Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/a66a29-51cc-4ba9-884f-f17613ea49e7/1/Ir_z7-SwvlHIY6KdOFLNnv1mBRU.roa
File: Ir_z7-SwvlHIY6KdOFLNnv1mBRU.roa (raw, json)
Hash identifier: urYlWW+GdPZBWt8i03w3P6qloGzIDotRVgZfM8TNiRg=
Subject key identifier: 22:BF:F3:EF:E4:B0:BE:51:C8:63:A2:9D:38:52:CD:9E:FD:66:05:15
Certificate issuer: /CN=11dd0ebff5ba38a8758b794d04d62905194a3266
Certificate serial: 0183217ADE331CF33ED0CA0C02B65A07A446
Authority key identifier: 11:DD:0E:BF:F5:BA:38:A8:75:8B:79:4D:04:D6:29:05:19:4A:32:66
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ed0Ov_W6OKh1i3lNBNYpBRlKMmY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/a66a29-51cc-4ba9-884f-f17613ea49e7/1/Ir_z7-SwvlHIY6KdOFLNnv1mBRU.roa
Signing time: Fri 09 Sep 2022 09:00:43 +0000
ROA not before: Fri 09 Sep 2022 09:00:43 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 35913
IP address blocks: 46.20.103.0/24 maxlen: 24
46.20.102.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:21:7a:de:33:1c:f3:3e:d0:ca:0c:02:b6:5a:07:a4:46
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=11dd0ebff5ba38a8758b794d04d62905194a3266
Validity
Not Before: Sep 9 09:00:43 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=22bff3efe4b0be51c863a29d3852cd9efd660515
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:24:9b:00:69:b1:aa:4e:8b:2e:16:c8:71:c9:
98:6b:24:db:46:74:59:f9:e9:26:62:3d:9f:49:b9:
a3:d6:21:46:f3:38:f0:a3:a2:56:63:ef:01:e0:ae:
c7:10:94:d7:1b:74:84:e8:19:f2:90:da:da:b2:58:
8d:de:3e:bc:69:db:3c:b4:77:65:eb:81:02:6e:39:
5c:fb:81:ba:e9:4e:04:e5:6d:fa:57:ea:1e:47:c3:
1d:80:59:46:17:66:52:2c:64:23:d5:96:7b:87:cc:
94:62:80:ef:25:2b:b9:eb:5e:29:b7:e1:57:94:cb:
4a:18:ca:94:a2:38:f1:52:5c:90:21:14:e6:1a:87:
c3:95:5d:dd:15:85:f3:2e:f2:6b:44:fb:b7:da:36:
dc:33:00:60:be:95:05:93:c1:4e:0c:b3:02:77:5f:
14:b0:35:02:33:78:c8:b8:26:80:cf:2b:09:49:e6:
1f:27:d0:b6:02:c1:93:cf:8d:a0:94:78:fc:a6:4d:
40:6b:2e:37:5e:dc:45:55:1c:dc:7f:67:91:26:a3:
fc:33:8f:14:9c:5a:56:7c:7e:eb:32:56:7a:b0:64:
78:6e:41:5d:6f:c3:37:20:42:f1:7d:07:cb:72:85:
1e:94:bb:99:02:29:f5:18:e3:1e:8a:52:37:4f:55:
14:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:BF:F3:EF:E4:B0:BE:51:C8:63:A2:9D:38:52:CD:9E:FD:66:05:15
X509v3 Authority Key Identifier:
keyid:11:DD:0E:BF:F5:BA:38:A8:75:8B:79:4D:04:D6:29:05:19:4A:32:66
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ed0Ov_W6OKh1i3lNBNYpBRlKMmY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/a66a29-51cc-4ba9-884f-f17613ea49e7/1/Ir_z7-SwvlHIY6KdOFLNnv1mBRU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/a66a29-51cc-4ba9-884f-f17613ea49e7/1/Ed0Ov_W6OKh1i3lNBNYpBRlKMmY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.20.102.0/23
Signature Algorithm: sha256WithRSAEncryption
1e:0c:ec:33:f8:2e:6a:9c:78:20:01:73:a8:26:c7:09:b3:4b:
46:2a:01:f8:39:0b:03:fe:a5:a4:38:aa:35:7a:3e:24:a2:eb:
13:c4:d5:ce:ad:73:34:af:fd:51:8f:1d:9b:de:62:76:64:1f:
51:43:06:41:30:dc:08:b3:23:58:1c:c9:49:ec:d8:51:91:49:
f2:d7:79:42:4e:77:c6:5c:78:13:8b:4c:0d:43:cf:3f:f2:12:
1c:e4:77:63:75:b7:52:a6:6a:6f:60:e8:50:14:c8:67:95:14:
dd:5c:fa:5c:52:73:42:80:54:94:f5:44:fc:86:79:f6:c9:4e:
f0:ab:44:24:ff:eb:7d:5f:e4:ed:5d:29:0e:9a:43:17:49:59:
ae:50:c6:4d:76:fa:06:a1:a6:49:19:33:ee:c0:d3:99:55:cf:
28:cb:8e:57:0e:7f:3f:01:f5:9a:fb:48:bf:c9:01:26:54:b8:
1c:a5:9b:14:57:50:d5:85:04:34:7d:39:71:26:14:28:16:42:
9f:b4:da:10:c4:30:73:13:18:cb:49:35:a6:c6:a7:ea:a8:6b:
b9:57:17:d3:21:91:d7:cf:70:32:73:0a:6a:d1:28:af:b8:2d:
52:3c:9d:27:01:02:3e:15:e1:3c:0f:7c:0d:59:62:8d:d4:87:
11:cf:46:01
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYMhet4zHPM+0MoMArZaB6RGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDExZGQwZWJmZjViYTM4YTg3NThiNzk0ZDA0ZDYyOTA1MTk0
YTMyNjYwHhcNMjIwOTA5MDkwMDQzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMmJmZjNlZmU0YjBiZTUxYzg2M2EyOWQzODUyY2Q5ZWZkNjYwNTE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoiSbAGmxqk6LLhbIccmYayTbRnRZ
+ekmYj2fSbmj1iFG8zjwo6JWY+8B4K7HEJTXG3SE6BnykNrasliN3j68ads8tHdl
64ECbjlc+4G66U4E5W36V+oeR8MdgFlGF2ZSLGQj1ZZ7h8yUYoDvJSu5614pt+FX
lMtKGMqUojjxUlyQIRTmGofDlV3dFYXzLvJrRPu32jbcMwBgvpUFk8FODLMCd18U
sDUCM3jIuCaAzysJSeYfJ9C2AsGTz42glHj8pk1Aay43XtxFVRzcf2eRJqP8M48U
nFpWfH7rMlZ6sGR4bkFdb8M3IELxfQfLcoUelLuZAin1GOMeilI3T1UUZwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCK/8+/ksL5RyGOinThSzZ79ZgUVMB8GA1UdIwQY
MBaAFBHdDr/1ujiodYt5TQTWKQUZSjJmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRWQwT3ZfVzZPS2gxaTNsTkJOWXBCUmxLTW1ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC9hNjZhMjktNTFjYy00YmE5LTg4NGYt
ZjE3NjEzZWE0OWU3LzEvSXJfejctU3d2bEhJWTZLZE9GTE5udjFtQlJVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC9hNjZhMjktNTFjYy00YmE5LTg4NGYtZjE3NjEzZWE0OWU3
LzEvRWQwT3ZfVzZPS2gxaTNsTkJOWXBCUmxLTW1ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBLhRmMA0G
CSqGSIb3DQEBCwUAA4IBAQAeDOwz+C5qnHggAXOoJscJs0tGKgH4OQsD/qWkOKo1
ej4kousTxNXOrXM0r/1Rjx2b3mJ2ZB9RQwZBMNwIsyNYHMlJ7NhRkUny13lCTnfG
XHgTi0wNQ88/8hIc5HdjdbdSpmpvYOhQFMhnlRTdXPpcUnNCgFSU9UT8hnn2yU7w
q0Qk/+t9X+TtXSkOmkMXSVmuUMZNdvoGoaZJGTPuwNOZVc8oy45XDn8/AfWa+0i/
yQEmVLgcpZsUV1DVhQQ0fTlxJhQoFkKftNoQxDBzExjLSTWmxqfqqGu5VxfTIZHX
z3Aycwpq0SivuC1SPJ0nAQI+FeE8D3wNWWKN1IcRz0YB
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:48:31 2025 by rpki-client