Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/a66a29-51cc-4ba9-884f-f17613ea49e7/1/G00_6BXpqowF1DkR-T4Hbw_828A.roa
File: G00_6BXpqowF1DkR-T4Hbw_828A.roa (raw, json)
Hash identifier: 9mgp0fWga3cm7pfWK1r/q0InZqT/pC7chpgp9NMngTI=
Subject key identifier: 1B:4D:3F:E8:15:E9:AA:8C:05:D4:39:11:F9:3E:07:6F:0F:FC:DB:C0
Certificate issuer: /CN=11dd0ebff5ba38a8758b794d04d62905194a3266
Certificate serial: 0186798CD2512AFCE12907B14F339CC0BE89
Authority key identifier: 11:DD:0E:BF:F5:BA:38:A8:75:8B:79:4D:04:D6:29:05:19:4A:32:66
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ed0Ov_W6OKh1i3lNBNYpBRlKMmY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/a66a29-51cc-4ba9-884f-f17613ea49e7/1/G00_6BXpqowF1DkR-T4Hbw_828A.roa
Signing time: Wed 22 Feb 2023 14:35:17 +0000
ROA not before: Wed 22 Feb 2023 14:35:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 34458
IP address blocks: 46.20.107.0/24 maxlen: 24
46.20.108.0/24 maxlen: 24
46.20.106.0/24 maxlen: 24
46.20.111.0/24 maxlen: 24
46.20.110.0/24 maxlen: 24
46.20.97.0/24 maxlen: 24
46.20.98.0/24 maxlen: 24
46.20.104.0/24 maxlen: 24
46.20.105.0/24 maxlen: 24
46.20.100.0/24 maxlen: 24
46.20.101.0/24 maxlen: 24
185.160.194.0/24 maxlen: 24
185.100.170.0/24 maxlen: 24
185.100.171.0/24 maxlen: 24
185.100.168.0/24 maxlen: 24
185.100.169.0/24 maxlen: 24
185.169.222.0/24 maxlen: 24
185.169.221.0/24 maxlen: 24
185.169.223.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:79:8c:d2:51:2a:fc:e1:29:07:b1:4f:33:9c:c0:be:89
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=11dd0ebff5ba38a8758b794d04d62905194a3266
Validity
Not Before: Feb 22 14:35:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1b4d3fe815e9aa8c05d43911f93e076f0ffcdbc0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:0a:bd:ee:81:37:60:ba:40:5e:ab:72:e8:46:
67:76:78:7f:5e:28:25:44:bc:4b:ce:63:0d:26:54:
89:fe:c5:6d:9d:fb:56:2d:5f:b1:7a:1c:1d:60:79:
32:33:da:e9:01:f8:29:41:8e:a6:3f:51:ec:62:80:
77:74:a7:cb:32:0c:54:aa:99:00:bf:c4:52:10:8b:
78:f4:6a:78:62:0c:7d:70:06:16:c8:1e:c1:5d:85:
1f:4e:c6:79:e5:c4:7b:54:48:34:95:db:dd:42:9d:
95:44:1a:eb:9b:bb:2f:cb:7c:1c:46:92:1d:2e:e8:
8e:87:ff:37:6c:74:d6:bf:61:f9:b3:cc:de:94:e9:
4f:24:cf:2b:8b:94:6d:2f:e4:2d:89:22:77:06:c6:
e8:ce:60:c8:f0:65:1d:0b:57:3a:c1:8c:65:71:78:
5f:65:11:0a:83:c9:e8:6e:6a:8f:b4:e4:55:81:18:
7c:9e:92:e4:4c:2a:3a:f2:6a:33:e2:82:87:f6:75:
9b:f7:ed:21:89:1f:6c:c3:94:9e:61:2e:32:e4:30:
69:02:b3:ab:d3:83:b2:0a:09:b3:2b:89:47:0b:31:
85:09:d5:34:78:9d:74:6a:90:92:8e:6c:bd:c7:2d:
71:23:f5:82:57:59:6e:09:32:0d:cf:b9:72:e6:fe:
e8:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:4D:3F:E8:15:E9:AA:8C:05:D4:39:11:F9:3E:07:6F:0F:FC:DB:C0
X509v3 Authority Key Identifier:
keyid:11:DD:0E:BF:F5:BA:38:A8:75:8B:79:4D:04:D6:29:05:19:4A:32:66
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ed0Ov_W6OKh1i3lNBNYpBRlKMmY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/a66a29-51cc-4ba9-884f-f17613ea49e7/1/G00_6BXpqowF1DkR-T4Hbw_828A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/a66a29-51cc-4ba9-884f-f17613ea49e7/1/Ed0Ov_W6OKh1i3lNBNYpBRlKMmY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.20.97.0-46.20.98.255
46.20.100.0/23
46.20.104.0-46.20.108.255
46.20.110.0/23
185.100.168.0/22
185.160.194.0/24
185.169.221.0-185.169.223.255
Signature Algorithm: sha256WithRSAEncryption
57:a2:e5:2f:e6:e4:85:fc:a2:84:50:09:75:2d:69:29:74:58:
96:75:72:c0:f7:0a:cd:c6:bf:d3:0a:e9:a7:9d:47:9f:64:fa:
92:87:d3:87:3e:c2:61:92:3f:b6:e7:7b:fb:1f:e1:bf:b3:72:
da:af:2b:0e:d3:07:4d:e8:7d:8c:5e:10:d7:7e:9c:f4:57:85:
3a:5e:8d:9e:82:e6:9b:6f:e6:f2:6b:d9:a1:e2:20:99:fd:d6:
94:f1:d3:45:12:f5:55:d6:de:4b:4f:ce:19:74:03:a1:50:8c:
7f:4b:cf:a2:3a:6a:1b:e6:1d:24:b7:3a:cb:be:95:7c:e0:37:
40:d1:bf:95:d1:73:6a:14:11:63:1e:11:82:74:89:6b:2f:d7:
2a:da:08:5f:c0:75:34:94:d2:97:23:c4:85:c1:1c:3d:28:77:
1f:b3:7d:da:a5:06:49:05:b9:40:4e:ab:b0:43:2f:5f:6f:bb:
05:fd:35:94:85:b5:a6:c3:e3:59:87:a3:8c:20:8c:d9:e3:41:
6b:72:44:bd:9a:cf:ca:bb:4b:c4:9c:e9:7e:19:ad:1b:23:7d:
8f:a9:70:0b:30:1c:43:f9:c8:08:d8:da:36:8c:94:2a:79:c3:
a3:cd:c8:4d:a3:d9:8f:d3:7e:d6:62:c8:8f:d5:22:c3:0e:8f:
ac:c3:91:3d
-----BEGIN CERTIFICATE-----
MIIFOTCCBCGgAwIBAgISAYZ5jNJRKvzhKQexTzOcwL6JMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDExZGQwZWJmZjViYTM4YTg3NThiNzk0ZDA0ZDYyOTA1MTk0
YTMyNjYwHhcNMjMwMjIyMTQzNTE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYjRkM2ZlODE1ZTlhYThjMDVkNDM5MTFmOTNlMDc2ZjBmZmNkYmMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlQq97oE3YLpAXqty6EZndnh/Xigl
RLxLzmMNJlSJ/sVtnftWLV+xehwdYHkyM9rpAfgpQY6mP1HsYoB3dKfLMgxUqpkA
v8RSEIt49Gp4Ygx9cAYWyB7BXYUfTsZ55cR7VEg0ldvdQp2VRBrrm7svy3wcRpId
LuiOh/83bHTWv2H5s8zelOlPJM8ri5RtL+QtiSJ3BsbozmDI8GUdC1c6wYxlcXhf
ZREKg8nobmqPtORVgRh8npLkTCo68moz4oKH9nWb9+0hiR9sw5SeYS4y5DBpArOr
04OyCgmzK4lHCzGFCdU0eJ10apCSjmy9xy1xI/WCV1luCTINz7ly5v7oWQIDAQAB
o4ICRTCCAkEwHQYDVR0OBBYEFBtNP+gV6aqMBdQ5Efk+B28P/NvAMB8GA1UdIwQY
MBaAFBHdDr/1ujiodYt5TQTWKQUZSjJmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRWQwT3ZfVzZPS2gxaTNsTkJOWXBCUmxLTW1ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC9hNjZhMjktNTFjYy00YmE5LTg4NGYt
ZjE3NjEzZWE0OWU3LzEvRzAwXzZCWHBxb3dGMURrUi1UNEhid184MjhBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC9hNjZhMjktNTFjYy00YmE5LTg4NGYtZjE3NjEzZWE0OWU3
LzEvRWQwT3ZfVzZPS2gxaTNsTkJOWXBCUmxLTW1ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFsGCCsGAQUFBwEHAQH/BEwwSjBIBAIAATBCMAwDBAAuFGED
BAAuFGIDBAEuFGQwDAMEAy4UaAMEAC4UbAMEAS4UbgMEArlkqAMEALmgwjAMAwQA
uandAwQFuanAMA0GCSqGSIb3DQEBCwUAA4IBAQBXouUv5uSF/KKEUAl1LWkpdFiW
dXLA9wrNxr/TCumnnUefZPqSh9OHPsJhkj+253v7H+G/s3LarysO0wdN6H2MXhDX
fpz0V4U6Xo2eguabb+bya9mh4iCZ/daU8dNFEvVV1t5LT84ZdAOhUIx/S8+iOmob
5h0ktzrLvpV84DdA0b+V0XNqFBFjHhGCdIlrL9cq2ghfwHU0lNKXI8SFwRw9KHcf
s33apQZJBblATquwQy9fb7sF/TWUhbWmw+NZh6OMIIzZ40FrckS9ms/Ku0vEnOl+
Ga0bI32PqXALMBxD+cgI2No2jJQqecOjzchNo9mP037WYsiP1SLDDo+sw5E9
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:16 2023 by rpki-client on console-ams.rpki-client.org