Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/a66a29-51cc-4ba9-884f-f17613ea49e7/1/rCEDYoAyosYAHz_mJNBhcVv812Y.roa
File: rCEDYoAyosYAHz_mJNBhcVv812Y.roa (raw, json)
Hash identifier: 0L2OjtLplfTZB2RdVRchWEDenOg0fXtknt08wmyJOf4=
Subject key identifier: AC:21:03:62:80:32:A2:C6:00:1F:3F:E6:24:D0:61:71:5B:FC:D7:66
Certificate issuer: /CN=11dd0ebff5ba38a8758b794d04d62905194a3266
Certificate serial: 01856D2F3480F7539B5AEDCD23D953E07573
Authority key identifier: 11:DD:0E:BF:F5:BA:38:A8:75:8B:79:4D:04:D6:29:05:19:4A:32:66
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ed0Ov_W6OKh1i3lNBNYpBRlKMmY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/a66a29-51cc-4ba9-884f-f17613ea49e7/1/rCEDYoAyosYAHz_mJNBhcVv812Y.roa
Signing time: Sun 01 Jan 2023 11:54:48 +0000
ROA not before: Sun 01 Jan 2023 11:54:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211237
IP address blocks: 46.20.100.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:2f:34:80:f7:53:9b:5a:ed:cd:23:d9:53:e0:75:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=11dd0ebff5ba38a8758b794d04d62905194a3266
Validity
Not Before: Jan 1 11:54:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ac2103628032a2c6001f3fe624d061715bfcd766
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:1a:47:85:19:7b:78:7c:32:4f:7e:f6:86:29:
a2:b7:7d:be:d9:c5:02:25:25:66:d4:b1:55:79:d4:
f4:9f:40:4c:95:ef:b5:a3:94:de:08:ec:92:e2:c7:
79:7c:97:87:ed:f0:c0:54:5f:40:7a:42:ee:89:32:
d7:d1:21:ee:e4:1d:1a:98:b7:1a:50:5b:14:50:2b:
52:86:f1:1f:52:4e:ee:20:23:f4:05:6b:07:20:a2:
7e:38:e0:ed:10:c8:69:64:35:f4:9b:b3:65:f4:d8:
95:ad:ee:78:44:fb:15:52:b9:69:07:80:3b:40:84:
fa:48:f5:00:01:71:c9:59:ef:bf:d0:74:95:0d:27:
5e:66:e1:4d:da:53:d4:8b:1a:9f:f4:58:7f:60:49:
9b:0e:77:01:c5:4a:e6:98:9f:29:2f:e1:d2:c7:fe:
2b:7a:80:95:b3:14:53:28:41:72:67:a3:79:45:1b:
6d:d2:6b:1f:b9:3a:aa:4a:f1:40:2f:a3:04:b1:4a:
15:79:51:e7:50:a3:39:e3:a9:c2:08:0c:eb:42:df:
23:ae:f1:23:4f:6e:f7:70:09:c6:73:2e:d9:c7:92:
c5:3b:e1:a9:61:60:ee:18:fa:68:ef:b0:1a:c5:f1:
c2:f5:f8:0d:23:ee:0a:85:16:28:35:f3:f3:a0:1b:
68:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:21:03:62:80:32:A2:C6:00:1F:3F:E6:24:D0:61:71:5B:FC:D7:66
X509v3 Authority Key Identifier:
keyid:11:DD:0E:BF:F5:BA:38:A8:75:8B:79:4D:04:D6:29:05:19:4A:32:66
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ed0Ov_W6OKh1i3lNBNYpBRlKMmY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/a66a29-51cc-4ba9-884f-f17613ea49e7/1/rCEDYoAyosYAHz_mJNBhcVv812Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/a66a29-51cc-4ba9-884f-f17613ea49e7/1/Ed0Ov_W6OKh1i3lNBNYpBRlKMmY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.20.100.0/24
Signature Algorithm: sha256WithRSAEncryption
90:b3:7c:4f:5d:ff:94:df:f0:9a:60:a4:4d:13:03:01:e7:ae:
55:75:63:43:ba:85:b3:8e:35:fa:06:a5:40:0a:8c:c4:59:e0:
ee:4d:18:43:d3:f8:c1:51:e6:ef:ac:d8:4e:ea:ce:71:ba:29:
92:c4:6b:3d:ee:27:51:5b:b3:0f:78:3f:cd:16:2c:3b:7f:07:
3f:52:0e:1e:78:dc:38:1f:97:80:0d:ec:f4:b3:16:1a:5f:66:
5d:6e:d0:f7:54:62:a4:db:17:63:cb:b6:cc:04:fe:c4:58:42:
fa:f5:9d:e4:62:58:51:54:e5:af:94:33:58:d6:bf:1a:2b:da:
36:3f:3a:09:1d:08:54:df:95:92:79:64:17:9c:23:77:ef:30:
9c:0e:fd:2c:b8:bf:9f:f5:b3:23:28:cc:0b:d1:b0:6e:b0:e6:
a8:8b:0a:82:44:a3:d5:83:c6:90:c2:cf:aa:db:84:84:51:1e:
62:af:ce:7d:d2:9d:cd:01:47:aa:03:b2:e9:81:a7:37:5b:97:
d5:14:ce:81:25:34:dd:08:d8:15:29:aa:e7:59:8e:2f:32:0b:
00:d6:b9:b3:2d:f9:9f:d3:0d:77:7c:d9:c6:16:c1:c0:8e:3f:
2b:c7:30:dc:a4:d4:8c:03:b7:1a:a1:44:9c:96:f2:4d:fe:96:
de:9e:7e:07
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtLzSA91ObWu3NI9lT4HVzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDExZGQwZWJmZjViYTM4YTg3NThiNzk0ZDA0ZDYyOTA1MTk0
YTMyNjYwHhcNMjMwMTAxMTE1NDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYzIxMDM2MjgwMzJhMmM2MDAxZjNmZTYyNGQwNjE3MTViZmNkNzY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtxpHhRl7eHwyT372himit32+2cUC
JSVm1LFVedT0n0BMle+1o5TeCOyS4sd5fJeH7fDAVF9AekLuiTLX0SHu5B0amLca
UFsUUCtShvEfUk7uICP0BWsHIKJ+OODtEMhpZDX0m7Nl9NiVre54RPsVUrlpB4A7
QIT6SPUAAXHJWe+/0HSVDSdeZuFN2lPUixqf9Fh/YEmbDncBxUrmmJ8pL+HSx/4r
eoCVsxRTKEFyZ6N5RRtt0msfuTqqSvFAL6MEsUoVeVHnUKM546nCCAzrQt8jrvEj
T273cAnGcy7Zx5LFO+GpYWDuGPpo77AaxfHC9fgNI+4KhRYoNfPzoBtoHwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKwhA2KAMqLGAB8/5iTQYXFb/NdmMB8GA1UdIwQY
MBaAFBHdDr/1ujiodYt5TQTWKQUZSjJmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRWQwT3ZfVzZPS2gxaTNsTkJOWXBCUmxLTW1ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC9hNjZhMjktNTFjYy00YmE5LTg4NGYt
ZjE3NjEzZWE0OWU3LzEvckNFRFlvQXlvc1lBSHpfbUpOQmhjVnY4MTJZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC9hNjZhMjktNTFjYy00YmE5LTg4NGYtZjE3NjEzZWE0OWU3
LzEvRWQwT3ZfVzZPS2gxaTNsTkJOWXBCUmxLTW1ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALhRkMA0G
CSqGSIb3DQEBCwUAA4IBAQCQs3xPXf+U3/CaYKRNEwMB565VdWNDuoWzjjX6BqVA
CozEWeDuTRhD0/jBUebvrNhO6s5xuimSxGs97idRW7MPeD/NFiw7fwc/Ug4eeNw4
H5eADez0sxYaX2ZdbtD3VGKk2xdjy7bMBP7EWEL69Z3kYlhRVOWvlDNY1r8aK9o2
PzoJHQhU35WSeWQXnCN37zCcDv0suL+f9bMjKMwL0bBusOaoiwqCRKPVg8aQws+q
24SEUR5ir8590p3NAUeqA7Lpgac3W5fVFM6BJTTdCNgVKarnWY4vMgsA1rmzLfmf
0w13fNnGFsHAjj8rxzDcpNSMA7caoUSclvJN/pbenn4H
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:27:29 2025 by rpki-client