Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/a66a29-51cc-4ba9-884f-f17613ea49e7/1/qmA6ynpPpq-EfmWtpPkQi903EH0.roa
File: qmA6ynpPpq-EfmWtpPkQi903EH0.roa (raw, json)
Hash identifier: fgQz8O6Rif3NzZK7Q7gztA/YaFyNcrtkMrwywOXcdqM=
Subject key identifier: AA:60:3A:CA:7A:4F:A6:AF:84:7E:65:AD:A4:F9:10:8B:DD:37:10:7D
Certificate issuer: /CN=11dd0ebff5ba38a8758b794d04d62905194a3266
Certificate serial: 0181F439FE95C4ADB29C22CDC5B110BFFFBA
Authority key identifier: 11:DD:0E:BF:F5:BA:38:A8:75:8B:79:4D:04:D6:29:05:19:4A:32:66
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ed0Ov_W6OKh1i3lNBNYpBRlKMmY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/a66a29-51cc-4ba9-884f-f17613ea49e7/1/qmA6ynpPpq-EfmWtpPkQi903EH0.roa
Signing time: Tue 12 Jul 2022 21:04:10 +0000
ROA not before: Tue 12 Jul 2022 21:04:10 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 49999
IP address blocks: 46.20.96.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:81:f4:39:fe:95:c4:ad:b2:9c:22:cd:c5:b1:10:bf:ff:ba
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=11dd0ebff5ba38a8758b794d04d62905194a3266
Validity
Not Before: Jul 12 21:04:10 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=aa603aca7a4fa6af847e65ada4f9108bdd37107d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:8e:a6:a1:c4:fa:e1:6e:75:96:60:7d:09:2a:
95:60:2c:f5:cb:23:31:52:dd:96:8b:27:ea:29:00:
34:0e:79:52:7a:c4:ee:88:65:ca:42:16:8e:3c:49:
89:23:16:e3:45:12:8b:54:ed:8b:16:52:7b:6e:5e:
12:7c:46:1f:ce:6e:43:86:e6:e4:16:82:2d:cf:e6:
0b:63:b9:b6:3c:5f:b2:c1:c4:d6:da:60:30:df:2a:
2d:7b:8f:9f:44:20:5e:05:e1:a0:4f:66:7a:e2:96:
25:8e:e7:31:c1:7c:aa:5d:7c:ed:cd:56:2f:b8:c8:
ee:f5:53:3e:2e:83:21:9f:84:f0:aa:7e:f0:ab:24:
af:54:90:b9:1c:9f:da:df:df:18:1d:3b:75:de:34:
35:4e:aa:62:1d:1b:de:cd:30:1e:70:a7:b5:4a:a1:
89:c1:0b:38:b7:83:a8:99:c6:ec:d7:60:ee:2f:a2:
4f:71:07:a4:b0:ff:4e:41:25:bf:6b:fd:cb:6e:6a:
7f:3f:b8:0f:da:38:c0:27:3d:1c:7b:fc:f6:7d:18:
54:a3:28:42:de:64:ef:86:f8:d5:4a:3b:0f:74:1d:
96:4b:3f:f4:c7:6f:23:91:4a:46:5f:a6:c8:0b:53:
73:73:1b:30:e8:b2:b4:2b:2c:28:cb:7b:4f:61:5a:
4f:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:60:3A:CA:7A:4F:A6:AF:84:7E:65:AD:A4:F9:10:8B:DD:37:10:7D
X509v3 Authority Key Identifier:
keyid:11:DD:0E:BF:F5:BA:38:A8:75:8B:79:4D:04:D6:29:05:19:4A:32:66
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ed0Ov_W6OKh1i3lNBNYpBRlKMmY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/a66a29-51cc-4ba9-884f-f17613ea49e7/1/qmA6ynpPpq-EfmWtpPkQi903EH0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/a66a29-51cc-4ba9-884f-f17613ea49e7/1/Ed0Ov_W6OKh1i3lNBNYpBRlKMmY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.20.96.0/24
Signature Algorithm: sha256WithRSAEncryption
29:9c:86:30:e6:95:14:96:20:31:73:d8:39:82:2f:96:50:61:
8c:5c:ad:da:40:50:80:fb:6d:7a:66:f1:5c:33:5a:00:c9:45:
cb:de:09:89:a7:ec:cb:ba:eb:2f:b6:32:fa:b1:21:0a:1b:75:
02:13:9f:39:4b:81:d9:04:26:39:35:ec:23:31:c9:91:8f:e3:
ed:af:6d:64:1d:fa:16:d9:2b:11:c2:87:91:eb:de:e9:03:96:
dc:1f:99:dc:d7:ac:a4:be:7f:f1:ed:87:7e:18:3c:e3:d6:e0:
0b:03:bc:4d:da:a0:01:07:cb:9b:e3:85:94:7e:5f:94:3c:ff:
bb:25:45:aa:eb:a0:74:e9:ce:2d:30:7b:e2:62:67:ac:92:d3:
5e:1e:59:7c:21:56:a6:54:79:e9:78:ae:9f:da:50:b0:b2:25:
85:5f:c5:9a:a2:27:bc:b4:dc:cd:70:32:0a:96:f8:56:d1:70:
5f:39:bd:23:b9:a0:86:80:4d:26:3a:67:1b:66:b6:c5:2b:b5:
fd:a0:14:74:0f:f7:15:2f:50:18:98:33:d6:8e:5b:5d:1f:04:
2a:4c:35:42:78:28:9f:80:01:9a:c3:13:1c:14:ba:c4:0d:00:
ad:f8:7c:0b:26:55:c3:f4:b2:49:0f:bf:e8:ae:c1:4f:1a:a3:
9a:83:b3:b2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYH0Of6VxK2ynCLNxbEQv/+6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDExZGQwZWJmZjViYTM4YTg3NThiNzk0ZDA0ZDYyOTA1MTk0
YTMyNjYwHhcNMjIwNzEyMjEwNDEwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYTYwM2FjYTdhNGZhNmFmODQ3ZTY1YWRhNGY5MTA4YmRkMzcxMDdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvY6mocT64W51lmB9CSqVYCz1yyMx
Ut2WiyfqKQA0DnlSesTuiGXKQhaOPEmJIxbjRRKLVO2LFlJ7bl4SfEYfzm5Dhubk
FoItz+YLY7m2PF+ywcTW2mAw3yote4+fRCBeBeGgT2Z64pYljucxwXyqXXztzVYv
uMju9VM+LoMhn4Twqn7wqySvVJC5HJ/a398YHTt13jQ1TqpiHRvezTAecKe1SqGJ
wQs4t4Oomcbs12DuL6JPcQeksP9OQSW/a/3Lbmp/P7gP2jjAJz0ce/z2fRhUoyhC
3mTvhvjVSjsPdB2WSz/0x28jkUpGX6bIC1Nzcxsw6LK0Kywoy3tPYVpPyQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKpgOsp6T6avhH5lraT5EIvdNxB9MB8GA1UdIwQY
MBaAFBHdDr/1ujiodYt5TQTWKQUZSjJmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRWQwT3ZfVzZPS2gxaTNsTkJOWXBCUmxLTW1ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC9hNjZhMjktNTFjYy00YmE5LTg4NGYt
ZjE3NjEzZWE0OWU3LzEvcW1BNnlucFBwcS1FZm1XdHBQa1FpOTAzRUgwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC9hNjZhMjktNTFjYy00YmE5LTg4NGYtZjE3NjEzZWE0OWU3
LzEvRWQwT3ZfVzZPS2gxaTNsTkJOWXBCUmxLTW1ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALhRgMA0G
CSqGSIb3DQEBCwUAA4IBAQApnIYw5pUUliAxc9g5gi+WUGGMXK3aQFCA+216ZvFc
M1oAyUXL3gmJp+zLuusvtjL6sSEKG3UCE585S4HZBCY5NewjMcmRj+Ptr21kHfoW
2SsRwoeR697pA5bcH5nc16ykvn/x7Yd+GDzj1uALA7xN2qABB8ub44WUfl+UPP+7
JUWq66B06c4tMHviYmesktNeHll8IVamVHnpeK6f2lCwsiWFX8Waoie8tNzNcDIK
lvhW0XBfOb0juaCGgE0mOmcbZrbFK7X9oBR0D/cVL1AYmDPWjltdHwQqTDVCeCif
gAGawxMcFLrEDQCt+HwLJlXD9LJJD7/orsFPGqOag7Oy
-----END CERTIFICATE-----
Generated at Thu Mar 13 20:05:26 2025 by rpki-client