Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/CefkdlnI0ICvoQZDlhBYD14lS-I.roa
File: CefkdlnI0ICvoQZDlhBYD14lS-I.roa (raw, json)
Hash identifier: 3+b9NI06Pe0yvq6Hn7N+HPwaeD7vCwYoE20JaulmJEI=
Subject key identifier: 09:E7:E4:76:59:C8:D0:80:AF:A1:06:43:96:10:58:0F:5E:25:4B:E2
Certificate issuer: /CN=ccd76159bfd9e337523ee930f3df111d6bae7306
Certificate serial: 05B13C01
Authority key identifier: CC:D7:61:59:BF:D9:E3:37:52:3E:E9:30:F3:DF:11:1D:6B:AE:73:06
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zNdhWb_Z4zdSPukw898RHWuucwY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/CefkdlnI0ICvoQZDlhBYD14lS-I.roa
Signing time: Sat 01 Jan 2022 07:57:13 +0000
ROA not before: Sat 01 Jan 2022 07:57:13 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 57013
IP address blocks: 46.17.255.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 95501313 (0x5b13c01)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ccd76159bfd9e337523ee930f3df111d6bae7306
Validity
Not Before: Jan 1 07:57:13 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=09e7e47659c8d080afa106439610580f5e254be2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:73:94:47:60:01:ab:32:fb:66:9f:82:1c:b4:
c8:0b:4b:a1:6d:9c:94:a9:90:59:52:1d:96:b2:11:
88:86:fc:77:ef:25:8d:36:94:1b:49:01:b5:f8:3f:
1e:d9:83:34:27:ca:d8:e3:92:b8:d9:f5:1d:07:ce:
bb:11:f1:c0:f6:91:7e:41:a6:93:a7:e7:35:62:1f:
07:f5:4f:08:c8:4d:f1:e0:6d:e6:24:b6:ea:fd:3a:
8d:1c:5b:b9:17:af:7c:cd:24:ca:35:86:49:c1:91:
e1:41:be:c9:d6:cf:56:84:a1:52:78:45:8a:a6:f1:
ad:a9:db:4a:a7:8b:c1:e3:0e:5a:13:20:fd:b4:7e:
ee:4d:55:44:ee:41:fa:c7:48:cf:89:38:33:97:f7:
28:3c:3c:47:4f:0e:48:94:0f:21:28:33:aa:ce:2a:
24:90:b1:8b:82:28:e3:9f:ea:7e:72:80:28:09:a2:
8d:a1:21:dd:bc:31:e6:29:85:43:a2:0a:a9:6a:4b:
d8:a7:68:d0:90:5c:73:c3:4b:60:2b:6c:b7:dc:5f:
fa:86:39:b1:af:0c:49:ea:37:c2:82:c6:9c:57:3c:
89:4a:ad:06:e8:da:46:f7:bc:ed:8c:a4:19:9d:40:
0b:98:33:5e:a0:b6:0d:73:42:fc:53:ad:62:8b:1d:
b7:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:E7:E4:76:59:C8:D0:80:AF:A1:06:43:96:10:58:0F:5E:25:4B:E2
X509v3 Authority Key Identifier:
keyid:CC:D7:61:59:BF:D9:E3:37:52:3E:E9:30:F3:DF:11:1D:6B:AE:73:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zNdhWb_Z4zdSPukw898RHWuucwY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/CefkdlnI0ICvoQZDlhBYD14lS-I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/zNdhWb_Z4zdSPukw898RHWuucwY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.17.255.0/24
Signature Algorithm: sha256WithRSAEncryption
73:ed:9e:2a:0f:8a:68:7c:81:8f:98:f6:54:ad:1b:8b:7b:81:
3e:78:31:8a:b1:57:c4:12:1d:fc:24:f1:ac:69:51:72:5a:b8:
f6:49:ef:de:22:88:f0:e1:4a:58:d2:73:ef:2d:4e:59:33:7c:
f9:2d:2d:69:49:a0:8e:65:2c:8d:10:f0:28:39:f4:73:a7:a5:
ab:d5:c6:f9:fc:3c:2b:04:81:28:0a:84:7c:ac:a6:a6:9d:fd:
2e:ba:6e:18:56:f6:fc:7a:47:83:84:ee:be:60:2b:9c:42:80:
e5:f6:2b:41:cc:ae:aa:45:38:fb:53:20:d8:b8:c5:7c:45:50:
06:54:0c:78:74:eb:06:ba:ce:10:fe:78:74:01:f2:42:49:05:
6a:98:4e:02:1e:ab:be:c8:a6:20:0d:7b:53:f4:c5:87:bf:cd:
ad:c6:35:45:ea:0a:38:e3:fd:b5:07:70:ab:7a:e3:9a:c7:59:
cb:c8:17:b4:a1:0f:10:19:2a:c7:60:8b:52:0d:cf:78:84:2c:
85:f7:4f:21:c7:11:6b:f5:8e:dd:99:04:c6:ff:9e:2f:1e:9b:
8f:04:0b:7a:8b:d3:1b:74:87:e7:58:37:7a:31:90:9c:9d:c3:
c1:84:da:73:04:9d:7a:ce:04:37:19:84:57:55:70:1d:72:a3:
1b:de:fe:3b
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBbE8ATANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
Y2Q3NjE1OWJmZDllMzM3NTIzZWU5MzBmM2RmMTExZDZiYWU3MzA2MB4XDTIyMDEw
MTA3NTcxM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMDllN2U0NzY1OWM4
ZDA4MGFmYTEwNjQzOTYxMDU4MGY1ZTI1NGJlMjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKtzlEdgAasy+2afghy0yAtLoW2clKmQWVIdlrIRiIb8d+8l
jTaUG0kBtfg/HtmDNCfK2OOSuNn1HQfOuxHxwPaRfkGmk6fnNWIfB/VPCMhN8eBt
5iS26v06jRxbuRevfM0kyjWGScGR4UG+ydbPVoShUnhFiqbxranbSqeLweMOWhMg
/bR+7k1VRO5B+sdIz4k4M5f3KDw8R08OSJQPISgzqs4qJJCxi4Io45/qfnKAKAmi
jaEh3bwx5imFQ6IKqWpL2Kdo0JBcc8NLYCtst9xf+oY5sa8MSeo3woLGnFc8iUqt
BujaRve87YykGZ1AC5gzXqC2DXNC/FOtYosdtyECAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQJ5+R2WcjQgK+hBkOWEFgPXiVL4jAfBgNVHSMEGDAWgBTM12FZv9njN1I+
6TDz3xEda65zBjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3pOZGhXYl9aNHpkU1B1a3c4OThSSFd1dWN3WS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTAvZjZhZGExLTdlOGEtNGIzZS1iN2U4LWY4NTg5ZjY4MjY5MS8x
L0NlZmtkbG5JMElDdm9RWkRsaEJZRDE0bFMtSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTAv
ZjZhZGExLTdlOGEtNGIzZS1iN2U4LWY4NTg5ZjY4MjY5MS8xL3pOZGhXYl9aNHpk
U1B1a3c4OThSSFd1dWN3WS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAC4R/zANBgkqhkiG9w0BAQsFAAOC
AQEAc+2eKg+KaHyBj5j2VK0bi3uBPngxirFXxBId/CTxrGlRclq49knv3iKI8OFK
WNJz7y1OWTN8+S0taUmgjmUsjRDwKDn0c6elq9XG+fw8KwSBKAqEfKympp39Lrpu
GFb2/HpHg4TuvmArnEKA5fYrQcyuqkU4+1Mg2LjFfEVQBlQMeHTrBrrOEP54dAHy
QkkFaphOAh6rvsimIA17U/TFh7/NrcY1ReoKOOP9tQdwq3rjmsdZy8gXtKEPEBkq
x2CLUg3PeIQshfdPIccRa/WO3ZkExv+eLx6bjwQLeovTG3SH51g3ejGQnJ3DwYTa
cwSdes4ENxmEV1VwHXKjG97+Ow==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:17 2024 by rpki-client on console-fra.rpki-client.org