Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/a66a29-51cc-4ba9-884f-f17613ea49e7/1/R7jxz7RXVldGAMJ1OeBd1gxLNZ8.roa
File: R7jxz7RXVldGAMJ1OeBd1gxLNZ8.roa (raw, json)
Hash identifier: MCovE7S9Id9apf3S2GAKtIuFzfYD9EwtzfBKL+ybZpI=
Subject key identifier: 47:B8:F1:CF:B4:57:56:57:46:00:C2:75:39:E0:5D:D6:0C:4B:35:9F
Certificate issuer: /CN=11dd0ebff5ba38a8758b794d04d62905194a3266
Certificate serial: 03544BAC
Authority key identifier: 11:DD:0E:BF:F5:BA:38:A8:75:8B:79:4D:04:D6:29:05:19:4A:32:66
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ed0Ov_W6OKh1i3lNBNYpBRlKMmY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/a66a29-51cc-4ba9-884f-f17613ea49e7/1/R7jxz7RXVldGAMJ1OeBd1gxLNZ8.roa
Signing time: Mon 02 May 2022 13:18:30 +0000
ROA not before: Mon 02 May 2022 13:18:30 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 35913
IP address blocks: 46.20.98.0/24 maxlen: 24
185.169.220.0/24 maxlen: 24
46.20.103.0/24 maxlen: 24
46.20.102.0/24 maxlen: 24
46.20.100.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 55856044 (0x3544bac)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=11dd0ebff5ba38a8758b794d04d62905194a3266
Validity
Not Before: May 2 13:18:30 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=47b8f1cfb45756574600c27539e05dd60c4b359f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:4b:60:6b:2b:ad:e8:1f:ec:53:b7:46:1d:e2:
32:b1:81:cc:61:d2:2d:36:1f:03:0c:1a:7f:f2:d7:
00:93:0e:ae:5f:cb:76:ad:16:51:b2:dd:10:4d:2a:
93:95:08:fa:39:f2:39:e3:06:b8:11:0e:a3:74:ff:
3a:22:a3:d9:2e:2e:19:b1:33:25:d4:c2:33:10:66:
02:cc:c8:e0:e7:09:92:df:77:76:91:ff:be:55:dc:
85:dc:69:79:90:da:4f:87:78:7a:73:e1:a5:1f:15:
4c:68:c2:06:19:f7:a4:f5:cd:ba:81:50:b5:7c:58:
6a:bc:81:07:22:7e:9d:b1:53:6d:5c:a0:1c:2f:a6:
4b:4f:ff:f9:74:12:10:5b:9c:82:0b:a6:44:4d:45:
93:eb:a2:e0:a3:a4:bf:3e:de:e5:20:0d:2f:e7:2e:
7f:16:4f:58:aa:b6:40:27:e3:da:5f:35:f4:97:63:
9a:b8:26:51:9c:63:60:88:c9:b9:49:fb:67:94:70:
10:33:f5:61:55:a0:82:84:b3:30:a6:7f:e6:35:a1:
7c:6c:1d:f7:b7:b2:25:05:b6:aa:fe:33:15:7d:e8:
31:6e:a5:83:d8:95:3f:92:96:a2:d7:35:2c:14:3c:
77:52:d9:08:21:48:39:42:02:8e:25:41:99:35:58:
eb:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:B8:F1:CF:B4:57:56:57:46:00:C2:75:39:E0:5D:D6:0C:4B:35:9F
X509v3 Authority Key Identifier:
keyid:11:DD:0E:BF:F5:BA:38:A8:75:8B:79:4D:04:D6:29:05:19:4A:32:66
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ed0Ov_W6OKh1i3lNBNYpBRlKMmY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/a66a29-51cc-4ba9-884f-f17613ea49e7/1/R7jxz7RXVldGAMJ1OeBd1gxLNZ8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/a66a29-51cc-4ba9-884f-f17613ea49e7/1/Ed0Ov_W6OKh1i3lNBNYpBRlKMmY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.20.98.0/24
46.20.100.0/24
46.20.102.0/23
185.169.220.0/24
Signature Algorithm: sha256WithRSAEncryption
51:62:aa:f0:4c:09:1b:50:8c:27:79:a6:85:f7:e1:99:4b:bc:
b8:31:2f:2a:71:90:61:02:44:6d:a1:a2:c1:32:c7:7c:dd:1e:
1a:d7:60:09:3c:8f:e2:eb:a7:fd:1a:bd:e7:03:89:20:eb:58:
e5:3f:7a:67:9b:c4:8d:30:6d:6b:89:3b:92:b5:31:c8:64:6a:
66:67:14:e3:f1:56:fc:80:b6:8c:27:ec:79:c4:cb:e5:e8:9f:
a7:db:4f:66:4d:10:7d:6e:2d:63:31:6c:db:74:10:0e:70:23:
5d:01:a3:db:2d:85:b8:9b:21:d7:c8:99:e3:4a:3a:c7:05:53:
48:96:de:15:ac:1f:ed:a1:e2:77:ac:4f:ba:a3:d3:08:0a:b2:
fd:3f:ac:82:e0:2e:50:e3:cf:9d:62:b6:f5:7a:80:ba:d1:a4:
f0:93:29:a5:ba:55:b2:9c:32:95:68:ca:3d:9f:59:76:09:73:
8e:2a:f9:0e:ad:fa:96:e8:71:d7:a4:83:10:f1:98:f9:a0:c8:
ae:06:0e:e9:f9:09:22:63:d0:18:22:98:d2:1c:a4:33:cd:31:
7c:54:ef:b9:9a:58:1f:54:92:53:25:ca:1f:26:69:fa:9c:1c:
4f:ed:d8:34:13:10:e9:81:5d:0b:29:67:be:c4:1c:5e:b2:fc:
7e:ca:3c:82
-----BEGIN CERTIFICATE-----
MIIFATCCA+mgAwIBAgIEA1RLrDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
MWRkMGViZmY1YmEzOGE4NzU4Yjc5NGQwNGQ2MjkwNTE5NGEzMjY2MB4XDTIyMDUw
MjEzMTgzMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNDdiOGYxY2ZiNDU3
NTY1NzQ2MDBjMjc1MzllMDVkZDYwYzRiMzU5ZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJpLYGsrregf7FO3Rh3iMrGBzGHSLTYfAwwaf/LXAJMOrl/L
dq0WUbLdEE0qk5UI+jnyOeMGuBEOo3T/OiKj2S4uGbEzJdTCMxBmAszI4OcJkt93
dpH/vlXchdxpeZDaT4d4enPhpR8VTGjCBhn3pPXNuoFQtXxYaryBByJ+nbFTbVyg
HC+mS0//+XQSEFucggumRE1Fk+ui4KOkvz7e5SANL+cufxZPWKq2QCfj2l819Jdj
mrgmUZxjYIjJuUn7Z5RwEDP1YVWggoSzMKZ/5jWhfGwd97eyJQW2qv4zFX3oMW6l
g9iVP5KWotc1LBQ8d1LZCCFIOUICjiVBmTVY69cCAwEAAaOCAhswggIXMB0GA1Ud
DgQWBBRHuPHPtFdWV0YAwnU54F3WDEs1nzAfBgNVHSMEGDAWgBQR3Q6/9bo4qHWL
eU0E1ikFGUoyZjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0VkME92X1c2T0toMWkzbE5CTllwQlJsS01tWS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjAvYTY2YTI5LTUxY2MtNGJhOS04ODRmLWYxNzYxM2VhNDllNy8x
L1I3anh6N1JYVmxkR0FNSjFPZUJkMWd4TE5aOC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjAv
YTY2YTI5LTUxY2MtNGJhOS04ODRmLWYxNzYxM2VhNDllNy8xL0VkME92X1c2T0to
MWkzbE5CTllwQlJsS01tWS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAx
BggrBgEFBQcBBwEB/wQiMCAwHgQCAAEwGAMEAC4UYgMEAC4UZAMEAS4UZgMEALmp
3DANBgkqhkiG9w0BAQsFAAOCAQEAUWKq8EwJG1CMJ3mmhffhmUu8uDEvKnGQYQJE
baGiwTLHfN0eGtdgCTyP4uun/Rq95wOJIOtY5T96Z5vEjTBta4k7krUxyGRqZmcU
4/FW/IC2jCfsecTL5eifp9tPZk0QfW4tYzFs23QQDnAjXQGj2y2FuJsh18iZ40o6
xwVTSJbeFawf7aHid6xPuqPTCAqy/T+sguAuUOPPnWK29XqAutGk8JMppbpVspwy
lWjKPZ9Zdglzjir5Dq36luhx16SDEPGY+aDIrgYO6fkJImPQGCKY0hykM80xfFTv
uZpYH1SSUyXKHyZp+pwcT+3YNBMQ6YFdCylnvsQcXrL8fso8gg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:38:59 2024 by rpki-client on console-ams.rpki-client.org