Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/546ade-daa1-49f1-8bbe-b9eb871f6d96/1/WJ5aL3SaXbQ3syFhEEQv__XlSe8.roa
File: WJ5aL3SaXbQ3syFhEEQv__XlSe8.roa (raw, json)
Hash identifier: eAv4ga+xn18wsTjRitJCR2HNmVvyeFGgMtt8uoJfMS4=
Subject key identifier: 58:9E:5A:2F:74:9A:5D:B4:37:B3:21:61:10:44:2F:FF:F5:E5:49:EF
Certificate issuer: /CN=64ded85d9a05b1df689a8b6c313f8128c7a00b67
Certificate serial: 09BDE248
Authority key identifier: 64:DE:D8:5D:9A:05:B1:DF:68:9A:8B:6C:31:3F:81:28:C7:A0:0B:67
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZN7YXZoFsd9omotsMT-BKMegC2c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/546ade-daa1-49f1-8bbe-b9eb871f6d96/1/WJ5aL3SaXbQ3syFhEEQv__XlSe8.roa
Signing time: Sat 01 Jan 2022 05:03:20 +0000
ROA not before: Sat 01 Jan 2022 05:03:20 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 42910
IP address blocks: 46.28.232.0/21 maxlen: 21
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 163439176 (0x9bde248)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=64ded85d9a05b1df689a8b6c313f8128c7a00b67
Validity
Not Before: Jan 1 05:03:20 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=589e5a2f749a5db437b3216110442ffff5e549ef
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:58:92:f5:78:f3:17:4f:10:40:2e:58:04:38:
d2:89:f7:d6:bf:1e:e3:fb:06:60:89:3f:9b:3a:e6:
58:ba:cc:aa:ab:e1:d7:29:51:b1:51:94:b0:b6:1c:
d2:63:c8:aa:ce:9f:99:70:dd:9a:ec:25:4c:dd:c7:
d8:93:2b:c0:d7:de:ec:e2:80:21:80:9f:ec:2d:7c:
79:dd:d7:e4:c8:3e:56:7e:73:71:c2:b4:0a:e2:08:
3f:e8:d5:40:4e:a1:d1:7f:6a:4c:2f:50:8e:03:c4:
42:e0:bb:21:d7:4a:3e:81:6f:79:bf:31:db:6e:41:
70:11:5f:b3:fd:07:cd:d0:b0:9b:9e:c9:15:e3:28:
cd:80:e9:ad:74:18:f8:a2:a9:25:11:da:f8:91:d6:
6d:79:22:c1:b9:65:e4:8a:55:41:b9:4e:30:1f:90:
03:a0:11:c2:82:59:46:d3:60:0f:1e:c8:e3:9f:a6:
4d:66:aa:ce:b2:63:09:53:74:b8:19:c4:ce:aa:fc:
dc:6a:d4:82:cb:41:62:90:20:fc:18:e6:20:8c:b7:
b1:68:6f:ff:aa:f7:92:06:57:4f:5a:e0:d6:ce:d2:
dd:f4:a7:94:b2:fe:25:0c:d8:68:67:f4:03:94:d7:
61:2e:99:f1:03:c1:0e:1d:de:97:7e:84:7e:63:27:
ad:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:9E:5A:2F:74:9A:5D:B4:37:B3:21:61:10:44:2F:FF:F5:E5:49:EF
X509v3 Authority Key Identifier:
keyid:64:DE:D8:5D:9A:05:B1:DF:68:9A:8B:6C:31:3F:81:28:C7:A0:0B:67
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZN7YXZoFsd9omotsMT-BKMegC2c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/546ade-daa1-49f1-8bbe-b9eb871f6d96/1/WJ5aL3SaXbQ3syFhEEQv__XlSe8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/546ade-daa1-49f1-8bbe-b9eb871f6d96/1/ZN7YXZoFsd9omotsMT-BKMegC2c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.28.232.0/21
Signature Algorithm: sha256WithRSAEncryption
7a:ac:8b:c9:5d:64:50:36:60:e5:1f:56:28:73:61:ba:af:51:
b5:40:ba:3a:ce:08:63:72:c8:16:32:6d:00:2e:b4:de:f5:da:
b9:76:2e:16:99:6d:56:c5:f3:2e:7a:6a:32:ce:2e:20:0d:a6:
7d:8a:29:a3:27:fa:7c:cc:e6:b5:68:d6:4c:d7:2b:a3:ab:de:
83:ce:d7:03:c8:70:60:c4:b4:87:bc:68:d1:87:ba:c5:17:34:
31:d6:88:23:30:94:c8:1a:22:81:14:f0:33:e7:27:28:db:ee:
25:9d:99:b8:e8:88:3b:b7:1a:11:b1:00:8a:e5:37:97:8d:71:
cb:48:44:27:56:93:e5:b8:48:04:ea:5d:a3:51:5f:6a:ca:74:
b7:91:aa:8a:e0:b7:45:84:0d:9f:b8:a8:d5:5d:41:23:33:bf:
68:bd:dc:95:7d:66:e0:37:34:d2:5c:5d:36:c1:cb:40:4a:0f:
94:ab:9f:2d:a2:5a:e3:1d:15:48:eb:db:d2:62:de:cb:ff:19:
ef:a7:83:53:6e:e1:bb:e4:5a:8c:a7:b8:08:dc:62:42:48:7d:
99:a1:e3:a2:12:c5:6e:e6:be:57:a6:f4:60:58:40:16:ed:8a:
44:71:87:52:cc:ca:31:e0:4f:37:9b:84:ed:18:97:28:89:69:
94:51:37:b1
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIECb3iSDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
NGRlZDg1ZDlhMDViMWRmNjg5YThiNmMzMTNmODEyOGM3YTAwYjY3MB4XDTIyMDEw
MTA1MDMyMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNTg5ZTVhMmY3NDlh
NWRiNDM3YjMyMTYxMTA0NDJmZmZmNWU1NDllZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANNYkvV48xdPEEAuWAQ40on31r8e4/sGYIk/mzrmWLrMqqvh
1ylRsVGUsLYc0mPIqs6fmXDdmuwlTN3H2JMrwNfe7OKAIYCf7C18ed3X5Mg+Vn5z
ccK0CuIIP+jVQE6h0X9qTC9QjgPEQuC7IddKPoFveb8x225BcBFfs/0HzdCwm57J
FeMozYDprXQY+KKpJRHa+JHWbXkiwbll5IpVQblOMB+QA6ARwoJZRtNgDx7I45+m
TWaqzrJjCVN0uBnEzqr83GrUgstBYpAg/BjmIIy3sWhv/6r3kgZXT1rg1s7S3fSn
lLL+JQzYaGf0A5TXYS6Z8QPBDh3el36EfmMnrXMCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRYnlovdJpdtDezIWEQRC//9eVJ7zAfBgNVHSMEGDAWgBRk3thdmgWx32ia
i2wxP4Eox6ALZzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1pON1lYWm9Gc2Q5b21vdHNNVC1CS01lZ0MyYy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTcvNTQ2YWRlLWRhYTEtNDlmMS04YmJlLWI5ZWI4NzFmNmQ5Ni8x
L1dKNWFMM1NhWGJRM3N5RmhFRVF2X19YbFNlOC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTcv
NTQ2YWRlLWRhYTEtNDlmMS04YmJlLWI5ZWI4NzFmNmQ5Ni8xL1pON1lYWm9Gc2Q5
b21vdHNNVC1CS01lZ0MyYy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAy4c6DANBgkqhkiG9w0BAQsFAAOC
AQEAeqyLyV1kUDZg5R9WKHNhuq9RtUC6Os4IY3LIFjJtAC603vXauXYuFpltVsXz
LnpqMs4uIA2mfYopoyf6fMzmtWjWTNcro6veg87XA8hwYMS0h7xo0Ye6xRc0MdaI
IzCUyBoigRTwM+cnKNvuJZ2ZuOiIO7caEbEAiuU3l41xy0hEJ1aT5bhIBOpdo1Ff
asp0t5GqiuC3RYQNn7io1V1BIzO/aL3clX1m4Dc00lxdNsHLQEoPlKufLaJa4x0V
SOvb0mLey/8Z76eDU27hu+RajKe4CNxiQkh9maHjohLFbua+V6b0YFhAFu2KRHGH
UszKMeBPN5uE7RiXKIlplFE3sQ==
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:12:13 2025 by rpki-client