Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/a66a29-51cc-4ba9-884f-f17613ea49e7/1/Sprz20TnSdNB-CnkpWfgbyFIyeY.roa
File: Sprz20TnSdNB-CnkpWfgbyFIyeY.roa (raw, json)
Hash identifier: huSudaLD7Cp097oasDrLUlbpS5iUcsHk4Qa41PbJoCg=
Subject key identifier: 4A:9A:F3:DB:44:E7:49:D3:41:F8:29:E4:A5:67:E0:6F:21:48:C9:E6
Certificate issuer: /CN=11dd0ebff5ba38a8758b794d04d62905194a3266
Certificate serial: 0186852EFF47722D5E9D7FBC83E76E6B4D5C
Authority key identifier: 11:DD:0E:BF:F5:BA:38:A8:75:8B:79:4D:04:D6:29:05:19:4A:32:66
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ed0Ov_W6OKh1i3lNBNYpBRlKMmY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/a66a29-51cc-4ba9-884f-f17613ea49e7/1/Sprz20TnSdNB-CnkpWfgbyFIyeY.roa
Signing time: Fri 24 Feb 2023 20:48:15 +0000
ROA not before: Fri 24 Feb 2023 20:48:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 147293
IP address blocks: 46.20.109.0/24 maxlen: 24
46.20.99.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:85:2e:ff:47:72:2d:5e:9d:7f:bc:83:e7:6e:6b:4d:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=11dd0ebff5ba38a8758b794d04d62905194a3266
Validity
Not Before: Feb 24 20:48:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4a9af3db44e749d341f829e4a567e06f2148c9e6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:53:ae:6f:5e:3e:2a:36:fa:3c:84:d6:69:e1:
95:8b:b3:5b:d4:f2:31:0a:48:d6:78:5f:e8:d1:b8:
1a:5f:e1:11:f1:eb:10:32:d8:19:f2:19:1c:63:3b:
c4:b4:40:af:cc:de:74:d2:85:fd:a9:a9:9d:58:5c:
a7:5a:05:28:d4:f3:a5:94:4e:6e:4a:89:a3:10:26:
db:c7:6b:98:91:41:d9:76:78:2a:a1:f2:d1:8b:98:
0b:51:1a:9c:aa:0d:ec:da:a0:e6:29:97:4e:53:e9:
54:04:53:91:aa:01:f2:2c:fc:55:bd:70:7a:96:33:
21:1d:9c:a4:22:98:0d:23:e8:8f:36:61:41:4d:e5:
68:86:a5:fc:35:ab:ce:d4:ca:da:ea:1a:f6:11:0e:
c5:dd:2e:3a:8d:df:05:f5:e9:b9:c5:94:53:94:28:
83:ec:03:f5:ca:b5:35:b8:c5:5d:27:2e:c9:4c:f2:
33:93:23:67:ad:eb:f4:20:f3:b1:d6:0b:c4:99:c4:
4f:ed:4c:56:c9:da:be:d8:cc:f9:20:2d:27:fa:7f:
22:11:19:53:e6:cb:84:26:8f:53:55:60:aa:68:ea:
75:94:79:2f:5b:79:44:ba:aa:47:1d:7b:b4:95:38:
bd:85:dd:d4:07:41:04:0b:70:fc:02:7d:97:51:e6:
02:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:9A:F3:DB:44:E7:49:D3:41:F8:29:E4:A5:67:E0:6F:21:48:C9:E6
X509v3 Authority Key Identifier:
keyid:11:DD:0E:BF:F5:BA:38:A8:75:8B:79:4D:04:D6:29:05:19:4A:32:66
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ed0Ov_W6OKh1i3lNBNYpBRlKMmY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/a66a29-51cc-4ba9-884f-f17613ea49e7/1/Sprz20TnSdNB-CnkpWfgbyFIyeY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/a66a29-51cc-4ba9-884f-f17613ea49e7/1/Ed0Ov_W6OKh1i3lNBNYpBRlKMmY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.20.99.0/24
46.20.109.0/24
Signature Algorithm: sha256WithRSAEncryption
6c:69:1a:ea:ac:c2:e9:4c:4c:bd:b7:92:5c:bf:bb:ea:71:33:
32:70:6b:90:e6:55:0a:c1:12:13:f7:3a:de:16:b2:55:81:37:
5b:cd:8b:32:18:b4:81:48:8c:72:f3:ef:bd:06:4c:58:6d:69:
af:ce:47:bc:ca:49:81:ab:e8:10:db:64:d9:73:84:11:aa:d1:
3a:2d:63:c3:02:1e:5c:9b:86:e4:be:12:84:57:96:86:10:13:
23:ca:a4:12:c6:d2:2e:a9:44:57:65:0e:27:6a:c4:49:3c:d8:
a9:68:a0:60:db:6d:98:ba:6e:f3:ce:4d:46:a4:04:46:1d:06:
d9:e7:bf:ce:58:0e:f9:e6:19:13:22:01:53:20:d6:c1:fd:75:
d6:74:e8:a3:a4:c6:df:3a:c9:d9:8d:0d:b4:ea:01:5a:c1:eb:
ad:82:24:d3:a7:e6:62:29:d5:bc:b7:d4:e6:b6:86:1d:39:a9:
cc:ee:59:a2:53:b0:46:1c:0b:48:72:5b:a3:be:01:50:38:6a:
e9:8b:e0:5d:69:7b:d9:f8:88:19:4e:7a:66:6c:a8:19:17:98:
2a:58:96:89:a2:ce:e4:ce:3c:0e:09:b9:6d:09:b8:ae:b1:f8:
70:03:cd:3f:e8:5b:81:1d:c8:b6:68:5f:0a:9b:25:35:02:d3:
13:8c:f1:cc
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYaFLv9Hci1enX+8g+dua01cMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDExZGQwZWJmZjViYTM4YTg3NThiNzk0ZDA0ZDYyOTA1MTk0
YTMyNjYwHhcNMjMwMjI0MjA0ODE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YTlhZjNkYjQ0ZTc0OWQzNDFmODI5ZTRhNTY3ZTA2ZjIxNDhjOWU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqFOub14+Kjb6PITWaeGVi7Nb1PIx
CkjWeF/o0bgaX+ER8esQMtgZ8hkcYzvEtECvzN500oX9qamdWFynWgUo1POllE5u
SomjECbbx2uYkUHZdngqofLRi5gLURqcqg3s2qDmKZdOU+lUBFORqgHyLPxVvXB6
ljMhHZykIpgNI+iPNmFBTeVohqX8NavO1Mra6hr2EQ7F3S46jd8F9em5xZRTlCiD
7AP1yrU1uMVdJy7JTPIzkyNnrev0IPOx1gvEmcRP7UxWydq+2Mz5IC0n+n8iERlT
5suEJo9TVWCqaOp1lHkvW3lEuqpHHXu0lTi9hd3UB0EEC3D8An2XUeYCCQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFEqa89tE50nTQfgp5KVn4G8hSMnmMB8GA1UdIwQY
MBaAFBHdDr/1ujiodYt5TQTWKQUZSjJmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRWQwT3ZfVzZPS2gxaTNsTkJOWXBCUmxLTW1ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC9hNjZhMjktNTFjYy00YmE5LTg4NGYt
ZjE3NjEzZWE0OWU3LzEvU3ByejIwVG5TZE5CLUNua3BXZmdieUZJeWVZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC9hNjZhMjktNTFjYy00YmE5LTg4NGYtZjE3NjEzZWE0OWU3
LzEvRWQwT3ZfVzZPS2gxaTNsTkJOWXBCUmxLTW1ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALhRjAwQA
LhRtMA0GCSqGSIb3DQEBCwUAA4IBAQBsaRrqrMLpTEy9t5Jcv7vqcTMycGuQ5lUK
wRIT9zreFrJVgTdbzYsyGLSBSIxy8++9BkxYbWmvzke8ykmBq+gQ22TZc4QRqtE6
LWPDAh5cm4bkvhKEV5aGEBMjyqQSxtIuqURXZQ4nasRJPNipaKBg222Yum7zzk1G
pARGHQbZ57/OWA755hkTIgFTINbB/XXWdOijpMbfOsnZjQ206gFaweutgiTTp+Zi
KdW8t9TmtoYdOanM7lmiU7BGHAtIclujvgFQOGrpi+BdaXvZ+IgZTnpmbKgZF5gq
WJaJos7kzjwOCbltCbiusfhwA80/6FuBHci2aF8KmyU1AtMTjPHM
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:02:22 2023 by rpki-client on console-fra.rpki-client.org