Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/a66a29-51cc-4ba9-884f-f17613ea49e7/1/VZU0moyCJEVaRpv1Ndj-c2Z2dN8.roa
File: VZU0moyCJEVaRpv1Ndj-c2Z2dN8.roa (raw, json)
Hash identifier: E6fZ0IiZLBXXlFXZK/YG8vbrT8EJNG1y1XbRIRGFOlk=
Subject key identifier: 55:95:34:9A:8C:82:24:45:5A:46:9B:F5:35:D8:FE:73:66:76:74:DF
Certificate issuer: /CN=11dd0ebff5ba38a8758b794d04d62905194a3266
Certificate serial: 0305C38D
Authority key identifier: 11:DD:0E:BF:F5:BA:38:A8:75:8B:79:4D:04:D6:29:05:19:4A:32:66
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ed0Ov_W6OKh1i3lNBNYpBRlKMmY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/a66a29-51cc-4ba9-884f-f17613ea49e7/1/VZU0moyCJEVaRpv1Ndj-c2Z2dN8.roa
Signing time: Sat 02 Apr 2022 11:28:34 +0000
ROA not before: Sat 02 Apr 2022 11:28:34 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 35913
IP address blocks: 46.20.107.0/24 maxlen: 24
46.20.98.0/24 maxlen: 24
185.169.220.0/24 maxlen: 24
46.20.103.0/24 maxlen: 24
46.20.102.0/24 maxlen: 24
46.20.100.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 50709389 (0x305c38d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=11dd0ebff5ba38a8758b794d04d62905194a3266
Validity
Not Before: Apr 2 11:28:34 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5595349a8c8224455a469bf535d8fe73667674df
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:5d:f2:36:e7:a3:5f:a1:72:0f:7c:28:12:81:
ba:04:47:88:e3:0f:2f:6c:f1:84:5b:86:8e:0b:d7:
2d:88:ed:83:0b:be:da:32:98:a6:57:b4:b8:06:4e:
14:78:5c:92:71:17:04:1f:1c:5f:17:8e:c6:fc:93:
0d:14:b1:44:ec:2d:c1:b9:c0:59:d1:f8:1c:8b:18:
cb:ea:f8:14:18:49:9a:71:13:93:61:38:8d:ea:73:
57:e8:fb:9d:d0:1b:5a:dd:23:ed:ea:64:e1:5c:24:
47:9e:44:9b:db:e0:13:4c:57:8f:58:40:cc:6f:bc:
53:ae:7a:33:95:75:e0:91:04:f2:fe:37:bd:81:6e:
d3:64:a4:8c:68:c8:93:b6:98:91:ef:cc:5b:4f:9b:
b6:e7:ac:71:47:3e:3f:99:d0:89:e4:e1:64:15:4b:
18:c5:6d:81:0f:0b:a5:64:e1:47:61:03:a7:ef:99:
57:d3:e9:65:70:22:50:2d:65:44:4f:ec:c6:9b:ad:
9b:44:2e:6d:37:e5:2f:47:a5:e2:96:ff:c7:b4:db:
d6:86:9e:0e:60:ef:39:ec:30:12:b4:18:6d:8d:0b:
57:9c:29:a5:42:69:bd:51:b9:75:8a:34:84:4f:c6:
a4:e3:7a:87:67:bf:43:27:34:7b:89:ea:d5:35:3a:
57:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:95:34:9A:8C:82:24:45:5A:46:9B:F5:35:D8:FE:73:66:76:74:DF
X509v3 Authority Key Identifier:
keyid:11:DD:0E:BF:F5:BA:38:A8:75:8B:79:4D:04:D6:29:05:19:4A:32:66
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ed0Ov_W6OKh1i3lNBNYpBRlKMmY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/a66a29-51cc-4ba9-884f-f17613ea49e7/1/VZU0moyCJEVaRpv1Ndj-c2Z2dN8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/a66a29-51cc-4ba9-884f-f17613ea49e7/1/Ed0Ov_W6OKh1i3lNBNYpBRlKMmY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.20.98.0/24
46.20.100.0/24
46.20.102.0/23
46.20.107.0/24
185.169.220.0/24
Signature Algorithm: sha256WithRSAEncryption
8c:5e:88:cc:56:c8:f9:89:f7:d6:5d:b7:c6:d5:a2:3c:a3:08:
a9:5a:39:98:38:95:fb:d8:5d:05:b5:af:a6:c2:12:ea:6b:5b:
b3:62:9d:68:3e:49:64:ae:29:bb:f4:19:ac:17:cd:a7:27:b9:
27:eb:9a:6b:4d:2a:66:4f:5e:c6:a7:4a:ca:1a:a9:5f:a5:f1:
a2:c3:f0:23:2b:63:26:18:42:a6:d9:ca:bb:6d:98:53:bb:c7:
c3:cf:ce:e4:9f:8e:b5:ee:bb:e9:e6:cc:d1:cb:b2:95:16:1d:
39:ce:42:39:af:ba:91:01:ad:46:13:88:1c:c1:16:07:5e:d2:
49:30:ee:d1:6a:21:ab:f0:ef:7d:4b:61:99:1b:54:18:66:74:
fe:76:b1:2b:1c:3b:a7:23:d6:b1:e3:f2:af:e8:b9:4d:a9:26:
5e:55:51:bc:57:f0:c9:77:4e:61:7f:db:18:b5:51:25:ad:3c:
e8:9d:55:b4:d8:3d:ee:64:ff:45:a6:1c:52:af:c8:1c:f7:fa:
38:3a:4e:8e:84:4b:2f:0a:67:44:8a:5d:75:88:99:35:a1:59:
6f:91:7f:5c:e8:9c:05:ff:a9:89:28:65:a2:92:9c:58:70:a9:
f1:0d:7f:62:13:fd:97:de:7c:a6:a2:8f:1b:00:70:4e:d3:bf:
bc:0b:a1:ac
-----BEGIN CERTIFICATE-----
MIIFBzCCA++gAwIBAgIEAwXDjTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
MWRkMGViZmY1YmEzOGE4NzU4Yjc5NGQwNGQ2MjkwNTE5NGEzMjY2MB4XDTIyMDQw
MjExMjgzNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNTU5NTM0OWE4Yzgy
MjQ0NTVhNDY5YmY1MzVkOGZlNzM2Njc2NzRkZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKtd8jbno1+hcg98KBKBugRHiOMPL2zxhFuGjgvXLYjtgwu+
2jKYple0uAZOFHhcknEXBB8cXxeOxvyTDRSxROwtwbnAWdH4HIsYy+r4FBhJmnET
k2E4jepzV+j7ndAbWt0j7epk4VwkR55Em9vgE0xXj1hAzG+8U656M5V14JEE8v43
vYFu02SkjGjIk7aYke/MW0+btuescUc+P5nQieThZBVLGMVtgQ8LpWThR2EDp++Z
V9PpZXAiUC1lRE/sxputm0QubTflL0el4pb/x7Tb1oaeDmDvOewwErQYbY0LV5wp
pUJpvVG5dYo0hE/GpON6h2e/Qyc0e4nq1TU6V98CAwEAAaOCAiEwggIdMB0GA1Ud
DgQWBBRVlTSajIIkRVpGm/U12P5zZnZ03zAfBgNVHSMEGDAWgBQR3Q6/9bo4qHWL
eU0E1ikFGUoyZjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0VkME92X1c2T0toMWkzbE5CTllwQlJsS01tWS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjAvYTY2YTI5LTUxY2MtNGJhOS04ODRmLWYxNzYxM2VhNDllNy8x
L1ZaVTBtb3lDSkVWYVJwdjFOZGotYzJaMmROOC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjAv
YTY2YTI5LTUxY2MtNGJhOS04ODRmLWYxNzYxM2VhNDllNy8xL0VkME92X1c2T0to
MWkzbE5CTllwQlJsS01tWS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA3
BggrBgEFBQcBBwEB/wQoMCYwJAQCAAEwHgMEAC4UYgMEAC4UZAMEAS4UZgMEAC4U
awMEALmp3DANBgkqhkiG9w0BAQsFAAOCAQEAjF6IzFbI+Yn31l23xtWiPKMIqVo5
mDiV+9hdBbWvpsIS6mtbs2KdaD5JZK4pu/QZrBfNpye5J+uaa00qZk9exqdKyhqp
X6XxosPwIytjJhhCptnKu22YU7vHw8/O5J+Ote676ebM0cuylRYdOc5COa+6kQGt
RhOIHMEWB17SSTDu0Wohq/DvfUthmRtUGGZ0/naxKxw7pyPWsePyr+i5TakmXlVR
vFfwyXdOYX/bGLVRJa086J1VtNg97mT/RaYcUq/IHPf6ODpOjoRLLwpnRIpddYiZ
NaFZb5F/XOicBf+piShlopKcWHCp8Q1/YhP9l958pqKPGwBwTtO/vAuhrA==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:43:40 2025 by rpki-client