Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/bJb_lvuXmFDMxMBsoLHMEwGStTk.roa
File: bJb_lvuXmFDMxMBsoLHMEwGStTk.roa (raw, json)
Hash identifier: 3Dd0+B8Dsr25V1cfJmKjM3RQnCo4hgky7Z1XXUhe/ig=
Subject key identifier: 6C:96:FF:96:FB:97:98:50:CC:C4:C0:6C:A0:B1:CC:13:01:92:B5:39
Certificate issuer: /CN=ccd76159bfd9e337523ee930f3df111d6bae7306
Certificate serial: 05ABCB9F
Authority key identifier: CC:D7:61:59:BF:D9:E3:37:52:3E:E9:30:F3:DF:11:1D:6B:AE:73:06
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zNdhWb_Z4zdSPukw898RHWuucwY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/bJb_lvuXmFDMxMBsoLHMEwGStTk.roa
Signing time: Sat 01 Jan 2022 07:57:10 +0000
ROA not before: Sat 01 Jan 2022 07:57:10 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 43149
IP address blocks: 46.17.251.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 95144863 (0x5abcb9f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ccd76159bfd9e337523ee930f3df111d6bae7306
Validity
Not Before: Jan 1 07:57:10 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6c96ff96fb979850ccc4c06ca0b1cc130192b539
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:15:e9:13:8c:70:ce:58:87:c2:b8:d3:bb:80:
36:9d:e8:6c:e7:fd:6b:64:91:3a:ef:45:de:90:e2:
ed:80:6e:4a:b6:b3:39:9e:c5:01:74:d9:bf:f7:09:
d1:a3:01:13:c5:d5:31:81:e8:9d:8b:e2:27:99:6f:
52:b8:98:d2:f5:45:5a:fe:9d:d2:87:69:0a:a1:72:
aa:a6:0c:91:3b:c2:f0:46:02:c4:91:d3:e7:5c:fd:
78:f5:93:18:9c:c6:b9:00:e2:da:1b:4d:c9:5e:74:
9c:f3:9f:7d:1c:3e:86:22:03:45:12:45:70:74:bb:
ea:0b:50:b8:74:35:25:34:b4:ab:3b:ca:1a:22:98:
0b:97:a4:a3:be:18:b6:9e:ca:11:65:09:a0:b8:f1:
25:70:a5:1c:ca:21:8c:1a:37:87:bd:5b:2b:da:c7:
46:ec:ba:f9:c9:b6:ed:02:ff:bd:86:e1:1a:c3:ca:
14:02:53:87:8f:8a:15:1c:65:0f:2b:f3:1e:d3:3d:
9a:a3:97:b7:b9:f1:d4:2e:4f:07:35:e4:d6:7b:04:
a8:3a:4e:18:47:22:27:fd:d0:dc:9f:93:27:60:1d:
31:bf:9e:91:e4:17:7f:c4:79:90:02:e5:2c:f6:0c:
7c:c2:f0:04:60:e8:2a:7c:52:7e:d9:ee:bf:fd:f5:
af:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:96:FF:96:FB:97:98:50:CC:C4:C0:6C:A0:B1:CC:13:01:92:B5:39
X509v3 Authority Key Identifier:
keyid:CC:D7:61:59:BF:D9:E3:37:52:3E:E9:30:F3:DF:11:1D:6B:AE:73:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zNdhWb_Z4zdSPukw898RHWuucwY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/bJb_lvuXmFDMxMBsoLHMEwGStTk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/zNdhWb_Z4zdSPukw898RHWuucwY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.17.251.0/24
Signature Algorithm: sha256WithRSAEncryption
b2:75:69:ca:d5:5f:78:52:63:6f:3f:9b:b1:89:d4:a9:7f:40:
77:38:0e:67:f6:e2:54:b3:72:45:32:1b:19:b9:a0:a5:1c:16:
a6:ae:7e:26:16:52:38:07:42:c6:c1:c9:6d:07:db:8d:3f:cd:
87:42:18:79:21:9b:98:6b:e8:da:76:53:e1:04:3b:e0:08:6b:
2c:87:7b:cc:aa:00:2a:ee:b9:87:06:88:01:07:da:44:f0:b0:
c0:94:f5:c5:bf:fe:44:00:b5:42:c1:01:2d:89:b2:d5:38:68:
ef:d7:57:09:c0:0e:03:91:ba:5e:1f:33:22:aa:1f:a0:7a:14:
57:a7:ca:d0:3c:c5:3d:5a:0f:8d:3d:47:0e:d1:58:82:3a:ec:
75:cf:7f:e2:31:94:07:af:5f:bb:15:62:62:bc:2f:de:ea:05:
78:b8:71:53:b3:3b:3b:4f:c9:6b:f7:a6:5f:87:e8:50:ac:72:
11:8b:2d:d8:01:2e:66:90:2c:c2:7b:46:46:59:41:28:aa:b7:
41:cc:91:9d:20:f4:be:d2:cd:a2:cb:02:7a:46:ae:05:a0:ff:
96:85:58:d6:e1:74:2f:d2:12:14:67:69:1c:d8:99:dc:fa:1b:
e7:a9:c9:75:29:92:fc:98:da:61:96:6d:34:a8:d2:ff:33:0b:
53:9c:da:23
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBavLnzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
Y2Q3NjE1OWJmZDllMzM3NTIzZWU5MzBmM2RmMTExZDZiYWU3MzA2MB4XDTIyMDEw
MTA3NTcxMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNmM5NmZmOTZmYjk3
OTg1MGNjYzRjMDZjYTBiMWNjMTMwMTkyYjUzOTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMcV6ROMcM5Yh8K407uANp3obOf9a2SROu9F3pDi7YBuSraz
OZ7FAXTZv/cJ0aMBE8XVMYHonYviJ5lvUriY0vVFWv6d0odpCqFyqqYMkTvC8EYC
xJHT51z9ePWTGJzGuQDi2htNyV50nPOffRw+hiIDRRJFcHS76gtQuHQ1JTS0qzvK
GiKYC5eko74Ytp7KEWUJoLjxJXClHMohjBo3h71bK9rHRuy6+cm27QL/vYbhGsPK
FAJTh4+KFRxlDyvzHtM9mqOXt7nx1C5PBzXk1nsEqDpOGEciJ/3Q3J+TJ2AdMb+e
keQXf8R5kALlLPYMfMLwBGDoKnxSftnuv/31r68CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRslv+W+5eYUMzEwGygscwTAZK1OTAfBgNVHSMEGDAWgBTM12FZv9njN1I+
6TDz3xEda65zBjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3pOZGhXYl9aNHpkU1B1a3c4OThSSFd1dWN3WS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTAvZjZhZGExLTdlOGEtNGIzZS1iN2U4LWY4NTg5ZjY4MjY5MS8x
L2JKYl9sdnVYbUZETXhNQnNvTEhNRXdHU3RUay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTAv
ZjZhZGExLTdlOGEtNGIzZS1iN2U4LWY4NTg5ZjY4MjY5MS8xL3pOZGhXYl9aNHpk
U1B1a3c4OThSSFd1dWN3WS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAC4R+zANBgkqhkiG9w0BAQsFAAOC
AQEAsnVpytVfeFJjbz+bsYnUqX9AdzgOZ/biVLNyRTIbGbmgpRwWpq5+JhZSOAdC
xsHJbQfbjT/Nh0IYeSGbmGvo2nZT4QQ74AhrLId7zKoAKu65hwaIAQfaRPCwwJT1
xb/+RAC1QsEBLYmy1Tho79dXCcAOA5G6Xh8zIqofoHoUV6fK0DzFPVoPjT1HDtFY
gjrsdc9/4jGUB69fuxViYrwv3uoFeLhxU7M7O0/Ja/emX4foUKxyEYst2AEuZpAs
wntGRllBKKq3QcyRnSD0vtLNossCekauBaD/loVY1uF0L9ISFGdpHNiZ3Pob56nJ
dSmS/JjaYZZtNKjS/zMLU5zaIw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:08:46 2024 by rpki-client on console-ams.rpki-client.org