Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/73/77330b-607a-4af8-b8f4-2c0d43867d7b/1/Pvwc1BKA_4Te5UFn2lBjiUX3XpA.roa
File: Pvwc1BKA_4Te5UFn2lBjiUX3XpA.roa (raw, json)
Hash identifier: gPHdTJzP2KdbHDauQTZeY+icrp8ktseF4hclrUWnnpw=
Subject key identifier: 3E:FC:1C:D4:12:80:FF:84:DE:E5:41:67:DA:50:63:89:45:F7:5E:90
Certificate issuer: /CN=2d3096d4951f5c6942341fcc0ccfb728dae8ce84
Certificate serial: 018CC649C8A634F1FB9EBFC519768CA99CB5
Authority key identifier: 2D:30:96:D4:95:1F:5C:69:42:34:1F:CC:0C:CF:B7:28:DA:E8:CE:84
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LTCW1JUfXGlCNB_MDM-3KNrozoQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/73/77330b-607a-4af8-b8f4-2c0d43867d7b/1/Pvwc1BKA_4Te5UFn2lBjiUX3XpA.roa
Signing time: Mon 01 Jan 2024 18:29:33 +0000
ROA not before: Mon 01 Jan 2024 18:29:33 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39609
IP address blocks: 46.17.176.0/21 maxlen: 21
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:49:c8:a6:34:f1:fb:9e:bf:c5:19:76:8c:a9:9c:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2d3096d4951f5c6942341fcc0ccfb728dae8ce84
Validity
Not Before: Jan 1 18:29:33 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3efc1cd41280ff84dee54167da50638945f75e90
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:2b:0e:12:e7:a3:45:f8:84:7b:f4:c0:17:27:
44:f5:c7:8a:b5:b7:4b:36:17:ae:e3:43:d9:08:72:
99:09:40:04:db:60:10:ea:f9:50:bc:b9:ac:c1:bc:
5a:47:94:15:2e:17:fc:2c:0e:67:54:69:ab:2a:e7:
eb:c5:ba:51:23:76:a3:f4:e4:25:5c:d7:9e:4d:a6:
c2:e7:40:f0:76:e6:c7:53:53:c7:9a:cc:4b:00:3c:
ae:bb:5c:99:93:6a:08:71:97:3e:23:07:04:3b:f2:
c9:32:25:56:9a:29:ed:eb:cb:c1:ce:c3:8d:00:63:
12:84:da:65:28:ae:72:5f:ff:d2:ac:b0:6a:9a:b2:
8f:0f:af:51:ff:de:e9:08:a5:47:dd:0d:9a:fc:70:
2d:32:6f:a9:e3:62:64:d1:e8:54:3f:09:08:06:11:
19:fe:56:91:cf:6e:8f:7f:ec:5e:fc:9d:8d:77:57:
54:12:6c:a9:d4:30:d2:d0:03:7d:75:a0:8c:58:c1:
63:ff:cf:dd:08:c3:3f:e7:17:61:34:0f:e2:34:e9:
ed:ab:97:9c:c0:2f:50:75:29:6d:dc:a7:46:14:02:
6b:56:fc:f2:4d:e4:b8:66:ee:20:0b:be:03:0a:cc:
30:9d:4f:92:a0:6a:d9:29:21:26:74:02:94:ec:7c:
16:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:FC:1C:D4:12:80:FF:84:DE:E5:41:67:DA:50:63:89:45:F7:5E:90
X509v3 Authority Key Identifier:
keyid:2D:30:96:D4:95:1F:5C:69:42:34:1F:CC:0C:CF:B7:28:DA:E8:CE:84
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LTCW1JUfXGlCNB_MDM-3KNrozoQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/73/77330b-607a-4af8-b8f4-2c0d43867d7b/1/Pvwc1BKA_4Te5UFn2lBjiUX3XpA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/73/77330b-607a-4af8-b8f4-2c0d43867d7b/1/LTCW1JUfXGlCNB_MDM-3KNrozoQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.17.176.0/21
Signature Algorithm: sha256WithRSAEncryption
05:86:06:4b:79:0b:87:53:da:af:44:2a:f3:e5:80:24:a1:3d:
bd:48:f4:09:2a:0a:9e:c6:e2:bf:4a:e0:78:3e:08:ba:ea:71:
6f:43:be:bd:f5:a2:8a:3c:e3:1c:97:04:e9:8a:58:28:a9:ca:
9c:4b:af:00:7e:1b:bc:13:a5:97:82:82:5d:51:05:66:0e:66:
93:e9:c0:d6:1f:7c:81:77:60:4a:09:fb:1d:f8:b6:da:c9:6b:
bc:6a:1a:67:ee:8b:df:e4:36:30:75:b9:e2:03:58:7f:e3:1e:
56:81:f0:92:ec:6f:67:00:7a:d3:71:91:0c:10:fe:b0:42:ee:
77:12:a3:e7:7b:5f:0f:c8:5d:98:44:d8:ae:ff:16:e2:9e:5e:
27:a6:4a:c8:1f:77:1b:a5:61:d3:7e:c2:0e:d6:96:84:86:62:
0a:be:1f:08:7a:58:a1:0c:1f:8b:84:28:cf:4f:39:c7:8d:69:
ac:9f:e4:95:d1:0c:9f:f4:cb:38:f2:8c:de:05:d4:68:c4:13:
1f:2f:66:da:06:f8:38:52:2d:d9:82:e6:39:7b:66:66:c3:34:
50:ed:5c:03:76:d7:68:1b:8c:81:4f:ce:05:d9:10:9a:23:29:
a0:89:52:9c:19:d1:37:d5:01:d9:5c:a5:c1:c9:ba:96:95:4a:
88:f7:b2:ed
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzGScimNPH7nr/FGXaMqZy1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJkMzA5NmQ0OTUxZjVjNjk0MjM0MWZjYzBjY2ZiNzI4ZGFl
OGNlODQwHhcNMjQwMTAxMTgyOTMzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZWZjMWNkNDEyODBmZjg0ZGVlNTQxNjdkYTUwNjM4OTQ1Zjc1ZTkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgCsOEuejRfiEe/TAFydE9ceKtbdL
Nheu40PZCHKZCUAE22AQ6vlQvLmswbxaR5QVLhf8LA5nVGmrKufrxbpRI3aj9OQl
XNeeTabC50DwdubHU1PHmsxLADyuu1yZk2oIcZc+IwcEO/LJMiVWmint68vBzsON
AGMShNplKK5yX//SrLBqmrKPD69R/97pCKVH3Q2a/HAtMm+p42Jk0ehUPwkIBhEZ
/laRz26Pf+xe/J2Nd1dUEmyp1DDS0AN9daCMWMFj/8/dCMM/5xdhNA/iNOntq5ec
wC9QdSlt3KdGFAJrVvzyTeS4Zu4gC74DCswwnU+SoGrZKSEmdAKU7HwWiwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFD78HNQSgP+E3uVBZ9pQY4lF916QMB8GA1UdIwQY
MBaAFC0wltSVH1xpQjQfzAzPtyja6M6EMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTFRDVzFKVWZYR2xDTkJfTURNLTNLTnJvem9RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83My83NzMzMGItNjA3YS00YWY4LWI4ZjQt
MmMwZDQzODY3ZDdiLzEvUHZ3YzFCS0FfNFRlNVVGbjJsQmppVVgzWHBBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83My83NzMzMGItNjA3YS00YWY4LWI4ZjQtMmMwZDQzODY3ZDdi
LzEvTFRDVzFKVWZYR2xDTkJfTURNLTNLTnJvem9RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDLhGwMA0G
CSqGSIb3DQEBCwUAA4IBAQAFhgZLeQuHU9qvRCrz5YAkoT29SPQJKgqexuK/SuB4
Pgi66nFvQ7699aKKPOMclwTpilgoqcqcS68Afhu8E6WXgoJdUQVmDmaT6cDWH3yB
d2BKCfsd+LbayWu8ahpn7ovf5DYwdbniA1h/4x5WgfCS7G9nAHrTcZEMEP6wQu53
EqPne18PyF2YRNiu/xbinl4npkrIH3cbpWHTfsIO1paEhmIKvh8IelihDB+LhCjP
TznHjWmsn+SV0Qyf9Ms48ozeBdRoxBMfL2baBvg4Ui3ZguY5e2ZmwzRQ7VwDdtdo
G4yBT84F2RCaIymgiVKcGdE31QHZXKXBybqWlUqI97Lt
-----END CERTIFICATE-----
Generated at Thu Mar 14 11:37:08 2024 by rpki-client on console-fra.rpki-client.org