Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/546ade-daa1-49f1-8bbe-b9eb871f6d96/1/zU-Kt7a7MQdrDXq7v889kZIKqGc.roa
File: zU-Kt7a7MQdrDXq7v889kZIKqGc.roa (raw, json)
Hash identifier: PrDAcVm5L0PuI556bVHxci4K1fN6zBFiGuH33L90uhQ=
Subject key identifier: CD:4F:8A:B7:B6:BB:31:07:6B:0D:7A:BB:BF:CF:3D:91:92:0A:A8:67
Certificate issuer: /CN=64ded85d9a05b1df689a8b6c313f8128c7a00b67
Certificate serial: 09BEA907
Authority key identifier: 64:DE:D8:5D:9A:05:B1:DF:68:9A:8B:6C:31:3F:81:28:C7:A0:0B:67
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZN7YXZoFsd9omotsMT-BKMegC2c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/546ade-daa1-49f1-8bbe-b9eb871f6d96/1/zU-Kt7a7MQdrDXq7v889kZIKqGc.roa
Signing time: Sat 01 Jan 2022 05:03:20 +0000
ROA not before: Sat 01 Jan 2022 05:03:20 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 202048
IP address blocks: 46.28.232.0/21 maxlen: 21
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 163490055 (0x9bea907)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=64ded85d9a05b1df689a8b6c313f8128c7a00b67
Validity
Not Before: Jan 1 05:03:20 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=cd4f8ab7b6bb31076b0d7abbbfcf3d91920aa867
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:1e:70:a7:28:6c:30:94:5d:b0:7e:b8:ba:7d:
35:ca:7c:2e:7b:8b:c7:67:6f:6a:d1:f8:4b:4a:00:
40:77:48:ba:fc:ea:7a:b4:79:b1:a0:7a:18:3d:35:
da:06:fa:57:b9:93:ba:dd:eb:60:2a:b0:36:e4:39:
28:90:34:38:e5:3e:30:19:0f:a4:e6:d0:36:1f:15:
d6:79:e1:24:19:c0:09:f4:45:cd:f5:5a:26:7a:90:
3c:4b:74:e9:eb:42:f1:d6:9d:d9:88:a2:c9:d8:f7:
78:10:e6:a6:05:90:1e:10:02:d8:99:a4:08:19:25:
e9:93:41:be:6a:2b:26:a5:93:aa:32:94:9d:c0:5c:
d2:f2:42:25:1b:03:6a:d4:7c:df:7c:47:64:0b:ce:
68:0a:30:68:77:11:75:20:6d:7b:1e:83:dd:20:51:
90:15:ea:17:fe:25:3a:a5:60:a4:64:02:c3:83:57:
33:e9:a1:e8:50:8d:39:05:16:90:2d:72:b2:53:88:
49:7c:90:35:8a:f5:45:90:98:29:7b:5d:01:fe:fc:
88:28:fb:d1:13:08:f3:4c:46:69:17:52:f4:06:eb:
f1:63:d9:75:03:ee:62:ef:78:2e:07:4a:f5:84:9e:
02:a2:73:78:4e:1c:26:d8:74:db:0b:68:69:90:d0:
24:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:4F:8A:B7:B6:BB:31:07:6B:0D:7A:BB:BF:CF:3D:91:92:0A:A8:67
X509v3 Authority Key Identifier:
keyid:64:DE:D8:5D:9A:05:B1:DF:68:9A:8B:6C:31:3F:81:28:C7:A0:0B:67
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZN7YXZoFsd9omotsMT-BKMegC2c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/546ade-daa1-49f1-8bbe-b9eb871f6d96/1/zU-Kt7a7MQdrDXq7v889kZIKqGc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/546ade-daa1-49f1-8bbe-b9eb871f6d96/1/ZN7YXZoFsd9omotsMT-BKMegC2c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.28.232.0/21
Signature Algorithm: sha256WithRSAEncryption
32:f9:f2:5f:f1:36:82:10:55:a4:14:4c:f4:b9:cb:0f:89:b3:
5c:03:07:95:ac:49:7b:04:d2:ca:82:18:a4:70:01:21:ee:1d:
e9:95:8b:26:60:38:25:41:17:d9:55:70:4e:ee:a1:82:5c:d2:
e3:1c:fe:4e:72:87:fc:cb:93:a8:1d:65:27:b7:ef:d1:00:44:
11:f0:10:a1:ac:46:c0:63:f9:d5:b2:c0:89:76:73:e9:e6:63:
c7:ae:72:bd:87:6b:50:6d:4a:02:b7:c3:74:f7:02:61:fb:a4:
1a:df:3f:25:28:14:7f:93:c9:d4:6a:70:d7:ea:ba:57:86:0c:
9c:f8:bd:04:e5:34:d0:65:0c:1f:80:e2:4f:d0:ac:f9:3c:6b:
e9:b6:c0:ad:08:1a:94:60:cb:db:61:b8:05:19:b4:6b:89:eb:
fb:da:d4:9c:cc:c7:c9:64:9c:de:a3:7a:2f:06:25:e9:3d:b3:
f8:b8:d1:c0:0b:5f:a5:d9:45:47:09:b3:66:94:12:e1:9d:da:
96:f0:9b:ed:1f:93:67:e5:fe:22:b8:56:83:5c:29:68:d2:f7:
ca:1d:24:86:45:65:2a:86:b4:de:16:fa:1a:fc:a0:4c:f3:e0:
78:ae:bc:27:73:c2:85:6b:19:7f:5c:b4:2b:51:90:8e:bb:dc:
ec:f3:7f:99
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIECb6pBzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
NGRlZDg1ZDlhMDViMWRmNjg5YThiNmMzMTNmODEyOGM3YTAwYjY3MB4XDTIyMDEw
MTA1MDMyMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoY2Q0ZjhhYjdiNmJi
MzEwNzZiMGQ3YWJiYmZjZjNkOTE5MjBhYTg2NzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANYecKcobDCUXbB+uLp9Ncp8LnuLx2dvatH4S0oAQHdIuvzq
erR5saB6GD012gb6V7mTut3rYCqwNuQ5KJA0OOU+MBkPpObQNh8V1nnhJBnACfRF
zfVaJnqQPEt06etC8dad2Yiiydj3eBDmpgWQHhAC2JmkCBkl6ZNBvmorJqWTqjKU
ncBc0vJCJRsDatR833xHZAvOaAowaHcRdSBtex6D3SBRkBXqF/4lOqVgpGQCw4NX
M+mh6FCNOQUWkC1yslOISXyQNYr1RZCYKXtdAf78iCj70RMI80xGaRdS9Abr8WPZ
dQPuYu94LgdK9YSeAqJzeE4cJth02wtoaZDQJB8CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTNT4q3trsxB2sNeru/zz2RkgqoZzAfBgNVHSMEGDAWgBRk3thdmgWx32ia
i2wxP4Eox6ALZzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1pON1lYWm9Gc2Q5b21vdHNNVC1CS01lZ0MyYy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTcvNTQ2YWRlLWRhYTEtNDlmMS04YmJlLWI5ZWI4NzFmNmQ5Ni8x
L3pVLUt0N2E3TVFkckRYcTd2ODg5a1pJS3FHYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTcv
NTQ2YWRlLWRhYTEtNDlmMS04YmJlLWI5ZWI4NzFmNmQ5Ni8xL1pON1lYWm9Gc2Q5
b21vdHNNVC1CS01lZ0MyYy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAy4c6DANBgkqhkiG9w0BAQsFAAOC
AQEAMvnyX/E2ghBVpBRM9LnLD4mzXAMHlaxJewTSyoIYpHABIe4d6ZWLJmA4JUEX
2VVwTu6hglzS4xz+TnKH/MuTqB1lJ7fv0QBEEfAQoaxGwGP51bLAiXZz6eZjx65y
vYdrUG1KArfDdPcCYfukGt8/JSgUf5PJ1Gpw1+q6V4YMnPi9BOU00GUMH4DiT9Cs
+Txr6bbArQgalGDL22G4BRm0a4nr+9rUnMzHyWSc3qN6LwYl6T2z+LjRwAtfpdlF
RwmzZpQS4Z3alvCb7R+TZ+X+IrhWg1wpaNL3yh0khkVlKoa03hb6GvygTPPgeK68
J3PChWsZf1y0K1GQjrvc7PN/mQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:10:40 2024 by rpki-client on console-ams.rpki-client.org