Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/a66a29-51cc-4ba9-884f-f17613ea49e7/1/nBGYXkB9jtgvI53FHWAFCNP-Nhs.roa
File: nBGYXkB9jtgvI53FHWAFCNP-Nhs.roa (raw, json)
Hash identifier: ZDavmjJdQpHrbhtsNef6Fa76jzOpA4E5yoA56ASNAI0=
Subject key identifier: 9C:11:98:5E:40:7D:8E:D8:2F:23:9D:C5:1D:60:05:08:D3:FE:36:1B
Certificate issuer: /CN=11dd0ebff5ba38a8758b794d04d62905194a3266
Certificate serial: 018729A67C5D70262AF338A18F5CD3AB2A40
Authority key identifier: 11:DD:0E:BF:F5:BA:38:A8:75:8B:79:4D:04:D6:29:05:19:4A:32:66
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ed0Ov_W6OKh1i3lNBNYpBRlKMmY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/a66a29-51cc-4ba9-884f-f17613ea49e7/1/nBGYXkB9jtgvI53FHWAFCNP-Nhs.roa
Signing time: Tue 28 Mar 2023 19:16:29 +0000
ROA not before: Tue 28 Mar 2023 19:16:29 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 206505
IP address blocks: 46.20.100.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:29:a6:7c:5d:70:26:2a:f3:38:a1:8f:5c:d3:ab:2a:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=11dd0ebff5ba38a8758b794d04d62905194a3266
Validity
Not Before: Mar 28 19:16:29 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9c11985e407d8ed82f239dc51d600508d3fe361b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:db:95:20:96:f2:ac:8b:6a:cc:33:f8:99:35:
6a:6f:bd:ea:24:c9:02:f8:49:12:60:df:62:c0:67:
22:c0:ac:9a:b7:47:d5:ea:85:33:d6:62:c6:5f:d6:
fd:88:d1:66:32:55:a3:49:cb:bd:d9:f2:4e:a8:c8:
3d:54:48:11:6e:27:65:b9:68:e6:7f:53:a2:22:66:
e1:d2:dd:63:94:a0:25:e5:80:97:70:41:9d:b8:70:
22:50:a4:54:6e:ba:e4:d2:5f:af:76:e8:c2:7e:5f:
a8:f9:ca:83:c6:a2:35:c4:eb:e3:9a:e6:2a:85:fd:
60:b6:92:54:fb:0a:1e:92:b2:35:b6:ba:f0:a4:4b:
39:64:f5:5d:19:f3:4b:39:19:ac:3b:50:32:31:d8:
f5:31:44:18:cb:45:36:a6:f0:ad:7a:f1:2b:a9:d4:
87:5a:ba:46:fa:6f:cb:3c:53:8e:c1:bf:85:9d:d1:
19:e6:e2:35:7a:7e:e2:02:f3:bf:63:24:9c:3e:78:
8f:b1:41:3e:9f:fa:d7:a5:57:9a:85:64:58:49:17:
90:bd:07:66:c6:02:1d:82:a7:78:5a:2c:62:fb:85:
2a:fd:82:08:f5:5f:bf:40:05:36:3c:b7:fe:ae:d4:
70:d3:42:a0:b1:e5:76:41:07:7d:4b:3e:04:77:88:
8f:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:11:98:5E:40:7D:8E:D8:2F:23:9D:C5:1D:60:05:08:D3:FE:36:1B
X509v3 Authority Key Identifier:
keyid:11:DD:0E:BF:F5:BA:38:A8:75:8B:79:4D:04:D6:29:05:19:4A:32:66
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ed0Ov_W6OKh1i3lNBNYpBRlKMmY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/a66a29-51cc-4ba9-884f-f17613ea49e7/1/nBGYXkB9jtgvI53FHWAFCNP-Nhs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/a66a29-51cc-4ba9-884f-f17613ea49e7/1/Ed0Ov_W6OKh1i3lNBNYpBRlKMmY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.20.100.0/24
Signature Algorithm: sha256WithRSAEncryption
36:80:9f:cb:47:fa:e2:33:e4:d9:be:0d:47:85:69:74:38:bb:
d6:56:1b:2c:98:69:fb:6f:a5:76:f5:90:8e:5c:c1:9d:85:4b:
45:27:9b:af:1b:7d:4e:cb:d7:da:47:54:79:70:db:62:9f:51:
d1:a9:21:ad:8f:c8:47:30:17:2d:ff:5b:24:e9:23:37:7a:3b:
fe:9c:da:53:d4:73:44:b3:d9:ec:42:04:35:b2:3e:0f:80:d9:
73:04:35:d6:9e:70:9d:a2:a6:2e:7d:ab:dc:7b:c5:c3:c6:a5:
8c:8a:99:a4:d9:a5:6d:bd:d2:c0:ee:d9:b9:13:d8:d8:d0:f0:
2a:90:e3:0d:07:11:02:80:c1:1e:d4:5d:8d:10:3f:7f:42:5f:
34:f2:6a:dd:d5:5e:fe:e3:6a:d7:8e:d9:ee:92:b2:d3:e2:44:
79:ed:0c:44:db:3d:0b:24:9b:43:0e:92:3e:b7:48:80:1c:6f:
fd:5c:5d:bc:6e:e0:f4:2c:1f:40:ba:b5:21:ad:eb:69:c2:b5:
ff:f9:88:38:14:13:b6:88:9d:2c:a8:8e:e9:86:b5:45:59:74:
01:57:50:bd:32:e4:2d:79:c9:d3:6f:bc:cd:d9:cb:4f:6c:22:
e5:2f:2e:f8:47:54:7a:92:9c:71:d2:79:d6:c3:33:e4:be:a2:
d8:a4:90:6a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYcppnxdcCYq8zihj1zTqypAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDExZGQwZWJmZjViYTM4YTg3NThiNzk0ZDA0ZDYyOTA1MTk0
YTMyNjYwHhcNMjMwMzI4MTkxNjI5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YzExOTg1ZTQwN2Q4ZWQ4MmYyMzlkYzUxZDYwMDUwOGQzZmUzNjFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2NuVIJbyrItqzDP4mTVqb73qJMkC
+EkSYN9iwGciwKyat0fV6oUz1mLGX9b9iNFmMlWjScu92fJOqMg9VEgRbidluWjm
f1OiImbh0t1jlKAl5YCXcEGduHAiUKRUbrrk0l+vdujCfl+o+cqDxqI1xOvjmuYq
hf1gtpJU+woekrI1trrwpEs5ZPVdGfNLORmsO1AyMdj1MUQYy0U2pvCtevErqdSH
WrpG+m/LPFOOwb+FndEZ5uI1en7iAvO/YyScPniPsUE+n/rXpVeahWRYSReQvQdm
xgIdgqd4Wixi+4Uq/YII9V+/QAU2PLf+rtRw00KgseV2QQd9Sz4Ed4iP2wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJwRmF5AfY7YLyOdxR1gBQjT/jYbMB8GA1UdIwQY
MBaAFBHdDr/1ujiodYt5TQTWKQUZSjJmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRWQwT3ZfVzZPS2gxaTNsTkJOWXBCUmxLTW1ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC9hNjZhMjktNTFjYy00YmE5LTg4NGYt
ZjE3NjEzZWE0OWU3LzEvbkJHWVhrQjlqdGd2STUzRkhXQUZDTlAtTmhzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC9hNjZhMjktNTFjYy00YmE5LTg4NGYtZjE3NjEzZWE0OWU3
LzEvRWQwT3ZfVzZPS2gxaTNsTkJOWXBCUmxLTW1ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALhRkMA0G
CSqGSIb3DQEBCwUAA4IBAQA2gJ/LR/riM+TZvg1HhWl0OLvWVhssmGn7b6V29ZCO
XMGdhUtFJ5uvG31Oy9faR1R5cNtin1HRqSGtj8hHMBct/1sk6SM3ejv+nNpT1HNE
s9nsQgQ1sj4PgNlzBDXWnnCdoqYufavce8XDxqWMipmk2aVtvdLA7tm5E9jY0PAq
kOMNBxECgMEe1F2NED9/Ql808mrd1V7+42rXjtnukrLT4kR57QxE2z0LJJtDDpI+
t0iAHG/9XF28buD0LB9AurUhretpwrX/+Yg4FBO2iJ0sqI7phrVFWXQBV1C9MuQt
ecnTb7zN2ctPbCLlLy74R1R6kpxx0nnWwzPkvqLYpJBq
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:38:59 2024 by rpki-client on console-ams.rpki-client.org