Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/a66a29-51cc-4ba9-884f-f17613ea49e7/1/zVVzxQwfSF3RGUVz03F3cFcoZqI.roa
File: zVVzxQwfSF3RGUVz03F3cFcoZqI.roa (raw, json)
Hash identifier: MPiuIR9TiFbUQ8y7qwiNfI4ebDThCioBxTKGp7EoY8o=
Subject key identifier: CD:55:73:C5:0C:1F:48:5D:D1:19:45:73:D3:71:77:70:57:28:66:A2
Certificate issuer: /CN=11dd0ebff5ba38a8758b794d04d62905194a3266
Certificate serial: 018559EA3F204CE3E87E5B5E1B823D7E10EE
Authority key identifier: 11:DD:0E:BF:F5:BA:38:A8:75:8B:79:4D:04:D6:29:05:19:4A:32:66
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ed0Ov_W6OKh1i3lNBNYpBRlKMmY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/a66a29-51cc-4ba9-884f-f17613ea49e7/1/zVVzxQwfSF3RGUVz03F3cFcoZqI.roa
Signing time: Wed 28 Dec 2022 18:06:41 +0000
ROA not before: Wed 28 Dec 2022 18:06:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 211237
IP address blocks: 46.20.100.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:59:ea:3f:20:4c:e3:e8:7e:5b:5e:1b:82:3d:7e:10:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=11dd0ebff5ba38a8758b794d04d62905194a3266
Validity
Not Before: Dec 28 18:06:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=cd5573c50c1f485dd1194573d3717770572866a2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:7b:d4:02:26:ea:49:e6:eb:96:ba:e1:97:fb:
36:9d:9f:31:f1:5c:cc:20:1b:7b:92:80:af:6c:46:
2f:33:97:61:bb:8c:8b:27:69:b0:28:b3:c5:be:ee:
d6:2f:87:28:df:a9:41:8d:ad:f6:b1:83:69:6d:ba:
ce:bd:32:b5:d9:8f:cd:7e:fd:10:d4:2a:71:08:dc:
25:ac:68:7f:7d:51:18:f1:c3:ab:8d:55:9d:b6:30:
d1:e8:8b:87:22:38:53:fd:19:4d:d1:89:e0:8c:fd:
1b:af:e6:f7:0e:6b:24:1b:87:97:58:0f:09:69:37:
62:04:9a:3c:62:8c:c9:df:a4:e5:9e:15:5d:dd:b4:
dd:a1:4e:c7:eb:7f:08:55:10:29:b6:fc:26:18:4e:
06:0e:b0:1b:25:6e:b3:a0:5b:cd:eb:5d:90:c3:4b:
75:63:be:b8:bf:2d:9a:10:e4:dc:13:ec:2e:9d:65:
67:38:2a:27:c9:03:6c:72:ed:b5:72:73:50:27:18:
64:23:01:15:02:3e:95:90:9f:46:db:6e:a9:92:86:
4e:92:c7:2b:43:7d:4f:29:52:83:26:e9:e1:b1:b8:
df:8a:d2:c2:4b:bf:4e:94:e4:24:a7:3a:d7:53:3f:
9b:a8:a9:04:e8:9c:ae:6f:7d:45:a1:2d:a0:55:df:
ed:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:55:73:C5:0C:1F:48:5D:D1:19:45:73:D3:71:77:70:57:28:66:A2
X509v3 Authority Key Identifier:
keyid:11:DD:0E:BF:F5:BA:38:A8:75:8B:79:4D:04:D6:29:05:19:4A:32:66
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ed0Ov_W6OKh1i3lNBNYpBRlKMmY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/a66a29-51cc-4ba9-884f-f17613ea49e7/1/zVVzxQwfSF3RGUVz03F3cFcoZqI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/a66a29-51cc-4ba9-884f-f17613ea49e7/1/Ed0Ov_W6OKh1i3lNBNYpBRlKMmY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.20.100.0/24
Signature Algorithm: sha256WithRSAEncryption
45:ae:a5:a9:c0:46:00:40:17:e8:ff:ba:ec:f6:9c:3d:b7:28:
7a:52:09:5f:70:cb:7b:f2:4a:04:0d:2f:e6:9f:f0:d7:3d:6a:
f8:42:9b:c9:6e:0b:7b:cc:15:50:60:37:b2:42:fb:04:d3:65:
a4:55:10:8e:91:97:c9:b3:78:6c:28:a4:0e:86:22:6f:8b:1e:
a1:a5:4e:8c:85:2c:7d:00:98:5b:d9:eb:83:89:0c:61:d4:a8:
06:5d:b8:02:19:19:cd:1f:8e:f6:95:43:37:f6:35:18:d2:15:
f4:5e:49:f0:f4:73:d8:9e:85:24:bb:f5:70:06:e7:50:09:e0:
df:e0:4a:f7:02:ae:2b:86:7d:bf:c9:43:e6:09:24:9b:0a:1f:
40:0e:0f:bc:8b:16:f3:b6:ae:3b:e7:51:d5:be:55:c5:7a:00:
3b:23:78:95:a1:f2:9c:0b:31:52:a3:66:29:98:30:65:11:2f:
6a:5c:43:cc:9b:30:c1:85:d2:6b:24:4f:0c:c0:6f:e4:d6:c7:
bc:d1:cb:0a:af:6a:b6:fc:f7:be:a3:8c:c0:c8:30:49:fc:33:
ee:96:59:da:08:1f:79:2b:23:aa:f7:c9:27:3a:b9:16:9c:cd:
ec:f7:21:f2:f2:d1:fc:23:19:13:05:f3:ac:eb:f2:e1:36:06:
df:f1:e8:42
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVZ6j8gTOPoflteG4I9fhDuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDExZGQwZWJmZjViYTM4YTg3NThiNzk0ZDA0ZDYyOTA1MTk0
YTMyNjYwHhcNMjIxMjI4MTgwNjQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZDU1NzNjNTBjMWY0ODVkZDExOTQ1NzNkMzcxNzc3MDU3Mjg2NmEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA13vUAibqSebrlrrhl/s2nZ8x8VzM
IBt7koCvbEYvM5dhu4yLJ2mwKLPFvu7WL4co36lBja32sYNpbbrOvTK12Y/Nfv0Q
1CpxCNwlrGh/fVEY8cOrjVWdtjDR6IuHIjhT/RlN0YngjP0br+b3DmskG4eXWA8J
aTdiBJo8YozJ36TlnhVd3bTdoU7H638IVRAptvwmGE4GDrAbJW6zoFvN612Qw0t1
Y764vy2aEOTcE+wunWVnOConyQNscu21cnNQJxhkIwEVAj6VkJ9G226pkoZOkscr
Q31PKVKDJunhsbjfitLCS79OlOQkpzrXUz+bqKkE6Jyub31FoS2gVd/tKwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFM1Vc8UMH0hd0RlFc9Nxd3BXKGaiMB8GA1UdIwQY
MBaAFBHdDr/1ujiodYt5TQTWKQUZSjJmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRWQwT3ZfVzZPS2gxaTNsTkJOWXBCUmxLTW1ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC9hNjZhMjktNTFjYy00YmE5LTg4NGYt
ZjE3NjEzZWE0OWU3LzEvelZWenhRd2ZTRjNSR1VWejAzRjNjRmNvWnFJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC9hNjZhMjktNTFjYy00YmE5LTg4NGYtZjE3NjEzZWE0OWU3
LzEvRWQwT3ZfVzZPS2gxaTNsTkJOWXBCUmxLTW1ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALhRkMA0G
CSqGSIb3DQEBCwUAA4IBAQBFrqWpwEYAQBfo/7rs9pw9tyh6UglfcMt78koEDS/m
n/DXPWr4QpvJbgt7zBVQYDeyQvsE02WkVRCOkZfJs3hsKKQOhiJvix6hpU6MhSx9
AJhb2euDiQxh1KgGXbgCGRnNH472lUM39jUY0hX0Xknw9HPYnoUku/VwBudQCeDf
4Er3Aq4rhn2/yUPmCSSbCh9ADg+8ixbztq4751HVvlXFegA7I3iVofKcCzFSo2Yp
mDBlES9qXEPMmzDBhdJrJE8MwG/k1se80csKr2q2/Pe+o4zAyDBJ/DPullnaCB95
KyOq98knOrkWnM3s9yHy8tH8IxkTBfOs6/LhNgbf8ehC
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:42:37 2025 by rpki-client