Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/afcf64-0051-4da7-9b12-50e333384669/1/I1u51_JWIdpd10yoS1lSSGF8UJo.roa
File: I1u51_JWIdpd10yoS1lSSGF8UJo.roa (raw, json)
Hash identifier: RvRlAeZ4iuhegeRD29IuO9LB9PfTCEmv8+qHJzyCjsI=
Subject key identifier: 23:5B:B9:D7:F2:56:21:DA:5D:D7:4C:A8:4B:59:52:48:61:7C:50:9A
Certificate issuer: /CN=c811029686b2c80a7f0460b6c6ef1b9086728097
Certificate serial: 018F341A464F6FFA0F488FD3C3EBCA1C2A80
Authority key identifier: C8:11:02:96:86:B2:C8:0A:7F:04:60:B6:C6:EF:1B:90:86:72:80:97
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yBECloayyAp_BGC2xu8bkIZygJc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/afcf64-0051-4da7-9b12-50e333384669/1/I1u51_JWIdpd10yoS1lSSGF8UJo.roa
Signing time: Wed 01 May 2024 12:21:28 +0000
ROA not before: Wed 01 May 2024 12:21:28 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 5666
IP address blocks: 46.235.1.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:34:1a:46:4f:6f:fa:0f:48:8f:d3:c3:eb:ca:1c:2a:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c811029686b2c80a7f0460b6c6ef1b9086728097
Validity
Not Before: May 1 12:21:28 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=235bb9d7f25621da5dd74ca84b595248617c509a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:ce:37:c0:82:5d:00:92:ac:12:a9:e3:ff:81:
91:46:f0:eb:ad:e2:f5:3b:3f:fd:0b:ed:13:c6:81:
fd:22:2e:a8:9b:f4:17:e2:67:7b:b1:d2:9f:9a:60:
d5:80:cb:ef:ff:9d:16:b4:36:67:58:75:e0:53:af:
5b:49:a6:ce:86:97:f5:4c:b2:20:26:ac:41:7a:a6:
27:27:d8:33:c2:92:ff:14:9e:f0:b4:13:e8:6f:2c:
b2:9d:8b:50:3a:9e:55:a3:89:d6:b9:21:38:70:2c:
31:ce:7d:fa:28:e5:af:fe:c0:51:a4:29:ef:08:8b:
b0:04:94:66:fa:37:a7:03:60:e2:79:93:8c:69:f6:
20:cb:98:91:f6:45:a0:5d:07:5e:16:5c:1f:85:13:
6b:f9:ca:c8:94:2a:f6:e1:80:44:e4:e2:0e:f6:c9:
0d:6e:22:00:34:88:69:4d:2d:8c:86:ec:e2:59:73:
bf:7b:6b:12:bd:33:f7:da:ff:22:78:6f:ea:fa:33:
a8:0a:68:30:c7:87:e0:8f:45:2f:18:ec:1f:d7:6b:
37:f1:2b:ae:d9:74:30:f3:f8:f8:14:d7:94:e9:b0:
59:92:9d:86:f4:06:b5:d6:f4:cd:3c:7e:fb:7a:d8:
2b:95:1c:6b:e0:50:45:78:46:d2:9a:06:8a:fb:33:
c2:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:5B:B9:D7:F2:56:21:DA:5D:D7:4C:A8:4B:59:52:48:61:7C:50:9A
X509v3 Authority Key Identifier:
keyid:C8:11:02:96:86:B2:C8:0A:7F:04:60:B6:C6:EF:1B:90:86:72:80:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yBECloayyAp_BGC2xu8bkIZygJc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/afcf64-0051-4da7-9b12-50e333384669/1/I1u51_JWIdpd10yoS1lSSGF8UJo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/afcf64-0051-4da7-9b12-50e333384669/1/yBECloayyAp_BGC2xu8bkIZygJc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.235.1.0/24
Signature Algorithm: sha256WithRSAEncryption
66:a0:11:f8:36:c3:46:77:84:83:68:29:2c:69:0c:5a:51:99:
b1:8a:94:4b:d0:2b:75:02:50:eb:1c:21:9d:17:55:c0:bc:22:
85:47:66:e3:92:85:86:6d:ad:8e:1f:33:66:58:32:d0:0b:e0:
e9:b6:c1:ef:50:b4:45:41:a7:c4:30:ba:e2:2d:ec:14:22:fe:
17:54:3d:5a:3f:d2:fc:02:41:9e:4a:4b:94:e9:ff:90:c8:53:
d2:19:c7:86:ca:dc:21:c8:a2:f8:0a:39:3c:3b:6a:93:65:80:
eb:fb:1b:d4:07:96:62:45:3d:e8:44:21:69:18:e4:89:c9:40:
c6:ad:4c:d3:db:92:08:1a:05:3e:31:c5:7a:ef:06:39:0a:f0:
8b:8c:66:fd:e7:3f:85:fc:db:4e:29:c3:74:59:93:1e:85:d9:
e4:98:1f:9a:41:bb:92:18:dd:de:34:40:84:db:c5:21:28:07:
e4:fe:3a:db:28:95:fa:01:bf:48:37:4e:6b:79:40:93:74:9a:
4f:28:36:1d:2f:61:50:7c:b8:2a:e6:97:91:4b:fc:29:c4:19:
1f:64:78:80:a0:04:11:f0:9d:c4:f5:a7:64:13:fc:25:9c:8f:
d7:ad:1d:b2:74:e8:63:72:61:e8:fd:df:03:e0:71:ac:57:ff:
4e:28:c8:f9
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY80GkZPb/oPSI/Tw+vKHCqAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM4MTEwMjk2ODZiMmM4MGE3ZjA0NjBiNmM2ZWYxYjkwODY3
MjgwOTcwHhcNMjQwNTAxMTIyMTI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMzViYjlkN2YyNTYyMWRhNWRkNzRjYTg0YjU5NTI0ODYxN2M1MDlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6M43wIJdAJKsEqnj/4GRRvDrreL1
Oz/9C+0TxoH9Ii6om/QX4md7sdKfmmDVgMvv/50WtDZnWHXgU69bSabOhpf1TLIg
JqxBeqYnJ9gzwpL/FJ7wtBPobyyynYtQOp5Vo4nWuSE4cCwxzn36KOWv/sBRpCnv
CIuwBJRm+jenA2DieZOMafYgy5iR9kWgXQdeFlwfhRNr+crIlCr24YBE5OIO9skN
biIANIhpTS2MhuziWXO/e2sSvTP32v8ieG/q+jOoCmgwx4fgj0UvGOwf12s38Suu
2XQw8/j4FNeU6bBZkp2G9Aa11vTNPH77etgrlRxr4FBFeEbSmgaK+zPCMQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCNbudfyViHaXddMqEtZUkhhfFCaMB8GA1UdIwQY
MBaAFMgRApaGssgKfwRgtsbvG5CGcoCXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveUJFQ2xvYXl5QXBfQkdDMnh1OGJrSVp5Z0pjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy9hZmNmNjQtMDA1MS00ZGE3LTliMTIt
NTBlMzMzMzg0NjY5LzEvSTF1NTFfSldJZHBkMTB5b1MxbFNTR0Y4VUpvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy9hZmNmNjQtMDA1MS00ZGE3LTliMTItNTBlMzMzMzg0NjY5
LzEveUJFQ2xvYXl5QXBfQkdDMnh1OGJrSVp5Z0pjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALusBMA0G
CSqGSIb3DQEBCwUAA4IBAQBmoBH4NsNGd4SDaCksaQxaUZmxipRL0Ct1AlDrHCGd
F1XAvCKFR2bjkoWGba2OHzNmWDLQC+DptsHvULRFQafEMLriLewUIv4XVD1aP9L8
AkGeSkuU6f+QyFPSGceGytwhyKL4Cjk8O2qTZYDr+xvUB5ZiRT3oRCFpGOSJyUDG
rUzT25IIGgU+McV67wY5CvCLjGb95z+F/NtOKcN0WZMehdnkmB+aQbuSGN3eNECE
28UhKAfk/jrbKJX6Ab9IN05reUCTdJpPKDYdL2FQfLgq5peRS/wpxBkfZHiAoAQR
8J3E9adkE/wlnI/XrR2ydOhjcmHo/d8D4HGsV/9OKMj5
-----END CERTIFICATE-----
Generated at Tue Apr 22 15:37:56 2025 by rpki-client