Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/a66a29-51cc-4ba9-884f-f17613ea49e7/1/FT8DCXJPCnngPWAUdeiAhEn4wVg.roa
File: FT8DCXJPCnngPWAUdeiAhEn4wVg.roa (raw, json)
Hash identifier: TXZZfeYfLmg4ZXUgRE96Qwv8ngpbKiNGkHi7EQyaMSk=
Subject key identifier: 15:3F:03:09:72:4F:0A:79:E0:3D:60:14:75:E8:80:84:49:F8:C1:58
Certificate issuer: /CN=11dd0ebff5ba38a8758b794d04d62905194a3266
Certificate serial: 0363DA3B
Authority key identifier: 11:DD:0E:BF:F5:BA:38:A8:75:8B:79:4D:04:D6:29:05:19:4A:32:66
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ed0Ov_W6OKh1i3lNBNYpBRlKMmY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/a66a29-51cc-4ba9-884f-f17613ea49e7/1/FT8DCXJPCnngPWAUdeiAhEn4wVg.roa
Signing time: Sat 07 May 2022 09:57:36 +0000
ROA not before: Sat 07 May 2022 09:57:36 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 34458
IP address blocks: 46.20.108.0/24 maxlen: 24
46.20.106.0/24 maxlen: 24
46.20.111.0/24 maxlen: 24
46.20.110.0/24 maxlen: 24
46.20.97.0/24 maxlen: 24
46.20.104.0/24 maxlen: 24
46.20.105.0/24 maxlen: 24
46.20.101.0/24 maxlen: 24
185.160.194.0/24 maxlen: 24
185.100.170.0/24 maxlen: 24
185.100.171.0/24 maxlen: 24
185.100.168.0/24 maxlen: 24
185.100.169.0/24 maxlen: 24
185.169.222.0/24 maxlen: 24
185.169.221.0/24 maxlen: 24
185.169.223.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 56875579 (0x363da3b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=11dd0ebff5ba38a8758b794d04d62905194a3266
Validity
Not Before: May 7 09:57:36 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=153f0309724f0a79e03d601475e8808449f8c158
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:cc:70:f8:11:51:e5:4b:96:3b:a2:71:63:d0:
d7:75:66:44:b8:7a:50:e4:8a:ca:2e:6e:43:1c:a5:
c8:97:ac:15:94:12:db:1e:70:9b:13:cc:2e:b7:05:
f5:d6:59:af:4d:e0:c1:4f:88:96:df:f0:83:0e:f8:
40:29:b1:ac:06:61:9e:fe:3c:12:82:b2:e9:ed:cf:
f2:dc:87:d5:c0:a6:a0:ef:ca:0f:ee:2a:2e:d9:0b:
99:94:0b:0e:ae:27:ee:15:d2:31:62:93:9a:2a:73:
28:54:8c:5d:e1:d3:f6:7b:1f:bc:8d:a9:fc:83:ea:
21:92:36:d3:18:14:dc:53:f7:73:64:b8:50:74:5a:
e4:aa:9a:f9:5b:b7:78:95:55:b1:40:2a:70:34:7b:
6a:f4:df:88:97:c6:a1:db:49:10:3f:fe:a0:d9:64:
6f:6c:5e:c6:5c:4f:fc:fc:7d:8e:ba:bb:ac:83:66:
e9:f7:8a:f6:b3:3c:f0:71:d3:fc:8b:24:11:cb:29:
06:04:9c:e9:ba:78:36:10:0d:e5:9a:be:c1:ae:67:
b4:ac:4c:a2:07:87:5c:9c:ea:53:42:65:78:91:61:
12:79:0e:00:5f:ef:96:93:a5:44:cd:6f:e9:23:aa:
c0:da:45:20:2d:0e:88:a4:55:7c:15:70:39:94:72:
83:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
15:3F:03:09:72:4F:0A:79:E0:3D:60:14:75:E8:80:84:49:F8:C1:58
X509v3 Authority Key Identifier:
keyid:11:DD:0E:BF:F5:BA:38:A8:75:8B:79:4D:04:D6:29:05:19:4A:32:66
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ed0Ov_W6OKh1i3lNBNYpBRlKMmY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/a66a29-51cc-4ba9-884f-f17613ea49e7/1/FT8DCXJPCnngPWAUdeiAhEn4wVg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/a66a29-51cc-4ba9-884f-f17613ea49e7/1/Ed0Ov_W6OKh1i3lNBNYpBRlKMmY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.20.97.0/24
46.20.101.0/24
46.20.104.0-46.20.106.255
46.20.108.0/24
46.20.110.0/23
185.100.168.0/22
185.160.194.0/24
185.169.221.0-185.169.223.255
Signature Algorithm: sha256WithRSAEncryption
49:a7:ca:8f:34:a6:7e:76:77:28:c4:29:3b:21:9c:f0:07:7c:
6b:a3:26:5d:11:18:93:21:bc:e2:6e:1a:6f:6e:0f:9a:46:d3:
1f:f2:f8:87:60:7c:ea:68:0a:04:0a:08:d5:2c:37:e2:aa:03:
f5:3a:79:3c:c3:78:9c:0a:1d:a6:65:4c:6b:c8:68:5a:97:ba:
45:19:02:cc:55:df:f8:cb:f1:6b:f5:8d:2d:5f:a6:24:b2:ed:
d1:ec:6b:fd:6b:f4:f3:df:27:88:c0:12:fd:d4:1b:11:6c:df:
63:ce:63:df:57:cc:0f:b0:1e:35:a4:e7:4b:5b:8c:96:e1:75:
bf:4c:3e:c4:4e:ea:9f:ec:59:96:d5:1a:ce:58:bb:2f:7f:1a:
7f:a4:89:b6:87:68:1d:7d:a3:97:cb:6e:0c:38:9d:bc:84:04:
64:06:7a:f3:64:59:23:46:2a:49:b6:02:4a:e3:0e:6f:15:b2:
4b:86:91:cd:17:b3:a9:0f:bb:0e:a0:a1:e5:e4:d8:63:68:2e:
a0:00:c9:00:0d:94:55:b9:67:cf:5d:28:a5:95:6e:5c:f3:22:
62:a6:cf:ff:d1:3c:de:33:c3:ce:9c:a0:56:f1:32:8a:67:cb:
e8:ac:32:fd:8c:ce:65:54:c8:d7:2e:fd:fb:cb:65:af:f8:eb:
a0:62:ff:46
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgIEA2PaOzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
MWRkMGViZmY1YmEzOGE4NzU4Yjc5NGQwNGQ2MjkwNTE5NGEzMjY2MB4XDTIyMDUw
NzA5NTczNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMTUzZjAzMDk3MjRm
MGE3OWUwM2Q2MDE0NzVlODgwODQ0OWY4YzE1ODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJvMcPgRUeVLljuicWPQ13VmRLh6UOSKyi5uQxylyJesFZQS
2x5wmxPMLrcF9dZZr03gwU+Ilt/wgw74QCmxrAZhnv48EoKy6e3P8tyH1cCmoO/K
D+4qLtkLmZQLDq4n7hXSMWKTmipzKFSMXeHT9nsfvI2p/IPqIZI20xgU3FP3c2S4
UHRa5Kqa+Vu3eJVVsUAqcDR7avTfiJfGodtJED/+oNlkb2xexlxP/Px9jrq7rINm
6feK9rM88HHT/IskEcspBgSc6bp4NhAN5Zq+wa5ntKxMogeHXJzqU0JleJFhEnkO
AF/vlpOlRM1v6SOqwNpFIC0OiKRVfBVwOZRyg2sCAwEAAaOCAkMwggI/MB0GA1Ud
DgQWBBQVPwMJck8KeeA9YBR16ICESfjBWDAfBgNVHSMEGDAWgBQR3Q6/9bo4qHWL
eU0E1ikFGUoyZjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0VkME92X1c2T0toMWkzbE5CTllwQlJsS01tWS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjAvYTY2YTI5LTUxY2MtNGJhOS04ODRmLWYxNzYxM2VhNDllNy8x
L0ZUOERDWEpQQ25uZ1BXQVVkZWlBaEVuNHdWZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjAv
YTY2YTI5LTUxY2MtNGJhOS04ODRmLWYxNzYxM2VhNDllNy8xL0VkME92X1c2T0to
MWkzbE5CTllwQlJsS01tWS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZ
BggrBgEFBQcBBwEB/wRKMEgwRgQCAAEwQAMEAC4UYQMEAC4UZTAMAwQDLhRoAwQA
LhRqAwQALhRsAwQBLhRuAwQCuWSoAwQAuaDCMAwDBAC5qd0DBAW5qcAwDQYJKoZI
hvcNAQELBQADggEBAEmnyo80pn52dyjEKTshnPAHfGujJl0RGJMhvOJuGm9uD5pG
0x/y+IdgfOpoCgQKCNUsN+KqA/U6eTzDeJwKHaZlTGvIaFqXukUZAsxV3/jL8Wv1
jS1fpiSy7dHsa/1r9PPfJ4jAEv3UGxFs32POY99XzA+wHjWk50tbjJbhdb9MPsRO
6p/sWZbVGs5Yuy9/Gn+kibaHaB19o5fLbgw4nbyEBGQGevNkWSNGKkm2AkrjDm8V
skuGkc0Xs6kPuw6goeXk2GNoLqAAyQANlFW5Z89dKKWVblzzImKmz//RPN4zw86c
oFbxMopny+isMv2MzmVUyNcu/fvLZa/466Bi/0Y=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:50:09 2024 by rpki-client on console-fra.rpki-client.org