Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/0d64e2-e2da-468a-8f7d-7fe328571938/1/Wz9bbvNIAENMubKjD7cqv6jaQ7U.roa
File: Wz9bbvNIAENMubKjD7cqv6jaQ7U.roa (raw, json)
Hash identifier: E344tqLLv2VOO0W57GQFtDG4TL7375FsGEBln5JikXg=
Subject key identifier: 5B:3F:5B:6E:F3:48:00:43:4C:B9:B2:A3:0F:B7:2A:BF:A8:DA:43:B5
Certificate issuer: /CN=39f086ca6211bb95d0643089c7da576fe67c2152
Certificate serial: 018D3BDFFD6D38DFC921360E86D2CA7A427F
Authority key identifier: 39:F0:86:CA:62:11:BB:95:D0:64:30:89:C7:DA:57:6F:E6:7C:21:52
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OfCGymIRu5XQZDCJx9pXb-Z8IVI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/0d64e2-e2da-468a-8f7d-7fe328571938/1/Wz9bbvNIAENMubKjD7cqv6jaQ7U.roa
Signing time: Wed 24 Jan 2024 14:29:11 +0000
ROA not before: Wed 24 Jan 2024 14:29:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43201
IP address blocks: 46.175.132.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:3b:df:fd:6d:38:df:c9:21:36:0e:86:d2:ca:7a:42:7f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=39f086ca6211bb95d0643089c7da576fe67c2152
Validity
Not Before: Jan 24 14:29:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5b3f5b6ef34800434cb9b2a30fb72abfa8da43b5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:de:fd:23:e6:cc:ba:7f:b3:b7:62:bf:d9:af:
b2:e0:99:ef:6d:06:61:82:93:d1:b6:e8:c0:a1:f8:
2f:02:8e:c5:dc:f3:49:f3:02:8b:75:e5:2a:47:8d:
32:44:73:ce:de:8a:5d:17:e7:8b:d6:9b:62:91:8e:
0c:ec:c3:a5:10:e3:fe:35:23:56:e3:d0:24:73:96:
70:3b:6e:aa:be:b4:3b:e5:dc:a3:9c:a9:24:6a:89:
8b:9f:6c:34:96:e9:cd:01:3a:6a:1f:53:7d:bb:c0:
46:59:59:45:20:ad:53:57:25:1f:3e:1d:0a:96:97:
75:b0:29:27:8f:21:29:04:1d:fd:00:6d:1c:91:65:
92:5a:eb:bf:4a:e3:a6:12:20:78:70:63:bd:d1:50:
68:52:6a:fa:ec:51:1f:11:89:87:d7:be:a6:40:7c:
d0:8e:19:b3:41:2c:f6:f2:3a:f8:78:fa:c2:98:8e:
4c:d3:60:8a:41:4e:fa:42:59:f6:a0:75:ee:0f:06:
ae:3a:18:6a:aa:e2:66:b8:3e:b1:00:9a:31:1d:9c:
9f:ca:13:e5:1e:26:81:a2:1f:e6:c0:a1:0e:ce:07:
6d:1a:ff:b4:83:6c:3b:d9:4f:32:c2:4e:99:65:0b:
66:de:de:ff:93:ad:3f:00:58:14:b4:94:7b:1f:72:
af:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:3F:5B:6E:F3:48:00:43:4C:B9:B2:A3:0F:B7:2A:BF:A8:DA:43:B5
X509v3 Authority Key Identifier:
keyid:39:F0:86:CA:62:11:BB:95:D0:64:30:89:C7:DA:57:6F:E6:7C:21:52
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OfCGymIRu5XQZDCJx9pXb-Z8IVI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/0d64e2-e2da-468a-8f7d-7fe328571938/1/Wz9bbvNIAENMubKjD7cqv6jaQ7U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/0d64e2-e2da-468a-8f7d-7fe328571938/1/OfCGymIRu5XQZDCJx9pXb-Z8IVI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.175.132.0/24
Signature Algorithm: sha256WithRSAEncryption
8c:8b:3e:b1:2a:87:74:a8:e6:90:b1:46:83:05:16:0f:5f:61:
37:73:11:3a:4a:f6:95:91:cc:82:08:5b:20:9c:60:52:e4:7a:
b8:7e:1b:76:26:5e:a2:99:95:7a:9e:d8:ed:64:02:fd:31:64:
37:d9:2c:6c:6d:1a:d5:b8:ad:be:b1:8d:fa:a8:59:ad:ca:15:
cc:1d:79:79:70:0d:92:08:6b:02:9c:f7:8f:c7:4d:da:fd:e8:
1a:e3:f2:ec:a2:9c:75:4b:20:e3:c7:ef:fd:b0:a5:00:6a:b4:
9e:e0:b0:8d:b8:4d:4f:3c:29:95:a0:1f:ed:2e:22:74:ce:10:
a5:5d:8d:d8:37:2f:6d:e6:e6:be:55:31:50:f4:9e:62:5a:a5:
cd:82:97:65:9a:60:4a:c8:ac:2d:ac:33:9e:bd:b2:32:83:1f:
fa:5f:c9:cc:f9:dc:45:16:12:d9:0e:31:db:4d:7e:a0:69:e0:
c1:66:5b:33:5f:b4:a8:a5:b3:7a:60:aa:04:f3:23:83:3d:52:
b2:d8:36:83:a5:58:95:04:fc:61:48:93:a1:e0:35:2b:4c:ed:
f9:a2:61:0a:c6:e9:a4:36:85:bf:ed:fa:4f:e0:20:95:f7:ec:
19:d1:86:d7:67:60:87:bb:7e:18:11:bf:67:0d:01:34:46:35:
6c:ed:f7:cc
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY073/1tON/JITYOhtLKekJ/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM5ZjA4NmNhNjIxMWJiOTVkMDY0MzA4OWM3ZGE1NzZmZTY3
YzIxNTIwHhcNMjQwMTI0MTQyOTExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YjNmNWI2ZWYzNDgwMDQzNGNiOWIyYTMwZmI3MmFiZmE4ZGE0M2I1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzN79I+bMun+zt2K/2a+y4JnvbQZh
gpPRtujAofgvAo7F3PNJ8wKLdeUqR40yRHPO3opdF+eL1ptikY4M7MOlEOP+NSNW
49Akc5ZwO26qvrQ75dyjnKkkaomLn2w0lunNATpqH1N9u8BGWVlFIK1TVyUfPh0K
lpd1sCknjyEpBB39AG0ckWWSWuu/SuOmEiB4cGO90VBoUmr67FEfEYmH176mQHzQ
jhmzQSz28jr4ePrCmI5M02CKQU76Qln2oHXuDwauOhhqquJmuD6xAJoxHZyfyhPl
HiaBoh/mwKEOzgdtGv+0g2w72U8ywk6ZZQtm3t7/k60/AFgUtJR7H3KvvQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFs/W27zSABDTLmyow+3Kr+o2kO1MB8GA1UdIwQY
MBaAFDnwhspiEbuV0GQwicfaV2/mfCFSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT2ZDR3ltSVJ1NVhRWkRDSng5cFhiLVo4SVZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS8wZDY0ZTItZTJkYS00NjhhLThmN2Qt
N2ZlMzI4NTcxOTM4LzEvV3o5YmJ2TklBRU5NdWJLakQ3Y3F2NmphUTdVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS8wZDY0ZTItZTJkYS00NjhhLThmN2QtN2ZlMzI4NTcxOTM4
LzEvT2ZDR3ltSVJ1NVhRWkRDSng5cFhiLVo4SVZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALq+EMA0G
CSqGSIb3DQEBCwUAA4IBAQCMiz6xKod0qOaQsUaDBRYPX2E3cxE6SvaVkcyCCFsg
nGBS5Hq4fht2Jl6imZV6ntjtZAL9MWQ32SxsbRrVuK2+sY36qFmtyhXMHXl5cA2S
CGsCnPePx03a/ega4/Lsopx1SyDjx+/9sKUAarSe4LCNuE1PPCmVoB/tLiJ0zhCl
XY3YNy9t5ua+VTFQ9J5iWqXNgpdlmmBKyKwtrDOevbIygx/6X8nM+dxFFhLZDjHb
TX6gaeDBZlszX7SopbN6YKoE8yODPVKy2DaDpViVBPxhSJOh4DUrTO35omEKxumk
NoW/7fpP4CCV9+wZ0YbXZ2CHu34YEb9nDQE0RjVs7ffM
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:52:46 2024 by rpki-client on console-ams.rpki-client.org