD9W0_Kk3iAU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.17.216.0-46.17.220.255
IPv6:
2a02:4f60::/29
Signature Algorithm: sha256WithRSAEncryption
40:fe:23:6d:f1:dc:11:13:02:e3:f1:38:fc:f3:d1:e6:10:6b:
ed:a2:15:e5:61:23:5e:da:36:66:b0:c6:84:ac:8d:24:60:66:
c1:f6:07:63:84:47:52:59:b4:66:35:ae:fd:18:47:bd:eb:39:
a1:2d:17:d5:d2:00:f0:ce:9b:0d:cb:8a:17:15:8b:71:39:05:
4d:44:4c:d7:a0:4e:40:ae:12:d4:21:6b:f7:0e:b4:58:02:75:
75:81:9c:89:89:d3:78:78:fc:c3:23:53:02:f7:8b:29:e7:fe:
89:5a:ba:ef:5e:1e:3e:39:cc:63:72:41:5c:13:ee:4e:9b:e2:
77:18:51:07:72:c1:e9:38:51:76:01:11:a4:76:4c:7d:36:28:
66:1a:7e:37:91:e7:a5:28:de:e1:56:d0:7f:2e:69:b3:1a:15:
33:23:12:2a:4e:42:9c:37:df:48:88:35:87:a9:7e:36:cd:1c:
78:1f:e3:15:3c:c6:6d:77:f6:db:90:d8:ec:32:d5:ff:4b:0e:
73:44:15:48:f3:99:bf:d0:cb:e6:c2:f7:02:bf:da:25:4b:8b:
92:7a:cb:e5:68:cd:b3:25:72:30:e1:90:83:8f:2e:51:ff:87:
c7:e1:2e:11:ca:01:a7:4d:c6:59:a5:d0:d9:ea:23:6c:11:a7:
33:b4:a3:d7
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYK2V/v1hXMlHH/tj+dEgvs7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEwYTg2MzFlNmU1YTdhYzY2ZGE0ZmIxNjBmZDViNGZjYTkz
Nzg4MDUwHhcNMjIwODE5MTM0MzE1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MWE2MjczMjZkMGU5NWVhYzU5NWE4YzEzZDhlYTcyZmU2NWUzNjA4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2lyT/HVTujw9eFomSwmJIx3LxI4Q
Nsc2EzkAJ/oO9sAjJrtkSuxe2x+6mY1hgXlGZOdus00EGJcY8s1vhKRXTP9B12rV
bRl8rkWVrIhyCtsRZt2fBi7CGaYLve6FG/0JTUMnDGoCK9XIxbF5QshQr9TCVsxi
VyBwnKfDcxSLSJjbXtVfqj4jwMxGZw6DVCNdE3xbCh9PANo9/bYc24ru4NL51Cdl
rIdBsJe/J7elFL7hroDv7Qu2gBA3JeRN2J1RcObr5sRXqxnD36VuHFvOT9YldlQA
3KyrVoIFe4f4qmctzpUxAVa9kCsSNAk01kRzXSDf4pk1v+FtJG9huhOj6QIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFIGmJzJtDpXqxZWowT2Opy/mXjYIMB8GA1UdIwQY
MBaAFKCoYx5uWnrGbaT7Fg/VtPypN4gFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb0toakhtNWFlc1p0cFBzV0Q5VzBfS2szaUFVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni9kZmZhOWItMWQ2OS00ODY5LTlkYzQt
ODY3ZDFkODc3MTQwLzEvZ2FZbk1tME9sZXJGbGFqQlBZNm5MLVplTmdnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni9kZmZhOWItMWQ2OS00ODY5LTlkYzQtODY3ZDFkODc3MTQw
LzEvb0toakhtNWFlc1p0cFBzV0Q5VzBfS2szaUFVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTAUBAIAATAOMAwDBAMuEdgD
BAAuEdwwDQQCAAIwBwMFAyoCT2AwDQYJKoZIhvcNAQELBQADggEBAED+I23x3BET
AuPxOPzz0eYQa+2iFeVhI17aNmawxoSsjSRgZsH2B2OER1JZtGY1rv0YR73rOaEt
F9XSAPDOmw3LihcVi3E5BU1ETNegTkCuEtQha/cOtFgCdXWBnImJ03h4/MMjUwL3
iynn/olauu9eHj45zGNyQVwT7k6b4ncYUQdywek4UXYBEaR2TH02KGYafjeR56Uo
3uFW0H8uabMaFTMjEipOQpw330iINYepfjbNHHgf4xU8xm139tuQ2Owy1f9LDnNE
FUjzmb/Qy+bC9wK/2iVLi5J6y+VozbMlcjDhkIOPLlH/h8fhLhHKAadNxlml0Nnq
I2wRpzO0o9c=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:15:21 2024 by rpki-client on console-ams.rpki-client.org