Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/a66a29-51cc-4ba9-884f-f17613ea49e7/1/k1tVIogI8cO1x_Ikeq0p73nmktE.roa
File: k1tVIogI8cO1x_Ikeq0p73nmktE.roa (raw, json)
Hash identifier: ZuHiON21X50tTY33AZD+45kSzu/2RCwcY+mQG/eui18=
Subject key identifier: 93:5B:55:22:88:08:F1:C3:B5:C7:F2:24:7A:AD:29:EF:79:E6:92:D1
Certificate issuer: /CN=11dd0ebff5ba38a8758b794d04d62905194a3266
Certificate serial: 018226DE0EC42EFE13600AF293E4EE455A1B
Authority key identifier: 11:DD:0E:BF:F5:BA:38:A8:75:8B:79:4D:04:D6:29:05:19:4A:32:66
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ed0Ov_W6OKh1i3lNBNYpBRlKMmY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/a66a29-51cc-4ba9-884f-f17613ea49e7/1/k1tVIogI8cO1x_Ikeq0p73nmktE.roa
Signing time: Fri 22 Jul 2022 17:04:23 +0000
ROA not before: Fri 22 Jul 2022 17:04:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 34458
IP address blocks: 46.20.108.0/24 maxlen: 24
46.20.106.0/24 maxlen: 24
46.20.111.0/24 maxlen: 24
46.20.110.0/24 maxlen: 24
46.20.97.0/24 maxlen: 24
46.20.104.0/24 maxlen: 24
46.20.105.0/24 maxlen: 24
46.20.100.0/24 maxlen: 24
46.20.101.0/24 maxlen: 24
185.160.194.0/24 maxlen: 24
185.100.170.0/24 maxlen: 24
185.100.171.0/24 maxlen: 24
185.100.168.0/24 maxlen: 24
185.100.169.0/24 maxlen: 24
185.169.222.0/24 maxlen: 24
185.169.221.0/24 maxlen: 24
185.169.223.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:26:de:0e:c4:2e:fe:13:60:0a:f2:93:e4:ee:45:5a:1b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=11dd0ebff5ba38a8758b794d04d62905194a3266
Validity
Not Before: Jul 22 17:04:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=935b55228808f1c3b5c7f2247aad29ef79e692d1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:f4:01:29:ba:92:af:5f:05:0a:68:91:02:e7:
57:e8:3f:2b:81:65:76:b8:19:ab:7a:59:bd:ce:cc:
4f:b5:3b:fa:45:87:87:0b:c1:a8:3c:22:7b:aa:f7:
e2:5f:71:5a:8f:99:ed:ba:32:f8:01:b6:aa:94:d3:
7a:51:cc:56:4c:9d:26:43:b0:3e:fa:e0:6d:43:29:
ab:e6:5a:ba:aa:41:4e:3f:7d:d3:6f:ff:53:ba:c5:
02:86:d2:8a:2b:49:dd:e1:73:58:b1:ad:9c:cc:3d:
86:65:8e:eb:ad:a7:bd:bc:96:b0:fd:a3:94:0e:7b:
0c:b1:2b:e5:ca:b5:99:4f:cd:35:17:45:9a:c3:e2:
9b:35:23:0b:ee:de:38:7c:20:6b:bc:7d:84:fa:bf:
68:0b:37:ef:51:32:8b:0e:7c:2b:3c:22:46:4e:0a:
57:06:18:73:c1:73:42:e5:57:3e:a1:28:c6:4e:38:
a8:8f:fb:63:97:80:6c:8c:91:7b:c5:66:fc:87:df:
38:fa:ab:57:b5:ff:04:77:ba:7a:e8:f0:01:61:e6:
94:4f:d6:8d:3d:a0:4e:65:4f:5c:d9:b2:20:4b:2f:
aa:a9:95:c3:2d:a9:b6:9f:2f:e7:77:89:c4:51:86:
d3:2a:df:9c:8f:48:9b:a8:93:69:5e:5c:e9:c3:a7:
a5:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:5B:55:22:88:08:F1:C3:B5:C7:F2:24:7A:AD:29:EF:79:E6:92:D1
X509v3 Authority Key Identifier:
keyid:11:DD:0E:BF:F5:BA:38:A8:75:8B:79:4D:04:D6:29:05:19:4A:32:66
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ed0Ov_W6OKh1i3lNBNYpBRlKMmY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/a66a29-51cc-4ba9-884f-f17613ea49e7/1/k1tVIogI8cO1x_Ikeq0p73nmktE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/a66a29-51cc-4ba9-884f-f17613ea49e7/1/Ed0Ov_W6OKh1i3lNBNYpBRlKMmY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.20.97.0/24
46.20.100.0/23
46.20.104.0-46.20.106.255
46.20.108.0/24
46.20.110.0/23
185.100.168.0/22
185.160.194.0/24
185.169.221.0-185.169.223.255
Signature Algorithm: sha256WithRSAEncryption
41:f8:5f:fa:21:73:da:1a:13:d2:20:da:f9:a3:a1:0b:4c:b6:
a2:51:50:18:cc:9f:0e:4c:46:56:40:03:6c:2c:c6:09:7f:9b:
e9:93:05:61:12:fb:86:f8:b4:0d:81:4e:53:a1:90:75:e8:93:
10:a2:30:bb:aa:d9:74:2c:7c:01:bf:51:8c:74:5f:e7:78:d8:
a7:bb:a0:43:f2:23:b6:91:04:74:dd:2f:a2:91:0c:2d:13:95:
dc:0d:74:b8:5a:75:89:10:0f:f3:c6:97:ad:33:3b:f1:f4:02:
4c:b2:1a:62:2e:21:c1:65:38:03:03:41:20:a4:0f:59:56:ad:
7c:72:67:8b:d5:db:c4:ac:e1:ea:91:b8:e9:73:56:31:f3:16:
8c:c1:03:23:b3:b3:88:ab:ff:9a:79:6d:4a:b4:90:c2:01:8b:
aa:80:da:67:2e:1c:ee:e3:18:7f:fc:df:9a:8e:c1:5a:d5:e2:
71:b8:2e:71:10:ea:bd:55:49:a7:e0:b4:29:77:fc:80:11:1b:
79:98:88:d8:63:cb:8e:75:f1:a4:4e:5b:45:88:9c:8a:33:69:
db:9e:21:cd:81:1a:d5:8f:74:af:2c:73:38:28:6c:6d:f8:03:
2a:cc:40:5e:b0:c9:cf:73:c8:35:16:76:33:c3:69:83:64:fe:
00:0b:e2:97
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgISAYIm3g7ELv4TYAryk+TuRVobMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDExZGQwZWJmZjViYTM4YTg3NThiNzk0ZDA0ZDYyOTA1MTk0
YTMyNjYwHhcNMjIwNzIyMTcwNDIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MzViNTUyMjg4MDhmMWMzYjVjN2YyMjQ3YWFkMjllZjc5ZTY5MmQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtPQBKbqSr18FCmiRAudX6D8rgWV2
uBmrelm9zsxPtTv6RYeHC8GoPCJ7qvfiX3Faj5ntujL4AbaqlNN6UcxWTJ0mQ7A+
+uBtQymr5lq6qkFOP33Tb/9TusUChtKKK0nd4XNYsa2czD2GZY7rrae9vJaw/aOU
DnsMsSvlyrWZT801F0Waw+KbNSML7t44fCBrvH2E+r9oCzfvUTKLDnwrPCJGTgpX
BhhzwXNC5Vc+oSjGTjioj/tjl4BsjJF7xWb8h984+qtXtf8Ed7p66PABYeaUT9aN
PaBOZU9c2bIgSy+qqZXDLam2ny/nd4nEUYbTKt+cj0ibqJNpXlzpw6elSQIDAQAB
o4ICQzCCAj8wHQYDVR0OBBYEFJNbVSKICPHDtcfyJHqtKe955pLRMB8GA1UdIwQY
MBaAFBHdDr/1ujiodYt5TQTWKQUZSjJmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRWQwT3ZfVzZPS2gxaTNsTkJOWXBCUmxLTW1ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC9hNjZhMjktNTFjYy00YmE5LTg4NGYt
ZjE3NjEzZWE0OWU3LzEvazF0VklvZ0k4Y08xeF9Ja2VxMHA3M25ta3RFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC9hNjZhMjktNTFjYy00YmE5LTg4NGYtZjE3NjEzZWE0OWU3
LzEvRWQwT3ZfVzZPS2gxaTNsTkJOWXBCUmxLTW1ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFkGCCsGAQUFBwEHAQH/BEowSDBGBAIAATBAAwQALhRhAwQB
LhRkMAwDBAMuFGgDBAAuFGoDBAAuFGwDBAEuFG4DBAK5ZKgDBAC5oMIwDAMEALmp
3QMEBbmpwDANBgkqhkiG9w0BAQsFAAOCAQEAQfhf+iFz2hoT0iDa+aOhC0y2olFQ
GMyfDkxGVkADbCzGCX+b6ZMFYRL7hvi0DYFOU6GQdeiTEKIwu6rZdCx8Ab9RjHRf
53jYp7ugQ/IjtpEEdN0vopEMLROV3A10uFp1iRAP88aXrTM78fQCTLIaYi4hwWU4
AwNBIKQPWVatfHJni9XbxKzh6pG46XNWMfMWjMEDI7OziKv/mnltSrSQwgGLqoDa
Zy4c7uMYf/zfmo7BWtXicbgucRDqvVVJp+C0KXf8gBEbeZiI2GPLjnXxpE5bRYic
ijNp254hzYEa1Y90ryxzOChsbfgDKsxAXrDJz3PINRZ2M8Npg2T+AAvilw==
-----END CERTIFICATE-----
Generated at Thu Mar 13 20:10:42 2025 by rpki-client