Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/8802b1-3c91-4f09-a265-6d60b4b8dab7/1/6BTO2RsrRJ9jREQyc7kH0gfoI8U.roa
File: 6BTO2RsrRJ9jREQyc7kH0gfoI8U.roa (raw, json)
Hash identifier: dG8iP9VvREHSt9i2pZZl557R3gRFn/uXL+ZZggNCajI=
Subject key identifier: E8:14:CE:D9:1B:2B:44:9F:63:44:44:32:73:B9:07:D2:07:E8:23:C5
Certificate issuer: /CN=3ce2c3edb5397f832ee8fe6a9eec3c5e43627077
Certificate serial: 29479722
Authority key identifier: 3C:E2:C3:ED:B5:39:7F:83:2E:E8:FE:6A:9E:EC:3C:5E:43:62:70:77
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/POLD7bU5f4Mu6P5qnuw8XkNicHc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/8802b1-3c91-4f09-a265-6d60b4b8dab7/1/6BTO2RsrRJ9jREQyc7kH0gfoI8U.roa
Signing time: Sat 01 Jan 2022 02:54:36 +0000
ROA not before: Sat 01 Jan 2022 02:54:36 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 44838
IP address blocks: 91.203.40.0/22 maxlen: 22
46.183.24.0/21 maxlen: 21
2a02:7340::/32 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 692557602 (0x29479722)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3ce2c3edb5397f832ee8fe6a9eec3c5e43627077
Validity
Not Before: Jan 1 02:54:36 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e814ced91b2b449f6344443273b907d207e823c5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:20:49:44:e3:27:d7:15:5a:e9:a3:4d:76:16:
18:72:c8:88:94:cc:37:d5:98:b5:f7:45:b5:91:c0:
7c:6d:60:20:a2:58:9c:d8:b2:28:f2:c4:be:9b:67:
fa:74:43:34:d2:58:9f:b9:5d:8d:08:52:0e:da:4d:
3c:f0:e8:28:8a:85:8e:fd:67:3e:ed:6c:86:e5:ab:
e3:bd:82:7a:a7:60:d5:5c:72:54:90:3b:d4:ae:91:
9d:25:d8:35:3e:7d:9e:7f:ec:ad:ad:b9:37:7c:e2:
dc:76:72:72:01:10:da:f4:ef:dc:bc:b1:a0:c8:3e:
71:c3:99:3c:47:9f:e9:95:e8:14:78:3c:dd:23:3a:
e7:33:bb:f3:b1:cd:e3:a0:5a:7e:93:41:1e:4e:0d:
07:95:5a:9a:2c:21:58:40:90:14:31:52:89:1b:4a:
1e:29:08:13:01:6f:10:cc:d9:ab:0a:f7:42:cc:b8:
58:1b:cb:42:b8:4d:58:3d:ce:4d:73:63:74:bb:34:
a4:48:9e:66:a0:35:c2:af:f1:e5:61:9d:7b:d6:74:
4d:be:17:10:51:ed:b6:74:dd:4e:65:a9:a9:88:31:
f7:a3:e3:6e:0e:58:ac:54:82:62:5d:e0:c7:e8:6d:
c1:d8:57:f2:13:72:d7:7d:f1:58:6d:70:5f:6c:71:
aa:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E8:14:CE:D9:1B:2B:44:9F:63:44:44:32:73:B9:07:D2:07:E8:23:C5
X509v3 Authority Key Identifier:
keyid:3C:E2:C3:ED:B5:39:7F:83:2E:E8:FE:6A:9E:EC:3C:5E:43:62:70:77
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/POLD7bU5f4Mu6P5qnuw8XkNicHc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/8802b1-3c91-4f09-a265-6d60b4b8dab7/1/6BTO2RsrRJ9jREQyc7kH0gfoI8U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/8802b1-3c91-4f09-a265-6d60b4b8dab7/1/POLD7bU5f4Mu6P5qnuw8XkNicHc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.183.24.0/21
91.203.40.0/22
IPv6:
2a02:7340::/32
Signature Algorithm: sha256WithRSAEncryption
2a:a6:4d:d0:50:20:4e:51:0c:b1:08:7d:38:e7:85:d3:df:69:
e8:d1:e2:c9:24:91:09:16:2c:6b:39:a4:4a:13:f8:62:d6:1f:
a4:c1:15:86:ee:0a:4d:fe:9d:f8:02:d9:47:90:59:6a:bf:a0:
91:e7:67:16:27:ec:15:79:fe:40:f2:0f:62:5f:d1:80:b4:08:
49:10:b4:67:94:a2:e7:41:50:4e:22:57:4f:0f:5f:f3:aa:f5:
ca:2d:a9:6d:d3:9b:6b:81:d2:1e:f7:4c:2f:89:8a:e5:c7:3f:
6b:16:43:d8:6e:a7:62:11:8e:93:5b:6d:b6:f4:55:95:7f:16:
02:2b:7b:22:ed:44:44:b4:4c:da:25:a0:47:fc:6f:94:63:06:
b8:4f:56:9d:11:03:64:f7:c7:60:14:e1:85:92:d2:ab:dd:de:
89:a0:76:86:0b:a0:9c:22:6d:99:c0:03:df:7c:5e:c1:47:53:
c0:0a:f8:34:3f:44:39:81:d4:70:5c:65:7b:7f:98:17:d7:98:
33:8e:1b:23:32:73:1c:77:a0:81:ac:70:19:b8:ec:b1:24:a1:
07:f0:18:96:51:f3:15:ca:dc:bc:db:71:ab:20:87:f5:4d:b7:
5f:9b:69:c8:ad:9e:1e:f3:b6:3f:18:2e:a3:e4:0d:61:68:8a:
de:a9:98:ff
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgIEKUeXIjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
Y2UyYzNlZGI1Mzk3ZjgzMmVlOGZlNmE5ZWVjM2M1ZTQzNjI3MDc3MB4XDTIyMDEw
MTAyNTQzNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZTgxNGNlZDkxYjJi
NDQ5ZjYzNDQ0NDMyNzNiOTA3ZDIwN2U4MjNjNTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJogSUTjJ9cVWumjTXYWGHLIiJTMN9WYtfdFtZHAfG1gIKJY
nNiyKPLEvptn+nRDNNJYn7ldjQhSDtpNPPDoKIqFjv1nPu1shuWr472Ceqdg1Vxy
VJA71K6RnSXYNT59nn/sra25N3zi3HZycgEQ2vTv3LyxoMg+ccOZPEef6ZXoFHg8
3SM65zO787HN46BafpNBHk4NB5VamiwhWECQFDFSiRtKHikIEwFvEMzZqwr3Qsy4
WBvLQrhNWD3OTXNjdLs0pEieZqA1wq/x5WGde9Z0Tb4XEFHttnTdTmWpqYgx96Pj
bg5YrFSCYl3gx+htwdhX8hNy133xWG1wX2xxqrECAwEAAaOCAh4wggIaMB0GA1Ud
DgQWBBToFM7ZGytEn2NERDJzuQfSB+gjxTAfBgNVHSMEGDAWgBQ84sPttTl/gy7o
/mqe7DxeQ2JwdzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1BPTEQ3YlU1ZjRNdTZQNXFudXc4WGtOaWNIYy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYWIvODgwMmIxLTNjOTEtNGYwOS1hMjY1LTZkNjBiNGI4ZGFiNy8x
LzZCVE8yUnNyUko5alJFUXljN2tIMGdmb0k4VS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYWIv
ODgwMmIxLTNjOTEtNGYwOS1hMjY1LTZkNjBiNGI4ZGFiNy8xL1BPTEQ3YlU1ZjRN
dTZQNXFudXc4WGtOaWNIYy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA0
BggrBgEFBQcBBwEB/wQlMCMwEgQCAAEwDAMEAy63GAMEAlvLKDANBAIAAjAHAwUA
KgJzQDANBgkqhkiG9w0BAQsFAAOCAQEAKqZN0FAgTlEMsQh9OOeF099p6NHiySSR
CRYsazmkShP4YtYfpMEVhu4KTf6d+ALZR5BZar+gkednFifsFXn+QPIPYl/RgLQI
SRC0Z5Si50FQTiJXTw9f86r1yi2pbdOba4HSHvdML4mK5cc/axZD2G6nYhGOk1tt
tvRVlX8WAit7Iu1ERLRM2iWgR/xvlGMGuE9WnREDZPfHYBThhZLSq93eiaB2hgug
nCJtmcAD33xewUdTwAr4ND9EOYHUcFxle3+YF9eYM44bIzJzHHeggaxwGbjssSSh
B/AYllHzFcrcvNtxqyCH9U23X5tpyK2eHvO2Pxguo+QNYWiK3qmY/w==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:49:20 2024 by rpki-client on console-fra.rpki-client.org