Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/a66a29-51cc-4ba9-884f-f17613ea49e7/1/Wr9Wj2H-p3MQP39K43F_CHEjnJo.roa
File: Wr9Wj2H-p3MQP39K43F_CHEjnJo.roa (raw, json)
Hash identifier: Eh1Pr6z/XfrYrfz/CQplgzd9awnGQOXNAOgxpClzdE4=
Subject key identifier: 5A:BF:56:8F:61:FE:A7:73:10:3F:7F:4A:E3:71:7F:08:71:23:9C:9A
Certificate issuer: /CN=11dd0ebff5ba38a8758b794d04d62905194a3266
Certificate serial: 03BCCD99
Authority key identifier: 11:DD:0E:BF:F5:BA:38:A8:75:8B:79:4D:04:D6:29:05:19:4A:32:66
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ed0Ov_W6OKh1i3lNBNYpBRlKMmY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/a66a29-51cc-4ba9-884f-f17613ea49e7/1/Wr9Wj2H-p3MQP39K43F_CHEjnJo.roa
Signing time: Wed 15 Jun 2022 13:10:45 +0000
ROA not before: Wed 15 Jun 2022 13:10:45 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 34458
IP address blocks: 46.20.108.0/24 maxlen: 24
46.20.106.0/24 maxlen: 24
46.20.111.0/24 maxlen: 24
46.20.110.0/24 maxlen: 24
46.20.97.0/24 maxlen: 24
46.20.96.0/24 maxlen: 24
46.20.104.0/24 maxlen: 24
46.20.105.0/24 maxlen: 24
46.20.101.0/24 maxlen: 24
185.160.194.0/24 maxlen: 24
185.100.170.0/24 maxlen: 24
185.100.171.0/24 maxlen: 24
185.100.168.0/24 maxlen: 24
185.100.169.0/24 maxlen: 24
185.169.222.0/24 maxlen: 24
185.169.221.0/24 maxlen: 24
185.169.223.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 62705049 (0x3bccd99)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=11dd0ebff5ba38a8758b794d04d62905194a3266
Validity
Not Before: Jun 15 13:10:45 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5abf568f61fea773103f7f4ae3717f0871239c9a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:02:c2:19:30:19:c4:e0:d7:8f:14:27:d8:db:
df:c3:00:6d:0b:5b:e4:aa:ba:dd:f0:bc:5f:13:f8:
7c:ad:14:d3:dc:ca:4d:31:1b:8a:52:4e:28:98:59:
81:ad:cb:60:eb:34:de:a9:17:27:84:21:13:27:ae:
36:76:8a:44:bb:13:0b:ed:d2:54:ec:dd:a7:93:b8:
5c:d9:da:8e:42:1a:bd:2c:e6:1b:fb:7d:4e:cf:49:
c4:c5:8c:51:ea:bd:c6:e7:17:ae:00:df:cb:82:66:
52:cb:13:00:e0:02:09:a6:4c:a5:1d:92:22:8b:f2:
4c:33:f0:5d:e0:45:d2:21:66:41:3a:7a:ce:b1:a5:
94:bd:79:d1:89:a2:ea:d0:47:c0:cf:1c:db:41:b2:
4d:e4:d2:51:d5:37:75:ff:c6:84:60:00:83:ce:f3:
4f:b8:07:aa:68:c0:cc:71:8d:c4:ad:ed:bd:d1:3b:
87:de:f6:1e:f4:ee:ef:3e:3b:2c:b8:5e:8a:83:87:
23:9b:3c:a9:92:ea:86:03:d5:23:cc:c2:b0:f1:f0:
d8:a9:05:9e:00:3d:9c:dd:41:23:c4:c4:c4:f6:92:
6f:ae:f5:e2:88:c3:3c:dc:92:c6:a2:dc:d4:07:71:
3a:bb:93:51:8c:7a:6c:57:c9:27:cb:d5:25:de:c9:
0d:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:BF:56:8F:61:FE:A7:73:10:3F:7F:4A:E3:71:7F:08:71:23:9C:9A
X509v3 Authority Key Identifier:
keyid:11:DD:0E:BF:F5:BA:38:A8:75:8B:79:4D:04:D6:29:05:19:4A:32:66
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ed0Ov_W6OKh1i3lNBNYpBRlKMmY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/a66a29-51cc-4ba9-884f-f17613ea49e7/1/Wr9Wj2H-p3MQP39K43F_CHEjnJo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/a66a29-51cc-4ba9-884f-f17613ea49e7/1/Ed0Ov_W6OKh1i3lNBNYpBRlKMmY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.20.96.0/23
46.20.101.0/24
46.20.104.0-46.20.106.255
46.20.108.0/24
46.20.110.0/23
185.100.168.0/22
185.160.194.0/24
185.169.221.0-185.169.223.255
Signature Algorithm: sha256WithRSAEncryption
62:8b:a4:f2:c0:45:1b:76:bf:8d:22:e5:51:68:f4:69:e4:5a:
64:6e:4f:b4:37:d7:1c:c0:bd:a4:07:74:2a:85:84:8e:47:66:
ac:5d:24:d1:e7:e6:29:0c:c4:58:d6:fd:87:5f:cc:c8:63:99:
39:42:34:2d:9e:5f:1d:5c:82:aa:6e:8f:89:02:60:f1:1d:ce:
e4:70:41:2d:2c:17:90:d9:e4:79:2a:6d:20:11:4c:81:6c:b9:
3f:2d:6b:61:17:5b:df:e5:94:6c:3d:03:8c:d8:b4:cf:77:41:
01:f6:d0:e9:e3:7a:4b:69:d6:41:51:a9:99:3f:90:64:e4:10:
d6:07:bd:1a:57:72:44:4e:b9:20:75:7d:42:3d:45:94:9f:da:
cb:95:6e:fb:2a:e7:0b:d8:3d:41:84:cf:e9:2d:c8:02:aa:52:
fb:12:00:ed:1f:a8:a8:2b:d0:38:37:2a:ad:5c:21:61:fc:e7:
de:22:6b:27:64:b3:f9:15:1b:ff:05:8e:18:91:f1:17:76:9e:
b7:e5:85:4a:e2:cc:c2:8d:77:72:61:7d:f2:2d:19:cf:83:07:
09:ae:90:3c:a0:33:e9:07:40:5f:7d:b1:85:bf:ee:18:81:23:
4c:44:08:90:24:c4:d8:94:aa:57:00:67:8a:6e:43:0a:f9:98:
e8:d0:cf:97
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgIEA7zNmTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
MWRkMGViZmY1YmEzOGE4NzU4Yjc5NGQwNGQ2MjkwNTE5NGEzMjY2MB4XDTIyMDYx
NTEzMTA0NVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNWFiZjU2OGY2MWZl
YTc3MzEwM2Y3ZjRhZTM3MTdmMDg3MTIzOWM5YTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMoCwhkwGcTg148UJ9jb38MAbQtb5Kq63fC8XxP4fK0U09zK
TTEbilJOKJhZga3LYOs03qkXJ4QhEyeuNnaKRLsTC+3SVOzdp5O4XNnajkIavSzm
G/t9Ts9JxMWMUeq9xucXrgDfy4JmUssTAOACCaZMpR2SIovyTDPwXeBF0iFmQTp6
zrGllL150Ymi6tBHwM8c20GyTeTSUdU3df/GhGAAg87zT7gHqmjAzHGNxK3tvdE7
h972HvTu7z47LLheioOHI5s8qZLqhgPVI8zCsPHw2KkFngA9nN1BI8TExPaSb671
4ojDPNySxqLc1AdxOruTUYx6bFfJJ8vVJd7JDc0CAwEAAaOCAkMwggI/MB0GA1Ud
DgQWBBRav1aPYf6ncxA/f0rjcX8IcSOcmjAfBgNVHSMEGDAWgBQR3Q6/9bo4qHWL
eU0E1ikFGUoyZjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0VkME92X1c2T0toMWkzbE5CTllwQlJsS01tWS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjAvYTY2YTI5LTUxY2MtNGJhOS04ODRmLWYxNzYxM2VhNDllNy8x
L1dyOVdqMkgtcDNNUVAzOUs0M0ZfQ0hFam5Kby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjAv
YTY2YTI5LTUxY2MtNGJhOS04ODRmLWYxNzYxM2VhNDllNy8xL0VkME92X1c2T0to
MWkzbE5CTllwQlJsS01tWS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZ
BggrBgEFBQcBBwEB/wRKMEgwRgQCAAEwQAMEAS4UYAMEAC4UZTAMAwQDLhRoAwQA
LhRqAwQALhRsAwQBLhRuAwQCuWSoAwQAuaDCMAwDBAC5qd0DBAW5qcAwDQYJKoZI
hvcNAQELBQADggEBAGKLpPLARRt2v40i5VFo9GnkWmRuT7Q31xzAvaQHdCqFhI5H
ZqxdJNHn5ikMxFjW/YdfzMhjmTlCNC2eXx1cgqpuj4kCYPEdzuRwQS0sF5DZ5Hkq
bSARTIFsuT8ta2EXW9/llGw9A4zYtM93QQH20Onjektp1kFRqZk/kGTkENYHvRpX
ckROuSB1fUI9RZSf2suVbvsq5wvYPUGEz+ktyAKqUvsSAO0fqKgr0Dg3Kq1cIWH8
594iaydks/kVG/8FjhiR8Rd2nrflhUrizMKNd3JhffItGc+DBwmukDygM+kHQF99
sYW/7hiBI0xECJAkxNiUqlcAZ4puQwr5mOjQz5c=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:16 2023 by rpki-client on console-ams.rpki-client.org