Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/6d5d75-4d1e-4697-b1d3-36e344abc9d3/1/C7lQd3fXviYvOmzNmW0XPIOnIXE.roa
File: C7lQd3fXviYvOmzNmW0XPIOnIXE.roa (raw, json)
Hash identifier: v+004rG3/uTzLh+568NWMZGvC8jsIHw4NUSlXU8ZZfM=
Subject key identifier: 0B:B9:50:77:77:D7:BE:26:2F:3A:6C:CD:99:6D:17:3C:83:A7:21:71
Certificate issuer: /CN=e37ee1eced19f8a0a3a635bfaa264293e3437795
Certificate serial: 353D95E6
Authority key identifier: E3:7E:E1:EC:ED:19:F8:A0:A3:A6:35:BF:AA:26:42:93:E3:43:77:95
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/437h7O0Z-KCjpjW_qiZCk-NDd5U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/6d5d75-4d1e-4697-b1d3-36e344abc9d3/1/C7lQd3fXviYvOmzNmW0XPIOnIXE.roa
Signing time: Thu 31 Mar 2022 04:11:55 +0000
ROA not before: Thu 31 Mar 2022 04:11:55 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 203622
IP address blocks: 46.32.166.0/24 maxlen: 24
46.32.165.0/24 maxlen: 24
46.32.164.0/24 maxlen: 24
46.32.160.0/24 maxlen: 24
46.32.162.0/24 maxlen: 24
46.32.161.0/24 maxlen: 24
46.32.167.0/24 maxlen: 24
46.32.170.0/24 maxlen: 24
46.32.171.0/24 maxlen: 24
46.32.177.0/24 maxlen: 24
46.32.179.0/24 maxlen: 24
46.32.178.0/24 maxlen: 24
46.32.174.0/24 maxlen: 24
46.32.173.0/24 maxlen: 24
46.32.176.0/24 maxlen: 24
46.32.175.0/24 maxlen: 24
46.32.184.0/24 maxlen: 24
46.32.186.0/24 maxlen: 24
46.32.185.0/24 maxlen: 24
46.32.191.0/24 maxlen: 24
46.32.188.0/24 maxlen: 24
46.32.187.0/24 maxlen: 24
46.32.190.0/24 maxlen: 24
46.32.189.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 893228518 (0x353d95e6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e37ee1eced19f8a0a3a635bfaa264293e3437795
Validity
Not Before: Mar 31 04:11:55 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0bb9507777d7be262f3a6ccd996d173c83a72171
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:31:f5:77:47:9d:fa:01:e6:d0:3c:d5:3d:01:
ad:d2:c4:21:a4:7e:06:7e:64:74:15:17:25:a6:39:
05:f3:bf:26:d4:42:4b:c5:da:a1:2e:0f:99:8a:93:
fd:e6:8d:e3:0c:32:68:6b:80:cc:10:fe:d9:e5:15:
60:8f:5f:7f:51:5f:e3:e5:35:10:fc:46:5f:07:d0:
8a:9e:db:c8:69:b1:ed:10:41:19:01:48:70:90:8c:
c4:53:b6:8b:56:53:58:52:5a:ff:47:5e:39:f5:d4:
f0:a1:ef:3b:c4:14:34:d5:93:fb:c2:c1:e0:f5:a9:
18:53:94:db:ea:d4:16:61:79:8d:46:c3:15:3c:4f:
c5:c2:8b:61:91:f8:ac:f3:0a:d6:62:9f:99:b3:c8:
1a:f3:95:35:46:63:87:64:54:95:2f:2f:5c:f5:c8:
50:39:eb:1c:a1:75:3b:00:60:39:ff:8d:22:88:62:
bf:76:45:4d:89:19:5e:f6:e3:4d:9b:d1:f8:16:cd:
7f:98:c9:53:43:de:8f:ac:6d:f4:aa:d1:80:4f:27:
e1:b6:c2:47:59:03:89:2e:e2:3d:98:5e:47:84:03:
26:ea:81:61:b9:54:74:c1:ef:ef:66:ef:c2:13:f6:
6b:65:50:6b:d3:70:b6:7b:a3:4e:57:1b:85:31:c3:
d1:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:B9:50:77:77:D7:BE:26:2F:3A:6C:CD:99:6D:17:3C:83:A7:21:71
X509v3 Authority Key Identifier:
keyid:E3:7E:E1:EC:ED:19:F8:A0:A3:A6:35:BF:AA:26:42:93:E3:43:77:95
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/437h7O0Z-KCjpjW_qiZCk-NDd5U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/6d5d75-4d1e-4697-b1d3-36e344abc9d3/1/C7lQd3fXviYvOmzNmW0XPIOnIXE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/6d5d75-4d1e-4697-b1d3-36e344abc9d3/1/437h7O0Z-KCjpjW_qiZCk-NDd5U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.32.160.0-46.32.162.255
46.32.164.0/22
46.32.170.0/23
46.32.173.0-46.32.179.255
46.32.184.0/21
Signature Algorithm: sha256WithRSAEncryption
82:2e:99:30:57:68:b2:6e:3e:a5:23:6b:ab:b8:49:35:63:51:
e9:29:5f:24:74:64:6a:b6:9a:56:10:64:1a:50:65:24:7a:4d:
6e:dd:db:b6:f1:63:24:0d:02:55:73:f5:37:36:f5:9c:4e:2c:
23:aa:75:af:29:04:01:b1:2d:5f:28:65:4b:e6:4d:99:8e:3e:
16:c0:56:fb:73:4b:95:b0:e3:7d:0a:82:61:01:3e:f3:14:4e:
e1:c4:4a:ca:1d:df:0e:3d:8f:cd:05:fc:e4:41:8a:f0:13:2c:
ba:e2:03:01:85:68:40:02:3f:b3:eb:63:67:33:ff:5e:ce:76:
13:77:18:a3:fb:7e:00:86:6e:4a:a8:d4:f8:c5:7d:f4:53:88:
28:f3:02:4b:9e:52:31:2d:c0:ae:88:b3:4d:c6:b8:00:13:fc:
ee:d4:15:07:6f:a0:d3:45:ce:09:a7:6b:2f:53:24:1b:69:ce:
a2:db:a8:a4:9a:38:e6:72:ea:eb:2d:f1:20:d5:d4:50:56:40:
ef:a0:ce:fc:06:b0:c1:73:bb:4e:23:de:8e:de:3c:5f:6c:79:
72:1b:f7:6c:3d:a0:89:cb:e6:30:38:ba:0a:34:65:44:d5:79:
86:81:55:e6:71:85:10:1b:4c:2a:95:18:d5:d2:0d:3a:c4:be:
15:5e:51:f2
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgIENT2V5jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
MzdlZTFlY2VkMTlmOGEwYTNhNjM1YmZhYTI2NDI5M2UzNDM3Nzk1MB4XDTIyMDMz
MTA0MTE1NVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMGJiOTUwNzc3N2Q3
YmUyNjJmM2E2Y2NkOTk2ZDE3M2M4M2E3MjE3MTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJIx9XdHnfoB5tA81T0BrdLEIaR+Bn5kdBUXJaY5BfO/JtRC
S8XaoS4PmYqT/eaN4wwyaGuAzBD+2eUVYI9ff1Ff4+U1EPxGXwfQip7byGmx7RBB
GQFIcJCMxFO2i1ZTWFJa/0deOfXU8KHvO8QUNNWT+8LB4PWpGFOU2+rUFmF5jUbD
FTxPxcKLYZH4rPMK1mKfmbPIGvOVNUZjh2RUlS8vXPXIUDnrHKF1OwBgOf+NIohi
v3ZFTYkZXvbjTZvR+BbNf5jJU0Pej6xt9KrRgE8n4bbCR1kDiS7iPZheR4QDJuqB
YblUdMHv72bvwhP2a2VQa9NwtnujTlcbhTHD0TsCAwEAAaOCAjEwggItMB0GA1Ud
DgQWBBQLuVB3d9e+Ji86bM2ZbRc8g6chcTAfBgNVHSMEGDAWgBTjfuHs7Rn4oKOm
Nb+qJkKT40N3lTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzQzN2g3TzBaLUtDanBqV19xaVpDay1ORGQ1VS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjgvNmQ1ZDc1LTRkMWUtNDY5Ny1iMWQzLTM2ZTM0NGFiYzlkMy8x
L0M3bFFkM2ZYdmlZdk9tek5tVzBYUElPbklYRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjgv
NmQ1ZDc1LTRkMWUtNDY5Ny1iMWQzLTM2ZTM0NGFiYzlkMy8xLzQzN2g3TzBaLUtD
anBqV19xaVpDay1ORGQ1VS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBH
BggrBgEFBQcBBwEB/wQ4MDYwNAQCAAEwLjAMAwQFLiCgAwQALiCiAwQCLiCkAwQB
LiCqMAwDBAAuIK0DBAIuILADBAMuILgwDQYJKoZIhvcNAQELBQADggEBAIIumTBX
aLJuPqUja6u4STVjUekpXyR0ZGq2mlYQZBpQZSR6TW7d27bxYyQNAlVz9Tc29ZxO
LCOqda8pBAGxLV8oZUvmTZmOPhbAVvtzS5Ww430KgmEBPvMUTuHESsod3w49j80F
/ORBivATLLriAwGFaEACP7PrY2cz/17OdhN3GKP7fgCGbkqo1PjFffRTiCjzAkue
UjEtwK6Is03GuAAT/O7UFQdvoNNFzgmnay9TJBtpzqLbqKSaOOZy6ust8SDV1FBW
QO+gzvwGsMFzu04j3o7ePF9seXIb92w9oInL5jA4ugo0ZUTVeYaBVeZxhRAbTCqV
GNXSDTrEvhVeUfI=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:39 2023 by rpki-client on console-ams.rpki-client.org