Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/a66a29-51cc-4ba9-884f-f17613ea49e7/1/6Iw2rrz5GeQxarR_80MlNnHK5ic.roa
File: 6Iw2rrz5GeQxarR_80MlNnHK5ic.roa (raw, json)
Hash identifier: 2/9CX/pYZX66P+jVrcyTd1GKFqMoQyhD5JRGZWxoB5g=
Subject key identifier: E8:8C:36:AE:BC:F9:19:E4:31:6A:B4:7F:F3:43:25:36:71:CA:E6:27
Certificate issuer: /CN=11dd0ebff5ba38a8758b794d04d62905194a3266
Certificate serial: 018683720CEE222FC963AF75604D0595F64D
Authority key identifier: 11:DD:0E:BF:F5:BA:38:A8:75:8B:79:4D:04:D6:29:05:19:4A:32:66
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ed0Ov_W6OKh1i3lNBNYpBRlKMmY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/a66a29-51cc-4ba9-884f-f17613ea49e7/1/6Iw2rrz5GeQxarR_80MlNnHK5ic.roa
Signing time: Fri 24 Feb 2023 12:42:15 +0000
ROA not before: Fri 24 Feb 2023 12:42:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 34458
IP address blocks: 46.20.108.0/24 maxlen: 24
46.20.106.0/24 maxlen: 24
46.20.111.0/24 maxlen: 24
46.20.110.0/24 maxlen: 24
46.20.97.0/24 maxlen: 24
46.20.104.0/24 maxlen: 24
46.20.105.0/24 maxlen: 24
46.20.100.0/24 maxlen: 24
46.20.101.0/24 maxlen: 24
185.160.194.0/24 maxlen: 24
185.100.170.0/24 maxlen: 24
185.100.171.0/24 maxlen: 24
185.100.168.0/24 maxlen: 24
185.100.169.0/24 maxlen: 24
185.169.222.0/24 maxlen: 24
185.169.221.0/24 maxlen: 24
185.169.223.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:83:72:0c:ee:22:2f:c9:63:af:75:60:4d:05:95:f6:4d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=11dd0ebff5ba38a8758b794d04d62905194a3266
Validity
Not Before: Feb 24 12:42:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e88c36aebcf919e4316ab47ff343253671cae627
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:69:37:95:6a:8f:78:d8:5a:84:38:80:c7:aa:
0d:5a:9e:70:10:f2:11:53:b6:26:5d:7a:a7:c5:20:
88:ab:2a:b6:cd:b0:40:a3:c9:ce:3e:24:d3:03:9a:
dc:0c:5f:06:0e:2a:c9:78:6b:e7:25:cf:9d:82:fa:
d8:ad:b3:f9:25:eb:13:2a:75:68:86:47:d0:51:0f:
bb:a0:03:c2:8f:27:25:19:d6:77:6e:f8:7a:09:9d:
9e:5d:2d:e8:cc:2e:c8:8f:59:5e:26:e6:7b:56:f2:
75:f7:5d:54:34:8e:97:02:fd:ff:14:03:e6:8e:a8:
58:74:35:54:99:4e:0e:e7:33:a3:fb:1b:e7:7b:5e:
dc:96:9d:c6:69:78:cd:6c:e5:46:c3:a0:f6:ba:46:
8a:07:54:e6:a1:15:28:7b:5d:3c:60:bd:a3:ad:3b:
57:f2:3f:65:81:5a:57:b9:c9:66:63:01:94:14:ed:
f5:66:71:ee:d4:fd:66:1c:1e:78:b8:38:97:b0:02:
6f:5a:df:bb:18:6f:13:83:68:f5:68:65:96:21:be:
c4:74:fa:96:f2:7f:96:7c:c6:ac:c7:8c:2c:d4:ca:
a9:f4:bd:c6:9e:7a:20:ef:f2:ee:eb:0d:9f:f8:00:
ac:25:f6:f1:4f:23:a2:05:ed:ef:5f:54:4d:99:a6:
f0:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E8:8C:36:AE:BC:F9:19:E4:31:6A:B4:7F:F3:43:25:36:71:CA:E6:27
X509v3 Authority Key Identifier:
keyid:11:DD:0E:BF:F5:BA:38:A8:75:8B:79:4D:04:D6:29:05:19:4A:32:66
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ed0Ov_W6OKh1i3lNBNYpBRlKMmY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/a66a29-51cc-4ba9-884f-f17613ea49e7/1/6Iw2rrz5GeQxarR_80MlNnHK5ic.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/a66a29-51cc-4ba9-884f-f17613ea49e7/1/Ed0Ov_W6OKh1i3lNBNYpBRlKMmY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.20.97.0/24
46.20.100.0/23
46.20.104.0-46.20.106.255
46.20.108.0/24
46.20.110.0/23
185.100.168.0/22
185.160.194.0/24
185.169.221.0-185.169.223.255
Signature Algorithm: sha256WithRSAEncryption
80:29:af:83:0a:9a:00:76:ff:1d:52:a1:19:70:67:99:f8:cb:
b5:e4:d2:05:29:fb:df:9b:cd:9b:72:50:c8:68:66:80:b9:fd:
17:94:3a:cd:07:96:6b:79:f4:f1:32:50:a3:45:ef:4e:80:8a:
68:aa:bd:9a:43:ac:3b:76:fd:2c:df:b6:61:77:13:d0:25:4b:
23:a4:92:e0:73:a5:79:d9:fa:75:10:9f:82:43:56:d7:f7:31:
17:dc:2b:ce:62:38:f4:45:ad:67:ef:19:b3:32:f7:2d:01:40:
31:82:14:4e:5c:b7:01:c6:16:c7:58:5f:8f:27:b3:eb:cf:12:
42:ec:c1:d4:70:3a:7c:97:2f:70:65:dd:99:e0:79:e1:3f:dd:
81:ab:65:57:4c:88:98:32:3e:d5:5c:4c:01:d4:e6:13:3a:c7:
80:87:bc:3a:60:29:ab:9e:9b:f3:52:17:ee:ee:74:8c:db:16:
92:d2:00:cd:a6:5a:f0:f5:ff:1f:09:8b:89:eb:36:5b:59:9e:
d0:84:23:7c:40:a3:da:74:41:04:c0:09:40:8c:18:1a:14:cb:
5b:db:5d:fc:07:80:e8:f2:62:7f:f5:0d:a3:38:a2:5b:5e:4f:
40:9a:2f:af:2e:20:39:a9:10:f2:36:5d:71:35:bd:fb:47:90:
75:4d:52:b5
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgISAYaDcgzuIi/JY691YE0FlfZNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDExZGQwZWJmZjViYTM4YTg3NThiNzk0ZDA0ZDYyOTA1MTk0
YTMyNjYwHhcNMjMwMjI0MTI0MjE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlODhjMzZhZWJjZjkxOWU0MzE2YWI0N2ZmMzQzMjUzNjcxY2FlNjI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArWk3lWqPeNhahDiAx6oNWp5wEPIR
U7YmXXqnxSCIqyq2zbBAo8nOPiTTA5rcDF8GDirJeGvnJc+dgvrYrbP5JesTKnVo
hkfQUQ+7oAPCjyclGdZ3bvh6CZ2eXS3ozC7Ij1leJuZ7VvJ1911UNI6XAv3/FAPm
jqhYdDVUmU4O5zOj+xvne17clp3GaXjNbOVGw6D2ukaKB1TmoRUoe108YL2jrTtX
8j9lgVpXuclmYwGUFO31ZnHu1P1mHB54uDiXsAJvWt+7GG8Tg2j1aGWWIb7EdPqW
8n+WfMasx4ws1Mqp9L3Gnnog7/Lu6w2f+ACsJfbxTyOiBe3vX1RNmabw8wIDAQAB
o4ICQzCCAj8wHQYDVR0OBBYEFOiMNq68+RnkMWq0f/NDJTZxyuYnMB8GA1UdIwQY
MBaAFBHdDr/1ujiodYt5TQTWKQUZSjJmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRWQwT3ZfVzZPS2gxaTNsTkJOWXBCUmxLTW1ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC9hNjZhMjktNTFjYy00YmE5LTg4NGYt
ZjE3NjEzZWE0OWU3LzEvNkl3MnJyejVHZVF4YXJSXzgwTWxObkhLNWljLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC9hNjZhMjktNTFjYy00YmE5LTg4NGYtZjE3NjEzZWE0OWU3
LzEvRWQwT3ZfVzZPS2gxaTNsTkJOWXBCUmxLTW1ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFkGCCsGAQUFBwEHAQH/BEowSDBGBAIAATBAAwQALhRhAwQB
LhRkMAwDBAMuFGgDBAAuFGoDBAAuFGwDBAEuFG4DBAK5ZKgDBAC5oMIwDAMEALmp
3QMEBbmpwDANBgkqhkiG9w0BAQsFAAOCAQEAgCmvgwqaAHb/HVKhGXBnmfjLteTS
BSn735vNm3JQyGhmgLn9F5Q6zQeWa3n08TJQo0XvToCKaKq9mkOsO3b9LN+2YXcT
0CVLI6SS4HOledn6dRCfgkNW1/cxF9wrzmI49EWtZ+8ZszL3LQFAMYIUTly3AcYW
x1hfjyez688SQuzB1HA6fJcvcGXdmeB54T/dgatlV0yImDI+1VxMAdTmEzrHgIe8
OmApq56b81IX7u50jNsWktIAzaZa8PX/HwmLies2W1me0IQjfECj2nRBBMAJQIwY
GhTLW9td/AeA6PJif/UNoziiW15PQJovry4gOakQ8jZdcTW9+0eQdU1StQ==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:29:25 2025 by rpki-client