Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/a66a29-51cc-4ba9-884f-f17613ea49e7/1/AYnyqWy2OzyS3ZzYQ-m5wCVkp00.roa
File: AYnyqWy2OzyS3ZzYQ-m5wCVkp00.roa (raw, json)
Hash identifier: Necca5fVS+YWcpNJtUQLkusHQKiUgBv3DU6wiAsZWLE=
Subject key identifier: 01:89:F2:A9:6C:B6:3B:3C:92:DD:9C:D8:43:E9:B9:C0:25:64:A7:4D
Certificate issuer: /CN=11dd0ebff5ba38a8758b794d04d62905194a3266
Certificate serial: 03AA2380
Authority key identifier: 11:DD:0E:BF:F5:BA:38:A8:75:8B:79:4D:04:D6:29:05:19:4A:32:66
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ed0Ov_W6OKh1i3lNBNYpBRlKMmY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/a66a29-51cc-4ba9-884f-f17613ea49e7/1/AYnyqWy2OzyS3ZzYQ-m5wCVkp00.roa
Signing time: Tue 07 Jun 2022 09:19:07 +0000
ROA not before: Tue 07 Jun 2022 09:19:07 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 35913
IP address blocks: 185.169.220.0/24 maxlen: 24
46.20.103.0/24 maxlen: 24
46.20.102.0/24 maxlen: 24
46.20.100.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 61481856 (0x3aa2380)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=11dd0ebff5ba38a8758b794d04d62905194a3266
Validity
Not Before: Jun 7 09:19:07 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0189f2a96cb63b3c92dd9cd843e9b9c02564a74d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:5c:ed:c9:a6:bf:4f:2f:dd:36:b1:a5:8e:78:
c5:a7:92:8d:cc:00:89:a8:ce:95:c8:f6:db:ff:9e:
e6:f7:95:26:21:25:e3:1d:d0:84:e8:3c:c5:0c:d9:
7a:a1:bf:62:b2:2d:67:75:ab:37:6d:ce:f3:89:62:
bd:91:e4:0b:29:5f:2e:e7:02:10:7e:34:60:5b:26:
f0:aa:49:2e:5d:71:c0:3b:44:f2:82:65:5d:c1:57:
53:ed:69:96:c8:7f:3a:3a:e7:22:99:36:b6:c6:94:
a1:6e:14:2f:53:5a:13:44:18:eb:00:ef:a1:da:99:
0e:07:61:ac:84:90:56:8c:80:c4:78:e0:32:ae:1f:
d5:e9:6d:be:1d:01:c2:fd:0e:f8:a1:82:df:b5:66:
d7:08:66:13:87:a6:10:fb:8e:9d:e7:70:f6:7d:0f:
0d:b0:b5:d2:82:a1:cc:75:9d:ac:17:1e:43:69:fe:
5b:7e:73:9b:62:c6:05:2f:c5:ba:78:1d:71:94:0a:
3c:c5:5c:ba:6a:ea:d5:64:c4:ed:f2:6c:49:71:91:
ae:87:45:0b:1e:34:a8:75:55:21:2a:6c:e7:57:2b:
9b:74:cc:d7:f9:59:ef:b0:4e:cf:a7:1a:51:b7:63:
ae:01:94:80:66:26:00:e4:00:b6:d7:1a:e8:7b:01:
43:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:89:F2:A9:6C:B6:3B:3C:92:DD:9C:D8:43:E9:B9:C0:25:64:A7:4D
X509v3 Authority Key Identifier:
keyid:11:DD:0E:BF:F5:BA:38:A8:75:8B:79:4D:04:D6:29:05:19:4A:32:66
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ed0Ov_W6OKh1i3lNBNYpBRlKMmY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/a66a29-51cc-4ba9-884f-f17613ea49e7/1/AYnyqWy2OzyS3ZzYQ-m5wCVkp00.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/a66a29-51cc-4ba9-884f-f17613ea49e7/1/Ed0Ov_W6OKh1i3lNBNYpBRlKMmY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.20.100.0/24
46.20.102.0/23
185.169.220.0/24
Signature Algorithm: sha256WithRSAEncryption
7b:81:99:02:e5:39:78:45:e6:be:4e:25:65:48:3a:86:86:bb:
91:55:09:4f:39:a8:b8:2f:2a:94:7a:d2:1f:57:72:5e:7c:b2:
a2:0a:3e:cb:2f:ac:7b:35:92:4a:a3:c3:fa:08:97:f4:e9:1e:
47:f5:f2:0d:18:d4:6b:71:04:d1:cc:a5:b9:05:64:ad:ad:6b:
ea:ea:03:bd:99:47:97:b3:e2:80:f3:0b:e8:ef:88:66:41:84:
f2:30:4a:f3:2c:b3:2b:d6:15:83:bf:3b:5c:aa:72:d3:32:b9:
b2:c4:2e:2d:5a:2c:c3:ab:b4:ba:1b:b4:57:f3:2f:18:94:b5:
ef:75:c7:16:90:ec:93:20:37:46:19:c7:75:ca:26:98:57:57:
5e:47:1c:04:4f:56:1a:df:b4:39:b1:93:ab:8f:75:fb:93:28:
cd:7c:5e:12:47:21:91:e1:72:d3:d6:9b:80:1e:ec:38:9b:a7:
22:3b:f8:ba:7f:ec:68:6d:a7:34:c0:d0:6a:4c:a2:75:04:5f:
81:47:76:51:57:31:a0:3e:71:14:99:dd:83:ce:3d:45:d0:49:
09:50:7a:23:99:41:6d:34:35:0c:86:32:b1:56:fd:5c:28:6e:
4f:fd:d8:c3:b3:31:a2:15:5a:a5:23:57:72:d1:c0:3d:cb:00:
a6:d8:31:09
-----BEGIN CERTIFICATE-----
MIIE+zCCA+OgAwIBAgIEA6ojgDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
MWRkMGViZmY1YmEzOGE4NzU4Yjc5NGQwNGQ2MjkwNTE5NGEzMjY2MB4XDTIyMDYw
NzA5MTkwN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMDE4OWYyYTk2Y2I2
M2IzYzkyZGQ5Y2Q4NDNlOWI5YzAyNTY0YTc0ZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOdc7cmmv08v3TaxpY54xaeSjcwAiajOlcj22/+e5veVJiEl
4x3QhOg8xQzZeqG/YrItZ3WrN23O84livZHkCylfLucCEH40YFsm8KpJLl1xwDtE
8oJlXcFXU+1plsh/OjrnIpk2tsaUoW4UL1NaE0QY6wDvodqZDgdhrISQVoyAxHjg
Mq4f1eltvh0Bwv0O+KGC37Vm1whmE4emEPuOnedw9n0PDbC10oKhzHWdrBceQ2n+
W35zm2LGBS/FungdcZQKPMVcumrq1WTE7fJsSXGRrodFCx40qHVVISps51crm3TM
1/lZ77BOz6caUbdjrgGUgGYmAOQAttca6HsBQ/0CAwEAAaOCAhUwggIRMB0GA1Ud
DgQWBBQBifKpbLY7PJLdnNhD6bnAJWSnTTAfBgNVHSMEGDAWgBQR3Q6/9bo4qHWL
eU0E1ikFGUoyZjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0VkME92X1c2T0toMWkzbE5CTllwQlJsS01tWS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjAvYTY2YTI5LTUxY2MtNGJhOS04ODRmLWYxNzYxM2VhNDllNy8x
L0FZbnlxV3kyT3p5UzNaellRLW01d0NWa3AwMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjAv
YTY2YTI5LTUxY2MtNGJhOS04ODRmLWYxNzYxM2VhNDllNy8xL0VkME92X1c2T0to
MWkzbE5CTllwQlJsS01tWS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAr
BggrBgEFBQcBBwEB/wQcMBowGAQCAAEwEgMEAC4UZAMEAS4UZgMEALmp3DANBgkq
hkiG9w0BAQsFAAOCAQEAe4GZAuU5eEXmvk4lZUg6hoa7kVUJTzmouC8qlHrSH1dy
Xnyyogo+yy+sezWSSqPD+giX9OkeR/XyDRjUa3EE0cyluQVkra1r6uoDvZlHl7Pi
gPML6O+IZkGE8jBK8yyzK9YVg787XKpy0zK5ssQuLVosw6u0uhu0V/MvGJS173XH
FpDskyA3RhnHdcommFdXXkccBE9WGt+0ObGTq491+5MozXxeEkchkeFy09abgB7s
OJunIjv4un/saG2nNMDQakyidQRfgUd2UVcxoD5xFJndg849RdBJCVB6I5lBbTQ1
DIYysVb9XChuT/3Yw7MxohVapSNXctHAPcsAptgxCQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:50:09 2024 by rpki-client on console-fra.rpki-client.org