Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/1c24ad-24b4-4c98-a659-592c0dcdaf79/1/HW5Uwv4zGQLpr8Z-eAaRgxu3faE.roa
File: HW5Uwv4zGQLpr8Z-eAaRgxu3faE.roa (raw, json)
Hash identifier: /cBSx+7+ib71kXbhK8dGiKvOUQ9TO1fpaKqRjjc4XjI=
Subject key identifier: 1D:6E:54:C2:FE:33:19:02:E9:AF:C6:7E:78:06:91:83:1B:B7:7D:A1
Certificate issuer: /CN=0283a8c69a2630cd8f6fa70af2a53fe019f2cc07
Certificate serial: 059C2911
Authority key identifier: 02:83:A8:C6:9A:26:30:CD:8F:6F:A7:0A:F2:A5:3F:E0:19:F2:CC:07
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AoOoxpomMM2Pb6cK8qU_4BnyzAc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a2/1c24ad-24b4-4c98-a659-592c0dcdaf79/1/HW5Uwv4zGQLpr8Z-eAaRgxu3faE.roa
Signing time: Sun 05 Jun 2022 01:34:20 +0000
ROA not before: Sun 05 Jun 2022 01:34:20 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 16322
IP address blocks: 46.224.64.0/19 maxlen: 19
77.42.96.0/19 maxlen: 19
46.225.32.0/19 maxlen: 19
46.224.96.0/20 maxlen: 20
46.224.224.0/19 maxlen: 19
77.42.32.0/19 maxlen: 19
46.225.192.0/19 maxlen: 19
46.224.32.0/19 maxlen: 19
77.42.64.0/19 maxlen: 19
46.225.0.0/19 maxlen: 19
77.42.64.0/18 maxlen: 18
46.224.160.0/19 maxlen: 19
77.42.0.0/17 maxlen: 17
77.42.0.0/18 maxlen: 18
77.42.0.0/19 maxlen: 19
46.224.192.0/19 maxlen: 19
46.167.128.0/19 maxlen: 19
46.225.160.0/19 maxlen: 19
46.224.112.0/20 maxlen: 20
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 94120209 (0x59c2911)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0283a8c69a2630cd8f6fa70af2a53fe019f2cc07
Validity
Not Before: Jun 5 01:34:20 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=1d6e54c2fe331902e9afc67e780691831bb77da1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:7e:d3:8d:1f:80:a5:73:0a:01:4b:6d:5b:f8:
38:05:16:f4:34:14:d4:a8:4d:52:e0:9b:59:8b:a7:
91:0d:e3:50:33:29:60:36:72:73:26:c0:11:70:32:
17:6e:a9:5d:7c:37:29:aa:f4:f5:33:9c:e8:b6:42:
91:ef:c5:73:6e:4c:f9:a3:77:d5:45:65:98:71:e2:
47:62:8c:2d:82:7a:71:75:24:85:9c:b8:ae:15:8e:
95:4c:94:db:e9:22:72:54:3f:7d:36:c8:a6:0d:d9:
ff:88:53:32:60:f1:f8:b5:38:c8:34:48:1b:da:a9:
7b:63:f6:da:83:9e:48:e1:58:d9:dc:3a:e7:6e:ba:
5d:0e:17:ae:11:70:a5:f4:79:a1:07:bf:69:ce:c2:
74:53:00:54:11:08:39:88:bc:52:75:e9:bc:26:0a:
9b:6d:db:0a:30:bf:91:4f:c9:84:d3:47:89:5d:be:
79:4e:63:be:50:91:eb:5a:4c:1e:86:08:32:a8:db:
d4:f4:5e:b7:19:1a:b7:28:9c:f4:4f:f5:6c:2e:01:
59:b6:27:85:b7:26:37:31:cd:fd:3c:ff:72:b8:0a:
91:d8:67:92:60:b8:df:46:86:be:96:a7:e8:79:95:
d3:b1:e2:0a:0f:fa:8e:3e:ec:8b:c6:0b:db:d8:ba:
f4:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:6E:54:C2:FE:33:19:02:E9:AF:C6:7E:78:06:91:83:1B:B7:7D:A1
X509v3 Authority Key Identifier:
keyid:02:83:A8:C6:9A:26:30:CD:8F:6F:A7:0A:F2:A5:3F:E0:19:F2:CC:07
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AoOoxpomMM2Pb6cK8qU_4BnyzAc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/1c24ad-24b4-4c98-a659-592c0dcdaf79/1/HW5Uwv4zGQLpr8Z-eAaRgxu3faE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/1c24ad-24b4-4c98-a659-592c0dcdaf79/1/AoOoxpomMM2Pb6cK8qU_4BnyzAc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.167.128.0/19
46.224.32.0-46.224.127.255
46.224.160.0-46.225.63.255
46.225.160.0-46.225.223.255
77.42.0.0/17
Signature Algorithm: sha256WithRSAEncryption
63:ac:a1:09:7e:ad:e6:29:f8:b5:a3:a1:e4:f9:52:3e:2c:aa:
d5:79:19:06:99:ba:8c:26:5a:43:43:cf:08:69:cc:84:82:d8:
31:21:78:c8:fd:06:25:9d:05:26:f5:1b:55:0c:c7:06:89:3e:
94:d6:88:bf:f8:64:5d:43:b5:23:c3:04:34:36:8c:cd:2c:b6:
c0:90:d3:a8:be:27:a8:0e:e0:93:f7:af:eb:33:53:c6:b7:fc:
83:59:7f:0c:22:63:9b:d9:55:21:a4:40:fe:68:71:f1:9b:0d:
95:fd:4d:4d:fa:4b:b7:40:fd:f5:3f:bf:59:c8:94:14:b3:42:
75:96:2c:a3:dc:8c:f2:5e:50:8e:45:d2:64:bb:d4:a1:5d:c4:
d0:36:f0:d6:81:d7:8d:46:cc:09:62:78:70:f8:ce:18:47:ab:
a4:28:27:7d:39:1c:54:f1:0a:ca:93:c0:1b:90:47:48:87:ee:
b0:b7:7f:67:b1:d4:f9:8c:b4:d1:22:14:ce:85:57:98:fb:e2:
5e:f1:38:d4:57:70:13:52:7e:95:f9:48:fc:ab:1f:e0:03:e5:
3c:c3:42:02:76:48:a8:f2:29:83:7a:af:f2:01:1d:14:df:9d:
6b:ef:8f:4f:70:7e:24:36:e1:be:99:a6:85:c9:e5:7a:32:1c:
26:c4:42:6d
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgIEBZwpETANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
MjgzYThjNjlhMjYzMGNkOGY2ZmE3MGFmMmE1M2ZlMDE5ZjJjYzA3MB4XDTIyMDYw
NTAxMzQyMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMWQ2ZTU0YzJmZTMz
MTkwMmU5YWZjNjdlNzgwNjkxODMxYmI3N2RhMTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKN+040fgKVzCgFLbVv4OAUW9DQU1KhNUuCbWYunkQ3jUDMp
YDZycybAEXAyF26pXXw3Kar09TOc6LZCke/Fc25M+aN31UVlmHHiR2KMLYJ6cXUk
hZy4rhWOlUyU2+kiclQ/fTbIpg3Z/4hTMmDx+LU4yDRIG9qpe2P22oOeSOFY2dw6
5266XQ4XrhFwpfR5oQe/ac7CdFMAVBEIOYi8UnXpvCYKm23bCjC/kU/JhNNHiV2+
eU5jvlCR61pMHoYIMqjb1PRetxkatyic9E/1bC4BWbYnhbcmNzHN/Tz/crgKkdhn
kmC430aGvpan6HmV07HiCg/6jj7si8YL29i69AUCAwEAAaOCAjkwggI1MB0GA1Ud
DgQWBBQdblTC/jMZAumvxn54BpGDG7d9oTAfBgNVHSMEGDAWgBQCg6jGmiYwzY9v
pwrypT/gGfLMBzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0FvT294cG9tTU0yUGI2Y0s4cVVfNEJueXpBYy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYTIvMWMyNGFkLTI0YjQtNGM5OC1hNjU5LTU5MmMwZGNkYWY3OS8x
L0hXNVV3djR6R1FMcHI4Wi1lQWFSZ3h1M2ZhRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTIv
MWMyNGFkLTI0YjQtNGM5OC1hNjU5LTU5MmMwZGNkYWY3OS8xL0FvT294cG9tTU0y
UGI2Y0s4cVVfNEJueXpBYy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBP
BggrBgEFBQcBBwEB/wRAMD4wPAQCAAEwNgMEBS6ngDAMAwQFLuAgAwQHLuAAMAwD
BAUu4KADBAYu4QAwDAMEBS7hoAMEBS7hwAMEB00qADANBgkqhkiG9w0BAQsFAAOC
AQEAY6yhCX6t5in4taOh5PlSPiyq1XkZBpm6jCZaQ0PPCGnMhILYMSF4yP0GJZ0F
JvUbVQzHBok+lNaIv/hkXUO1I8MENDaMzSy2wJDTqL4nqA7gk/ev6zNTxrf8g1l/
DCJjm9lVIaRA/mhx8ZsNlf1NTfpLt0D99T+/WciUFLNCdZYso9yM8l5QjkXSZLvU
oV3E0Dbw1oHXjUbMCWJ4cPjOGEerpCgnfTkcVPEKypPAG5BHSIfusLd/Z7HU+Yy0
0SIUzoVXmPviXvE41FdwE1J+lflI/Ksf4APlPMNCAnZIqPIpg3qv8gEdFN+da++P
T3B+JDbhvpmmhcnlejIcJsRCbQ==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:05:28 2023 by rpki-client on console-ams.rpki-client.org