Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/a66a29-51cc-4ba9-884f-f17613ea49e7/1/MWrSUPZlg0VohaqNGE0UACLgBkQ.roa
File: MWrSUPZlg0VohaqNGE0UACLgBkQ.roa (raw, json)
Hash identifier: 0aDbwTZGO53C8SOx5fGJ44IttRXazX3GvBth/0/I7YQ=
Subject key identifier: 31:6A:D2:50:F6:65:83:45:68:85:AA:8D:18:4D:14:00:22:E0:06:44
Certificate issuer: /CN=11dd0ebff5ba38a8758b794d04d62905194a3266
Certificate serial: 018226DE0F6B7EE4069B3E4B84BF4DAD2DC6
Authority key identifier: 11:DD:0E:BF:F5:BA:38:A8:75:8B:79:4D:04:D6:29:05:19:4A:32:66
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ed0Ov_W6OKh1i3lNBNYpBRlKMmY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/a66a29-51cc-4ba9-884f-f17613ea49e7/1/MWrSUPZlg0VohaqNGE0UACLgBkQ.roa
Signing time: Fri 22 Jul 2022 17:04:23 +0000
ROA not before: Fri 22 Jul 2022 17:04:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 35913
IP address blocks: 185.169.220.0/24 maxlen: 24
46.20.103.0/24 maxlen: 24
46.20.102.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:26:de:0f:6b:7e:e4:06:9b:3e:4b:84:bf:4d:ad:2d:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=11dd0ebff5ba38a8758b794d04d62905194a3266
Validity
Not Before: Jul 22 17:04:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=316ad250f66583456885aa8d184d140022e00644
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:43:4f:2b:89:0c:e0:1c:cd:b2:33:ac:00:07:
c0:61:67:fd:72:20:c3:f0:a1:e7:92:2f:fd:b4:eb:
08:f3:53:16:5a:ca:0d:cd:3f:5b:1e:20:71:de:2d:
6b:79:b9:4b:6e:42:47:82:2a:de:b7:47:25:89:e2:
db:67:f6:f3:fa:f4:52:5c:1b:0a:e6:84:91:89:8e:
4e:bd:f8:96:ac:2f:22:f2:0a:94:1d:e8:9c:e1:cf:
70:ee:1e:74:e8:db:ae:84:7f:2e:cc:59:c6:a6:88:
26:77:f1:e6:cd:dc:ab:5a:8a:ad:a8:84:ce:52:85:
e4:f7:8a:b4:ff:31:31:99:e3:78:f4:53:24:1d:f8:
01:05:b0:8a:5e:ce:13:19:cf:12:18:2f:62:b7:6e:
c3:8d:3e:5e:ba:f5:b1:1c:6f:55:3e:bf:41:66:4f:
a6:25:7f:63:8d:da:8f:12:09:f3:ed:72:ad:8d:4e:
da:23:0f:aa:26:2e:38:6d:31:95:25:ca:d9:8c:05:
7b:bd:69:47:23:69:57:39:90:43:c1:6f:db:15:9a:
77:96:10:b8:94:74:8f:44:c4:65:3c:67:d9:00:47:
0b:50:fd:33:e2:db:c4:1e:1f:71:7f:a2:04:e7:16:
e2:16:cd:22:aa:df:02:4c:64:26:a8:91:9f:bd:42:
b0:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:6A:D2:50:F6:65:83:45:68:85:AA:8D:18:4D:14:00:22:E0:06:44
X509v3 Authority Key Identifier:
keyid:11:DD:0E:BF:F5:BA:38:A8:75:8B:79:4D:04:D6:29:05:19:4A:32:66
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ed0Ov_W6OKh1i3lNBNYpBRlKMmY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/a66a29-51cc-4ba9-884f-f17613ea49e7/1/MWrSUPZlg0VohaqNGE0UACLgBkQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/a66a29-51cc-4ba9-884f-f17613ea49e7/1/Ed0Ov_W6OKh1i3lNBNYpBRlKMmY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.20.102.0/23
185.169.220.0/24
Signature Algorithm: sha256WithRSAEncryption
4e:b0:8e:b8:14:b8:a5:87:88:22:2a:01:28:1a:8b:a6:1c:7a:
12:ee:89:b0:1c:37:11:ab:5c:d0:ae:a4:c3:7d:0e:44:86:4f:
f9:d0:6d:f1:f6:20:15:dd:1d:72:c2:88:95:14:0b:18:56:48:
6b:e7:fc:25:27:e2:76:69:64:8c:2a:64:45:49:cd:86:cd:3e:
6c:2d:62:14:d3:ae:97:19:e6:5e:81:93:1e:96:e0:73:7f:53:
35:55:df:99:3c:a0:f5:e3:60:72:d6:22:7d:5f:c6:56:3b:a0:
13:5d:23:9e:84:49:33:2a:27:f0:8e:ee:77:f8:7d:85:86:9c:
c2:2e:fa:7c:0b:56:47:c5:2e:37:f5:f7:e4:a0:28:02:3b:ca:
a1:8f:cb:4e:69:16:95:a6:ba:12:8a:6d:46:92:4b:5b:1f:ef:
eb:ea:c7:b0:97:c6:28:85:a6:d4:ee:97:46:86:6d:cd:dc:e8:
2e:d2:4f:a7:af:17:ac:33:f4:22:c6:d1:1a:03:77:66:92:b5:
cd:1b:3b:f8:9a:8e:18:54:64:10:b2:70:45:09:85:ed:98:49:
ab:11:26:92:00:e6:aa:91:6c:b2:01:5b:27:bd:83:58:96:80:
c3:52:c3:55:e6:08:7c:fe:fa:dc:c5:eb:46:bd:9d:b9:11:3c:
59:34:f8:4b
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYIm3g9rfuQGmz5LhL9NrS3GMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDExZGQwZWJmZjViYTM4YTg3NThiNzk0ZDA0ZDYyOTA1MTk0
YTMyNjYwHhcNMjIwNzIyMTcwNDIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMTZhZDI1MGY2NjU4MzQ1Njg4NWFhOGQxODRkMTQwMDIyZTAwNjQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgkNPK4kM4BzNsjOsAAfAYWf9ciDD
8KHnki/9tOsI81MWWsoNzT9bHiBx3i1reblLbkJHgiret0clieLbZ/bz+vRSXBsK
5oSRiY5OvfiWrC8i8gqUHeic4c9w7h506NuuhH8uzFnGpogmd/HmzdyrWoqtqITO
UoXk94q0/zExmeN49FMkHfgBBbCKXs4TGc8SGC9it27DjT5euvWxHG9VPr9BZk+m
JX9jjdqPEgnz7XKtjU7aIw+qJi44bTGVJcrZjAV7vWlHI2lXOZBDwW/bFZp3lhC4
lHSPRMRlPGfZAEcLUP0z4tvEHh9xf6IE5xbiFs0iqt8CTGQmqJGfvUKwQQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDFq0lD2ZYNFaIWqjRhNFAAi4AZEMB8GA1UdIwQY
MBaAFBHdDr/1ujiodYt5TQTWKQUZSjJmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRWQwT3ZfVzZPS2gxaTNsTkJOWXBCUmxLTW1ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC9hNjZhMjktNTFjYy00YmE5LTg4NGYt
ZjE3NjEzZWE0OWU3LzEvTVdyU1VQWmxnMFZvaGFxTkdFMFVBQ0xnQmtRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC9hNjZhMjktNTFjYy00YmE5LTg4NGYtZjE3NjEzZWE0OWU3
LzEvRWQwT3ZfVzZPS2gxaTNsTkJOWXBCUmxLTW1ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBLhRmAwQA
uancMA0GCSqGSIb3DQEBCwUAA4IBAQBOsI64FLilh4giKgEoGoumHHoS7omwHDcR
q1zQrqTDfQ5Ehk/50G3x9iAV3R1ywoiVFAsYVkhr5/wlJ+J2aWSMKmRFSc2GzT5s
LWIU066XGeZegZMeluBzf1M1Vd+ZPKD142By1iJ9X8ZWO6ATXSOehEkzKifwju53
+H2FhpzCLvp8C1ZHxS439ffkoCgCO8qhj8tOaRaVproSim1GkktbH+/r6sewl8Yo
habU7pdGhm3N3Ogu0k+nrxesM/QixtEaA3dmkrXNGzv4mo4YVGQQsnBFCYXtmEmr
ESaSAOaqkWyyAVsnvYNYloDDUsNV5gh8/vrcxetGvZ25ETxZNPhL
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:50:00 2025 by rpki-client