Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4f/e0925e-47bf-4907-bcbc-fd9f36a8ba6e/1/5N0E7owaBHes8eDWOrVOTmpu4rY.roa
File: 5N0E7owaBHes8eDWOrVOTmpu4rY.roa (raw, json)
Hash identifier: PZrx8MEMX/BmGrBOIdd8dEOe79EVgCD8osXYt7Be5fI=
Subject key identifier: E4:DD:04:EE:8C:1A:04:77:AC:F1:E0:D6:3A:B5:4E:4E:6A:6E:E2:B6
Certificate issuer: /CN=331e7784f60ac8d969b81cf5231cd9dc087ced32
Certificate serial: 01870FFB2A44C396DE153C68C5594CE701CF
Authority key identifier: 33:1E:77:84:F6:0A:C8:D9:69:B8:1C:F5:23:1C:D9:DC:08:7C:ED:32
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Mx53hPYKyNlpuBz1IxzZ3Ah87TI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4f/e0925e-47bf-4907-bcbc-fd9f36a8ba6e/1/5N0E7owaBHes8eDWOrVOTmpu4rY.roa
Signing time: Thu 23 Mar 2023 19:38:51 +0000
ROA not before: Thu 23 Mar 2023 19:38:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39545
IP address blocks: 46.247.104.0/21 maxlen: 21
77.89.128.0/18 maxlen: 18
46.247.0.0/17 maxlen: 17
46.247.0.0/18 maxlen: 18
77.89.145.0/24 maxlen: 24
46.247.112.0/20 maxlen: 20
89.105.96.0/19 maxlen: 19
2a00:f18::/32 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:0f:fb:2a:44:c3:96:de:15:3c:68:c5:59:4c:e7:01:cf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=331e7784f60ac8d969b81cf5231cd9dc087ced32
Validity
Not Before: Mar 23 19:38:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e4dd04ee8c1a0477acf1e0d63ab54e4e6a6ee2b6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:85:d7:89:c1:c2:84:2a:1f:f7:3d:a7:cd:00:
d7:99:b0:39:6d:f1:e1:e3:47:a3:5d:19:90:5c:ff:
a5:39:78:85:d8:30:b3:83:ac:02:da:99:6f:3a:7d:
a3:c6:8e:4e:8a:48:09:3e:53:b0:76:5f:a6:0a:2a:
73:1f:da:00:58:b3:6c:0f:d1:ee:41:e0:d5:1b:ae:
59:14:a4:14:08:f8:d6:47:f6:51:a5:da:c5:72:92:
74:b2:80:34:00:43:b1:3d:84:a0:54:68:52:8f:b0:
8f:1e:7c:f9:3b:57:59:e0:60:5a:c5:c4:d2:58:b9:
ed:62:72:e8:61:dd:01:ea:a6:df:a9:d8:6c:de:79:
f6:62:3a:37:8d:79:4f:4b:95:03:79:60:0c:9a:4e:
7a:6d:3a:4c:24:cb:c2:0e:9a:d2:9c:18:3f:a3:b8:
45:92:14:65:5b:6a:3a:3c:d3:e5:dd:fd:61:78:f2:
17:44:81:77:d5:1b:a9:e6:3d:d6:93:c8:1b:db:1a:
26:28:f3:17:8c:01:ef:c5:bc:a0:35:01:53:77:29:
46:ba:83:fe:a5:a7:26:eb:84:51:20:ec:7c:bb:5c:
f1:0a:4b:57:bf:5f:5f:ac:b9:e5:4d:06:77:de:1c:
2f:39:00:9d:13:0c:7d:0c:d9:c1:ec:5e:5f:89:95:
5d:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:DD:04:EE:8C:1A:04:77:AC:F1:E0:D6:3A:B5:4E:4E:6A:6E:E2:B6
X509v3 Authority Key Identifier:
keyid:33:1E:77:84:F6:0A:C8:D9:69:B8:1C:F5:23:1C:D9:DC:08:7C:ED:32
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Mx53hPYKyNlpuBz1IxzZ3Ah87TI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/e0925e-47bf-4907-bcbc-fd9f36a8ba6e/1/5N0E7owaBHes8eDWOrVOTmpu4rY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/e0925e-47bf-4907-bcbc-fd9f36a8ba6e/1/Mx53hPYKyNlpuBz1IxzZ3Ah87TI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.247.0.0/17
77.89.128.0/18
89.105.96.0/19
IPv6:
2a00:f18::/32
Signature Algorithm: sha256WithRSAEncryption
11:bb:4b:e9:9f:67:16:8f:55:7b:93:e1:c5:4d:02:70:2f:1c:
67:29:56:50:b0:77:ac:00:ac:81:15:4a:9f:00:f5:e2:73:82:
d5:32:e0:95:4c:06:3e:9a:b9:e5:3f:6b:d1:d3:ef:47:fc:f8:
42:34:3e:0e:a3:2b:07:3e:83:cb:a5:6e:da:12:1d:f5:56:0a:
0f:dc:b1:e5:4e:a9:bd:3e:5d:d9:65:ea:dc:cd:f6:4b:32:61:
e6:00:52:42:62:07:95:4a:03:a9:88:c3:57:1e:32:be:a0:8b:
7a:66:75:9b:af:48:b1:30:85:59:cd:13:9a:51:55:55:43:0a:
7c:b3:5a:9a:d3:6a:63:41:99:08:43:aa:c9:23:0a:ea:da:0c:
18:66:fd:40:1d:70:42:90:4e:93:7a:b9:a3:46:6f:12:9d:fa:
f6:e3:2f:3c:29:48:e8:3b:16:44:e9:35:99:5e:a3:3b:15:d4:
a1:5b:e9:51:25:9e:f1:a6:13:9b:a5:e5:6f:79:d3:b7:34:ae:
c1:c1:39:ee:1a:87:99:9f:0d:dc:7c:69:85:1a:a5:a4:a7:48:
c6:1f:20:ae:90:00:79:b7:2a:39:54:e5:4a:44:89:b7:85:fb:
3f:71:45:09:06:b4:7d:b6:d6:97:e6:bb:c0:51:70:f2:0b:8e:
22:b2:33:81
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYcP+ypEw5beFTxoxVlM5wHPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMzMWU3Nzg0ZjYwYWM4ZDk2OWI4MWNmNTIzMWNkOWRjMDg3
Y2VkMzIwHhcNMjMwMzIzMTkzODUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNGRkMDRlZThjMWEwNDc3YWNmMWUwZDYzYWI1NGU0ZTZhNmVlMmI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1oXXicHChCof9z2nzQDXmbA5bfHh
40ejXRmQXP+lOXiF2DCzg6wC2plvOn2jxo5OikgJPlOwdl+mCipzH9oAWLNsD9Hu
QeDVG65ZFKQUCPjWR/ZRpdrFcpJ0soA0AEOxPYSgVGhSj7CPHnz5O1dZ4GBaxcTS
WLntYnLoYd0B6qbfqdhs3nn2Yjo3jXlPS5UDeWAMmk56bTpMJMvCDprSnBg/o7hF
khRlW2o6PNPl3f1hePIXRIF31Rup5j3Wk8gb2xomKPMXjAHvxbygNQFTdylGuoP+
pacm64RRIOx8u1zxCktXv19frLnlTQZ33hwvOQCdEwx9DNnB7F5fiZVdlQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFOTdBO6MGgR3rPHg1jq1Tk5qbuK2MB8GA1UdIwQY
MBaAFDMed4T2CsjZabgc9SMc2dwIfO0yMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTXg1M2hQWUt5TmxwdUJ6MUl4elozQWg4N1RJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Zi9lMDkyNWUtNDdiZi00OTA3LWJjYmMt
ZmQ5ZjM2YThiYTZlLzEvNU4wRTdvd2FCSGVzOGVEV09yVk9UbXB1NHJZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Zi9lMDkyNWUtNDdiZi00OTA3LWJjYmMtZmQ5ZjM2YThiYTZl
LzEvTXg1M2hQWUt5TmxwdUJ6MUl4elozQWg4N1RJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQHLvcAAwQG
TVmAAwQFWWlgMA0EAgACMAcDBQAqAA8YMA0GCSqGSIb3DQEBCwUAA4IBAQARu0vp
n2cWj1V7k+HFTQJwLxxnKVZQsHesAKyBFUqfAPXic4LVMuCVTAY+mrnlP2vR0+9H
/PhCND4OoysHPoPLpW7aEh31VgoP3LHlTqm9Pl3ZZerczfZLMmHmAFJCYgeVSgOp
iMNXHjK+oIt6ZnWbr0ixMIVZzROaUVVVQwp8s1qa02pjQZkIQ6rJIwrq2gwYZv1A
HXBCkE6TermjRm8Snfr24y88KUjoOxZE6TWZXqM7FdShW+lRJZ7xphObpeVvedO3
NK7BwTnuGoeZnw3cfGmFGqWkp0jGHyCukAB5tyo5VOVKRIm3hfs/cUUJBrR9ttaX
5rvAUXDyC44isjOB
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:06 2024 by rpki-client on console-fra.rpki-client.org