Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/546ade-daa1-49f1-8bbe-b9eb871f6d96/1/sqkx-SRycr7yCKeA_qEzBK56ER0.roa
File: sqkx-SRycr7yCKeA_qEzBK56ER0.roa (raw, json)
Hash identifier: BQ07DQv0aV/0AndqpAayisqG61XBX3NGTit7tZeU3GE=
Subject key identifier: B2:A9:31:F9:24:72:72:BE:F2:08:A7:80:FE:A1:33:04:AE:7A:11:1D
Certificate issuer: /CN=64ded85d9a05b1df689a8b6c313f8128c7a00b67
Certificate serial: 018608353E55D56FFDC461F68528DCC00BFC
Authority key identifier: 64:DE:D8:5D:9A:05:B1:DF:68:9A:8B:6C:31:3F:81:28:C7:A0:0B:67
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZN7YXZoFsd9omotsMT-BKMegC2c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/546ade-daa1-49f1-8bbe-b9eb871f6d96/1/sqkx-SRycr7yCKeA_qEzBK56ER0.roa
Signing time: Tue 31 Jan 2023 14:22:32 +0000
ROA not before: Tue 31 Jan 2023 14:22:32 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42910
IP address blocks: 46.28.232.0/24 maxlen: 24
46.28.232.0/21 maxlen: 21
46.28.238.0/24 maxlen: 24
46.28.237.0/24 maxlen: 24
46.28.239.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:08:35:3e:55:d5:6f:fd:c4:61:f6:85:28:dc:c0:0b:fc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=64ded85d9a05b1df689a8b6c313f8128c7a00b67
Validity
Not Before: Jan 31 14:22:32 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b2a931f9247272bef208a780fea13304ae7a111d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ed:98:20:1e:de:7f:47:05:17:f0:cd:5c:7c:72:
a7:51:1c:2d:c4:ca:c4:4b:f0:62:e0:69:94:c6:15:
6a:bb:96:27:05:39:a1:e3:0e:53:be:5a:c7:86:11:
d8:ed:ea:20:1a:5b:75:85:ae:1d:11:80:e6:6b:60:
7a:51:9a:42:c9:e0:7a:d0:c6:c2:64:3a:26:4a:5d:
fd:6d:f7:22:f0:e9:f9:eb:46:aa:be:05:df:2f:a1:
a8:d2:1e:a3:d2:fb:24:da:e8:72:e3:b8:d8:29:f4:
ac:66:d3:2a:48:20:b0:57:e0:68:ce:ff:f3:9a:f3:
a4:ea:91:72:ff:f2:c0:03:b2:d2:bc:30:e4:b1:2e:
94:50:36:09:d2:e6:4c:23:1f:49:7a:72:3f:e5:37:
e5:f2:09:82:46:66:d6:61:e1:68:94:14:52:03:af:
c2:3b:04:97:5c:50:ad:ea:4a:10:4a:b3:59:14:cb:
63:95:04:17:ff:89:c2:7d:e2:59:55:50:78:a2:05:
ef:78:f4:c4:fc:d7:4a:6a:48:1b:b4:64:56:78:6e:
11:15:6e:d7:af:e9:e9:ae:a8:bb:60:f8:14:78:e4:
18:f0:73:e2:e8:63:f9:c2:5e:b0:d7:f3:f1:6a:9e:
9a:98:95:ac:ba:2d:6c:da:4d:61:3a:44:c0:8a:40:
b9:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:A9:31:F9:24:72:72:BE:F2:08:A7:80:FE:A1:33:04:AE:7A:11:1D
X509v3 Authority Key Identifier:
keyid:64:DE:D8:5D:9A:05:B1:DF:68:9A:8B:6C:31:3F:81:28:C7:A0:0B:67
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZN7YXZoFsd9omotsMT-BKMegC2c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/546ade-daa1-49f1-8bbe-b9eb871f6d96/1/sqkx-SRycr7yCKeA_qEzBK56ER0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/546ade-daa1-49f1-8bbe-b9eb871f6d96/1/ZN7YXZoFsd9omotsMT-BKMegC2c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.28.232.0/21
Signature Algorithm: sha256WithRSAEncryption
63:c2:96:42:da:07:87:9f:a5:98:8b:d4:6d:ad:b6:ef:2a:8d:
ab:e5:99:a4:e0:98:36:30:cf:76:84:27:a6:30:91:f2:4f:c1:
4a:16:63:bb:d3:83:e6:c8:ef:c4:09:3f:e6:1f:c6:f6:1c:7c:
ec:8f:fb:36:d0:65:fc:34:48:26:21:6a:4d:2a:d4:25:ba:60:
e3:67:cb:dd:59:3e:59:c1:8d:2b:62:50:c0:8e:a5:4e:9c:70:
88:a6:32:00:e8:75:c5:76:82:96:86:3d:78:b1:b3:44:96:4d:
11:1d:f5:89:fd:ff:07:52:79:74:07:89:36:89:f3:d6:c6:02:
93:73:88:f4:d5:2e:4a:3b:78:7f:ed:d3:79:ef:23:ea:1d:dd:
44:17:30:f5:e8:a8:16:23:08:75:4a:8a:52:7c:92:ad:1e:76:
7c:c9:4a:ee:be:a4:0f:dd:fc:50:4c:e2:79:a3:54:f6:2e:83:
fc:25:47:92:ae:38:1d:5a:af:cb:df:34:d0:81:f5:c4:95:f4:
39:fe:6d:3c:9d:2c:55:18:27:dc:dd:b7:bb:e0:20:40:3f:db:
be:41:35:90:a4:e7:9c:42:12:59:d1:e9:05:0a:ae:5a:eb:32:
99:9d:73:9b:1d:7f:a6:c6:87:ed:9c:e1:88:26:a5:0f:ff:a0:
68:76:1b:5c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYYINT5V1W/9xGH2hSjcwAv8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY0ZGVkODVkOWEwNWIxZGY2ODlhOGI2YzMxM2Y4MTI4Yzdh
MDBiNjcwHhcNMjMwMTMxMTQyMjMyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMmE5MzFmOTI0NzI3MmJlZjIwOGE3ODBmZWExMzMwNGFlN2ExMTFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7ZggHt5/RwUX8M1cfHKnURwtxMrE
S/Bi4GmUxhVqu5YnBTmh4w5TvlrHhhHY7eogGlt1ha4dEYDma2B6UZpCyeB60MbC
ZDomSl39bfci8On560aqvgXfL6Go0h6j0vsk2uhy47jYKfSsZtMqSCCwV+Bozv/z
mvOk6pFy//LAA7LSvDDksS6UUDYJ0uZMIx9JenI/5Tfl8gmCRmbWYeFolBRSA6/C
OwSXXFCt6koQSrNZFMtjlQQX/4nCfeJZVVB4ogXvePTE/NdKakgbtGRWeG4RFW7X
r+nprqi7YPgUeOQY8HPi6GP5wl6w1/Pxap6amJWsui1s2k1hOkTAikC59wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLKpMfkkcnK+8gingP6hMwSuehEdMB8GA1UdIwQY
MBaAFGTe2F2aBbHfaJqLbDE/gSjHoAtnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWk43WVhab0ZzZDlvbW90c01ULUJLTWVnQzJjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny81NDZhZGUtZGFhMS00OWYxLThiYmUt
YjllYjg3MWY2ZDk2LzEvc3FreC1TUnljcjd5Q0tlQV9xRXpCSzU2RVIwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny81NDZhZGUtZGFhMS00OWYxLThiYmUtYjllYjg3MWY2ZDk2
LzEvWk43WVhab0ZzZDlvbW90c01ULUJLTWVnQzJjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDLhzoMA0G
CSqGSIb3DQEBCwUAA4IBAQBjwpZC2geHn6WYi9RtrbbvKo2r5Zmk4Jg2MM92hCem
MJHyT8FKFmO704PmyO/ECT/mH8b2HHzsj/s20GX8NEgmIWpNKtQlumDjZ8vdWT5Z
wY0rYlDAjqVOnHCIpjIA6HXFdoKWhj14sbNElk0RHfWJ/f8HUnl0B4k2ifPWxgKT
c4j01S5KO3h/7dN57yPqHd1EFzD16KgWIwh1SopSfJKtHnZ8yUruvqQP3fxQTOJ5
o1T2LoP8JUeSrjgdWq/L3zTQgfXElfQ5/m08nSxVGCfc3be74CBAP9u+QTWQpOec
QhJZ0ekFCq5a6zKZnXObHX+mxoftnOGIJqUP/6Bodhtc
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:10:40 2024 by rpki-client on console-ams.rpki-client.org