Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/a66a29-51cc-4ba9-884f-f17613ea49e7/1/QG0T0_7RNK-Ijf0WGRTwzCTkveA.roa
File: QG0T0_7RNK-Ijf0WGRTwzCTkveA.roa (raw, json)
Hash identifier: 2V6pyTRJPKdyccqvlA3rH/53PUV5bQnl5uRdSGxA0R8=
Subject key identifier: 40:6D:13:D3:FE:D1:34:AF:88:8D:FD:16:19:14:F0:CC:24:E4:BD:E0
Certificate issuer: /CN=11dd0ebff5ba38a8758b794d04d62905194a3266
Certificate serial: 031ECEAC
Authority key identifier: 11:DD:0E:BF:F5:BA:38:A8:75:8B:79:4D:04:D6:29:05:19:4A:32:66
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ed0Ov_W6OKh1i3lNBNYpBRlKMmY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/a66a29-51cc-4ba9-884f-f17613ea49e7/1/QG0T0_7RNK-Ijf0WGRTwzCTkveA.roa
Signing time: Mon 11 Apr 2022 15:20:33 +0000
ROA not before: Mon 11 Apr 2022 15:20:33 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 149767
IP address blocks: 46.20.99.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 52350636 (0x31eceac)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=11dd0ebff5ba38a8758b794d04d62905194a3266
Validity
Not Before: Apr 11 15:20:33 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=406d13d3fed134af888dfd161914f0cc24e4bde0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:f5:92:bd:67:63:09:21:35:38:a7:55:29:8e:
32:08:7c:e3:a2:b0:aa:11:2c:8e:d8:08:a5:b8:7e:
24:22:8d:12:14:3a:6c:d8:dd:e9:88:bc:f8:a1:11:
d4:28:3e:12:0e:08:12:a6:4f:01:58:91:65:77:02:
38:ce:5d:21:17:22:8f:93:0f:cb:ca:cf:3d:70:e4:
0b:c2:32:b3:53:12:4a:fe:b7:94:3a:02:f7:96:e6:
67:3e:65:98:ca:56:71:e0:7f:ff:a7:e8:51:57:f9:
81:c3:cf:a2:de:6a:2d:aa:49:52:77:b6:47:61:2b:
0b:83:c5:fd:aa:f9:a1:04:18:ba:bc:93:d8:c4:b8:
d8:32:29:6d:5b:e3:2d:3b:57:c2:1c:58:40:79:31:
a7:96:4d:61:f7:b9:64:06:55:e3:51:0f:1c:93:1c:
98:98:fc:6b:0f:c8:61:40:31:65:17:5e:38:28:7d:
7b:f7:1f:49:6b:c9:93:16:1c:6f:25:63:45:4d:e9:
9c:6b:8b:57:ee:3d:81:af:73:1b:b7:48:55:8c:a2:
e4:16:c1:01:38:af:3c:41:62:74:fe:9b:d5:f2:37:
b1:e8:cd:4a:53:fc:5d:57:99:08:d3:7e:50:86:3d:
18:f6:3f:4d:6b:4c:ff:88:1b:50:ea:5a:0c:eb:10:
32:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:6D:13:D3:FE:D1:34:AF:88:8D:FD:16:19:14:F0:CC:24:E4:BD:E0
X509v3 Authority Key Identifier:
keyid:11:DD:0E:BF:F5:BA:38:A8:75:8B:79:4D:04:D6:29:05:19:4A:32:66
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ed0Ov_W6OKh1i3lNBNYpBRlKMmY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/a66a29-51cc-4ba9-884f-f17613ea49e7/1/QG0T0_7RNK-Ijf0WGRTwzCTkveA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/a66a29-51cc-4ba9-884f-f17613ea49e7/1/Ed0Ov_W6OKh1i3lNBNYpBRlKMmY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.20.99.0/24
Signature Algorithm: sha256WithRSAEncryption
03:29:77:43:7c:a5:f2:91:65:a3:0c:37:4d:bc:e7:a4:34:c7:
1d:c4:2a:97:f2:70:5b:2a:df:33:19:20:16:81:b6:3d:7d:c0:
12:72:06:4f:63:e1:18:19:36:bd:1b:2a:d6:72:15:1a:ed:fc:
73:16:ec:7a:d5:9f:76:40:2c:e6:34:e7:fc:bc:0f:ce:47:eb:
fa:4e:8f:61:00:1c:59:82:b3:20:f4:83:bf:d9:1b:f6:8e:05:
d2:15:ed:88:7c:f1:bb:50:19:59:7c:02:94:cc:bf:aa:61:b9:
40:4a:e8:2c:ec:a1:18:45:27:32:fb:23:d3:51:b6:9a:0c:63:
5e:c6:ed:49:0e:f8:54:83:67:87:7a:99:e6:3e:52:c6:3d:be:
ed:b8:99:0c:92:42:71:54:12:83:86:3a:f1:aa:b1:d4:b8:3b:
e5:69:bf:e0:fc:d1:cf:18:95:dc:9b:7f:d0:69:69:6b:08:96:
1f:f9:28:ba:07:51:83:83:48:80:24:c5:15:93:77:bf:f1:f8:
a1:90:02:76:4c:56:33:d5:9c:bd:89:10:5d:90:93:c4:99:63:
60:cb:35:67:43:1c:d1:c7:70:ec:df:ce:8a:3c:09:6a:a5:bd:
ef:21:b9:c1:af:f1:d4:12:73:28:2d:55:fa:ec:1a:0b:e7:33:
30:02:1c:a1
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAx7OrDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
MWRkMGViZmY1YmEzOGE4NzU4Yjc5NGQwNGQ2MjkwNTE5NGEzMjY2MB4XDTIyMDQx
MTE1MjAzM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNDA2ZDEzZDNmZWQx
MzRhZjg4OGRmZDE2MTkxNGYwY2MyNGU0YmRlMDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJr1kr1nYwkhNTinVSmOMgh846KwqhEsjtgIpbh+JCKNEhQ6
bNjd6Yi8+KER1Cg+Eg4IEqZPAViRZXcCOM5dIRcij5MPy8rPPXDkC8Iys1MSSv63
lDoC95bmZz5lmMpWceB//6foUVf5gcPPot5qLapJUne2R2ErC4PF/ar5oQQYuryT
2MS42DIpbVvjLTtXwhxYQHkxp5ZNYfe5ZAZV41EPHJMcmJj8aw/IYUAxZRdeOCh9
e/cfSWvJkxYcbyVjRU3pnGuLV+49ga9zG7dIVYyi5BbBATivPEFidP6b1fI3sejN
SlP8XVeZCNN+UIY9GPY/TWtM/4gbUOpaDOsQMl8CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRAbRPT/tE0r4iN/RYZFPDMJOS94DAfBgNVHSMEGDAWgBQR3Q6/9bo4qHWL
eU0E1ikFGUoyZjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0VkME92X1c2T0toMWkzbE5CTllwQlJsS01tWS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjAvYTY2YTI5LTUxY2MtNGJhOS04ODRmLWYxNzYxM2VhNDllNy8x
L1FHMFQwXzdSTkstSWpmMFdHUlR3ekNUa3ZlQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjAv
YTY2YTI5LTUxY2MtNGJhOS04ODRmLWYxNzYxM2VhNDllNy8xL0VkME92X1c2T0to
MWkzbE5CTllwQlJsS01tWS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAC4UYzANBgkqhkiG9w0BAQsFAAOC
AQEAAyl3Q3yl8pFloww3TbznpDTHHcQql/JwWyrfMxkgFoG2PX3AEnIGT2PhGBk2
vRsq1nIVGu38cxbsetWfdkAs5jTn/LwPzkfr+k6PYQAcWYKzIPSDv9kb9o4F0hXt
iHzxu1AZWXwClMy/qmG5QEroLOyhGEUnMvsj01G2mgxjXsbtSQ74VINnh3qZ5j5S
xj2+7biZDJJCcVQSg4Y68aqx1Lg75Wm/4PzRzxiV3Jt/0GlpawiWH/kougdRg4NI
gCTFFZN3v/H4oZACdkxWM9WcvYkQXZCTxJljYMs1Z0Mc0cdw7N/OijwJaqW97yG5
wa/x1BJzKC1V+uwaC+czMAIcoQ==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:16 2023 by rpki-client on console-ams.rpki-client.org