Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/a183ef-ab60-4d59-b5dd-9ae5db28c7e2/1/XhExlprwfdoFH9PX_f-JIlyXcTI.roa
File: XhExlprwfdoFH9PX_f-JIlyXcTI.roa (raw, json)
Hash identifier: IElcJVzBj/0TclPwByA6kKO85ak4Wn+argq8AvlkaAc=
Subject key identifier: 5E:11:31:96:9A:F0:7D:DA:05:1F:D3:D7:FD:FF:89:22:5C:97:71:32
Certificate issuer: /CN=9fe8f68fd828704e8d70796c783327dcde9b0c8e
Certificate serial: 0187C7A434A8FA93DC59A740C1CA8D705CCC
Authority key identifier: 9F:E8:F6:8F:D8:28:70:4E:8D:70:79:6C:78:33:27:DC:DE:9B:0C:8E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/n-j2j9gocE6NcHlseDMn3N6bDI4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/a183ef-ab60-4d59-b5dd-9ae5db28c7e2/1/XhExlprwfdoFH9PX_f-JIlyXcTI.roa
Signing time: Fri 28 Apr 2023 11:33:59 +0000
ROA not before: Fri 28 Apr 2023 11:33:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 199565
IP address blocks: 46.229.247.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:c7:a4:34:a8:fa:93:dc:59:a7:40:c1:ca:8d:70:5c:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9fe8f68fd828704e8d70796c783327dcde9b0c8e
Validity
Not Before: Apr 28 11:33:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5e1131969af07dda051fd3d7fdff89225c977132
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:02:53:bc:c2:8c:3d:e6:91:c8:9e:4e:9e:3e:
0b:d4:aa:03:37:72:34:af:12:0f:d9:c8:be:00:04:
a5:40:14:ad:23:a9:7c:c3:42:bb:ee:89:f0:46:51:
ac:f1:9c:59:9f:fd:cd:d8:e6:de:01:4f:60:25:4a:
a5:91:75:55:4c:e7:78:61:29:03:de:34:c0:8b:73:
ff:c8:7e:59:96:2f:a2:6a:d9:4f:b7:8a:c5:cc:9e:
ae:8b:73:14:9c:27:1a:b2:c8:30:32:eb:08:ef:ad:
40:ae:a9:c5:5a:32:87:a6:bd:5f:6d:24:f3:8d:42:
6a:6f:e5:76:76:86:f2:ea:2d:51:b5:f5:a6:df:43:
a1:c0:2b:e3:c9:66:51:f6:f1:16:f8:9b:00:45:b0:
27:74:b1:40:aa:2f:91:7b:59:48:c0:db:40:99:55:
b8:05:8a:03:2d:ef:2c:97:39:7a:25:1a:d4:2f:c3:
94:c1:55:a5:cc:5f:08:8c:9d:fa:3f:f5:9b:a1:87:
66:b0:17:92:74:3f:48:70:7c:b6:49:45:33:4a:0e:
6e:1f:58:0c:a4:1f:28:6e:80:2d:b8:3b:58:35:7e:
fa:26:a0:65:e0:d9:39:b9:4c:ed:a2:96:5c:0c:ce:
92:f9:dc:9a:7a:be:f5:b5:28:af:11:9f:88:86:fd:
b7:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:11:31:96:9A:F0:7D:DA:05:1F:D3:D7:FD:FF:89:22:5C:97:71:32
X509v3 Authority Key Identifier:
keyid:9F:E8:F6:8F:D8:28:70:4E:8D:70:79:6C:78:33:27:DC:DE:9B:0C:8E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/n-j2j9gocE6NcHlseDMn3N6bDI4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/a183ef-ab60-4d59-b5dd-9ae5db28c7e2/1/XhExlprwfdoFH9PX_f-JIlyXcTI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/a183ef-ab60-4d59-b5dd-9ae5db28c7e2/1/n-j2j9gocE6NcHlseDMn3N6bDI4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.229.247.0/24
Signature Algorithm: sha256WithRSAEncryption
65:8c:7e:b3:f0:ee:26:8e:dd:68:75:74:e0:42:4a:35:7a:ef:
c7:31:b3:25:ad:2b:30:d0:14:f4:22:47:85:fc:d4:07:57:d9:
d9:1a:93:a8:82:7b:42:4f:9e:84:68:46:c9:16:87:aa:7b:e5:
20:79:d5:72:74:2f:da:e0:da:29:86:62:d0:60:41:5c:5c:9e:
60:29:9b:c6:44:5e:da:7e:12:bf:be:cc:df:63:d4:ae:b1:d0:
d1:6f:2a:e3:22:68:3e:ac:f3:04:fb:c4:f1:e3:66:0f:50:c3:
30:d5:7d:25:58:b6:c0:33:14:6f:34:1b:db:61:0a:a4:b0:a5:
8c:c3:93:4d:26:e8:53:e2:ee:38:23:b1:3e:97:b1:30:18:fb:
29:02:32:e6:e0:32:08:d3:e1:00:31:37:e1:b2:ef:ed:d0:99:
c8:c6:c4:21:68:10:4f:0e:ed:67:36:cf:c4:bd:f0:55:26:b8:
88:ad:4b:de:1c:c3:77:08:33:78:98:e6:6a:01:7f:13:6c:f2:
1d:c2:13:e1:d0:95:96:2f:43:93:e0:d4:f1:81:1a:fb:fa:e8:
0b:e8:e6:a5:74:6f:a2:de:f2:6d:77:52:bf:f8:de:c8:a6:63:
38:c5:84:af:07:09:cc:8f:82:b2:5c:4c:8b:21:77:15:2e:a7:
8b:78:ac:6a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYfHpDSo+pPcWadAwcqNcFzMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlmZThmNjhmZDgyODcwNGU4ZDcwNzk2Yzc4MzMyN2RjZGU5
YjBjOGUwHhcNMjMwNDI4MTEzMzU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZTExMzE5NjlhZjA3ZGRhMDUxZmQzZDdmZGZmODkyMjVjOTc3MTMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkQJTvMKMPeaRyJ5Onj4L1KoDN3I0
rxIP2ci+AASlQBStI6l8w0K77onwRlGs8ZxZn/3N2ObeAU9gJUqlkXVVTOd4YSkD
3jTAi3P/yH5Zli+iatlPt4rFzJ6ui3MUnCcassgwMusI761ArqnFWjKHpr1fbSTz
jUJqb+V2doby6i1RtfWm30OhwCvjyWZR9vEW+JsARbAndLFAqi+Re1lIwNtAmVW4
BYoDLe8slzl6JRrUL8OUwVWlzF8IjJ36P/WboYdmsBeSdD9IcHy2SUUzSg5uH1gM
pB8oboAtuDtYNX76JqBl4Nk5uUztopZcDM6S+dyaer71tSivEZ+Ihv23vQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFF4RMZaa8H3aBR/T1/3/iSJcl3EyMB8GA1UdIwQY
MBaAFJ/o9o/YKHBOjXB5bHgzJ9zemwyOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbi1qMmo5Z29jRTZOY0hsc2VETW4zTjZiREk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9hMTgzZWYtYWI2MC00ZDU5LWI1ZGQt
OWFlNWRiMjhjN2UyLzEvWGhFeGxwcndmZG9GSDlQWF9mLUpJbHlYY1RJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy9hMTgzZWYtYWI2MC00ZDU5LWI1ZGQtOWFlNWRiMjhjN2Uy
LzEvbi1qMmo5Z29jRTZOY0hsc2VETW4zTjZiREk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALuX3MA0G
CSqGSIb3DQEBCwUAA4IBAQBljH6z8O4mjt1odXTgQko1eu/HMbMlrSsw0BT0IkeF
/NQHV9nZGpOogntCT56EaEbJFoeqe+UgedVydC/a4NophmLQYEFcXJ5gKZvGRF7a
fhK/vszfY9SusdDRbyrjImg+rPME+8Tx42YPUMMw1X0lWLbAMxRvNBvbYQqksKWM
w5NNJuhT4u44I7E+l7EwGPspAjLm4DII0+EAMTfhsu/t0JnIxsQhaBBPDu1nNs/E
vfBVJriIrUveHMN3CDN4mOZqAX8TbPIdwhPh0JWWL0OT4NTxgRr7+ugL6OaldG+i
3vJtd1K/+N7IpmM4xYSvBwnMj4KyXEyLIXcVLqeLeKxq
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:52:31 2024 by rpki-client on console-ams.rpki-client.org