Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/tg7jLCpc7cs2xE95nEfoVyzqJw0.roa
File: tg7jLCpc7cs2xE95nEfoVyzqJw0.roa (raw, json)
Hash identifier: eL6UNnPzlu93bKXvGq4QbXpXtpgakX66FcQkTbfUEs8=
Subject key identifier: B6:0E:E3:2C:2A:5C:ED:CB:36:C4:4F:79:9C:47:E8:57:2C:EA:27:0D
Certificate issuer: /CN=ccd76159bfd9e337523ee930f3df111d6bae7306
Certificate serial: 018570D5510B13AFD9FFA511C31A57CC5690
Authority key identifier: CC:D7:61:59:BF:D9:E3:37:52:3E:E9:30:F3:DF:11:1D:6B:AE:73:06
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zNdhWb_Z4zdSPukw898RHWuucwY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/tg7jLCpc7cs2xE95nEfoVyzqJw0.roa
Signing time: Mon 02 Jan 2023 04:55:06 +0000
ROA not before: Mon 02 Jan 2023 04:55:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 12722
IP address blocks: 46.150.248.0/24 maxlen: 24
46.150.249.0/24 maxlen: 24
185.21.140.0/24 maxlen: 24
91.195.21.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:d5:51:0b:13:af:d9:ff:a5:11:c3:1a:57:cc:56:90
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ccd76159bfd9e337523ee930f3df111d6bae7306
Validity
Not Before: Jan 2 04:55:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b60ee32c2a5cedcb36c44f799c47e8572cea270d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:dc:53:5d:83:20:0e:ed:c2:fb:91:3c:ac:56:
5e:f6:31:1c:e2:95:9e:36:82:74:09:0a:30:11:b8:
b1:5c:db:f0:22:16:40:83:d0:1d:75:5b:db:30:7b:
ac:ec:2e:79:0f:24:30:28:57:96:1e:08:4b:b8:0b:
f0:e0:d6:a2:e5:e1:89:b5:1c:0c:6a:62:90:0b:12:
98:6d:29:64:ca:88:5b:b2:8f:9a:ce:26:90:0e:39:
c5:db:d6:8e:29:3a:0d:ee:f1:6d:ac:25:de:27:34:
60:d0:a6:3d:67:d1:22:c1:b1:4b:59:cb:de:77:77:
35:11:80:26:16:a0:aa:f8:44:6e:b2:19:61:62:fd:
2a:b7:7f:9f:4a:3b:75:be:cc:6a:c7:11:da:ac:6a:
9e:34:b9:48:f4:fe:6f:3b:63:e7:de:da:95:74:69:
94:06:f1:fc:24:41:a6:e8:c0:53:08:e6:9d:4a:3e:
1a:89:28:1a:3d:30:ca:5b:bf:83:9e:0c:3a:fe:ff:
42:6a:8c:1d:07:d5:6f:95:c9:4a:e0:f4:29:47:d1:
ea:38:ea:61:13:de:59:fc:be:a7:ed:86:8f:fc:e5:
1c:b8:9b:1c:0b:44:46:04:c8:49:12:dc:73:ea:be:
27:f3:71:a6:87:1a:29:8c:b5:6e:48:78:2b:0e:21:
89:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:0E:E3:2C:2A:5C:ED:CB:36:C4:4F:79:9C:47:E8:57:2C:EA:27:0D
X509v3 Authority Key Identifier:
keyid:CC:D7:61:59:BF:D9:E3:37:52:3E:E9:30:F3:DF:11:1D:6B:AE:73:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zNdhWb_Z4zdSPukw898RHWuucwY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/tg7jLCpc7cs2xE95nEfoVyzqJw0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/zNdhWb_Z4zdSPukw898RHWuucwY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.150.248.0/23
91.195.21.0/24
185.21.140.0/24
Signature Algorithm: sha256WithRSAEncryption
d5:12:07:01:a2:b5:ee:62:30:91:96:57:dc:cd:62:9d:1f:56:
ff:c2:ce:ab:c1:5c:49:e5:03:4e:67:1f:95:7f:61:c7:c8:b1:
76:9b:78:c4:b9:68:33:92:30:3a:91:ca:2b:5d:43:df:8e:40:
b5:08:d1:97:9d:f9:e7:b1:0b:56:13:1b:82:d7:36:0c:c7:8d:
df:f9:7c:f2:f6:17:e1:d2:55:94:19:48:18:d4:33:c2:9d:78:
e7:d2:cb:ae:3f:8d:58:b1:26:e5:02:b5:e9:df:be:a5:a9:4b:
0d:fb:fc:2e:cb:0d:c6:97:86:6f:f0:b4:05:e1:f0:4a:d7:27:
5e:8b:c4:35:ab:2f:e1:2c:f1:e7:9e:b7:41:c0:96:35:0a:a3:
be:dd:b2:43:f3:96:53:34:94:fe:9b:9b:7f:46:3a:12:36:6c:
99:f6:65:bb:53:a7:ce:f6:9b:43:7d:f2:41:4d:8b:bd:e3:34:
0a:ae:13:63:19:d7:ee:99:d8:5b:70:9c:31:19:38:fc:e3:91:
be:4a:d0:6b:ef:6b:e1:87:92:33:be:25:31:52:f1:16:22:a7:
9f:41:bc:76:09:9c:6f:7d:de:3c:09:56:f5:f9:8a:62:a5:6c:
73:46:a8:dd:96:80:fd:cb:08:8c:f8:72:89:1d:8a:ba:87:7f:
72:f9:e1:0d
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVw1VELE6/Z/6URwxpXzFaQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNjZDc2MTU5YmZkOWUzMzc1MjNlZTkzMGYzZGYxMTFkNmJh
ZTczMDYwHhcNMjMwMTAyMDQ1NTA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNjBlZTMyYzJhNWNlZGNiMzZjNDRmNzk5YzQ3ZTg1NzJjZWEyNzBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjtxTXYMgDu3C+5E8rFZe9jEc4pWe
NoJ0CQowEbixXNvwIhZAg9AddVvbMHus7C55DyQwKFeWHghLuAvw4Nai5eGJtRwM
amKQCxKYbSlkyohbso+aziaQDjnF29aOKToN7vFtrCXeJzRg0KY9Z9EiwbFLWcve
d3c1EYAmFqCq+ERushlhYv0qt3+fSjt1vsxqxxHarGqeNLlI9P5vO2Pn3tqVdGmU
BvH8JEGm6MBTCOadSj4aiSgaPTDKW7+Dngw6/v9CaowdB9VvlclK4PQpR9HqOOph
E95Z/L6n7YaP/OUcuJscC0RGBMhJEtxz6r4n83GmhxopjLVuSHgrDiGJbQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFLYO4ywqXO3LNsRPeZxH6Fcs6icNMB8GA1UdIwQY
MBaAFMzXYVm/2eM3Uj7pMPPfER1rrnMGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvek5kaFdiX1o0emRTUHVrdzg5OFJIV3V1Y3dZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MC9mNmFkYTEtN2U4YS00YjNlLWI3ZTgt
Zjg1ODlmNjgyNjkxLzEvdGc3akxDcGM3Y3MyeEU5NW5FZm9WeXpxSncwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MC9mNmFkYTEtN2U4YS00YjNlLWI3ZTgtZjg1ODlmNjgyNjkx
LzEvek5kaFdiX1o0emRTUHVrdzg5OFJIV3V1Y3dZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBLpb4AwQA
W8MVAwQAuRWMMA0GCSqGSIb3DQEBCwUAA4IBAQDVEgcBorXuYjCRllfczWKdH1b/
ws6rwVxJ5QNOZx+Vf2HHyLF2m3jEuWgzkjA6kcorXUPfjkC1CNGXnfnnsQtWExuC
1zYMx43f+Xzy9hfh0lWUGUgY1DPCnXjn0suuP41YsSblArXp376lqUsN+/wuyw3G
l4Zv8LQF4fBK1ydei8Q1qy/hLPHnnrdBwJY1CqO+3bJD85ZTNJT+m5t/RjoSNmyZ
9mW7U6fO9ptDffJBTYu94zQKrhNjGdfumdhbcJwxGTj845G+StBr72vhh5IzviUx
UvEWIqefQbx2CZxvfd48CVb1+YpipWxzRqjdloD9ywiM+HKJHYq6h39y+eEN
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:08:46 2024 by rpki-client on console-ams.rpki-client.org