Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/a66a29-51cc-4ba9-884f-f17613ea49e7/1/YPNxGfZCpul2SsFBnh0dYQKmZ7Q.roa
File: YPNxGfZCpul2SsFBnh0dYQKmZ7Q.roa (raw, json)
Hash identifier: TjmEM2Hp6VfmFqvCP2pjsBKOLbamdK6LZmOMC84PAFk=
Subject key identifier: 60:F3:71:19:F6:42:A6:E9:76:4A:C1:41:9E:1D:1D:61:02:A6:67:B4
Certificate issuer: /CN=11dd0ebff5ba38a8758b794d04d62905194a3266
Certificate serial: 01856D2F2F6F3514D8E8E6CD802F70C119E8
Authority key identifier: 11:DD:0E:BF:F5:BA:38:A8:75:8B:79:4D:04:D6:29:05:19:4A:32:66
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ed0Ov_W6OKh1i3lNBNYpBRlKMmY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/a66a29-51cc-4ba9-884f-f17613ea49e7/1/YPNxGfZCpul2SsFBnh0dYQKmZ7Q.roa
Signing time: Sun 01 Jan 2023 11:54:46 +0000
ROA not before: Sun 01 Jan 2023 11:54:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 34458
IP address blocks: 46.20.107.0/24 maxlen: 24
46.20.108.0/24 maxlen: 24
46.20.106.0/24 maxlen: 24
46.20.111.0/24 maxlen: 24
46.20.110.0/24 maxlen: 24
46.20.97.0/24 maxlen: 24
46.20.104.0/24 maxlen: 24
46.20.105.0/24 maxlen: 24
46.20.101.0/24 maxlen: 24
185.160.194.0/24 maxlen: 24
185.100.170.0/24 maxlen: 24
185.100.171.0/24 maxlen: 24
185.100.168.0/24 maxlen: 24
185.100.169.0/24 maxlen: 24
185.169.222.0/24 maxlen: 24
185.169.221.0/24 maxlen: 24
185.169.223.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:2f:2f:6f:35:14:d8:e8:e6:cd:80:2f:70:c1:19:e8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=11dd0ebff5ba38a8758b794d04d62905194a3266
Validity
Not Before: Jan 1 11:54:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=60f37119f642a6e9764ac1419e1d1d6102a667b4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:ee:e9:87:91:ce:f4:ba:22:11:6c:b1:39:3f:
dc:eb:fc:d4:b1:ed:b7:60:fd:c8:42:ec:ba:27:cb:
70:68:13:bf:ef:08:59:0e:5f:e0:e2:1c:4c:5d:e4:
05:a9:0e:34:95:d6:28:bb:1d:4e:f9:2a:8a:2f:21:
f1:f8:b0:df:d4:a4:93:be:7a:9f:db:10:bb:cf:92:
44:b5:35:3e:bc:5e:4b:e5:92:37:fc:5c:2b:69:e2:
c3:27:5c:38:7c:be:9c:31:c3:17:3a:06:94:6d:60:
64:e2:02:09:be:57:a9:e7:72:d8:74:08:c3:78:ea:
1b:db:30:a1:cb:23:59:3c:0c:b2:3e:37:ef:ce:18:
b7:3c:a2:a0:52:ff:5e:5b:30:f4:de:2c:4f:fb:e5:
cc:4c:2c:12:e4:2c:78:64:a3:c9:5b:96:57:70:44:
0f:68:b3:3c:84:d5:a0:3b:d9:2d:b8:23:b5:79:d9:
07:c7:6d:bb:db:ec:74:69:ba:34:2e:63:89:58:a4:
99:64:83:93:a2:07:e4:75:f0:16:e0:ea:96:4b:aa:
f5:df:67:db:ad:80:43:71:06:98:ad:bd:c0:9b:15:
db:47:51:c9:9e:98:6b:48:fe:fd:1f:06:73:d5:8f:
42:ec:65:9e:9b:20:7c:52:15:69:bf:5b:4f:6e:7c:
6e:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:F3:71:19:F6:42:A6:E9:76:4A:C1:41:9E:1D:1D:61:02:A6:67:B4
X509v3 Authority Key Identifier:
keyid:11:DD:0E:BF:F5:BA:38:A8:75:8B:79:4D:04:D6:29:05:19:4A:32:66
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ed0Ov_W6OKh1i3lNBNYpBRlKMmY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/a66a29-51cc-4ba9-884f-f17613ea49e7/1/YPNxGfZCpul2SsFBnh0dYQKmZ7Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/a66a29-51cc-4ba9-884f-f17613ea49e7/1/Ed0Ov_W6OKh1i3lNBNYpBRlKMmY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.20.97.0/24
46.20.101.0/24
46.20.104.0-46.20.108.255
46.20.110.0/23
185.100.168.0/22
185.160.194.0/24
185.169.221.0-185.169.223.255
Signature Algorithm: sha256WithRSAEncryption
b4:49:59:c8:d0:2b:32:0f:da:c3:98:e6:4a:21:15:5c:e2:78:
c6:cf:88:75:2f:f3:5e:14:c1:23:21:02:79:75:9c:8e:d3:83:
ac:bf:61:57:90:06:4a:ca:00:c6:9f:c6:e3:fc:9d:53:f3:9c:
a7:22:38:ed:04:a2:11:f7:b5:c1:dd:b8:ba:47:11:8c:1d:9a:
e5:63:04:d0:f9:31:de:21:e8:0a:74:9e:04:3d:09:aa:83:38:
32:ee:3b:4a:9a:e8:99:17:bc:dc:67:08:33:b3:04:ee:b9:1e:
18:1e:81:fa:49:2a:2d:87:8d:01:f2:cf:60:50:8e:f9:f1:4b:
a6:48:96:36:7b:19:bb:87:ca:06:95:52:06:3f:63:7e:eb:e9:
98:fb:09:85:00:5f:8b:0c:b3:8e:8b:a5:c7:ea:7e:01:2f:96:
73:c1:7c:7a:6e:6e:b8:7f:f6:8d:67:ce:60:81:53:39:c8:bc:
7f:25:31:f9:ee:53:58:09:2e:13:29:9c:f0:0f:f5:30:c9:64:
7f:ff:32:05:e1:72:67:17:08:1f:a6:05:0c:73:09:44:cf:59:
72:4a:70:59:5c:04:33:90:f0:e0:4d:0f:79:09:11:fa:00:67:
09:72:ed:fe:57:40:a6:88:1c:28:6b:fb:93:9d:0c:b1:8c:dc:
91:17:59:a7
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgISAYVtLy9vNRTY6ObNgC9wwRnoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDExZGQwZWJmZjViYTM4YTg3NThiNzk0ZDA0ZDYyOTA1MTk0
YTMyNjYwHhcNMjMwMTAxMTE1NDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MGYzNzExOWY2NDJhNmU5NzY0YWMxNDE5ZTFkMWQ2MTAyYTY2N2I0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnu7ph5HO9LoiEWyxOT/c6/zUse23
YP3IQuy6J8twaBO/7whZDl/g4hxMXeQFqQ40ldYoux1O+SqKLyHx+LDf1KSTvnqf
2xC7z5JEtTU+vF5L5ZI3/FwraeLDJ1w4fL6cMcMXOgaUbWBk4gIJvlep53LYdAjD
eOob2zChyyNZPAyyPjfvzhi3PKKgUv9eWzD03ixP++XMTCwS5Cx4ZKPJW5ZXcEQP
aLM8hNWgO9ktuCO1edkHx2272+x0abo0LmOJWKSZZIOTogfkdfAW4OqWS6r132fb
rYBDcQaYrb3AmxXbR1HJnphrSP79HwZz1Y9C7GWemyB8UhVpv1tPbnxudQIDAQAB
o4ICPTCCAjkwHQYDVR0OBBYEFGDzcRn2QqbpdkrBQZ4dHWECpme0MB8GA1UdIwQY
MBaAFBHdDr/1ujiodYt5TQTWKQUZSjJmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRWQwT3ZfVzZPS2gxaTNsTkJOWXBCUmxLTW1ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC9hNjZhMjktNTFjYy00YmE5LTg4NGYt
ZjE3NjEzZWE0OWU3LzEvWVBOeEdmWkNwdWwyU3NGQm5oMGRZUUttWjdRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC9hNjZhMjktNTFjYy00YmE5LTg4NGYtZjE3NjEzZWE0OWU3
LzEvRWQwT3ZfVzZPS2gxaTNsTkJOWXBCUmxLTW1ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFMGCCsGAQUFBwEHAQH/BEQwQjBABAIAATA6AwQALhRhAwQA
LhRlMAwDBAMuFGgDBAAuFGwDBAEuFG4DBAK5ZKgDBAC5oMIwDAMEALmp3QMEBbmp
wDANBgkqhkiG9w0BAQsFAAOCAQEAtElZyNArMg/aw5jmSiEVXOJ4xs+IdS/zXhTB
IyECeXWcjtODrL9hV5AGSsoAxp/G4/ydU/OcpyI47QSiEfe1wd24ukcRjB2a5WME
0Pkx3iHoCnSeBD0JqoM4Mu47SpromRe83GcIM7ME7rkeGB6B+kkqLYeNAfLPYFCO
+fFLpkiWNnsZu4fKBpVSBj9jfuvpmPsJhQBfiwyzjoulx+p+AS+Wc8F8em5uuH/2
jWfOYIFTOci8fyUx+e5TWAkuEymc8A/1MMlkf/8yBeFyZxcIH6YFDHMJRM9Zckpw
WVwEM5Dw4E0PeQkR+gBnCXLt/ldApogcKGv7k50MsYzckRdZpw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:38:59 2024 by rpki-client on console-ams.rpki-client.org