Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/0NphajGo5nYOZBlqkCHE8UiuFcY.roa
File: 0NphajGo5nYOZBlqkCHE8UiuFcY.roa (raw, json)
Hash identifier: qjjME6+qPzrmyl1WCLqz+UUVQ5t5frd1aB2JjmV+LiQ=
Subject key identifier: D0:DA:61:6A:31:A8:E6:76:0E:64:19:6A:90:21:C4:F1:48:AE:15:C6
Certificate issuer: /CN=f8e62634e1bd5133a9de4512ae98cad1b2219b59
Certificate serial: 018741C8560F0196976E12A582FE0A8ABFFB
Authority key identifier: F8:E6:26:34:E1:BD:51:33:A9:DE:45:12:AE:98:CA:D1:B2:21:9B:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/0NphajGo5nYOZBlqkCHE8UiuFcY.roa
Signing time: Sun 02 Apr 2023 11:44:20 +0000
ROA not before: Sun 02 Apr 2023 11:44:20 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 40975
IP address blocks: 46.102.104.0/24 maxlen: 24
46.102.235.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:41:c8:56:0f:01:96:97:6e:12:a5:82:fe:0a:8a:bf:fb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f8e62634e1bd5133a9de4512ae98cad1b2219b59
Validity
Not Before: Apr 2 11:44:20 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d0da616a31a8e6760e64196a9021c4f148ae15c6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:21:2f:1a:36:2f:90:ba:ca:fa:b4:5f:4b:39:
48:c3:bc:59:94:04:01:88:22:86:ce:f7:8d:84:80:
a8:cc:be:4d:37:6f:61:22:c7:25:2b:8c:b8:10:45:
69:85:a8:25:db:a3:c6:39:fe:44:31:5c:31:b3:a4:
74:aa:c1:52:28:a2:84:3a:09:b7:0b:ab:b2:03:10:
26:94:6d:3f:1b:ea:d1:4f:b2:13:89:60:4d:af:58:
90:9a:7c:a4:28:38:83:c5:32:36:7b:55:bc:7d:ba:
88:13:41:09:19:c9:2b:8c:c3:e3:ea:1b:dc:ad:cb:
4e:14:ad:17:13:25:7f:0d:5e:f1:fe:77:24:10:0a:
e8:f6:cb:23:76:ba:f3:30:d0:0e:d3:55:ca:b3:4f:
22:3f:fb:8c:84:75:51:a7:83:06:37:e0:b3:6a:94:
b7:91:8d:fb:01:85:d8:2f:59:c0:9e:66:97:ed:69:
34:cf:25:5a:a4:77:33:4b:1c:18:89:93:74:19:3b:
0f:04:1e:d3:5c:55:23:0a:46:3b:e5:83:5e:94:e8:
3c:73:20:a3:24:23:a6:9c:74:af:9d:4c:34:9c:17:
68:71:79:9f:22:16:e0:e5:8d:54:f6:26:46:cd:64:
02:f4:59:f9:76:52:f0:3d:52:25:6d:3a:8b:1e:01:
e0:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:DA:61:6A:31:A8:E6:76:0E:64:19:6A:90:21:C4:F1:48:AE:15:C6
X509v3 Authority Key Identifier:
keyid:F8:E6:26:34:E1:BD:51:33:A9:DE:45:12:AE:98:CA:D1:B2:21:9B:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/0NphajGo5nYOZBlqkCHE8UiuFcY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.102.104.0/24
46.102.235.0/24
Signature Algorithm: sha256WithRSAEncryption
7c:9e:86:75:92:a1:28:43:bf:f2:53:a5:cc:eb:dc:83:88:2e:
c0:81:36:20:c3:c7:b5:1d:fe:b8:a8:63:88:1a:fd:ea:7d:c6:
ec:a2:95:4c:88:c3:37:aa:70:1a:59:4d:7c:c1:96:13:f1:f4:
6d:eb:03:1f:94:58:bc:08:29:cb:18:6c:f2:3e:51:3d:08:b0:
e3:26:8a:78:1b:b5:93:5c:eb:fa:27:f4:a4:f8:ee:26:68:2e:
dc:72:a7:bf:b3:a6:89:d8:f2:7f:4f:9a:5c:71:d8:96:fb:b2:
48:e1:4f:2e:4b:0c:a0:36:a3:12:a0:7f:bb:85:dd:c4:10:2e:
89:38:9b:df:6d:1e:5e:34:4d:9f:5e:fc:8a:68:b5:16:b6:55:
9c:57:7e:23:a5:f4:83:3d:4f:57:87:15:bb:fd:f5:ae:fa:4a:
25:89:a1:3e:41:ef:10:0b:5c:60:f8:a5:8b:8e:4c:f3:f5:f9:
a8:c1:af:67:1a:c1:ea:54:5e:b9:69:15:4e:20:9d:b1:10:2a:
70:12:4c:a9:72:45:3b:20:bc:a5:69:b7:a9:cf:3e:18:ac:b7:
e2:b0:94:5e:52:b8:6e:d3:4c:14:ca:76:4f:f1:03:1c:33:13:
3a:2d:bc:c0:b0:32:87:23:99:7f:53:24:8d:c9:d0:b8:98:08:
a8:62:2a:09
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYdByFYPAZaXbhKlgv4Kir/7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY4ZTYyNjM0ZTFiZDUxMzNhOWRlNDUxMmFlOThjYWQxYjIy
MTliNTkwHhcNMjMwNDAyMTE0NDIwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMGRhNjE2YTMxYThlNjc2MGU2NDE5NmE5MDIxYzRmMTQ4YWUxNWM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApCEvGjYvkLrK+rRfSzlIw7xZlAQB
iCKGzveNhICozL5NN29hIsclK4y4EEVphagl26PGOf5EMVwxs6R0qsFSKKKEOgm3
C6uyAxAmlG0/G+rRT7ITiWBNr1iQmnykKDiDxTI2e1W8fbqIE0EJGckrjMPj6hvc
rctOFK0XEyV/DV7x/nckEAro9ssjdrrzMNAO01XKs08iP/uMhHVRp4MGN+CzapS3
kY37AYXYL1nAnmaX7Wk0zyVapHczSxwYiZN0GTsPBB7TXFUjCkY75YNelOg8cyCj
JCOmnHSvnUw0nBdocXmfIhbg5Y1U9iZGzWQC9Fn5dlLwPVIlbTqLHgHgmQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFNDaYWoxqOZ2DmQZapAhxPFIrhXGMB8GA1UdIwQY
MBaAFPjmJjThvVEzqd5FEq6YytGyIZtZMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1PWW1OT0c5VVRPcDNrVVNycGpLMGJJaG0xay5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzgvZGEzMzk4LTY2OTgtNDVmMi1iYWFl
LTkyZTI1ZmUxNjMzMS8xLzBOcGhhakdvNW5ZT1pCbHFrQ0hFOFVpdUZjWS5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNzgvZGEzMzk4LTY2OTgtNDVmMi1iYWFlLTkyZTI1ZmUxNjMz
MS8xLzEtT1ltTk9HOVVUT3Aza1VTcnBqSzBiSWhtMWsuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwJQYIKwYBBQUHAQcBAf8EFjAUMBIEAgABMAwDBAAuZmgD
BAAuZuswDQYJKoZIhvcNAQELBQADggEBAHyehnWSoShDv/JTpczr3IOILsCBNiDD
x7Ud/rioY4ga/ep9xuyilUyIwzeqcBpZTXzBlhPx9G3rAx+UWLwIKcsYbPI+UT0I
sOMmingbtZNc6/on9KT47iZoLtxyp7+zponY8n9Pmlxx2Jb7skjhTy5LDKA2oxKg
f7uF3cQQLok4m99tHl40TZ9e/IpotRa2VZxXfiOl9IM9T1eHFbv99a76SiWJoT5B
7xALXGD4pYuOTPP1+ajBr2cawepUXrlpFU4gnbEQKnASTKlyRTsgvKVpt6nPPhis
t+KwlF5SuG7TTBTKdk/xAxwzEzotvMCwMocjmX9TJI3J0LiYCKhiKgk=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:58:12 2023 by rpki-client on console-fra.rpki-client.org