Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/a66a29-51cc-4ba9-884f-f17613ea49e7/1/yeDziaUN8N_rHNS1Cb81KNqzaSk.roa
File: yeDziaUN8N_rHNS1Cb81KNqzaSk.roa (raw, json)
Hash identifier: iED+USg+7CPyexEqOfVxh/2Wi1ASvs/hzS8QHmjIOt4=
Subject key identifier: C9:E0:F3:89:A5:0D:F0:DF:EB:1C:D4:B5:09:BF:35:28:DA:B3:69:29
Certificate issuer: /CN=11dd0ebff5ba38a8758b794d04d62905194a3266
Certificate serial: 02203A21
Authority key identifier: 11:DD:0E:BF:F5:BA:38:A8:75:8B:79:4D:04:D6:29:05:19:4A:32:66
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ed0Ov_W6OKh1i3lNBNYpBRlKMmY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/a66a29-51cc-4ba9-884f-f17613ea49e7/1/yeDziaUN8N_rHNS1Cb81KNqzaSk.roa
Signing time: Sat 01 Jan 2022 10:00:01 +0000
ROA not before: Sat 01 Jan 2022 10:00:01 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 140570
IP address blocks: 46.20.96.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 35666465 (0x2203a21)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=11dd0ebff5ba38a8758b794d04d62905194a3266
Validity
Not Before: Jan 1 10:00:01 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c9e0f389a50df0dfeb1cd4b509bf3528dab36929
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f4:15:e2:5b:10:81:cf:4e:b6:b8:22:23:c8:7b:
04:11:fd:56:40:7a:99:4b:a3:a0:50:b9:28:55:36:
61:4a:72:73:6d:94:d4:d5:c6:2a:ee:b9:81:62:3b:
c7:4d:23:b3:24:32:82:36:92:3a:18:c6:46:bc:f1:
f1:f6:aa:6f:92:b4:50:4b:1a:a9:51:71:bb:71:a0:
93:c1:0b:48:12:4e:8a:f2:37:0f:52:07:eb:ff:c4:
cd:be:c4:cc:28:65:50:95:f6:7e:0e:c8:35:03:f4:
71:31:d6:b0:e5:0e:91:0b:bb:86:4e:bd:4d:07:c3:
3e:c6:7f:98:0e:69:87:46:8b:c0:d2:a2:34:1f:72:
87:8a:0b:4a:b0:4a:74:ff:55:dc:c9:3c:66:7c:43:
75:06:e7:61:df:86:1f:e5:91:2f:6e:ff:5b:14:be:
46:d7:99:b0:12:49:85:fe:72:46:c1:19:fc:af:25:
23:e4:1a:f8:34:c6:c5:7f:95:1c:ec:bb:6c:54:3a:
ce:10:08:4a:90:23:f7:9d:66:7e:08:90:90:f7:aa:
4e:91:d6:e6:c0:39:2f:40:9f:e4:ff:04:a9:d3:97:
76:d1:93:18:1e:c0:43:87:e0:1e:9d:a0:6c:cc:f7:
81:ff:a2:bd:a5:7e:d3:4b:52:e2:90:f2:c0:1f:c6:
7a:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:E0:F3:89:A5:0D:F0:DF:EB:1C:D4:B5:09:BF:35:28:DA:B3:69:29
X509v3 Authority Key Identifier:
keyid:11:DD:0E:BF:F5:BA:38:A8:75:8B:79:4D:04:D6:29:05:19:4A:32:66
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ed0Ov_W6OKh1i3lNBNYpBRlKMmY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/a66a29-51cc-4ba9-884f-f17613ea49e7/1/yeDziaUN8N_rHNS1Cb81KNqzaSk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/a66a29-51cc-4ba9-884f-f17613ea49e7/1/Ed0Ov_W6OKh1i3lNBNYpBRlKMmY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.20.96.0/24
Signature Algorithm: sha256WithRSAEncryption
ac:b6:81:09:54:e7:14:fe:22:ce:5c:b8:6b:b3:24:38:2b:8b:
97:a6:3e:a9:a5:ef:24:91:38:0f:f0:d5:27:f4:9e:79:7d:3c:
ae:fa:ca:96:81:3a:a8:24:98:5a:f0:0e:da:36:e4:14:5c:c4:
03:4b:18:db:66:9e:2d:98:35:ae:29:68:d7:22:f4:7b:4e:6f:
0a:62:2a:48:ef:92:18:90:c4:0e:24:38:53:5f:3e:43:8b:99:
0e:f1:53:54:9f:ec:61:01:9d:07:38:a5:88:a9:01:c5:67:90:
0a:2a:7d:83:45:5e:c7:6e:84:b6:45:5e:8f:de:72:aa:74:71:
90:69:5f:2e:f9:b9:df:06:af:69:cf:a5:97:1a:49:08:5c:97:
bf:f1:a6:41:f9:4f:f8:a6:8b:e9:ac:65:0a:9e:ab:7a:df:a2:
51:e1:06:08:73:00:e7:38:df:40:b7:70:97:4f:16:05:bc:73:
9d:75:0c:f4:16:1c:df:e0:95:7f:85:ee:99:46:32:6f:85:5f:
a9:39:9e:c6:22:09:d7:d0:b2:bc:8f:f1:9e:f6:c1:2f:80:94:
48:3b:21:77:ee:c7:d3:46:6a:fd:56:40:17:8c:ae:17:ea:5b:
c6:05:6b:06:3d:f6:32:cc:7e:6e:d3:4e:ea:1b:d8:79:bb:7a:
c3:16:71:31
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAiA6ITANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
MWRkMGViZmY1YmEzOGE4NzU4Yjc5NGQwNGQ2MjkwNTE5NGEzMjY2MB4XDTIyMDEw
MTEwMDAwMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYzllMGYzODlhNTBk
ZjBkZmViMWNkNGI1MDliZjM1MjhkYWIzNjkyOTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAPQV4lsQgc9OtrgiI8h7BBH9VkB6mUujoFC5KFU2YUpyc22U
1NXGKu65gWI7x00jsyQygjaSOhjGRrzx8faqb5K0UEsaqVFxu3Ggk8ELSBJOivI3
D1IH6//Ezb7EzChlUJX2fg7INQP0cTHWsOUOkQu7hk69TQfDPsZ/mA5ph0aLwNKi
NB9yh4oLSrBKdP9V3Mk8ZnxDdQbnYd+GH+WRL27/WxS+RteZsBJJhf5yRsEZ/K8l
I+Qa+DTGxX+VHOy7bFQ6zhAISpAj951mfgiQkPeqTpHW5sA5L0Cf5P8EqdOXdtGT
GB7AQ4fgHp2gbMz3gf+ivaV+00tS4pDywB/GelUCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTJ4POJpQ3w3+sc1LUJvzUo2rNpKTAfBgNVHSMEGDAWgBQR3Q6/9bo4qHWL
eU0E1ikFGUoyZjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0VkME92X1c2T0toMWkzbE5CTllwQlJsS01tWS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjAvYTY2YTI5LTUxY2MtNGJhOS04ODRmLWYxNzYxM2VhNDllNy8x
L3llRHppYVVOOE5fckhOUzFDYjgxS05xemFTay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjAv
YTY2YTI5LTUxY2MtNGJhOS04ODRmLWYxNzYxM2VhNDllNy8xL0VkME92X1c2T0to
MWkzbE5CTllwQlJsS01tWS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAC4UYDANBgkqhkiG9w0BAQsFAAOC
AQEArLaBCVTnFP4izly4a7MkOCuLl6Y+qaXvJJE4D/DVJ/SeeX08rvrKloE6qCSY
WvAO2jbkFFzEA0sY22aeLZg1rilo1yL0e05vCmIqSO+SGJDEDiQ4U18+Q4uZDvFT
VJ/sYQGdBziliKkBxWeQCip9g0Vex26EtkVej95yqnRxkGlfLvm53wavac+llxpJ
CFyXv/GmQflP+KaL6axlCp6ret+iUeEGCHMA5zjfQLdwl08WBbxznXUM9BYc3+CV
f4XumUYyb4VfqTmexiIJ19CyvI/xnvbBL4CUSDshd+7H00Zq/VZAF4yuF+pbxgVr
Bj32Msx+btNO6hvYebt6wxZxMQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:38:59 2024 by rpki-client on console-ams.rpki-client.org