Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/1c24ad-24b4-4c98-a659-592c0dcdaf79/1/xIuo4Qvv1N3fa0Nkaa7Y80RIwsU.roa
File: xIuo4Qvv1N3fa0Nkaa7Y80RIwsU.roa (raw, json)
Hash identifier: PbCmwh2cFwHJBrENJl2co4hWlZewnDIQNiH719SuV2w=
Subject key identifier: C4:8B:A8:E1:0B:EF:D4:DD:DF:6B:43:64:69:AE:D8:F3:44:48:C2:C5
Certificate issuer: /CN=0283a8c69a2630cd8f6fa70af2a53fe019f2cc07
Certificate serial: 018259198EEBEF43D1AD89A245E8677B3FB9
Authority key identifier: 02:83:A8:C6:9A:26:30:CD:8F:6F:A7:0A:F2:A5:3F:E0:19:F2:CC:07
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AoOoxpomMM2Pb6cK8qU_4BnyzAc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a2/1c24ad-24b4-4c98-a659-592c0dcdaf79/1/xIuo4Qvv1N3fa0Nkaa7Y80RIwsU.roa
Signing time: Mon 01 Aug 2022 11:10:23 +0000
ROA not before: Mon 01 Aug 2022 11:10:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 16322
IP address blocks: 46.224.64.0/19 maxlen: 19
77.42.96.0/19 maxlen: 19
46.225.32.0/19 maxlen: 19
46.224.96.0/20 maxlen: 20
46.225.64.0/19 maxlen: 19
46.224.224.0/19 maxlen: 19
77.42.32.0/19 maxlen: 19
46.225.192.0/19 maxlen: 19
46.224.32.0/19 maxlen: 19
77.42.64.0/19 maxlen: 19
46.225.0.0/19 maxlen: 19
77.42.64.0/18 maxlen: 18
46.224.160.0/19 maxlen: 19
77.42.0.0/17 maxlen: 17
77.42.0.0/18 maxlen: 18
77.42.0.0/19 maxlen: 19
46.224.192.0/19 maxlen: 19
46.167.128.0/19 maxlen: 19
46.225.160.0/19 maxlen: 19
46.224.112.0/20 maxlen: 20
46.225.96.0/19 maxlen: 19
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:59:19:8e:eb:ef:43:d1:ad:89:a2:45:e8:67:7b:3f:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0283a8c69a2630cd8f6fa70af2a53fe019f2cc07
Validity
Not Before: Aug 1 11:10:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c48ba8e10befd4dddf6b436469aed8f34448c2c5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:01:65:54:6b:93:0b:df:ca:8b:24:c9:bf:1b:
9a:0d:31:2e:bc:79:52:0d:de:3e:3e:e6:08:13:45:
29:d3:b7:3e:50:66:2e:9b:0b:e9:23:d2:12:32:ae:
33:5c:ee:ef:64:f9:64:6e:d1:5e:bf:0f:9d:a2:f7:
df:45:69:f5:87:ea:59:08:80:8e:04:cd:ed:f0:f4:
98:0f:60:6f:e1:ab:52:69:fe:cf:61:2d:28:42:10:
cf:d8:98:36:40:e3:97:64:53:9a:d1:67:63:1c:78:
8d:63:6f:ff:1d:bc:7a:76:4f:a0:c3:13:49:b7:4a:
39:47:85:22:fa:44:71:a3:0a:76:d4:46:fa:fd:28:
33:b6:01:40:3a:7b:e4:e7:ba:0e:c0:3d:a6:58:bb:
b2:ae:16:c6:de:25:56:89:31:b1:dc:e5:7d:b3:8e:
b0:7b:b7:7d:f8:c0:1c:86:a9:8d:1a:0f:8b:56:0a:
1b:07:07:4c:72:1d:22:c1:f8:3e:2f:57:fb:75:53:
8c:c7:0c:b8:91:f0:78:45:00:e2:21:61:b6:69:15:
b8:0c:3b:21:10:12:ea:39:5d:d6:0c:16:5b:cf:cb:
73:de:8b:dc:88:f4:94:43:43:12:fb:9a:db:26:c9:
39:21:8b:ed:c1:79:32:38:24:ae:79:6e:c6:4d:ed:
4c:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:8B:A8:E1:0B:EF:D4:DD:DF:6B:43:64:69:AE:D8:F3:44:48:C2:C5
X509v3 Authority Key Identifier:
keyid:02:83:A8:C6:9A:26:30:CD:8F:6F:A7:0A:F2:A5:3F:E0:19:F2:CC:07
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AoOoxpomMM2Pb6cK8qU_4BnyzAc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/1c24ad-24b4-4c98-a659-592c0dcdaf79/1/xIuo4Qvv1N3fa0Nkaa7Y80RIwsU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/1c24ad-24b4-4c98-a659-592c0dcdaf79/1/AoOoxpomMM2Pb6cK8qU_4BnyzAc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.167.128.0/19
46.224.32.0-46.224.127.255
46.224.160.0-46.225.127.255
46.225.160.0-46.225.223.255
77.42.0.0/17
Signature Algorithm: sha256WithRSAEncryption
7b:6f:42:f3:d3:b5:83:ba:a7:08:8b:47:e0:15:3f:a5:15:4b:
eb:b1:fc:3f:60:61:11:f9:83:9e:68:b5:ce:33:48:d7:21:fc:
75:3f:bd:11:cd:3a:de:75:32:4f:3e:53:a4:28:b2:05:98:f5:
9a:fe:cd:ea:f5:50:87:11:79:ad:6f:3e:35:90:5e:b7:9b:d1:
57:9f:2e:8e:50:c5:e4:7e:c3:4e:5b:96:7d:44:7b:46:2c:7a:
90:47:cf:97:53:b9:dc:c4:cb:c7:b5:6a:40:b8:04:30:88:bf:
5b:66:6a:e1:3a:2e:53:9c:2d:ae:82:d9:ec:98:9c:fa:f4:3e:
dd:48:dd:01:0a:57:24:fa:8c:dc:3e:2a:be:09:e7:c6:69:ba:
58:43:40:32:53:b5:0b:e4:52:9e:b4:86:e4:36:f1:3c:f2:72:
e1:c1:32:de:f2:1b:30:8f:fd:0a:5c:03:71:41:c2:77:d6:13:
5d:3d:d3:02:fa:1e:4e:c8:44:b7:7b:22:8b:6d:b6:50:e6:bf:
ec:ff:ab:23:91:5b:49:65:1d:d0:f1:da:f2:0f:5c:b0:8b:cc:
54:b8:0c:3b:e8:e4:1e:5e:41:89:9f:d9:b9:ad:9b:26:f5:27:
8b:0b:73:aa:59:81:5f:2c:b7:8d:5e:cf:70:2a:34:54:3b:7f:
4d:66:81:5d
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAYJZGY7r70PRrYmiRehnez+5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAyODNhOGM2OWEyNjMwY2Q4ZjZmYTcwYWYyYTUzZmUwMTlm
MmNjMDcwHhcNMjIwODAxMTExMDIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNDhiYThlMTBiZWZkNGRkZGY2YjQzNjQ2OWFlZDhmMzQ0NDhjMmM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAogFlVGuTC9/KiyTJvxuaDTEuvHlS
Dd4+PuYIE0Up07c+UGYumwvpI9ISMq4zXO7vZPlkbtFevw+dovffRWn1h+pZCICO
BM3t8PSYD2Bv4atSaf7PYS0oQhDP2Jg2QOOXZFOa0WdjHHiNY2//Hbx6dk+gwxNJ
t0o5R4Ui+kRxowp21Eb6/SgztgFAOnvk57oOwD2mWLuyrhbG3iVWiTGx3OV9s46w
e7d9+MAchqmNGg+LVgobBwdMch0iwfg+L1f7dVOMxwy4kfB4RQDiIWG2aRW4DDsh
EBLqOV3WDBZbz8tz3ovciPSUQ0MS+5rbJsk5IYvtwXkyOCSueW7GTe1MhwIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFMSLqOEL79Td32tDZGmu2PNESMLFMB8GA1UdIwQY
MBaAFAKDqMaaJjDNj2+nCvKlP+AZ8swHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQW9Pb3hwb21NTTJQYjZjSzhxVV80Qm55ekFjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi8xYzI0YWQtMjRiNC00Yzk4LWE2NTkt
NTkyYzBkY2RhZjc5LzEveEl1bzRRdnYxTjNmYTBOa2FhN1k4MFJJd3NVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMi8xYzI0YWQtMjRiNC00Yzk4LWE2NTktNTkyYzBkY2RhZjc5
LzEvQW9Pb3hwb21NTTJQYjZjSzhxVV80Qm55ekFjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQFLqeAMAwD
BAUu4CADBAcu4AAwDAMEBS7goAMEBy7hADAMAwQFLuGgAwQFLuHAAwQHTSoAMA0G
CSqGSIb3DQEBCwUAA4IBAQB7b0Lz07WDuqcIi0fgFT+lFUvrsfw/YGER+YOeaLXO
M0jXIfx1P70RzTredTJPPlOkKLIFmPWa/s3q9VCHEXmtbz41kF63m9FXny6OUMXk
fsNOW5Z9RHtGLHqQR8+XU7ncxMvHtWpAuAQwiL9bZmrhOi5TnC2ugtnsmJz69D7d
SN0BClck+ozcPiq+CefGabpYQ0AyU7UL5FKetIbkNvE88nLhwTLe8hswj/0KXANx
QcJ31hNdPdMC+h5OyES3eyKLbbZQ5r/s/6sjkVtJZR3Q8dryD1ywi8xUuAw76OQe
XkGJn9m5rZsm9SeLC3OqWYFfLLeNXs9wKjRUO39NZoFd
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:05:28 2023 by rpki-client on console-ams.rpki-client.org