Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/71/ac017c-ff29-43cf-a3d6-29f1beb2f282/1/msQjJQ4pHHejs8yLM4AB6dG42sE.roa
File: msQjJQ4pHHejs8yLM4AB6dG42sE.roa (raw, json)
Hash identifier: klAhEAgMAuXaqpELHvUbZAb5OzEYfmW2lBRHpGICd3E=
Subject key identifier: 9A:C4:23:25:0E:29:1C:77:A3:B3:CC:8B:33:80:01:E9:D1:B8:DA:C1
Certificate issuer: /CN=ed6da9e41686d21c12799c8e84b274aa8241508c
Certificate serial: 01907E51587EEE01AAC2F0ABE74F9A178DD6
Authority key identifier: ED:6D:A9:E4:16:86:D2:1C:12:79:9C:8E:84:B2:74:AA:82:41:50:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7W2p5BaG0hwSeZyOhLJ0qoJBUIw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/71/ac017c-ff29-43cf-a3d6-29f1beb2f282/1/msQjJQ4pHHejs8yLM4AB6dG42sE.roa
Signing time: Thu 04 Jul 2024 15:16:18 +0000
ROA not before: Thu 04 Jul 2024 15:16:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 61248
IP address blocks: 46.143.212.0/22 maxlen: 22
46.143.248.0/22 maxlen: 22
109.122.252.0/23 maxlen: 23
109.122.254.0/23 maxlen: 23
185.84.220.0/23 maxlen: 23
185.84.222.0/23 maxlen: 23
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:7e:51:58:7e:ee:01:aa:c2:f0:ab:e7:4f:9a:17:8d:d6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ed6da9e41686d21c12799c8e84b274aa8241508c
Validity
Not Before: Jul 4 15:16:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9ac423250e291c77a3b3cc8b338001e9d1b8dac1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:21:f1:a1:42:e1:36:51:9c:0c:a2:6b:df:b7:
65:f3:3b:02:58:13:07:53:97:fb:62:d7:e5:51:bf:
e4:c9:77:16:70:fd:ad:73:89:67:dc:a2:bf:c3:ce:
cd:05:82:cb:84:db:a5:c6:a5:49:54:13:55:e2:96:
31:60:c4:4d:77:77:af:44:08:38:ec:d5:87:67:62:
b4:d4:0c:46:fd:c8:35:81:17:9e:7c:4d:91:47:2e:
59:ea:42:a5:3b:91:77:47:fa:6e:b9:ba:6a:f4:e6:
90:27:bb:36:c1:c9:be:df:72:f1:aa:13:1c:f1:f5:
a8:d8:bd:33:ba:20:1a:60:41:3e:61:b8:b8:ba:c0:
8c:bf:3f:3a:56:d4:46:f0:b7:9c:b7:ff:93:e6:81:
11:a5:bb:24:4b:a6:d1:49:64:45:dc:06:0d:73:2b:
cd:02:f9:ab:98:03:c5:6b:bc:db:59:9e:59:fa:75:
ff:be:3d:47:8a:fa:c3:7c:48:96:5c:5c:ee:bc:c1:
21:84:d3:68:44:72:e4:1e:1e:11:96:fe:0e:1d:a3:
9e:d5:23:db:1c:c4:c3:df:49:d5:c0:2c:09:63:f2:
a2:01:5d:f5:42:ba:0f:8a:8e:46:ea:04:90:0f:88:
e0:2b:a4:de:9a:e6:ee:88:69:00:08:6e:72:3d:2b:
c3:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:C4:23:25:0E:29:1C:77:A3:B3:CC:8B:33:80:01:E9:D1:B8:DA:C1
X509v3 Authority Key Identifier:
keyid:ED:6D:A9:E4:16:86:D2:1C:12:79:9C:8E:84:B2:74:AA:82:41:50:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7W2p5BaG0hwSeZyOhLJ0qoJBUIw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/71/ac017c-ff29-43cf-a3d6-29f1beb2f282/1/msQjJQ4pHHejs8yLM4AB6dG42sE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/71/ac017c-ff29-43cf-a3d6-29f1beb2f282/1/7W2p5BaG0hwSeZyOhLJ0qoJBUIw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.143.212.0/22
46.143.248.0/22
109.122.252.0/22
185.84.220.0/22
Signature Algorithm: sha256WithRSAEncryption
46:db:99:11:30:4e:49:a6:14:63:2f:b7:8e:5a:ec:73:99:0f:
f5:99:c1:5a:67:f6:db:c8:1e:98:72:5a:d4:ad:09:f5:f5:c5:
a1:b1:f8:3c:a0:ee:9e:7e:72:72:dc:f8:cf:f7:50:bc:f8:ab:
65:b0:d5:d9:7a:7a:78:bd:03:34:aa:d2:99:c3:cb:1b:2b:25:
ab:28:60:33:81:0a:72:cb:c0:88:ad:2d:73:b4:d3:7c:54:8f:
53:01:2e:4c:83:3e:ef:c6:92:35:25:6f:e6:06:0b:9f:b4:7c:
65:25:4c:f6:ed:a5:88:da:15:9f:c6:1e:80:75:35:29:17:1a:
64:6c:e0:c6:88:1a:16:42:b4:7e:0b:de:49:e5:df:ec:19:9c:
3b:6c:a9:d7:15:f4:ea:d9:92:6f:a8:b8:90:17:a3:7c:1c:c7:
99:e2:e7:20:77:70:01:2a:ba:9d:08:30:3e:8f:de:a0:d5:5e:
73:86:9e:10:85:f7:24:c2:88:43:86:17:b3:87:f8:83:c8:9a:
d3:ec:f5:62:fd:4d:85:dd:dc:13:5f:9a:12:24:17:62:3d:7a:
15:23:74:3c:b0:86:b0:2a:70:fa:f7:ee:7f:e7:e3:b4:00:84:
db:61:d7:1b:9a:ad:8a:d1:69:70:bd:59:83:8f:22:64:3d:dd:
a4:ad:0a:8a
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZB+UVh+7gGqwvCr50+aF43WMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVkNmRhOWU0MTY4NmQyMWMxMjc5OWM4ZTg0YjI3NGFhODI0
MTUwOGMwHhcNMjQwNzA0MTUxNjE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YWM0MjMyNTBlMjkxYzc3YTNiM2NjOGIzMzgwMDFlOWQxYjhkYWMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmyHxoULhNlGcDKJr37dl8zsCWBMH
U5f7YtflUb/kyXcWcP2tc4ln3KK/w87NBYLLhNulxqVJVBNV4pYxYMRNd3evRAg4
7NWHZ2K01AxG/cg1gReefE2RRy5Z6kKlO5F3R/puubpq9OaQJ7s2wcm+33LxqhMc
8fWo2L0zuiAaYEE+Ybi4usCMvz86VtRG8Lect/+T5oERpbskS6bRSWRF3AYNcyvN
AvmrmAPFa7zbWZ5Z+nX/vj1HivrDfEiWXFzuvMEhhNNoRHLkHh4Rlv4OHaOe1SPb
HMTD30nVwCwJY/KiAV31QroPio5G6gSQD4jgK6TemubuiGkACG5yPSvDGQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFJrEIyUOKRx3o7PMizOAAenRuNrBMB8GA1UdIwQY
MBaAFO1tqeQWhtIcEnmcjoSydKqCQVCMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN1cycDVCYUcwaHdTZVp5T2hMSjBxb0pCVUl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MS9hYzAxN2MtZmYyOS00M2NmLWEzZDYt
MjlmMWJlYjJmMjgyLzEvbXNRakpRNHBISGVqczh5TE00QUI2ZEc0MnNFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MS9hYzAxN2MtZmYyOS00M2NmLWEzZDYtMjlmMWJlYjJmMjgy
LzEvN1cycDVCYUcwaHdTZVp5T2hMSjBxb0pCVUl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCLo/UAwQC
Lo/4AwQCbXr8AwQCuVTcMA0GCSqGSIb3DQEBCwUAA4IBAQBG25kRME5JphRjL7eO
WuxzmQ/1mcFaZ/bbyB6YclrUrQn19cWhsfg8oO6efnJy3PjP91C8+KtlsNXZenp4
vQM0qtKZw8sbKyWrKGAzgQpyy8CIrS1ztNN8VI9TAS5Mgz7vxpI1JW/mBguftHxl
JUz27aWI2hWfxh6AdTUpFxpkbODGiBoWQrR+C95J5d/sGZw7bKnXFfTq2ZJvqLiQ
F6N8HMeZ4ucgd3ABKrqdCDA+j96g1V5zhp4QhfckwohDhhezh/iDyJrT7PVi/U2F
3dwTX5oSJBdiPXoVI3Q8sIawKnD69+5/5+O0AITbYdcbmq2K0WlwvVmDjyJkPd2k
rQqK
-----END CERTIFICATE-----
Generated at Tue Sep 24 16:53:35 2024 by rpki-client on console-fra.rpki-client.org