Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/a66a29-51cc-4ba9-884f-f17613ea49e7/1/vUjf3Wok3IwNiqHXQ6g3Il46UtU.roa
File: vUjf3Wok3IwNiqHXQ6g3Il46UtU.roa (raw, json)
Hash identifier: ifHYK9TsrJomYNqkD3QYJS8qUOl5ChTsPdGniS6ZaUk=
Subject key identifier: BD:48:DF:DD:6A:24:DC:8C:0D:8A:A1:D7:43:A8:37:22:5E:3A:52:D5
Certificate issuer: /CN=11dd0ebff5ba38a8758b794d04d62905194a3266
Certificate serial: 0186FB51CC108E677CC2C29A9DF9C3EB964F
Authority key identifier: 11:DD:0E:BF:F5:BA:38:A8:75:8B:79:4D:04:D6:29:05:19:4A:32:66
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ed0Ov_W6OKh1i3lNBNYpBRlKMmY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/a66a29-51cc-4ba9-884f-f17613ea49e7/1/vUjf3Wok3IwNiqHXQ6g3Il46UtU.roa
Signing time: Sun 19 Mar 2023 19:21:27 +0000
ROA not before: Sun 19 Mar 2023 19:21:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 46.20.100.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:fb:51:cc:10:8e:67:7c:c2:c2:9a:9d:f9:c3:eb:96:4f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=11dd0ebff5ba38a8758b794d04d62905194a3266
Validity
Not Before: Mar 19 19:21:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bd48dfdd6a24dc8c0d8aa1d743a837225e3a52d5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:ec:d0:fb:52:6a:27:a7:a5:b8:b2:c1:ab:66:
ab:26:36:82:fa:60:a2:5d:87:15:b8:0f:fc:34:1b:
02:71:ae:68:95:9a:0c:c6:b4:64:6f:e0:3e:df:22:
ff:30:54:d2:0d:ea:70:3e:ac:bc:c2:b2:33:b9:b7:
2c:35:a5:3b:3b:d7:b0:a5:bf:98:df:33:6b:59:08:
3a:b6:64:b9:da:70:e6:48:46:ad:cb:86:d2:c6:16:
69:69:52:e5:dc:00:f7:ac:27:c3:4c:76:f5:a9:7f:
dd:c3:7d:a8:95:5d:86:87:3e:70:42:1d:81:2d:99:
8a:48:d0:b1:6a:fc:93:25:e4:d6:21:b1:ea:26:9b:
57:9e:b4:f9:ec:7c:91:1d:ec:3a:81:7f:c8:f2:78:
c3:cf:1b:76:5b:e1:2c:af:12:75:ff:06:b9:ff:09:
20:40:2b:92:f6:71:8a:25:cb:46:f1:b3:9e:eb:3d:
a1:67:6d:4b:cb:cb:0a:9a:5f:ab:2e:dc:2d:cd:41:
9f:b9:76:d6:29:3f:c6:bd:9c:b5:dc:14:52:ee:0e:
c5:fc:d9:a0:f7:8e:ab:e0:de:75:7b:bf:13:7a:cc:
9e:3a:47:37:ac:88:0e:fa:27:1f:c2:51:2a:75:42:
b5:f6:7e:b3:8f:50:b9:4a:69:54:cb:95:de:bc:1e:
ec:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:48:DF:DD:6A:24:DC:8C:0D:8A:A1:D7:43:A8:37:22:5E:3A:52:D5
X509v3 Authority Key Identifier:
keyid:11:DD:0E:BF:F5:BA:38:A8:75:8B:79:4D:04:D6:29:05:19:4A:32:66
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ed0Ov_W6OKh1i3lNBNYpBRlKMmY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/a66a29-51cc-4ba9-884f-f17613ea49e7/1/vUjf3Wok3IwNiqHXQ6g3Il46UtU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/a66a29-51cc-4ba9-884f-f17613ea49e7/1/Ed0Ov_W6OKh1i3lNBNYpBRlKMmY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.20.100.0/24
Signature Algorithm: sha256WithRSAEncryption
c4:a4:f6:6c:be:0c:8d:04:98:ab:c6:d8:1d:5e:23:a6:63:63:
ee:cd:fa:fa:89:a0:22:f9:5a:06:50:08:e0:7a:25:c1:5f:d7:
dd:e1:3b:c7:75:c0:1c:36:73:09:ee:08:5b:c0:15:a0:8b:af:
f6:56:ff:e7:92:e1:35:bc:fc:1f:56:e6:a2:f7:87:35:b0:60:
dc:42:41:a5:0a:55:6f:60:46:ef:8c:71:70:52:c3:f4:e6:4a:
f5:2d:0f:e3:86:50:2f:7c:ae:4e:47:b6:d0:67:3d:ca:5f:a7:
51:bb:80:ff:c9:58:e4:d8:05:b5:6c:46:99:b4:76:33:ea:25:
83:97:7e:07:65:4c:d6:04:d3:28:7b:f1:6e:5d:27:0f:0e:c1:
e9:ae:09:d7:2b:68:a5:b0:9e:e5:0f:58:3b:76:42:dd:a4:31:
33:83:ef:0d:85:fa:99:51:f6:46:cb:2e:6e:67:2f:d5:a7:86:
50:fa:36:5f:c7:d5:ee:d9:a6:62:c1:4f:68:45:f0:0b:ae:82:
df:6e:07:71:f8:1d:6c:fe:50:ae:26:0b:b2:d3:2e:c7:d4:d6:
e7:7e:4c:58:4d:82:3a:d2:af:b8:ad:92:ea:44:ed:f9:f7:e4:
2a:3f:3e:d2:f3:ee:63:05:a5:43:c3:57:cf:07:3d:16:10:d8:
88:ee:84:51
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYb7UcwQjmd8wsKanfnD65ZPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDExZGQwZWJmZjViYTM4YTg3NThiNzk0ZDA0ZDYyOTA1MTk0
YTMyNjYwHhcNMjMwMzE5MTkyMTI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZDQ4ZGZkZDZhMjRkYzhjMGQ4YWExZDc0M2E4MzcyMjVlM2E1MmQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnuzQ+1JqJ6eluLLBq2arJjaC+mCi
XYcVuA/8NBsCca5olZoMxrRkb+A+3yL/MFTSDepwPqy8wrIzubcsNaU7O9ewpb+Y
3zNrWQg6tmS52nDmSEaty4bSxhZpaVLl3AD3rCfDTHb1qX/dw32olV2Ghz5wQh2B
LZmKSNCxavyTJeTWIbHqJptXnrT57HyRHew6gX/I8njDzxt2W+EsrxJ1/wa5/wkg
QCuS9nGKJctG8bOe6z2hZ21Ly8sKml+rLtwtzUGfuXbWKT/GvZy13BRS7g7F/Nmg
946r4N51e78TesyeOkc3rIgO+icfwlEqdUK19n6zj1C5SmlUy5XevB7sqQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFL1I391qJNyMDYqh10OoNyJeOlLVMB8GA1UdIwQY
MBaAFBHdDr/1ujiodYt5TQTWKQUZSjJmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRWQwT3ZfVzZPS2gxaTNsTkJOWXBCUmxLTW1ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC9hNjZhMjktNTFjYy00YmE5LTg4NGYt
ZjE3NjEzZWE0OWU3LzEvdlVqZjNXb2szSXdOaXFIWFE2ZzNJbDQ2VXRVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC9hNjZhMjktNTFjYy00YmE5LTg4NGYtZjE3NjEzZWE0OWU3
LzEvRWQwT3ZfVzZPS2gxaTNsTkJOWXBCUmxLTW1ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALhRkMA0G
CSqGSIb3DQEBCwUAA4IBAQDEpPZsvgyNBJirxtgdXiOmY2Puzfr6iaAi+VoGUAjg
eiXBX9fd4TvHdcAcNnMJ7ghbwBWgi6/2Vv/nkuE1vPwfVuai94c1sGDcQkGlClVv
YEbvjHFwUsP05kr1LQ/jhlAvfK5OR7bQZz3KX6dRu4D/yVjk2AW1bEaZtHYz6iWD
l34HZUzWBNMoe/FuXScPDsHprgnXK2ilsJ7lD1g7dkLdpDEzg+8NhfqZUfZGyy5u
Zy/Vp4ZQ+jZfx9Xu2aZiwU9oRfALroLfbgdx+B1s/lCuJguy0y7H1NbnfkxYTYI6
0q+4rZLqRO359+QqPz7S8+5jBaVDw1fPBz0WENiI7oRR
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:50:09 2024 by rpki-client on console-fra.rpki-client.org