
Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/69/e55e30-97c6-40e6-81b7-507011570ee6/1/X7pCwtfokEefpovaTPj1zoKx2sA.roa
File: X7pCwtfokEefpovaTPj1zoKx2sA.roa (raw, json)
Hash identifier: 4/lpVmIOoOIXy1HVnn6QPu8QZBFYGE0bWtKEVh5E4wA=
Subject key identifier: 5F:BA:42:C2:D7:E8:90:47:9F:A6:8B:DA:4C:F8:F5:CE:82:B1:DA:C0
Certificate issuer: /CN=a04845af1dc0087b274cee52a4a9e0880335435d
Certificate serial: 095998B2
Authority key identifier: A0:48:45:AF:1D:C0:08:7B:27:4C:EE:52:A4:A9:E0:88:03:35:43:5D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oEhFrx3ACHsnTO5SpKngiAM1Q10.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/69/e55e30-97c6-40e6-81b7-507011570ee6/1/X7pCwtfokEefpovaTPj1zoKx2sA.roa
Signing time: Sat 01 Jan 2022 10:59:36 +0000
ROA not before: Sat 01 Jan 2022 10:59:36 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 56582
IP address blocks: 46.235.14.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 156866738 (0x95998b2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a04845af1dc0087b274cee52a4a9e0880335435d
Validity
Not Before: Jan 1 10:59:36 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5fba42c2d7e890479fa68bda4cf8f5ce82b1dac0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:bd:7c:33:df:42:ef:bc:db:ad:e1:d0:72:1d:
13:33:27:3b:98:d5:f5:db:a8:0f:eb:10:66:e3:dd:
53:4b:7d:e7:73:e5:2b:30:ad:cd:bc:d6:69:af:ba:
07:87:bb:07:80:7b:09:6d:6e:c0:fd:56:a1:3a:20:
c1:c1:c3:62:d4:12:05:3a:0f:41:2b:38:92:62:3c:
4b:18:1c:e8:2b:62:34:c5:52:e3:4e:2e:cc:00:ef:
2f:37:ef:9b:59:2e:6a:c8:2c:fd:63:ae:a8:8f:e5:
ec:d7:28:b7:29:03:65:e6:67:13:50:ab:71:49:23:
da:bd:af:b0:18:1d:7f:b9:1c:76:5e:e2:81:b0:8b:
6f:32:d4:14:10:42:3e:e5:4c:96:fb:0d:2c:d7:00:
f2:8b:b1:10:11:e9:7b:aa:82:20:3d:b0:87:72:f2:
6b:92:94:2e:f8:cc:fb:15:cf:fc:7b:c4:99:95:a6:
b7:72:e1:2c:fa:eb:fc:a8:0c:75:86:8b:81:dc:78:
84:74:c9:e6:b1:e4:10:8d:45:34:cc:61:ce:d6:d9:
18:c9:0c:10:d7:ce:31:02:b0:56:06:c8:e4:30:f9:
fe:0a:63:85:9a:65:84:c6:a7:59:4e:91:b1:f2:00:
43:49:3f:50:26:8f:98:61:ef:d5:b3:25:40:72:b1:
ef:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:BA:42:C2:D7:E8:90:47:9F:A6:8B:DA:4C:F8:F5:CE:82:B1:DA:C0
X509v3 Authority Key Identifier:
keyid:A0:48:45:AF:1D:C0:08:7B:27:4C:EE:52:A4:A9:E0:88:03:35:43:5D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oEhFrx3ACHsnTO5SpKngiAM1Q10.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/69/e55e30-97c6-40e6-81b7-507011570ee6/1/X7pCwtfokEefpovaTPj1zoKx2sA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/69/e55e30-97c6-40e6-81b7-507011570ee6/1/oEhFrx3ACHsnTO5SpKngiAM1Q10.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.235.14.0/24
Signature Algorithm: sha256WithRSAEncryption
30:bf:74:22:b5:8c:23:dd:25:13:3a:fa:5e:2b:c2:ad:d2:7c:
2a:68:fb:3f:74:42:78:ef:b7:cf:dd:95:56:88:ad:d7:1d:de:
0a:c8:40:d3:64:ef:30:a5:58:5c:8b:9c:46:87:64:b0:f5:93:
e0:bf:15:e9:94:4d:c4:7b:b6:e2:fe:2c:e4:78:fa:7d:2f:38:
54:6e:68:70:09:00:db:34:5f:41:42:9c:78:09:35:06:ba:25:
81:69:c2:9a:97:97:8b:3e:fc:79:55:ce:a1:3e:ab:fc:49:14:
52:26:9f:19:8e:fb:d3:c3:e3:01:68:ca:e9:5b:08:1b:40:29:
0f:71:8a:9c:d2:d3:3f:ee:b6:dd:91:84:7b:1c:4e:da:9f:8f:
28:71:02:8d:85:fe:b5:25:6f:da:13:3b:ad:95:cd:b0:1a:16:
8e:8e:0b:e0:b3:e6:f8:2d:25:bb:39:5a:9b:36:b8:39:e3:df:
a0:92:66:13:e5:7b:1d:07:8f:0c:f9:03:97:20:d0:48:e4:b5:
15:c4:ff:f1:1b:ad:2e:53:78:66:1f:f0:d3:ef:28:6c:94:a4:
45:f1:73:be:01:31:41:92:f6:d4:5c:f7:6a:ee:fa:a9:f4:d7:
4b:3b:04:94:7d:8a:b0:c4:31:46:e0:7b:86:b4:8d:85:f7:b2:
b0:57:88:48
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIECVmYsjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
MDQ4NDVhZjFkYzAwODdiMjc0Y2VlNTJhNGE5ZTA4ODAzMzU0MzVkMB4XDTIyMDEw
MTEwNTkzNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNWZiYTQyYzJkN2U4
OTA0NzlmYTY4YmRhNGNmOGY1Y2U4MmIxZGFjMDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALG9fDPfQu+8263h0HIdEzMnO5jV9duoD+sQZuPdU0t953Pl
KzCtzbzWaa+6B4e7B4B7CW1uwP1WoTogwcHDYtQSBToPQSs4kmI8Sxgc6CtiNMVS
404uzADvLzfvm1kuasgs/WOuqI/l7NcotykDZeZnE1CrcUkj2r2vsBgdf7kcdl7i
gbCLbzLUFBBCPuVMlvsNLNcA8ouxEBHpe6qCID2wh3Lya5KULvjM+xXP/HvEmZWm
t3LhLPrr/KgMdYaLgdx4hHTJ5rHkEI1FNMxhztbZGMkMENfOMQKwVgbI5DD5/gpj
hZplhManWU6RsfIAQ0k/UCaPmGHv1bMlQHKx76MCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRfukLC1+iQR5+mi9pM+PXOgrHawDAfBgNVHSMEGDAWgBSgSEWvHcAIeydM
7lKkqeCIAzVDXTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L29FaEZyeDNBQ0hzblRPNVNwS25naUFNMVExMC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNjkvZTU1ZTMwLTk3YzYtNDBlNi04MWI3LTUwNzAxMTU3MGVlNi8x
L1g3cEN3dGZva0VlZnBvdmFUUGoxem9LeDJzQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjkv
ZTU1ZTMwLTk3YzYtNDBlNi04MWI3LTUwNzAxMTU3MGVlNi8xL29FaEZyeDNBQ0hz
blRPNVNwS25naUFNMVExMC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAC7rDjANBgkqhkiG9w0BAQsFAAOC
AQEAML90IrWMI90lEzr6XivCrdJ8Kmj7P3RCeO+3z92VVoit1x3eCshA02TvMKVY
XIucRodksPWT4L8V6ZRNxHu24v4s5Hj6fS84VG5ocAkA2zRfQUKceAk1BrolgWnC
mpeXiz78eVXOoT6r/EkUUiafGY7708PjAWjK6VsIG0ApD3GKnNLTP+623ZGEexxO
2p+PKHECjYX+tSVv2hM7rZXNsBoWjo4L4LPm+C0luzlamza4OePfoJJmE+V7HQeP
DPkDlyDQSOS1FcT/8RutLlN4Zh/w0+8obJSkRfFzvgExQZL21Fz3au76qfTXSzsE
lH2KsMQxRuB7hrSNhfeysFeISA==
-----END CERTIFICATE-----
Generated at Sun Apr 20 00:12:32 2025 by rpki-client