Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/a66a29-51cc-4ba9-884f-f17613ea49e7/1/b9gJYaGsbvTdG6W8qI7Rqfc-1q8.roa
File: b9gJYaGsbvTdG6W8qI7Rqfc-1q8.roa (raw, json)
Hash identifier: gXI0y7L+dqJ/FFZJGtTaBIw2vv6TAycCsKxtAiZaUkw=
Subject key identifier: 6F:D8:09:61:A1:AC:6E:F4:DD:1B:A5:BC:A8:8E:D1:A9:F7:3E:D6:AF
Certificate issuer: /CN=11dd0ebff5ba38a8758b794d04d62905194a3266
Certificate serial: 0184BF206090924E0BA846C0570A7B3A8FA2
Authority key identifier: 11:DD:0E:BF:F5:BA:38:A8:75:8B:79:4D:04:D6:29:05:19:4A:32:66
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ed0Ov_W6OKh1i3lNBNYpBRlKMmY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/a66a29-51cc-4ba9-884f-f17613ea49e7/1/b9gJYaGsbvTdG6W8qI7Rqfc-1q8.roa
Signing time: Mon 28 Nov 2022 16:44:40 +0000
ROA not before: Mon 28 Nov 2022 16:44:40 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 63023
IP address blocks: 46.20.107.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:bf:20:60:90:92:4e:0b:a8:46:c0:57:0a:7b:3a:8f:a2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=11dd0ebff5ba38a8758b794d04d62905194a3266
Validity
Not Before: Nov 28 16:44:40 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6fd80961a1ac6ef4dd1ba5bca88ed1a9f73ed6af
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:c2:4c:fa:c3:15:35:28:62:c6:79:d3:fa:b5:
89:e8:ce:f5:a9:90:99:dd:42:4d:1d:49:cd:3c:23:
23:83:b2:b2:c5:13:74:07:a7:9f:d6:da:2c:1e:c6:
7c:03:9e:57:d7:ee:ec:c0:0a:4c:d4:75:41:5e:e7:
23:b6:c3:3a:27:01:bf:0a:5f:0a:67:a4:df:4a:55:
af:04:4b:6a:9c:db:e8:a7:ff:da:01:a4:6e:84:54:
15:a0:5a:13:41:bc:a7:4f:fe:a3:9d:9e:24:92:79:
a9:f8:64:b5:53:aa:19:d5:cf:35:df:b5:d9:6e:cc:
13:b6:55:4e:88:d0:8e:1a:7b:de:f2:60:66:1e:ec:
19:08:e1:8c:17:65:11:1d:bb:4e:79:bf:14:de:5e:
b6:fb:c5:8a:1e:06:68:4a:dc:e3:25:ff:b0:49:53:
e0:82:ea:e7:25:3c:39:f4:39:89:f1:77:86:6f:54:
a4:8f:78:ae:51:d7:3a:38:e3:17:fd:c6:b4:76:cc:
b3:34:2a:a3:d3:8f:0a:a6:b9:23:cc:0b:be:ca:66:
7e:82:b6:fd:f9:45:fc:8b:47:1f:00:0a:92:d9:c5:
16:03:3e:d4:de:ec:8e:37:93:63:63:0c:d5:c8:52:
a1:78:0e:72:92:33:0f:56:f2:82:16:f9:b8:17:44:
55:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:D8:09:61:A1:AC:6E:F4:DD:1B:A5:BC:A8:8E:D1:A9:F7:3E:D6:AF
X509v3 Authority Key Identifier:
keyid:11:DD:0E:BF:F5:BA:38:A8:75:8B:79:4D:04:D6:29:05:19:4A:32:66
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ed0Ov_W6OKh1i3lNBNYpBRlKMmY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/a66a29-51cc-4ba9-884f-f17613ea49e7/1/b9gJYaGsbvTdG6W8qI7Rqfc-1q8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/a66a29-51cc-4ba9-884f-f17613ea49e7/1/Ed0Ov_W6OKh1i3lNBNYpBRlKMmY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.20.107.0/24
Signature Algorithm: sha256WithRSAEncryption
8d:71:cd:ca:b3:8d:68:6a:bd:51:cf:96:cc:6b:ac:d9:0a:6c:
7d:e9:7f:a5:f9:05:b7:0a:89:e9:36:c9:34:9c:2f:6c:2a:26:
9f:ff:c2:7f:51:86:e7:f2:29:68:6d:ce:b1:6a:c3:1d:a4:cf:
99:fb:eb:1a:5d:a0:3b:d4:25:60:af:73:f6:de:30:ad:30:04:
37:ba:7b:cf:08:13:be:2c:0c:f3:a5:f8:22:0f:cf:5f:87:13:
69:4c:b9:59:8f:ea:92:de:4b:fb:f3:47:41:b2:0d:a9:f4:7e:
ad:c2:3b:84:12:be:93:4d:d3:aa:9c:bc:2e:42:dd:b6:d7:3b:
0d:d9:1e:eb:c5:9f:d4:c7:ff:5f:f9:48:19:81:03:07:58:ec:
12:71:13:d7:a2:4d:63:36:34:af:c9:f2:fa:4f:0f:12:ac:11:
7c:7f:bd:07:ee:13:40:c9:c0:4c:0a:79:99:17:b8:1d:78:4c:
d1:d2:5e:a4:12:22:e6:61:32:46:9a:0f:9b:51:68:8a:3c:1a:
e9:4c:8b:dd:89:bf:c0:5e:04:ea:9c:e0:b6:11:8f:70:51:41:
3a:34:70:b3:76:1e:1f:dd:33:34:f8:25:7e:50:d3:62:61:bc:
cc:f1:14:85:d1:b8:d6:db:ce:2f:2d:92:94:1f:07:5d:6e:1e:
65:9e:40:e1
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYS/IGCQkk4LqEbAVwp7Oo+iMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDExZGQwZWJmZjViYTM4YTg3NThiNzk0ZDA0ZDYyOTA1MTk0
YTMyNjYwHhcNMjIxMTI4MTY0NDQwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZmQ4MDk2MWExYWM2ZWY0ZGQxYmE1YmNhODhlZDFhOWY3M2VkNmFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAysJM+sMVNShixnnT+rWJ6M71qZCZ
3UJNHUnNPCMjg7KyxRN0B6ef1tosHsZ8A55X1+7swApM1HVBXucjtsM6JwG/Cl8K
Z6TfSlWvBEtqnNvop//aAaRuhFQVoFoTQbynT/6jnZ4kknmp+GS1U6oZ1c8137XZ
bswTtlVOiNCOGnve8mBmHuwZCOGMF2URHbtOeb8U3l62+8WKHgZoStzjJf+wSVPg
gurnJTw59DmJ8XeGb1Skj3iuUdc6OOMX/ca0dsyzNCqj048KprkjzAu+ymZ+grb9
+UX8i0cfAAqS2cUWAz7U3uyON5NjYwzVyFKheA5ykjMPVvKCFvm4F0RVAQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFG/YCWGhrG703RulvKiO0an3PtavMB8GA1UdIwQY
MBaAFBHdDr/1ujiodYt5TQTWKQUZSjJmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRWQwT3ZfVzZPS2gxaTNsTkJOWXBCUmxLTW1ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC9hNjZhMjktNTFjYy00YmE5LTg4NGYt
ZjE3NjEzZWE0OWU3LzEvYjlnSllhR3NidlRkRzZXOHFJN1JxZmMtMXE4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC9hNjZhMjktNTFjYy00YmE5LTg4NGYtZjE3NjEzZWE0OWU3
LzEvRWQwT3ZfVzZPS2gxaTNsTkJOWXBCUmxLTW1ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALhRrMA0G
CSqGSIb3DQEBCwUAA4IBAQCNcc3Ks41oar1Rz5bMa6zZCmx96X+l+QW3ConpNsk0
nC9sKiaf/8J/UYbn8ilobc6xasMdpM+Z++saXaA71CVgr3P23jCtMAQ3unvPCBO+
LAzzpfgiD89fhxNpTLlZj+qS3kv780dBsg2p9H6twjuEEr6TTdOqnLwuQt221zsN
2R7rxZ/Ux/9f+UgZgQMHWOwScRPXok1jNjSvyfL6Tw8SrBF8f70H7hNAycBMCnmZ
F7gdeEzR0l6kEiLmYTJGmg+bUWiKPBrpTIvdib/AXgTqnOC2EY9wUUE6NHCzdh4f
3TM0+CV+UNNiYbzM8RSF0bjW284vLZKUHwddbh5lnkDh
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:16:18 2025 by rpki-client