Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/q3Ixgpj3Grh306k8x4s3fkQvah8.roa
File: q3Ixgpj3Grh306k8x4s3fkQvah8.roa (raw, json)
Hash identifier: Y8soRjC8TuLxux/4N9qfBXrKkx7FcVFGcHu8eb/uRBo=
Subject key identifier: AB:72:31:82:98:F7:1A:B8:77:D3:A9:3C:C7:8B:37:7E:44:2F:6A:1F
Certificate issuer: /CN=ccd76159bfd9e337523ee930f3df111d6bae7306
Certificate serial: 05ACCBC5
Authority key identifier: CC:D7:61:59:BF:D9:E3:37:52:3E:E9:30:F3:DF:11:1D:6B:AE:73:06
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zNdhWb_Z4zdSPukw898RHWuucwY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/q3Ixgpj3Grh306k8x4s3fkQvah8.roa
Signing time: Sat 01 Jan 2022 07:57:10 +0000
ROA not before: Sat 01 Jan 2022 07:57:10 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 43508
IP address blocks: 46.17.253.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 95210437 (0x5accbc5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ccd76159bfd9e337523ee930f3df111d6bae7306
Validity
Not Before: Jan 1 07:57:10 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ab72318298f71ab877d3a93cc78b377e442f6a1f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:fb:40:1c:ad:9e:bd:6b:1a:ba:3f:9b:bd:71:
7f:ea:c7:17:27:5d:6e:73:ee:8b:85:4f:2b:4d:10:
ac:ad:dd:00:ed:46:89:2e:33:15:bb:d1:b0:83:70:
66:e1:a0:a3:5c:3d:90:a6:94:75:59:81:50:92:5e:
c4:ae:17:51:cd:c6:1d:13:80:2d:4e:27:2d:db:d0:
66:7a:03:5c:e6:9a:cf:e4:23:ee:3a:89:07:9e:5a:
d5:3e:8f:3d:80:ee:95:df:27:2f:da:49:c8:48:b3:
9c:30:df:c0:7d:83:92:50:81:8f:fa:8b:63:b4:c9:
58:2a:1f:c6:36:b4:57:62:c5:97:16:19:26:82:21:
be:76:87:e7:ff:70:d4:32:15:34:53:a3:f8:89:e6:
a0:07:2e:7a:49:c3:c6:e4:86:0f:b6:66:8a:e1:0c:
7a:07:d0:e3:23:e3:b3:6c:f6:d5:f6:83:19:ec:24:
da:c7:3f:ce:99:a5:11:ac:a8:9d:c9:58:07:a7:27:
19:1e:43:c3:a2:22:f7:96:53:85:dc:ba:0c:25:4b:
66:64:d3:df:d5:5c:6c:fa:84:9f:92:28:9d:4b:a1:
8e:4d:b1:2b:30:2a:7f:d2:7b:f3:f6:a3:c8:8d:19:
78:1d:da:ca:e7:63:31:c0:aa:91:56:38:11:a2:6e:
2e:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:72:31:82:98:F7:1A:B8:77:D3:A9:3C:C7:8B:37:7E:44:2F:6A:1F
X509v3 Authority Key Identifier:
keyid:CC:D7:61:59:BF:D9:E3:37:52:3E:E9:30:F3:DF:11:1D:6B:AE:73:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zNdhWb_Z4zdSPukw898RHWuucwY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/q3Ixgpj3Grh306k8x4s3fkQvah8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/zNdhWb_Z4zdSPukw898RHWuucwY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.17.253.0/24
Signature Algorithm: sha256WithRSAEncryption
13:46:e6:2a:47:11:36:b2:c7:6a:63:42:9b:68:4e:a8:64:b5:
27:34:20:bc:9d:cc:83:86:f0:15:09:3f:ee:cb:cd:43:02:3a:
9a:2d:45:88:ab:9c:8f:a8:69:84:74:f5:3e:90:60:c7:21:27:
eb:d8:19:0c:4d:37:ce:b8:a2:1a:cc:e2:dc:39:f5:e9:92:1e:
c3:18:26:08:7a:90:45:1b:3f:8c:e0:8b:1c:96:66:ce:c3:d4:
f9:27:43:e3:8e:54:5b:b7:7d:b5:00:0c:92:8b:f6:44:11:6b:
00:d4:b6:ea:9f:11:28:0e:2c:a9:80:73:3f:36:a0:24:96:eb:
bb:24:60:4e:3a:46:a9:9c:54:b6:ec:f3:16:3f:4d:65:fd:0f:
2b:19:38:18:50:1b:04:3d:82:84:21:48:34:e5:0c:dd:c5:7b:
8c:38:6b:53:7a:42:1f:86:dc:4c:f2:9b:50:e4:d4:3b:b6:ad:
5f:40:70:bd:e5:a5:91:da:b5:d1:05:aa:dd:7d:30:2e:3f:88:
e2:8e:74:28:36:d3:cb:7b:4b:a2:89:06:87:04:89:99:cd:ce:
00:d9:dd:ee:d3:d5:c7:8c:4e:63:eb:b2:85:2e:1a:58:59:01:
85:a2:6a:18:77:17:28:f7:d9:fa:00:b1:d9:ff:de:da:31:34:
03:5d:d8:28
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBazLxTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
Y2Q3NjE1OWJmZDllMzM3NTIzZWU5MzBmM2RmMTExZDZiYWU3MzA2MB4XDTIyMDEw
MTA3NTcxMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYWI3MjMxODI5OGY3
MWFiODc3ZDNhOTNjYzc4YjM3N2U0NDJmNmExZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKH7QBytnr1rGro/m71xf+rHFyddbnPui4VPK00QrK3dAO1G
iS4zFbvRsINwZuGgo1w9kKaUdVmBUJJexK4XUc3GHROALU4nLdvQZnoDXOaaz+Qj
7jqJB55a1T6PPYDuld8nL9pJyEiznDDfwH2DklCBj/qLY7TJWCofxja0V2LFlxYZ
JoIhvnaH5/9w1DIVNFOj+InmoAcueknDxuSGD7ZmiuEMegfQ4yPjs2z21faDGewk
2sc/zpmlEayonclYB6cnGR5Dw6Ii95ZThdy6DCVLZmTT39VcbPqEn5IonUuhjk2x
KzAqf9J78/ajyI0ZeB3ayudjMcCqkVY4EaJuLpUCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSrcjGCmPcauHfTqTzHizd+RC9qHzAfBgNVHSMEGDAWgBTM12FZv9njN1I+
6TDz3xEda65zBjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3pOZGhXYl9aNHpkU1B1a3c4OThSSFd1dWN3WS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTAvZjZhZGExLTdlOGEtNGIzZS1iN2U4LWY4NTg5ZjY4MjY5MS8x
L3EzSXhncGozR3JoMzA2azh4NHMzZmtRdmFoOC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTAv
ZjZhZGExLTdlOGEtNGIzZS1iN2U4LWY4NTg5ZjY4MjY5MS8xL3pOZGhXYl9aNHpk
U1B1a3c4OThSSFd1dWN3WS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAC4R/TANBgkqhkiG9w0BAQsFAAOC
AQEAE0bmKkcRNrLHamNCm2hOqGS1JzQgvJ3Mg4bwFQk/7svNQwI6mi1FiKucj6hp
hHT1PpBgxyEn69gZDE03zriiGszi3Dn16ZIewxgmCHqQRRs/jOCLHJZmzsPU+SdD
445UW7d9tQAMkov2RBFrANS26p8RKA4sqYBzPzagJJbruyRgTjpGqZxUtuzzFj9N
Zf0PKxk4GFAbBD2ChCFINOUM3cV7jDhrU3pCH4bcTPKbUOTUO7atX0BwveWlkdq1
0QWq3X0wLj+I4o50KDbTy3tLookGhwSJmc3OANnd7tPVx4xOY+uyhS4aWFkBhaJq
GHcXKPfZ+gCx2f/e2jE0A13YKA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:08:46 2024 by rpki-client on console-ams.rpki-client.org