Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/7b0aae-9d27-4951-bab7-da394384e925/1/9m4B-Ue2zX8OtQaE5-WbftD_dfM.roa
File: 9m4B-Ue2zX8OtQaE5-WbftD_dfM.roa (raw, json)
Hash identifier: 5loEn8S8grMPzT5beQ0jyiTsYbDuiAHLOrciE/Rg2a4=
Subject key identifier: F6:6E:01:F9:47:B6:CD:7F:0E:B5:06:84:E7:E5:9B:7E:D0:FF:75:F3
Certificate issuer: /CN=63f14f8e144c6d50c38ab4faff5ac6e547fe1d47
Certificate serial: 01856BC11F0A3312C48B891C09F0208A4F64
Authority key identifier: 63:F1:4F:8E:14:4C:6D:50:C3:8A:B4:FA:FF:5A:C6:E5:47:FE:1D:47
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y_FPjhRMbVDDirT6_1rG5Uf-HUc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/7b0aae-9d27-4951-bab7-da394384e925/1/9m4B-Ue2zX8OtQaE5-WbftD_dfM.roa
Signing time: Sun 01 Jan 2023 05:14:56 +0000
ROA not before: Sun 01 Jan 2023 05:14:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 51984
IP address blocks: 46.253.36.0/24 maxlen: 24
46.253.35.0/24 maxlen: 24
46.253.34.0/24 maxlen: 24
46.253.33.0/24 maxlen: 24
46.253.32.0/24 maxlen: 24
46.253.38.0/24 maxlen: 24
46.253.37.0/24 maxlen: 24
46.253.43.0/24 maxlen: 24
46.253.42.0/24 maxlen: 24
46.253.41.0/24 maxlen: 24
46.253.40.0/24 maxlen: 24
46.253.39.0/24 maxlen: 24
46.253.44.0/24 maxlen: 24
46.253.47.0/24 maxlen: 24
46.253.46.0/24 maxlen: 24
46.253.45.0/24 maxlen: 24
185.58.172.0/24 maxlen: 24
185.58.175.0/24 maxlen: 24
185.58.174.0/24 maxlen: 24
185.58.173.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:c1:1f:0a:33:12:c4:8b:89:1c:09:f0:20:8a:4f:64
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63f14f8e144c6d50c38ab4faff5ac6e547fe1d47
Validity
Not Before: Jan 1 05:14:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f66e01f947b6cd7f0eb50684e7e59b7ed0ff75f3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:3f:5a:a4:16:74:cb:76:4b:98:e0:79:f9:1c:
12:65:bb:69:40:7f:9e:99:55:e9:7a:cd:79:14:7f:
f9:a2:b5:68:a1:34:4a:f3:ad:77:ee:6f:f2:f3:7a:
94:a2:4b:c8:5a:16:ab:3f:7e:3b:74:dc:59:2c:25:
13:0e:10:b5:ed:66:69:80:f7:20:96:9d:71:9a:3f:
26:a3:2e:29:70:5b:1e:58:a5:f5:8c:f9:a3:da:f4:
bb:f0:9f:4c:54:3d:4c:e3:c4:f5:f5:4e:f8:a3:56:
df:a7:e5:a4:06:88:32:bc:f4:33:b0:58:9d:74:b0:
a6:04:18:68:9c:ac:68:66:6e:98:2a:70:82:2d:b6:
9b:97:38:c7:fd:42:db:c3:3c:2f:86:e3:17:27:1d:
5a:8b:25:32:6c:79:8f:b5:bf:2f:40:7e:f9:ba:ed:
3f:37:c8:d1:aa:bc:5c:49:fa:91:24:6c:4a:92:2e:
00:be:2a:ee:20:3d:ec:69:3a:21:61:bc:e1:cd:89:
65:32:3e:9f:15:b4:5a:2c:19:b6:b4:b7:8e:eb:46:
6a:46:1c:4a:ac:d4:1c:2a:f6:88:c6:22:9f:87:25:
9e:54:ef:04:d5:c3:9e:f8:75:a4:f6:66:ef:91:c9:
98:b2:81:ef:42:6b:31:df:7d:f0:05:17:6f:12:15:
98:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:6E:01:F9:47:B6:CD:7F:0E:B5:06:84:E7:E5:9B:7E:D0:FF:75:F3
X509v3 Authority Key Identifier:
keyid:63:F1:4F:8E:14:4C:6D:50:C3:8A:B4:FA:FF:5A:C6:E5:47:FE:1D:47
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y_FPjhRMbVDDirT6_1rG5Uf-HUc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/7b0aae-9d27-4951-bab7-da394384e925/1/9m4B-Ue2zX8OtQaE5-WbftD_dfM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/7b0aae-9d27-4951-bab7-da394384e925/1/Y_FPjhRMbVDDirT6_1rG5Uf-HUc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.253.32.0/20
185.58.172.0/22
Signature Algorithm: sha256WithRSAEncryption
2e:17:35:92:13:08:26:42:80:24:cc:95:ce:a4:a6:9e:be:76:
92:18:6d:d2:99:ea:74:84:80:29:0f:d0:e9:71:94:14:b3:e3:
25:03:dd:5d:c7:a3:70:46:5e:e1:2b:0e:6e:d7:ac:b6:9d:8e:
d1:b5:f9:60:90:15:0b:af:db:e6:b1:e4:fa:a1:3a:95:0c:94:
9e:d1:c6:ad:3d:83:a7:48:fb:5c:01:fd:8e:90:8a:10:45:9f:
a3:53:14:15:bc:16:f6:3f:dd:46:8a:a3:a9:f3:3f:fb:97:a8:
a0:8c:60:cc:0b:ca:87:24:2d:71:ca:2e:e0:6f:64:05:a1:7c:
d1:6c:40:b1:3b:3a:5e:b0:cf:d6:87:f4:9b:b9:01:6d:b6:74:
84:81:b1:e3:9c:82:dc:c2:99:be:41:bd:d7:5b:dd:f8:ae:e3:
56:5c:67:20:8e:e1:ba:6c:c2:a3:72:c6:21:6b:40:02:17:80:
3c:e7:4d:3b:b1:9e:6a:22:09:88:22:42:f1:d2:c0:a5:9d:4d:
29:2a:48:6d:3d:4b:d7:51:c8:8a:48:3b:8d:39:83:8d:7e:bb:
d0:0f:13:00:67:2a:c5:44:ac:93:64:ce:0f:95:3a:40:c4:89:
49:74:ce:66:96:78:15:6e:90:da:7d:f2:c6:06:67:51:c8:93:
9c:94:a9:78
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVrwR8KMxLEi4kcCfAgik9kMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZjE0ZjhlMTQ0YzZkNTBjMzhhYjRmYWZmNWFjNmU1NDdm
ZTFkNDcwHhcNMjMwMTAxMDUxNDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNjZlMDFmOTQ3YjZjZDdmMGViNTA2ODRlN2U1OWI3ZWQwZmY3NWYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiT9apBZ0y3ZLmOB5+RwSZbtpQH+e
mVXpes15FH/5orVooTRK86137m/y83qUokvIWharP347dNxZLCUTDhC17WZpgPcg
lp1xmj8moy4pcFseWKX1jPmj2vS78J9MVD1M48T19U74o1bfp+WkBogyvPQzsFid
dLCmBBhonKxoZm6YKnCCLbablzjH/ULbwzwvhuMXJx1aiyUybHmPtb8vQH75uu0/
N8jRqrxcSfqRJGxKki4AviruID3saTohYbzhzYllMj6fFbRaLBm2tLeO60ZqRhxK
rNQcKvaIxiKfhyWeVO8E1cOe+HWk9mbvkcmYsoHvQmsx333wBRdvEhWYBQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFPZuAflHts1/DrUGhOflm37Q/3XzMB8GA1UdIwQY
MBaAFGPxT44UTG1Qw4q0+v9axuVH/h1HMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWV9GUGpoUk1iVkREaXJUNl8xckc1VWYtSFVjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS83YjBhYWUtOWQyNy00OTUxLWJhYjct
ZGEzOTQzODRlOTI1LzEvOW00Qi1VZTJ6WDhPdFFhRTUtV2JmdERfZGZNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS83YjBhYWUtOWQyNy00OTUxLWJhYjctZGEzOTQzODRlOTI1
LzEvWV9GUGpoUk1iVkREaXJUNl8xckc1VWYtSFVjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQELv0gAwQC
uTqsMA0GCSqGSIb3DQEBCwUAA4IBAQAuFzWSEwgmQoAkzJXOpKaevnaSGG3Smep0
hIApD9DpcZQUs+MlA91dx6NwRl7hKw5u16y2nY7RtflgkBULr9vmseT6oTqVDJSe
0catPYOnSPtcAf2OkIoQRZ+jUxQVvBb2P91GiqOp8z/7l6igjGDMC8qHJC1xyi7g
b2QFoXzRbECxOzpesM/Wh/SbuQFttnSEgbHjnILcwpm+Qb3XW934ruNWXGcgjuG6
bMKjcsYha0ACF4A85007sZ5qIgmIIkLx0sClnU0pKkhtPUvXUciKSDuNOYONfrvQ
DxMAZyrFRKyTZM4PlTpAxIlJdM5mlngVbpDaffLGBmdRyJOclKl4
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:42 2024 by rpki-client on console-fra.rpki-client.org