Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/6d5d75-4d1e-4697-b1d3-36e344abc9d3/1/6yQHfBiQl-lvQLYUgjPvYgYmmg0.roa
File: 6yQHfBiQl-lvQLYUgjPvYgYmmg0.roa (raw, json)
Hash identifier: aO85r7Z1gdzXnMsEcHoALAoI4x+wBnU5wep+9EZdn6k=
Subject key identifier: EB:24:07:7C:18:90:97:E9:6F:40:B6:14:82:33:EF:62:06:26:9A:0D
Certificate issuer: /CN=e37ee1eced19f8a0a3a635bfaa264293e3437795
Certificate serial: 35AD39B2
Authority key identifier: E3:7E:E1:EC:ED:19:F8:A0:A3:A6:35:BF:AA:26:42:93:E3:43:77:95
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/437h7O0Z-KCjpjW_qiZCk-NDd5U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/6d5d75-4d1e-4697-b1d3-36e344abc9d3/1/6yQHfBiQl-lvQLYUgjPvYgYmmg0.roa
Signing time: Wed 11 May 2022 13:59:30 +0000
ROA not before: Wed 11 May 2022 13:59:30 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 203622
IP address blocks: 46.32.166.0/24 maxlen: 24
46.32.165.0/24 maxlen: 24
46.32.164.0/24 maxlen: 24
46.32.160.0/24 maxlen: 24
46.32.162.0/24 maxlen: 24
46.32.161.0/24 maxlen: 24
46.32.167.0/24 maxlen: 24
46.32.170.0/24 maxlen: 24
46.32.171.0/24 maxlen: 24
46.32.177.0/24 maxlen: 24
46.32.179.0/24 maxlen: 24
46.32.178.0/24 maxlen: 24
46.32.174.0/24 maxlen: 24
46.32.176.0/24 maxlen: 24
46.32.191.0/24 maxlen: 24
46.32.188.0/24 maxlen: 24
46.32.190.0/24 maxlen: 24
46.32.189.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 900544946 (0x35ad39b2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e37ee1eced19f8a0a3a635bfaa264293e3437795
Validity
Not Before: May 11 13:59:30 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=eb24077c189097e96f40b6148233ef6206269a0d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:96:be:37:8b:d1:b1:57:89:10:88:f7:1e:98:
ce:e6:55:89:86:6d:23:6a:42:6b:fc:4d:88:06:86:
31:06:76:fc:d8:f7:d5:21:0a:36:b1:47:b2:84:37:
a1:b9:43:ea:e2:0b:17:de:15:99:fc:99:23:0c:95:
ac:86:f0:25:33:f5:45:87:3f:8b:b5:01:f1:3b:5d:
c3:8e:f9:16:73:b0:21:2e:5b:71:bd:40:5e:06:19:
34:48:d4:e5:5a:86:1b:fe:c1:c8:e1:95:9d:27:da:
ec:77:18:08:7c:c4:e6:04:9c:c7:be:43:fb:ae:f6:
81:e3:47:53:6f:d8:18:ec:b4:9b:93:7f:bf:12:2f:
4a:90:9f:66:86:a0:d3:f0:52:08:6f:9a:a9:58:62:
71:5f:a4:fa:51:ca:11:85:f2:17:cf:c7:6e:01:b8:
5a:99:9c:f7:46:89:a3:8a:ed:0d:46:e3:10:37:03:
43:4a:b5:65:c2:7b:ee:19:77:b1:12:ca:13:b9:05:
e2:6a:0d:38:24:c0:ed:3b:3f:61:ed:55:34:f8:39:
fd:8d:2f:80:a7:b2:90:99:5d:a3:93:11:1d:7f:75:
e0:fc:4d:64:b0:ea:52:a2:8d:8d:9a:c5:c8:3a:b7:
c0:d4:f2:d1:18:d7:1c:bb:c7:81:c5:53:c7:3a:1a:
66:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:24:07:7C:18:90:97:E9:6F:40:B6:14:82:33:EF:62:06:26:9A:0D
X509v3 Authority Key Identifier:
keyid:E3:7E:E1:EC:ED:19:F8:A0:A3:A6:35:BF:AA:26:42:93:E3:43:77:95
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/437h7O0Z-KCjpjW_qiZCk-NDd5U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/6d5d75-4d1e-4697-b1d3-36e344abc9d3/1/6yQHfBiQl-lvQLYUgjPvYgYmmg0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/6d5d75-4d1e-4697-b1d3-36e344abc9d3/1/437h7O0Z-KCjpjW_qiZCk-NDd5U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.32.160.0-46.32.162.255
46.32.164.0/22
46.32.170.0/23
46.32.174.0/24
46.32.176.0/22
46.32.188.0/22
Signature Algorithm: sha256WithRSAEncryption
0b:f2:30:f5:87:98:ed:2e:e0:16:b9:05:5a:6b:20:f6:54:d4:
17:88:c6:79:65:fd:df:49:da:7d:37:4c:db:f1:a5:78:02:06:
c5:61:6e:e1:e5:4b:bf:32:0c:fd:57:ed:3a:c3:73:83:04:aa:
27:f8:e5:1f:d9:9e:24:76:df:9e:e9:0b:4a:46:05:27:0f:bd:
da:a8:bf:ab:ac:02:ba:e4:b9:2f:5d:bf:2a:ec:d4:92:e9:62:
bb:67:da:ab:2c:8a:fa:11:29:8a:b0:db:55:23:d1:ea:a8:f6:
f9:57:84:66:b4:91:ef:a4:47:3b:af:59:00:2a:9b:c4:5f:4b:
2c:cb:06:6d:f9:31:32:85:b9:b3:e7:24:41:14:45:26:f7:6c:
c1:aa:44:b3:c0:f1:e4:d1:be:6e:bf:43:df:e1:f9:81:9c:e0:
54:e3:6c:45:ac:df:49:af:d5:f8:7e:35:5a:71:12:7c:fe:82:
6c:2d:15:00:33:b4:84:da:9c:e1:a8:00:cc:20:c9:77:b6:79:
0f:eb:88:45:1f:f6:a7:3b:42:46:86:ac:7c:db:29:1b:51:ae:
aa:8c:83:aa:b4:6b:f6:5f:85:3e:9a:63:d8:6c:8b:bc:7d:e5:
a2:e9:67:04:7e:fa:6a:42:d3:5e:00:6d:e3:8f:da:ae:ab:ed:
a1:e3:c7:32
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgIENa05sjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
MzdlZTFlY2VkMTlmOGEwYTNhNjM1YmZhYTI2NDI5M2UzNDM3Nzk1MB4XDTIyMDUx
MTEzNTkzMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZWIyNDA3N2MxODkw
OTdlOTZmNDBiNjE0ODIzM2VmNjIwNjI2OWEwZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMCWvjeL0bFXiRCI9x6YzuZViYZtI2pCa/xNiAaGMQZ2/Nj3
1SEKNrFHsoQ3oblD6uILF94VmfyZIwyVrIbwJTP1RYc/i7UB8Ttdw475FnOwIS5b
cb1AXgYZNEjU5VqGG/7ByOGVnSfa7HcYCHzE5gScx75D+672geNHU2/YGOy0m5N/
vxIvSpCfZoag0/BSCG+aqVhicV+k+lHKEYXyF8/HbgG4Wpmc90aJo4rtDUbjEDcD
Q0q1ZcJ77hl3sRLKE7kF4moNOCTA7Ts/Ye1VNPg5/Y0vgKeykJldo5MRHX914PxN
ZLDqUqKNjZrFyDq3wNTy0RjXHLvHgcVTxzoaZscCAwEAAaOCAi8wggIrMB0GA1Ud
DgQWBBTrJAd8GJCX6W9AthSCM+9iBiaaDTAfBgNVHSMEGDAWgBTjfuHs7Rn4oKOm
Nb+qJkKT40N3lTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzQzN2g3TzBaLUtDanBqV19xaVpDay1ORGQ1VS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjgvNmQ1ZDc1LTRkMWUtNDY5Ny1iMWQzLTM2ZTM0NGFiYzlkMy8x
LzZ5UUhmQmlRbC1sdlFMWVVnalB2WWdZbW1nMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjgv
NmQ1ZDc1LTRkMWUtNDY5Ny1iMWQzLTM2ZTM0NGFiYzlkMy8xLzQzN2g3TzBaLUtD
anBqV19xaVpDay1ORGQ1VS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBF
BggrBgEFBQcBBwEB/wQ2MDQwMgQCAAEwLDAMAwQFLiCgAwQALiCiAwQCLiCkAwQB
LiCqAwQALiCuAwQCLiCwAwQCLiC8MA0GCSqGSIb3DQEBCwUAA4IBAQAL8jD1h5jt
LuAWuQVaayD2VNQXiMZ5Zf3fSdp9N0zb8aV4AgbFYW7h5Uu/Mgz9V+06w3ODBKon
+OUf2Z4kdt+e6QtKRgUnD73aqL+rrAK65LkvXb8q7NSS6WK7Z9qrLIr6ESmKsNtV
I9HqqPb5V4RmtJHvpEc7r1kAKpvEX0ssywZt+TEyhbmz5yRBFEUm92zBqkSzwPHk
0b5uv0Pf4fmBnOBU42xFrN9Jr9X4fjVacRJ8/oJsLRUAM7SE2pzhqADMIMl3tnkP
64hFH/anO0JGhqx82ykbUa6qjIOqtGv2X4U+mmPYbIu8feWi6WcEfvpqQtNeAG3j
j9quq+2h48cy
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:39 2023 by rpki-client on console-ams.rpki-client.org