Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/a66a29-51cc-4ba9-884f-f17613ea49e7/1/hL_g8SSay5F7XhY0-QhKEMyGPjU.roa
File: hL_g8SSay5F7XhY0-QhKEMyGPjU.roa (raw, json)
Hash identifier: vsy6Wgzt7EWMB7s5O4gORDSAJ9h2k3AgcBu7/YA9ghc=
Subject key identifier: 84:BF:E0:F1:24:9A:CB:91:7B:5E:16:34:F9:08:4A:10:CC:86:3E:35
Certificate issuer: /CN=11dd0ebff5ba38a8758b794d04d62905194a3266
Certificate serial: 0181F439FDB5D25E7FD623313CD118B3A55F
Authority key identifier: 11:DD:0E:BF:F5:BA:38:A8:75:8B:79:4D:04:D6:29:05:19:4A:32:66
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ed0Ov_W6OKh1i3lNBNYpBRlKMmY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/a66a29-51cc-4ba9-884f-f17613ea49e7/1/hL_g8SSay5F7XhY0-QhKEMyGPjU.roa
Signing time: Tue 12 Jul 2022 21:04:09 +0000
ROA not before: Tue 12 Jul 2022 21:04:09 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 34458
IP address blocks: 46.20.108.0/24 maxlen: 24
46.20.106.0/24 maxlen: 24
46.20.111.0/24 maxlen: 24
46.20.110.0/24 maxlen: 24
46.20.97.0/24 maxlen: 24
46.20.104.0/24 maxlen: 24
46.20.105.0/24 maxlen: 24
46.20.101.0/24 maxlen: 24
185.160.194.0/24 maxlen: 24
185.100.170.0/24 maxlen: 24
185.100.171.0/24 maxlen: 24
185.100.168.0/24 maxlen: 24
185.100.169.0/24 maxlen: 24
185.169.222.0/24 maxlen: 24
185.169.221.0/24 maxlen: 24
185.169.223.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:81:f4:39:fd:b5:d2:5e:7f:d6:23:31:3c:d1:18:b3:a5:5f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=11dd0ebff5ba38a8758b794d04d62905194a3266
Validity
Not Before: Jul 12 21:04:09 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=84bfe0f1249acb917b5e1634f9084a10cc863e35
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:05:b8:73:63:e3:33:1b:1a:25:70:a9:9d:5e:
99:8e:c2:ad:f9:b2:35:70:07:b8:32:4f:ac:5c:b9:
27:09:b2:3d:13:8f:de:6d:15:5c:37:87:76:4c:db:
42:e0:61:16:10:b4:3e:d7:c6:9d:0a:a5:8b:4c:67:
8a:a3:92:46:9d:e2:b6:2a:7f:62:fd:53:58:fd:a3:
c8:a8:e1:37:fa:71:a4:fe:5d:51:b8:ca:c5:34:43:
2c:7c:ff:12:4f:f5:1d:59:36:d1:54:52:f4:7f:03:
0e:92:62:39:76:0a:d5:4a:09:f0:74:de:b9:97:06:
f5:72:8d:00:60:84:03:19:ae:1f:67:db:c9:f7:de:
9f:86:5b:eb:49:05:bb:5c:00:28:7a:3f:a2:65:ee:
55:c1:f3:90:a9:1a:42:53:43:8a:ec:a1:0b:eb:7f:
05:f4:69:02:bf:ee:5d:1d:59:3e:2b:9f:5c:c1:60:
76:19:01:5b:6f:f1:3e:2a:c6:43:21:26:aa:bc:ea:
3c:8d:01:59:a3:61:d0:4a:fb:15:54:a7:9e:1a:08:
e9:33:13:a1:cc:90:c6:fd:32:1b:86:e9:c1:f5:42:
81:7a:15:7d:7a:8a:9f:9d:7d:5d:ce:c1:c2:f5:96:
db:20:4a:a4:bd:61:93:13:3e:b5:45:56:d5:25:5a:
11:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:BF:E0:F1:24:9A:CB:91:7B:5E:16:34:F9:08:4A:10:CC:86:3E:35
X509v3 Authority Key Identifier:
keyid:11:DD:0E:BF:F5:BA:38:A8:75:8B:79:4D:04:D6:29:05:19:4A:32:66
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ed0Ov_W6OKh1i3lNBNYpBRlKMmY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/a66a29-51cc-4ba9-884f-f17613ea49e7/1/hL_g8SSay5F7XhY0-QhKEMyGPjU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/a66a29-51cc-4ba9-884f-f17613ea49e7/1/Ed0Ov_W6OKh1i3lNBNYpBRlKMmY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.20.97.0/24
46.20.101.0/24
46.20.104.0-46.20.106.255
46.20.108.0/24
46.20.110.0/23
185.100.168.0/22
185.160.194.0/24
185.169.221.0-185.169.223.255
Signature Algorithm: sha256WithRSAEncryption
6f:50:02:28:45:f3:3d:88:9a:24:7f:67:7e:78:7e:51:7b:86:
ea:28:d2:06:de:0b:1b:ef:15:57:1c:78:c3:f4:d2:9c:50:98:
22:5a:6e:f0:ae:eb:1c:ad:67:31:c6:a7:17:96:9d:bc:e2:13:
a7:11:10:bf:79:dd:11:59:cf:b3:32:25:c3:8d:48:36:72:76:
28:40:ed:16:8e:65:6c:9d:6d:70:fb:d1:de:ed:17:c3:2c:38:
13:77:fc:2c:a4:4d:82:46:d5:0f:ca:f2:b9:6e:8f:32:19:27:
86:33:43:71:e4:ce:2b:ee:ac:34:39:f3:20:24:3c:1f:40:34:
3f:74:61:8a:f7:bf:b2:4d:1a:b8:12:15:b0:35:7f:d1:54:44:
6d:52:6f:3f:bd:7b:5f:11:ed:6d:29:d6:7e:87:6b:e5:11:9f:
f5:7d:84:50:49:01:b2:2c:9f:f9:fd:75:92:f7:43:da:f5:87:
09:91:05:52:58:e0:a4:8e:73:eb:36:41:17:93:aa:57:be:97:
42:1f:86:8c:94:91:97:4c:a3:e3:ee:b7:d3:dd:db:30:4c:80:
f3:1b:db:fc:66:21:95:ff:cb:2d:72:56:45:72:17:59:2a:ad:
29:af:d3:8c:29:af:de:16:22:6b:69:48:8f:87:59:b9:d7:24:
dc:4a:dc:f4
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgISAYH0Of210l5/1iMxPNEYs6VfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDExZGQwZWJmZjViYTM4YTg3NThiNzk0ZDA0ZDYyOTA1MTk0
YTMyNjYwHhcNMjIwNzEyMjEwNDA5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NGJmZTBmMTI0OWFjYjkxN2I1ZTE2MzRmOTA4NGExMGNjODYzZTM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1wW4c2PjMxsaJXCpnV6ZjsKt+bI1
cAe4Mk+sXLknCbI9E4/ebRVcN4d2TNtC4GEWELQ+18adCqWLTGeKo5JGneK2Kn9i
/VNY/aPIqOE3+nGk/l1RuMrFNEMsfP8ST/UdWTbRVFL0fwMOkmI5dgrVSgnwdN65
lwb1co0AYIQDGa4fZ9vJ996fhlvrSQW7XAAoej+iZe5VwfOQqRpCU0OK7KEL638F
9GkCv+5dHVk+K59cwWB2GQFbb/E+KsZDISaqvOo8jQFZo2HQSvsVVKeeGgjpMxOh
zJDG/TIbhunB9UKBehV9eoqfnX1dzsHC9ZbbIEqkvWGTEz61RVbVJVoRLQIDAQAB
o4ICQzCCAj8wHQYDVR0OBBYEFIS/4PEkmsuRe14WNPkIShDMhj41MB8GA1UdIwQY
MBaAFBHdDr/1ujiodYt5TQTWKQUZSjJmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRWQwT3ZfVzZPS2gxaTNsTkJOWXBCUmxLTW1ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC9hNjZhMjktNTFjYy00YmE5LTg4NGYt
ZjE3NjEzZWE0OWU3LzEvaExfZzhTU2F5NUY3WGhZMC1RaEtFTXlHUGpVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC9hNjZhMjktNTFjYy00YmE5LTg4NGYtZjE3NjEzZWE0OWU3
LzEvRWQwT3ZfVzZPS2gxaTNsTkJOWXBCUmxLTW1ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFkGCCsGAQUFBwEHAQH/BEowSDBGBAIAATBAAwQALhRhAwQA
LhRlMAwDBAMuFGgDBAAuFGoDBAAuFGwDBAEuFG4DBAK5ZKgDBAC5oMIwDAMEALmp
3QMEBbmpwDANBgkqhkiG9w0BAQsFAAOCAQEAb1ACKEXzPYiaJH9nfnh+UXuG6ijS
Bt4LG+8VVxx4w/TSnFCYIlpu8K7rHK1nMcanF5advOITpxEQv3ndEVnPszIlw41I
NnJ2KEDtFo5lbJ1tcPvR3u0Xwyw4E3f8LKRNgkbVD8ryuW6PMhknhjNDceTOK+6s
NDnzICQ8H0A0P3Rhive/sk0auBIVsDV/0VREbVJvP717XxHtbSnWfodr5RGf9X2E
UEkBsiyf+f11kvdD2vWHCZEFUljgpI5z6zZBF5OqV76XQh+GjJSRl0yj4+63093b
MEyA8xvb/GYhlf/LLXJWRXIXWSqtKa/TjCmv3hYia2lIj4dZudck3Erc9A==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:50:09 2024 by rpki-client on console-fra.rpki-client.org