Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/a66a29-51cc-4ba9-884f-f17613ea49e7/1/_ExwN3bxbjv1SnX66eSifEIvFqI.roa
File: _ExwN3bxbjv1SnX66eSifEIvFqI.roa (raw, json)
Hash identifier: jfDD7tdgYEua0z7TgtuKMRMX3FrF3Lri+6mW+pa0480=
Subject key identifier: FC:4C:70:37:76:F1:6E:3B:F5:4A:75:FA:E9:E4:A2:7C:42:2F:16:A2
Certificate issuer: /CN=11dd0ebff5ba38a8758b794d04d62905194a3266
Certificate serial: 0183AC2A404FC50217C85971845E3AE39631
Authority key identifier: 11:DD:0E:BF:F5:BA:38:A8:75:8B:79:4D:04:D6:29:05:19:4A:32:66
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ed0Ov_W6OKh1i3lNBNYpBRlKMmY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/a66a29-51cc-4ba9-884f-f17613ea49e7/1/_ExwN3bxbjv1SnX66eSifEIvFqI.roa
Signing time: Thu 06 Oct 2022 07:19:53 +0000
ROA not before: Thu 06 Oct 2022 07:19:53 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 60721
IP address blocks: 46.20.107.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:ac:2a:40:4f:c5:02:17:c8:59:71:84:5e:3a:e3:96:31
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=11dd0ebff5ba38a8758b794d04d62905194a3266
Validity
Not Before: Oct 6 07:19:53 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=fc4c703776f16e3bf54a75fae9e4a27c422f16a2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:1f:a8:d8:96:db:d6:fd:d0:5a:d4:5d:90:38:
36:45:01:b0:14:e2:6f:34:02:2c:32:6a:e6:d3:32:
3d:6d:71:c8:06:37:4a:2a:d5:fd:cb:44:45:b7:58:
5b:d1:af:71:88:52:f3:d8:72:38:7a:42:e6:3f:25:
61:e2:8d:1a:07:b2:8a:1f:38:5f:38:40:33:bc:ce:
91:48:21:05:28:9b:5c:26:48:aa:99:7e:7b:7d:2c:
35:0d:a7:03:3c:80:0d:38:05:41:97:f9:01:88:d2:
1c:37:bf:cb:52:0b:2d:3e:aa:82:4e:f5:bb:ca:65:
0c:9c:f3:15:18:c3:3c:e8:7c:a4:bf:71:bb:9f:30:
a2:af:a4:d9:86:b2:76:e1:2c:f8:41:46:41:fe:86:
f0:af:68:98:86:b7:bf:e3:7d:25:f4:b6:5f:10:11:
07:13:b5:91:cb:c9:c5:85:09:61:e2:da:4a:1f:88:
9c:eb:26:5e:1a:48:ef:c8:9f:fd:a0:33:b7:7d:05:
f8:6a:3a:9d:0a:95:c0:47:1e:54:1d:16:ac:7f:c0:
e4:8d:77:4d:43:aa:23:b5:2b:13:fc:e0:f6:ff:70:
15:9f:6a:fd:68:2b:df:68:12:3f:e5:76:ef:87:9a:
9d:11:38:ed:29:14:f5:f4:55:5c:c3:b2:37:53:33:
6e:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FC:4C:70:37:76:F1:6E:3B:F5:4A:75:FA:E9:E4:A2:7C:42:2F:16:A2
X509v3 Authority Key Identifier:
keyid:11:DD:0E:BF:F5:BA:38:A8:75:8B:79:4D:04:D6:29:05:19:4A:32:66
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ed0Ov_W6OKh1i3lNBNYpBRlKMmY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/a66a29-51cc-4ba9-884f-f17613ea49e7/1/_ExwN3bxbjv1SnX66eSifEIvFqI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/a66a29-51cc-4ba9-884f-f17613ea49e7/1/Ed0Ov_W6OKh1i3lNBNYpBRlKMmY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.20.107.0/24
Signature Algorithm: sha256WithRSAEncryption
80:6f:ae:0e:aa:55:66:9e:96:54:32:f1:27:9e:c5:da:70:f3:
ad:c4:9a:a6:43:ce:16:0a:aa:68:cd:3d:67:b3:cb:cb:21:c6:
17:13:c9:2e:28:e1:0c:89:4c:da:92:6b:4b:0c:cc:63:4e:e3:
04:43:6c:b9:f1:a6:c9:d2:f8:5b:22:39:37:43:af:41:40:cc:
bb:ac:c3:91:af:76:2c:a2:4e:29:4d:a2:4f:a8:48:01:de:cf:
63:34:e2:ef:0e:d1:f7:a1:d2:1c:a9:fb:46:bf:c3:c0:49:fb:
2a:f1:84:3a:bb:b3:ff:74:5b:4f:9b:da:c5:a0:07:85:de:80:
8d:91:f7:f3:1e:3a:45:41:37:36:e7:81:bf:3a:c9:7f:83:b1:
88:6e:ee:ab:59:ee:a6:f7:45:69:2e:f5:19:24:d6:1e:1a:6c:
e9:58:ee:ec:07:99:06:4c:ce:1d:47:66:87:c4:5d:20:4c:5f:
54:57:1d:9b:6d:6e:62:52:40:67:e4:c0:79:c7:fb:fd:b6:65:
aa:76:4f:81:a8:c9:f3:58:80:37:b5:a7:dc:40:9e:7c:5b:dd:
61:8b:92:81:e0:96:3d:81:af:0d:79:a3:99:90:28:e4:4d:c9:
cd:31:20:18:75:9c:b3:56:8b:36:13:95:4a:76:ab:a9:dc:03:
40:ce:d7:40
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYOsKkBPxQIXyFlxhF4645YxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDExZGQwZWJmZjViYTM4YTg3NThiNzk0ZDA0ZDYyOTA1MTk0
YTMyNjYwHhcNMjIxMDA2MDcxOTUzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYzRjNzAzNzc2ZjE2ZTNiZjU0YTc1ZmFlOWU0YTI3YzQyMmYxNmEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmh+o2Jbb1v3QWtRdkDg2RQGwFOJv
NAIsMmrm0zI9bXHIBjdKKtX9y0RFt1hb0a9xiFLz2HI4ekLmPyVh4o0aB7KKHzhf
OEAzvM6RSCEFKJtcJkiqmX57fSw1DacDPIANOAVBl/kBiNIcN7/LUgstPqqCTvW7
ymUMnPMVGMM86Hykv3G7nzCir6TZhrJ24Sz4QUZB/obwr2iYhre/430l9LZfEBEH
E7WRy8nFhQlh4tpKH4ic6yZeGkjvyJ/9oDO3fQX4ajqdCpXARx5UHRasf8DkjXdN
Q6ojtSsT/OD2/3AVn2r9aCvfaBI/5Xbvh5qdETjtKRT19FVcw7I3UzNu8wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPxMcDd28W479Up1+unkonxCLxaiMB8GA1UdIwQY
MBaAFBHdDr/1ujiodYt5TQTWKQUZSjJmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRWQwT3ZfVzZPS2gxaTNsTkJOWXBCUmxLTW1ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC9hNjZhMjktNTFjYy00YmE5LTg4NGYt
ZjE3NjEzZWE0OWU3LzEvX0V4d04zYnhianYxU25YNjZlU2lmRUl2RnFJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC9hNjZhMjktNTFjYy00YmE5LTg4NGYtZjE3NjEzZWE0OWU3
LzEvRWQwT3ZfVzZPS2gxaTNsTkJOWXBCUmxLTW1ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALhRrMA0G
CSqGSIb3DQEBCwUAA4IBAQCAb64OqlVmnpZUMvEnnsXacPOtxJqmQ84WCqpozT1n
s8vLIcYXE8kuKOEMiUzakmtLDMxjTuMEQ2y58abJ0vhbIjk3Q69BQMy7rMORr3Ys
ok4pTaJPqEgB3s9jNOLvDtH3odIcqftGv8PASfsq8YQ6u7P/dFtPm9rFoAeF3oCN
kffzHjpFQTc254G/Osl/g7GIbu6rWe6m90VpLvUZJNYeGmzpWO7sB5kGTM4dR2aH
xF0gTF9UVx2bbW5iUkBn5MB5x/v9tmWqdk+BqMnzWIA3tafcQJ58W91hi5KB4JY9
ga8NeaOZkCjkTcnNMSAYdZyzVos2E5VKdqup3ANAztdA
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:17:25 2025 by rpki-client