Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/ec3106-e7bf-4299-ae12-dbd91b111844/1/Nyk-VNoJyAmTW__3Bf6eaCIoul8.roa
File: Nyk-VNoJyAmTW__3Bf6eaCIoul8.roa (raw, json)
Hash identifier: ShuWQp4zQeY7ocfTWnOhWDg5jIECmGv3asvs8bamzlA=
Subject key identifier: 37:29:3E:54:DA:09:C8:09:93:5B:FF:F7:05:FE:9E:68:22:28:BA:5F
Certificate issuer: /CN=d76d71d8845d2fe296a46d79176f590d8db4f16a
Certificate serial: 01856FF97DDB18D67AEE113CB298D51E6C17
Authority key identifier: D7:6D:71:D8:84:5D:2F:E2:96:A4:6D:79:17:6F:59:0D:8D:B4:F1:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/121x2IRdL-KWpG15F29ZDY208Wo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a8/ec3106-e7bf-4299-ae12-dbd91b111844/1/Nyk-VNoJyAmTW__3Bf6eaCIoul8.roa
Signing time: Mon 02 Jan 2023 00:54:59 +0000
ROA not before: Mon 02 Jan 2023 00:54:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 13252
IP address blocks: 46.151.176.0/21 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:f9:7d:db:18:d6:7a:ee:11:3c:b2:98:d5:1e:6c:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d76d71d8845d2fe296a46d79176f590d8db4f16a
Validity
Not Before: Jan 2 00:54:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=37293e54da09c809935bfff705fe9e682228ba5f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:24:e1:d2:e5:89:a7:33:b0:b1:d4:54:95:2e:
e8:57:34:be:2b:67:f0:2a:3d:0a:24:8e:34:88:90:
ab:2f:51:4a:4b:58:dc:5c:6f:da:2e:2d:2d:75:8a:
77:06:4f:d7:8d:d6:0d:d2:b3:38:28:26:c8:a5:e1:
3b:1d:4c:f2:38:0a:d5:0b:df:67:16:b4:90:8b:6e:
e9:76:3b:f0:ad:93:8f:d7:55:58:00:14:b5:30:d5:
5f:4a:c6:c3:b3:35:cb:2c:8f:bc:03:16:df:ca:e2:
de:1c:8a:0e:c1:21:9f:7c:84:18:78:4e:7b:4d:74:
00:27:20:3b:b8:79:61:31:49:30:6f:9c:db:45:99:
ed:f7:c1:e9:e8:21:0b:e9:e7:bd:d4:1d:5d:b5:47:
b3:f0:68:d6:a0:9e:e1:94:e7:0c:e5:31:46:95:5e:
4c:7d:ba:cc:33:19:68:d1:4f:b4:6f:af:4d:07:20:
9d:e7:fa:39:b1:32:48:a7:2c:77:8b:cb:11:e2:af:
c1:41:9e:82:3e:04:31:63:c9:e0:22:0d:f2:d1:fd:
4e:6d:9a:1b:48:4c:9b:ae:41:c2:77:9b:72:00:0b:
e0:73:50:e9:96:55:09:56:b4:44:3c:91:82:15:a2:
6a:c2:11:e9:c7:db:30:7a:0d:63:58:2a:9b:3e:0e:
39:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:29:3E:54:DA:09:C8:09:93:5B:FF:F7:05:FE:9E:68:22:28:BA:5F
X509v3 Authority Key Identifier:
keyid:D7:6D:71:D8:84:5D:2F:E2:96:A4:6D:79:17:6F:59:0D:8D:B4:F1:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/121x2IRdL-KWpG15F29ZDY208Wo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/ec3106-e7bf-4299-ae12-dbd91b111844/1/Nyk-VNoJyAmTW__3Bf6eaCIoul8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/ec3106-e7bf-4299-ae12-dbd91b111844/1/121x2IRdL-KWpG15F29ZDY208Wo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.151.176.0/21
Signature Algorithm: sha256WithRSAEncryption
80:10:e6:ec:b5:d7:cc:83:98:b4:d1:dc:b0:10:0f:7c:08:98:
a1:77:04:df:87:50:3e:25:ca:b5:08:90:6b:ca:e8:bb:b6:e6:
50:81:8e:07:cc:62:cf:2b:a7:5c:47:0c:64:5b:22:cc:10:26:
6a:6c:5b:a1:50:94:87:76:38:f0:6d:24:5d:6a:47:72:37:aa:
7b:10:83:01:40:61:b3:7b:44:bf:47:85:a1:23:ae:0e:39:b5:
b3:84:87:13:ff:df:55:1a:38:52:a7:56:e4:5b:66:6e:50:c2:
a9:74:2b:8f:98:c3:79:42:78:19:ed:08:13:1a:15:28:3c:02:
9c:0f:b5:50:78:91:3d:ca:7f:fc:c3:ab:35:46:ba:c9:f9:26:
d7:b2:33:e4:1f:db:f9:a2:bf:40:b2:6b:16:86:10:b4:5b:1c:
d8:0d:9d:40:74:8f:0b:cd:c7:c9:9a:08:a3:0a:ef:b4:df:2a:
f4:91:b9:4a:d4:00:5e:1c:b9:68:bb:58:e2:fc:73:5d:6e:63:
2b:55:8f:9a:d3:d6:06:35:53:67:cd:ab:fc:b7:dd:43:07:61:
29:61:22:cd:fe:fd:af:78:e5:53:40:dc:30:81:75:31:27:71:
16:ea:36:9d:ea:23:9f:6b:2a:cd:1a:0f:ec:9b:b1:e1:5d:e5:
00:78:b9:ac
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVv+X3bGNZ67hE8spjVHmwXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ3NmQ3MWQ4ODQ1ZDJmZTI5NmE0NmQ3OTE3NmY1OTBkOGRi
NGYxNmEwHhcNMjMwMTAyMDA1NDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNzI5M2U1NGRhMDljODA5OTM1YmZmZjcwNWZlOWU2ODIyMjhiYTVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArSTh0uWJpzOwsdRUlS7oVzS+K2fw
Kj0KJI40iJCrL1FKS1jcXG/aLi0tdYp3Bk/XjdYN0rM4KCbIpeE7HUzyOArVC99n
FrSQi27pdjvwrZOP11VYABS1MNVfSsbDszXLLI+8AxbfyuLeHIoOwSGffIQYeE57
TXQAJyA7uHlhMUkwb5zbRZnt98Hp6CEL6ee91B1dtUez8GjWoJ7hlOcM5TFGlV5M
fbrMMxlo0U+0b69NByCd5/o5sTJIpyx3i8sR4q/BQZ6CPgQxY8ngIg3y0f1ObZob
SEybrkHCd5tyAAvgc1DpllUJVrREPJGCFaJqwhHpx9sweg1jWCqbPg45HwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDcpPlTaCcgJk1v/9wX+nmgiKLpfMB8GA1UdIwQY
MBaAFNdtcdiEXS/ilqRteRdvWQ2NtPFqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMTIxeDJJUmRMLUtXcEcxNUYyOVpEWTIwOFdvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC9lYzMxMDYtZTdiZi00Mjk5LWFlMTIt
ZGJkOTFiMTExODQ0LzEvTnlrLVZOb0p5QW1UV19fM0JmNmVhQ0lvdWw4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOC9lYzMxMDYtZTdiZi00Mjk5LWFlMTItZGJkOTFiMTExODQ0
LzEvMTIxeDJJUmRMLUtXcEcxNUYyOVpEWTIwOFdvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDLpewMA0G
CSqGSIb3DQEBCwUAA4IBAQCAEObstdfMg5i00dywEA98CJihdwTfh1A+Jcq1CJBr
yui7tuZQgY4HzGLPK6dcRwxkWyLMECZqbFuhUJSHdjjwbSRdakdyN6p7EIMBQGGz
e0S/R4WhI64OObWzhIcT/99VGjhSp1bkW2ZuUMKpdCuPmMN5QngZ7QgTGhUoPAKc
D7VQeJE9yn/8w6s1RrrJ+SbXsjPkH9v5or9AsmsWhhC0WxzYDZ1AdI8LzcfJmgij
Cu+03yr0kblK1ABeHLlou1ji/HNdbmMrVY+a09YGNVNnzav8t91DB2EpYSLN/v2v
eOVTQNwwgXUxJ3EW6jad6iOfayrNGg/sm7HhXeUAeLms
-----END CERTIFICATE-----
Generated at Fri Jul 28 09:30:48 2023 by rpki-client on console-fra.rpki-client.org