Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/ce21b3-c4de-456d-b538-97975d34fc6c/1/aYKBcF36LR6txbp7BMJWRVZs2wI.roa
File: aYKBcF36LR6txbp7BMJWRVZs2wI.roa (raw, json)
Hash identifier: c5HHLfGJofPZ+c2w5e3/suh1pOTttqsGaRxgJORkecY=
Subject key identifier: 69:82:81:70:5D:FA:2D:1E:AD:C5:BA:7B:04:C2:56:45:56:6C:DB:02
Certificate issuer: /CN=4148cbad1748205b4f4334bba638c64c2b21fc0e
Certificate serial: 02BD0FE7
Authority key identifier: 41:48:CB:AD:17:48:20:5B:4F:43:34:BB:A6:38:C6:4C:2B:21:FC:0E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QUjLrRdIIFtPQzS7pjjGTCsh_A4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/61/ce21b3-c4de-456d-b538-97975d34fc6c/1/aYKBcF36LR6txbp7BMJWRVZs2wI.roa
Signing time: Tue 31 May 2022 14:52:14 +0000
ROA not before: Tue 31 May 2022 14:52:14 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 207967
IP address blocks: 46.149.68.0/22 maxlen: 22
46.149.72.0/21 maxlen: 21
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 45944807 (0x2bd0fe7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4148cbad1748205b4f4334bba638c64c2b21fc0e
Validity
Not Before: May 31 14:52:14 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=698281705dfa2d1eadc5ba7b04c25645566cdb02
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:cf:b2:cb:ea:2f:99:5d:4e:eb:31:86:75:5a:
69:47:38:3e:0b:21:d0:70:31:e4:0d:44:65:e9:7a:
63:cd:71:96:54:3d:f8:8b:c7:7b:6b:bf:9f:af:a1:
58:a2:cf:db:f3:8a:a1:19:08:f9:85:0c:fa:99:66:
d2:27:36:98:de:38:62:7c:ed:a6:19:0b:c2:69:5b:
93:c1:98:be:58:67:fa:c6:1b:36:da:f5:b1:53:74:
d7:9d:66:54:39:52:cd:10:83:cf:40:6e:f1:36:f0:
e6:d0:c3:a3:ea:d2:70:e5:a7:fc:74:76:05:ef:d7:
d3:4c:32:aa:f7:a0:32:1a:56:77:a4:4f:96:dc:c2:
e4:9f:fa:f1:fe:bb:a9:29:98:a2:aa:88:18:3c:0d:
70:7f:4b:9a:6b:82:44:65:6d:83:92:1b:8b:09:5d:
4c:dd:78:49:59:3d:17:a9:cf:43:80:7f:2b:30:b7:
53:79:68:93:76:cf:52:b1:60:35:4d:b5:e7:5f:4c:
30:0d:94:a1:e2:38:b3:e9:7d:90:af:1f:67:f2:81:
03:a9:02:2f:21:b7:8a:ed:81:9f:f4:0d:f4:79:dd:
3d:d2:54:55:64:05:da:a5:74:79:0a:db:72:90:a3:
7b:36:9b:8a:58:15:ba:99:21:4f:3a:59:61:46:cc:
e6:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:82:81:70:5D:FA:2D:1E:AD:C5:BA:7B:04:C2:56:45:56:6C:DB:02
X509v3 Authority Key Identifier:
keyid:41:48:CB:AD:17:48:20:5B:4F:43:34:BB:A6:38:C6:4C:2B:21:FC:0E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QUjLrRdIIFtPQzS7pjjGTCsh_A4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/ce21b3-c4de-456d-b538-97975d34fc6c/1/aYKBcF36LR6txbp7BMJWRVZs2wI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/61/ce21b3-c4de-456d-b538-97975d34fc6c/1/QUjLrRdIIFtPQzS7pjjGTCsh_A4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.149.68.0-46.149.79.255
Signature Algorithm: sha256WithRSAEncryption
63:18:0a:32:96:86:8d:3c:9e:06:5c:f7:37:2e:1a:51:3e:60:
ba:27:c2:1f:ce:61:49:57:c3:e9:e4:a7:0d:7b:19:ff:b0:04:
39:0e:cc:7b:17:74:f3:a1:96:d9:24:a7:95:e7:3f:74:0e:99:
c6:78:77:71:f3:f7:ee:a4:e8:2d:a6:98:52:aa:d5:61:73:58:
fe:fe:3d:5c:fd:52:da:fa:7a:c3:3d:ad:de:2d:80:99:9a:12:
e5:dd:e3:01:33:51:23:08:f4:bb:a3:7c:f2:32:7c:39:82:80:
f2:91:b1:cf:64:a1:40:11:91:ce:6a:ff:5c:0f:e1:5d:52:77:
9d:28:0c:5d:f3:04:e9:f7:dc:0e:ef:5d:b7:81:ab:71:97:b5:
0a:a5:1e:e8:a9:d2:f0:6c:dd:7f:11:26:ea:13:24:6a:20:ca:
30:cc:65:00:d9:c3:6f:bf:90:d3:91:a4:88:66:da:45:19:01:
e2:85:2c:03:bc:c5:9b:b5:e9:57:71:0f:e5:49:2b:3a:c3:e8:
ff:40:1d:75:4c:0e:25:97:88:64:4e:a2:37:01:96:ed:40:fe:
af:9f:d0:e6:40:26:c1:a9:e6:89:31:0b:36:58:14:cd:48:b3:
92:2c:33:bc:30:1a:7b:22:c4:ed:e9:a6:a9:97:3b:24:49:f7:
84:a1:48:cd
-----BEGIN CERTIFICATE-----
MIIE9zCCA9+gAwIBAgIEAr0P5zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
MTQ4Y2JhZDE3NDgyMDViNGY0MzM0YmJhNjM4YzY0YzJiMjFmYzBlMB4XDTIyMDUz
MTE0NTIxNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNjk4MjgxNzA1ZGZh
MmQxZWFkYzViYTdiMDRjMjU2NDU1NjZjZGIwMjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKXPssvqL5ldTusxhnVaaUc4Pgsh0HAx5A1EZel6Y81xllQ9
+IvHe2u/n6+hWKLP2/OKoRkI+YUM+plm0ic2mN44YnztphkLwmlbk8GYvlhn+sYb
Ntr1sVN0151mVDlSzRCDz0Bu8Tbw5tDDo+rScOWn/HR2Be/X00wyqvegMhpWd6RP
ltzC5J/68f67qSmYoqqIGDwNcH9LmmuCRGVtg5IbiwldTN14SVk9F6nPQ4B/KzC3
U3lok3bPUrFgNU21519MMA2UoeI4s+l9kK8fZ/KBA6kCLyG3iu2Bn/QN9HndPdJU
VWQF2qV0eQrbcpCjezabilgVupkhTzpZYUbM5jkCAwEAAaOCAhEwggINMB0GA1Ud
DgQWBBRpgoFwXfotHq3FunsEwlZFVmzbAjAfBgNVHSMEGDAWgBRBSMutF0ggW09D
NLumOMZMKyH8DjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1FVakxyUmRJSUZ0UFF6UzdwampHVENzaF9BNC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNjEvY2UyMWIzLWM0ZGUtNDU2ZC1iNTM4LTk3OTc1ZDM0ZmM2Yy8x
L2FZS0JjRjM2TFI2dHhicDdCTUpXUlZaczJ3SS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjEv
Y2UyMWIzLWM0ZGUtNDU2ZC1iNTM4LTk3OTc1ZDM0ZmM2Yy8xL1FVakxyUmRJSUZ0
UFF6UzdwampHVENzaF9BNC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAn
BggrBgEFBQcBBwEB/wQYMBYwFAQCAAEwDjAMAwQCLpVEAwQELpVAMA0GCSqGSIb3
DQEBCwUAA4IBAQBjGAoyloaNPJ4GXPc3LhpRPmC6J8IfzmFJV8Pp5KcNexn/sAQ5
Dsx7F3TzoZbZJKeV5z90DpnGeHdx8/fupOgtpphSqtVhc1j+/j1c/VLa+nrDPa3e
LYCZmhLl3eMBM1EjCPS7o3zyMnw5goDykbHPZKFAEZHOav9cD+FdUnedKAxd8wTp
99wO7123gatxl7UKpR7oqdLwbN1/ESbqEyRqIMowzGUA2cNvv5DTkaSIZtpFGQHi
hSwDvMWbtelXcQ/lSSs6w+j/QB11TA4ll4hkTqI3AZbtQP6vn9DmQCbBqeaJMQs2
WBTNSLOSLDO8MBp7IsTt6aaplzskSfeEoUjN
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:14:20 2024 by rpki-client on console-ams.rpki-client.org