Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/a183ef-ab60-4d59-b5dd-9ae5db28c7e2/1/FZSTsWoHQskDm3xWNz01QsIVpqI.roa
File: FZSTsWoHQskDm3xWNz01QsIVpqI.roa (raw, json)
Hash identifier: yGCCb/1SfrhHNwf8Eo+bkQla+a6ayEmHC1jsjW8Qo1g=
Subject key identifier: 15:94:93:B1:6A:07:42:C9:03:9B:7C:56:37:3D:35:42:C2:15:A6:A2
Certificate issuer: /CN=9fe8f68fd828704e8d70796c783327dcde9b0c8e
Certificate serial: 018775E044A5229E12D065DC9DA07DFA3BE1
Authority key identifier: 9F:E8:F6:8F:D8:28:70:4E:8D:70:79:6C:78:33:27:DC:DE:9B:0C:8E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/n-j2j9gocE6NcHlseDMn3N6bDI4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/a183ef-ab60-4d59-b5dd-9ae5db28c7e2/1/FZSTsWoHQskDm3xWNz01QsIVpqI.roa
Signing time: Wed 12 Apr 2023 14:30:44 +0000
ROA not before: Wed 12 Apr 2023 14:30:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 199565
IP address blocks: 46.229.247.0/24 maxlen: 24
46.229.251.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:75:e0:44:a5:22:9e:12:d0:65:dc:9d:a0:7d:fa:3b:e1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9fe8f68fd828704e8d70796c783327dcde9b0c8e
Validity
Not Before: Apr 12 14:30:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=159493b16a0742c9039b7c56373d3542c215a6a2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:66:36:63:b4:49:71:a2:7a:3d:f5:8f:7f:f3:
55:00:bb:97:5f:7f:6d:99:a6:3f:fd:81:39:a1:0b:
ac:db:1d:2e:65:f3:45:8c:1e:6e:13:66:c3:c6:17:
b9:42:c3:c7:17:03:a9:b6:24:01:49:ce:9b:d2:2b:
e5:de:b3:95:0a:57:01:b5:3e:77:a2:a1:48:d4:d8:
09:44:5b:5f:e6:66:6e:3d:b6:c6:30:a9:10:dc:26:
2b:b5:48:85:c4:df:5d:4d:aa:57:a3:29:a7:21:e7:
72:50:15:c3:74:7f:b3:86:a7:5c:6e:a0:e0:e3:c6:
92:d5:ea:02:c1:36:1a:17:8a:93:55:6b:49:13:75:
be:b4:83:b8:f1:94:b7:ec:c2:cf:c9:2b:ed:7e:db:
3c:e0:4c:23:2c:30:50:26:75:2d:77:2c:05:a1:20:
ac:9c:86:49:d1:66:a6:4d:bf:2e:61:53:df:dd:2b:
63:23:65:52:7f:8d:5f:a5:1e:12:67:9c:37:bd:f3:
5d:26:61:07:d9:61:23:18:da:3c:69:bb:22:5a:cc:
8f:74:07:dd:ce:78:74:a3:1e:b4:b4:17:01:de:1f:
cc:72:dd:89:40:bb:f9:0a:1d:5a:23:34:e0:35:09:
d9:15:5b:98:8e:75:61:3b:df:94:33:3d:0d:e8:5d:
5c:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
15:94:93:B1:6A:07:42:C9:03:9B:7C:56:37:3D:35:42:C2:15:A6:A2
X509v3 Authority Key Identifier:
keyid:9F:E8:F6:8F:D8:28:70:4E:8D:70:79:6C:78:33:27:DC:DE:9B:0C:8E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/n-j2j9gocE6NcHlseDMn3N6bDI4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/a183ef-ab60-4d59-b5dd-9ae5db28c7e2/1/FZSTsWoHQskDm3xWNz01QsIVpqI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/a183ef-ab60-4d59-b5dd-9ae5db28c7e2/1/n-j2j9gocE6NcHlseDMn3N6bDI4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.229.247.0/24
46.229.251.0/24
Signature Algorithm: sha256WithRSAEncryption
83:7b:86:4f:e9:9c:1e:3f:00:e6:c7:ba:38:51:9c:65:d4:69:
34:c2:ad:fc:c6:9b:2e:c8:13:3c:18:68:9c:3c:ec:7e:60:0a:
ae:d1:7d:a2:94:0b:d8:0f:50:1c:b2:63:07:5a:4c:03:33:bd:
9b:d2:35:f2:77:fb:0e:12:0b:d1:16:89:4a:54:54:81:35:a0:
25:83:bd:b5:3d:b6:cd:fb:10:af:3e:14:65:b9:67:60:ed:58:
6e:38:c6:c1:d4:92:57:3d:81:47:a3:9d:e3:49:25:b1:91:97:
4e:b9:8e:a1:12:a2:81:7a:d9:59:e9:59:39:3e:bf:47:3e:8e:
01:ca:ec:b1:70:3d:15:41:84:5d:8a:3a:e9:f9:22:1b:20:ed:
aa:f4:77:47:b0:b8:61:f7:ca:f9:67:5d:8d:28:1e:27:18:51:
d7:a9:f1:5a:54:60:ca:21:07:5a:f2:7c:9a:07:b3:f6:08:8c:
4a:23:35:de:34:2a:42:a4:23:c6:db:31:e0:63:02:6f:ed:81:
1b:06:53:4e:17:4b:17:e6:c8:e9:69:01:f8:49:26:4a:0b:4d:
5f:48:67:06:48:74:d1:8a:c5:73:76:fb:40:0d:f5:dd:b9:ad:
a8:dc:e3:c6:a9:c7:90:d2:a3:7e:8c:99:51:53:5e:8f:dd:73:
39:00:7f:32
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYd14ESlIp4S0GXcnaB9+jvhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlmZThmNjhmZDgyODcwNGU4ZDcwNzk2Yzc4MzMyN2RjZGU5
YjBjOGUwHhcNMjMwNDEyMTQzMDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNTk0OTNiMTZhMDc0MmM5MDM5YjdjNTYzNzNkMzU0MmMyMTVhNmEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApmY2Y7RJcaJ6PfWPf/NVALuXX39t
maY//YE5oQus2x0uZfNFjB5uE2bDxhe5QsPHFwOptiQBSc6b0ivl3rOVClcBtT53
oqFI1NgJRFtf5mZuPbbGMKkQ3CYrtUiFxN9dTapXoymnIedyUBXDdH+zhqdcbqDg
48aS1eoCwTYaF4qTVWtJE3W+tIO48ZS37MLPySvtfts84EwjLDBQJnUtdywFoSCs
nIZJ0WamTb8uYVPf3StjI2VSf41fpR4SZ5w3vfNdJmEH2WEjGNo8absiWsyPdAfd
znh0ox60tBcB3h/Mct2JQLv5Ch1aIzTgNQnZFVuYjnVhO9+UMz0N6F1c+wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFBWUk7FqB0LJA5t8Vjc9NULCFaaiMB8GA1UdIwQY
MBaAFJ/o9o/YKHBOjXB5bHgzJ9zemwyOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbi1qMmo5Z29jRTZOY0hsc2VETW4zTjZiREk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9hMTgzZWYtYWI2MC00ZDU5LWI1ZGQt
OWFlNWRiMjhjN2UyLzEvRlpTVHNXb0hRc2tEbTN4V056MDFRc0lWcHFJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy9hMTgzZWYtYWI2MC00ZDU5LWI1ZGQtOWFlNWRiMjhjN2Uy
LzEvbi1qMmo5Z29jRTZOY0hsc2VETW4zTjZiREk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALuX3AwQA
LuX7MA0GCSqGSIb3DQEBCwUAA4IBAQCDe4ZP6ZwePwDmx7o4UZxl1Gk0wq38xpsu
yBM8GGicPOx+YAqu0X2ilAvYD1AcsmMHWkwDM72b0jXyd/sOEgvRFolKVFSBNaAl
g721PbbN+xCvPhRluWdg7VhuOMbB1JJXPYFHo53jSSWxkZdOuY6hEqKBetlZ6Vk5
Pr9HPo4ByuyxcD0VQYRdijrp+SIbIO2q9HdHsLhh98r5Z12NKB4nGFHXqfFaVGDK
IQda8nyaB7P2CIxKIzXeNCpCpCPG2zHgYwJv7YEbBlNOF0sX5sjpaQH4SSZKC01f
SGcGSHTRisVzdvtADfXdua2o3OPGqceQ0qN+jJlRU16P3XM5AH8y
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:18:38 2024 by rpki-client on console-fra.rpki-client.org