Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/897449-e9cf-4a79-89cf-41bb21ac2801/1/q0i8bUVHN_BuZY4SJhNyuuu46Nw.roa
File: q0i8bUVHN_BuZY4SJhNyuuu46Nw.roa (raw, json)
Hash identifier: Ejhm8J0Zbq5YbbEYOVylwPkb9E8LYeuSzzPe9nQhPKk=
Subject key identifier: AB:48:BC:6D:45:47:37:F0:6E:65:8E:12:26:13:72:BA:EB:B8:E8:DC
Certificate issuer: /CN=c38280c5300b74888ac7eb4bfa6417d9a2e7b0be
Certificate serial: 018D1827B43250F530F5B856A8FBE5A459C6
Authority key identifier: C3:82:80:C5:30:0B:74:88:8A:C7:EB:4B:FA:64:17:D9:A2:E7:B0:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w4KAxTALdIiKx-tL-mQX2aLnsL4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f3/897449-e9cf-4a79-89cf-41bb21ac2801/1/q0i8bUVHN_BuZY4SJhNyuuu46Nw.roa
Signing time: Wed 17 Jan 2024 16:01:11 +0000
ROA not before: Wed 17 Jan 2024 16:01:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 41957
IP address blocks: 46.16.37.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:18:27:b4:32:50:f5:30:f5:b8:56:a8:fb:e5:a4:59:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c38280c5300b74888ac7eb4bfa6417d9a2e7b0be
Validity
Not Before: Jan 17 16:01:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ab48bc6d454737f06e658e12261372baebb8e8dc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:b3:57:5c:ee:c8:fb:37:31:c1:e2:17:b7:0c:
65:49:88:12:c9:db:e9:7e:9c:c6:4e:27:96:7e:31:
2d:6d:ea:e4:d1:68:89:08:1c:7f:a3:1f:d1:ab:99:
f4:f8:8e:f0:0c:ea:b9:a0:02:d9:a3:db:d2:19:00:
0c:d8:a1:6c:0e:34:de:eb:bb:ae:9b:74:28:ad:36:
46:7b:ea:19:69:ce:93:fc:59:ee:79:46:8d:9d:e4:
c5:55:db:74:5a:08:1e:d5:02:7e:e9:c0:76:87:00:
4d:48:6c:2b:4d:76:22:1e:58:ac:c8:e4:64:0a:66:
d1:75:e1:c2:44:f3:a6:4b:f7:95:6d:af:95:86:a9:
26:99:f3:9c:ac:3c:86:d1:44:94:03:a3:63:a7:b8:
1c:25:25:41:f2:7e:1c:80:8a:f7:a7:45:82:30:cf:
ec:66:dc:75:5e:61:e0:8f:b8:da:0d:04:87:0f:38:
1c:75:c6:8d:86:1b:06:6d:12:8a:4a:17:ba:56:8b:
3c:41:cb:a6:5c:2a:70:86:d9:19:6c:40:c4:88:25:
dd:96:7e:73:73:24:a4:5a:d7:f5:a7:23:62:ce:6d:
16:dd:ca:0f:94:17:e7:d9:d2:f4:af:dd:17:da:cf:
da:00:a9:06:79:90:f2:b4:f0:9c:3d:e0:81:fb:6d:
71:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:48:BC:6D:45:47:37:F0:6E:65:8E:12:26:13:72:BA:EB:B8:E8:DC
X509v3 Authority Key Identifier:
keyid:C3:82:80:C5:30:0B:74:88:8A:C7:EB:4B:FA:64:17:D9:A2:E7:B0:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w4KAxTALdIiKx-tL-mQX2aLnsL4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/897449-e9cf-4a79-89cf-41bb21ac2801/1/q0i8bUVHN_BuZY4SJhNyuuu46Nw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/897449-e9cf-4a79-89cf-41bb21ac2801/1/w4KAxTALdIiKx-tL-mQX2aLnsL4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.16.37.0/24
Signature Algorithm: sha256WithRSAEncryption
c1:a5:82:f0:e9:31:90:65:7c:c0:ee:4b:86:22:e8:48:fb:8c:
80:17:50:25:78:58:92:c4:a2:ad:81:22:64:0f:2a:62:28:c8:
1c:f3:1e:cc:7f:9e:2c:30:47:e8:9a:fa:ca:10:23:91:77:02:
c2:b5:ef:6d:9b:a4:0f:05:57:a4:3f:ce:ff:37:fb:47:1c:40:
09:76:88:73:00:be:c5:3e:4d:bf:37:d9:48:65:34:5d:ad:ce:
d8:b8:9f:07:2e:30:6c:0f:8c:7a:73:94:6b:58:99:fa:71:b7:
8a:8e:7a:a2:1a:06:cb:54:c4:13:7b:c9:e5:22:21:09:cf:1b:
52:56:88:8f:1a:f5:80:d5:26:6c:f2:e6:bd:3f:ed:2a:a8:9e:
c8:9f:fe:93:d8:64:0c:c7:32:8a:83:e3:e3:88:3d:6a:58:7f:
f6:91:1e:fe:45:2c:d3:6f:d0:cb:ad:80:58:21:dd:86:f8:f8:
c3:8f:8c:34:71:2a:b2:fd:a6:3e:29:6a:0e:96:e8:06:87:fb:
18:0f:54:ca:33:06:85:2a:2c:dc:10:a2:e2:91:89:90:b7:e5:
4d:9a:5c:1a:02:1d:5a:6b:27:9f:54:da:d6:ab:d7:ed:d6:64:
d5:29:fd:5f:ad:36:b8:d6:80:37:0a:4f:76:73:65:cf:38:4d:
0b:44:24:64
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY0YJ7QyUPUw9bhWqPvlpFnGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzODI4MGM1MzAwYjc0ODg4YWM3ZWI0YmZhNjQxN2Q5YTJl
N2IwYmUwHhcNMjQwMTE3MTYwMTExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYjQ4YmM2ZDQ1NDczN2YwNmU2NThlMTIyNjEzNzJiYWViYjhlOGRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhbNXXO7I+zcxweIXtwxlSYgSydvp
fpzGTieWfjEtberk0WiJCBx/ox/Rq5n0+I7wDOq5oALZo9vSGQAM2KFsDjTe67uu
m3QorTZGe+oZac6T/FnueUaNneTFVdt0Wgge1QJ+6cB2hwBNSGwrTXYiHlisyORk
CmbRdeHCRPOmS/eVba+VhqkmmfOcrDyG0USUA6Njp7gcJSVB8n4cgIr3p0WCMM/s
Ztx1XmHgj7jaDQSHDzgcdcaNhhsGbRKKShe6Vos8QcumXCpwhtkZbEDEiCXdln5z
cySkWtf1pyNizm0W3coPlBfn2dL0r90X2s/aAKkGeZDytPCcPeCB+21xUQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKtIvG1FRzfwbmWOEiYTcrrruOjcMB8GA1UdIwQY
MBaAFMOCgMUwC3SIisfrS/pkF9mi57C+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzRLQXhUQUxkSWlLeC10TC1tUVgyYUxuc0w0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMy84OTc0NDktZTljZi00YTc5LTg5Y2Yt
NDFiYjIxYWMyODAxLzEvcTBpOGJVVkhOX0J1Wlk0U0poTnl1dXU0Nk53LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMy84OTc0NDktZTljZi00YTc5LTg5Y2YtNDFiYjIxYWMyODAx
LzEvdzRLQXhUQUxkSWlLeC10TC1tUVgyYUxuc0w0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALhAlMA0G
CSqGSIb3DQEBCwUAA4IBAQDBpYLw6TGQZXzA7kuGIuhI+4yAF1AleFiSxKKtgSJk
DypiKMgc8x7Mf54sMEfomvrKECORdwLCte9tm6QPBVekP87/N/tHHEAJdohzAL7F
Pk2/N9lIZTRdrc7YuJ8HLjBsD4x6c5RrWJn6cbeKjnqiGgbLVMQTe8nlIiEJzxtS
VoiPGvWA1SZs8ua9P+0qqJ7In/6T2GQMxzKKg+PjiD1qWH/2kR7+RSzTb9DLrYBY
Id2G+PjDj4w0cSqy/aY+KWoOlugGh/sYD1TKMwaFKizcEKLikYmQt+VNmlwaAh1a
ayefVNrWq9ft1mTVKf1frTa41oA3Ck92c2XPOE0LRCRk
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:52:27 2024 by rpki-client on console-ams.rpki-client.org