Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/a66a29-51cc-4ba9-884f-f17613ea49e7/1/V69yYI7Wo3i-KCA45sMWfJrHODM.roa
File: V69yYI7Wo3i-KCA45sMWfJrHODM.roa (raw, json)
Hash identifier: r2iPLY+zkzI71RD9GvQVnNQLiKlJ/eChqWW1bqjgmHE=
Subject key identifier: 57:AF:72:60:8E:D6:A3:78:BE:28:20:38:E6:C3:16:7C:9A:C7:38:33
Certificate issuer: /CN=11dd0ebff5ba38a8758b794d04d62905194a3266
Certificate serial: 0186D7994BB39DF263AFD0252234D71BC704
Authority key identifier: 11:DD:0E:BF:F5:BA:38:A8:75:8B:79:4D:04:D6:29:05:19:4A:32:66
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ed0Ov_W6OKh1i3lNBNYpBRlKMmY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/a66a29-51cc-4ba9-884f-f17613ea49e7/1/V69yYI7Wo3i-KCA45sMWfJrHODM.roa
Signing time: Sun 12 Mar 2023 20:53:13 +0000
ROA not before: Sun 12 Mar 2023 20:53:13 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 34458
IP address blocks: 46.20.108.0/24 maxlen: 24
46.20.106.0/24 maxlen: 24
46.20.111.0/24 maxlen: 24
46.20.110.0/24 maxlen: 24
46.20.97.0/24 maxlen: 24
46.20.96.0/24 maxlen: 24
46.20.104.0/24 maxlen: 24
46.20.105.0/24 maxlen: 24
46.20.100.0/24 maxlen: 24
46.20.101.0/24 maxlen: 24
185.160.194.0/24 maxlen: 24
185.100.170.0/24 maxlen: 24
185.100.171.0/24 maxlen: 24
185.100.168.0/24 maxlen: 24
185.100.169.0/24 maxlen: 24
185.169.222.0/24 maxlen: 24
185.169.221.0/24 maxlen: 24
185.169.223.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:d7:99:4b:b3:9d:f2:63:af:d0:25:22:34:d7:1b:c7:04
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=11dd0ebff5ba38a8758b794d04d62905194a3266
Validity
Not Before: Mar 12 20:53:13 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=57af72608ed6a378be282038e6c3167c9ac73833
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:24:ec:0f:fe:ad:f9:76:c3:28:29:c5:50:fd:
26:70:04:f9:5c:8e:5d:72:79:00:de:8e:21:53:ff:
44:e7:e6:29:49:1b:52:ba:4c:c6:90:e1:6e:12:f4:
82:8d:ba:6b:74:45:ff:8b:e3:df:73:a8:90:2c:80:
c1:54:e4:8d:13:ef:fb:25:cb:4e:95:fb:c4:c2:27:
a0:34:fe:f1:fa:49:a2:9e:05:82:74:9c:a3:81:55:
6e:16:6f:3e:77:a0:d9:90:6f:dc:e0:7a:8d:20:ed:
76:39:90:c6:dc:e8:dc:a4:c6:8e:50:da:77:ba:4e:
19:85:71:e4:4d:60:fd:5b:ce:14:b4:1c:83:6d:f6:
c5:fa:90:07:e2:bc:67:ea:dd:cc:07:0e:6f:42:57:
5b:18:f3:b6:06:9a:81:f3:e2:25:b4:a4:af:37:2f:
77:a4:9f:6a:40:9a:25:4b:f8:25:6b:26:fa:8e:36:
d4:6c:0c:dc:3c:53:9d:b3:9a:07:79:31:1d:6a:5c:
c0:33:4e:0c:e7:52:b0:11:fa:69:3e:c2:71:46:d5:
55:bf:72:7d:cf:0f:65:2e:9d:23:44:cc:e1:3d:eb:
cb:83:1d:73:c3:32:6f:b4:f2:d6:f7:32:38:05:e8:
47:05:9a:b8:85:e2:f3:c3:d3:14:98:19:40:f6:66:
c0:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
57:AF:72:60:8E:D6:A3:78:BE:28:20:38:E6:C3:16:7C:9A:C7:38:33
X509v3 Authority Key Identifier:
keyid:11:DD:0E:BF:F5:BA:38:A8:75:8B:79:4D:04:D6:29:05:19:4A:32:66
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ed0Ov_W6OKh1i3lNBNYpBRlKMmY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/a66a29-51cc-4ba9-884f-f17613ea49e7/1/V69yYI7Wo3i-KCA45sMWfJrHODM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/a66a29-51cc-4ba9-884f-f17613ea49e7/1/Ed0Ov_W6OKh1i3lNBNYpBRlKMmY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.20.96.0/23
46.20.100.0/23
46.20.104.0-46.20.106.255
46.20.108.0/24
46.20.110.0/23
185.100.168.0/22
185.160.194.0/24
185.169.221.0-185.169.223.255
Signature Algorithm: sha256WithRSAEncryption
37:9b:63:16:66:af:10:2a:b7:16:b8:bd:ed:be:61:0d:6c:bd:
db:b2:92:7c:d2:c8:f2:e0:93:c1:d5:9e:ff:6f:be:a6:95:03:
50:81:6c:04:ad:5e:3c:12:9d:64:89:35:9d:a0:78:ca:28:bd:
0c:bf:a2:0b:8b:77:35:31:9c:23:f4:5d:4d:37:06:b3:a5:7d:
33:d4:8d:26:db:3a:7f:5e:0d:87:c0:74:e2:79:09:8d:a1:e6:
47:aa:be:db:78:7a:78:b5:90:94:5a:98:46:64:2b:b7:a0:e8:
df:cb:d1:ab:e3:32:a5:8a:42:94:ac:07:59:ea:f6:14:a1:13:
32:c7:cb:9d:d3:0b:dd:c5:fa:79:d4:1a:2d:4b:9d:28:b2:56:
cf:73:1c:92:74:47:0e:f9:48:24:97:9b:26:d7:5a:b7:e0:72:
de:9a:26:c0:e4:a6:fe:69:d6:ef:0f:bd:c0:72:09:7d:2f:c8:
f3:cb:b0:c4:bf:73:d6:2c:37:c8:ee:fb:32:ca:4d:e0:a2:58:
3e:46:b3:4f:e9:4d:32:85:bb:7e:a6:2e:31:02:0d:d7:ef:78:
c6:bd:97:6b:ec:9a:d5:aa:6c:9d:f7:40:0f:e1:fc:3c:59:91:
11:0a:6a:a6:e6:62:22:73:22:94:5f:93:b4:21:a7:ef:11:ef:
20:e3:81:42
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgISAYbXmUuznfJjr9AlIjTXG8cEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDExZGQwZWJmZjViYTM4YTg3NThiNzk0ZDA0ZDYyOTA1MTk0
YTMyNjYwHhcNMjMwMzEyMjA1MzEzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1N2FmNzI2MDhlZDZhMzc4YmUyODIwMzhlNmMzMTY3YzlhYzczODMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuCTsD/6t+XbDKCnFUP0mcAT5XI5d
cnkA3o4hU/9E5+YpSRtSukzGkOFuEvSCjbprdEX/i+Pfc6iQLIDBVOSNE+/7JctO
lfvEwiegNP7x+kmingWCdJyjgVVuFm8+d6DZkG/c4HqNIO12OZDG3OjcpMaOUNp3
uk4ZhXHkTWD9W84UtByDbfbF+pAH4rxn6t3MBw5vQldbGPO2BpqB8+IltKSvNy93
pJ9qQJolS/glayb6jjbUbAzcPFOds5oHeTEdalzAM04M51KwEfppPsJxRtVVv3J9
zw9lLp0jRMzhPevLgx1zwzJvtPLW9zI4BehHBZq4heLzw9MUmBlA9mbAxwIDAQAB
o4ICQzCCAj8wHQYDVR0OBBYEFFevcmCO1qN4viggOObDFnyaxzgzMB8GA1UdIwQY
MBaAFBHdDr/1ujiodYt5TQTWKQUZSjJmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRWQwT3ZfVzZPS2gxaTNsTkJOWXBCUmxLTW1ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC9hNjZhMjktNTFjYy00YmE5LTg4NGYt
ZjE3NjEzZWE0OWU3LzEvVjY5eVlJN1dvM2ktS0NBNDVzTVdmSnJIT0RNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC9hNjZhMjktNTFjYy00YmE5LTg4NGYtZjE3NjEzZWE0OWU3
LzEvRWQwT3ZfVzZPS2gxaTNsTkJOWXBCUmxLTW1ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFkGCCsGAQUFBwEHAQH/BEowSDBGBAIAATBAAwQBLhRgAwQB
LhRkMAwDBAMuFGgDBAAuFGoDBAAuFGwDBAEuFG4DBAK5ZKgDBAC5oMIwDAMEALmp
3QMEBbmpwDANBgkqhkiG9w0BAQsFAAOCAQEAN5tjFmavECq3Fri97b5hDWy927KS
fNLI8uCTwdWe/2++ppUDUIFsBK1ePBKdZIk1naB4yii9DL+iC4t3NTGcI/RdTTcG
s6V9M9SNJts6f14Nh8B04nkJjaHmR6q+23h6eLWQlFqYRmQrt6Do38vRq+MypYpC
lKwHWer2FKETMsfLndML3cX6edQaLUudKLJWz3McknRHDvlIJJebJtdat+By3pom
wOSm/mnW7w+9wHIJfS/I88uwxL9z1iw3yO77MspN4KJYPkazT+lNMoW7fqYuMQIN
1+94xr2Xa+ya1apsnfdAD+H8PFmREQpqpuZiInMilF+TtCGn7xHvIOOBQg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:50:09 2024 by rpki-client on console-fra.rpki-client.org