Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/6d5d75-4d1e-4697-b1d3-36e344abc9d3/1/mD4BbdO8RVb89rK3YeG2hgLgExY.roa
File: mD4BbdO8RVb89rK3YeG2hgLgExY.roa (raw, json)
Hash identifier: fDgpAbmKqRRTezItDVRv+qCBOmZXU+Ihj1DmnD4LkuI=
Subject key identifier: 98:3E:01:6D:D3:BC:45:56:FC:F6:B2:B7:61:E1:B6:86:02:E0:13:16
Certificate issuer: /CN=e37ee1eced19f8a0a3a635bfaa264293e3437795
Certificate serial: 34BBB6BC
Authority key identifier: E3:7E:E1:EC:ED:19:F8:A0:A3:A6:35:BF:AA:26:42:93:E3:43:77:95
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/437h7O0Z-KCjpjW_qiZCk-NDd5U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/6d5d75-4d1e-4697-b1d3-36e344abc9d3/1/mD4BbdO8RVb89rK3YeG2hgLgExY.roa
Signing time: Tue 08 Feb 2022 22:11:58 +0000
ROA not before: Tue 08 Feb 2022 22:11:58 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 203622
IP address blocks: 46.32.166.0/24 maxlen: 24
46.32.165.0/24 maxlen: 24
46.32.164.0/24 maxlen: 24
46.32.160.0/24 maxlen: 24
46.32.162.0/24 maxlen: 24
46.32.161.0/24 maxlen: 24
46.32.170.0/24 maxlen: 24
46.32.172.0/24 maxlen: 24
46.32.171.0/24 maxlen: 24
46.32.177.0/24 maxlen: 24
46.32.179.0/24 maxlen: 24
46.32.178.0/24 maxlen: 24
46.32.174.0/24 maxlen: 24
46.32.173.0/24 maxlen: 24
46.32.176.0/24 maxlen: 24
46.32.175.0/24 maxlen: 24
46.32.184.0/24 maxlen: 24
46.32.186.0/24 maxlen: 24
46.32.185.0/24 maxlen: 24
46.32.191.0/24 maxlen: 24
46.32.188.0/24 maxlen: 24
46.32.187.0/24 maxlen: 24
46.32.190.0/24 maxlen: 24
46.32.189.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 884717244 (0x34bbb6bc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e37ee1eced19f8a0a3a635bfaa264293e3437795
Validity
Not Before: Feb 8 22:11:58 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=983e016dd3bc4556fcf6b2b761e1b68602e01316
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f2:74:17:06:6b:a0:3d:4b:a6:2d:ef:77:fc:38:
7e:c4:77:ec:91:80:5c:51:03:48:4f:18:b5:e9:c3:
3d:05:9a:a3:1c:10:08:a7:9b:1f:3e:57:35:2e:8e:
75:dc:35:4c:26:af:a6:e4:9d:fb:f8:76:1d:5d:eb:
16:a5:b5:7e:f0:90:77:9c:9f:95:40:dc:5a:a5:c6:
7b:83:28:55:37:56:20:23:0f:d4:75:fc:38:5a:ab:
15:4f:f6:39:df:58:a8:6a:a2:c1:13:a2:c7:57:c8:
f3:b0:d4:3c:aa:96:be:20:c8:52:1e:eb:a0:b6:4d:
c9:fd:64:9f:4a:8b:59:17:9e:bf:70:d9:5f:02:ee:
e5:15:ff:9d:ac:d1:f2:28:0e:d3:c4:1b:46:62:66:
2a:d3:18:99:39:95:3d:8c:25:20:f2:a6:50:cd:09:
09:ee:9c:d9:c5:06:b3:03:85:4e:fa:1f:bd:de:65:
6c:3e:c4:53:ba:73:b6:18:f6:8a:72:db:c4:58:3e:
1c:87:d1:63:76:f0:48:b9:90:b8:10:c7:c8:13:e6:
fa:a2:85:01:ad:80:e8:da:3d:94:d5:27:7c:cb:a8:
f2:84:0f:c4:cb:46:0f:2b:47:01:64:19:63:2d:71:
f3:d7:a6:e8:5f:a6:5b:4b:7a:4b:3a:f0:90:18:17:
60:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:3E:01:6D:D3:BC:45:56:FC:F6:B2:B7:61:E1:B6:86:02:E0:13:16
X509v3 Authority Key Identifier:
keyid:E3:7E:E1:EC:ED:19:F8:A0:A3:A6:35:BF:AA:26:42:93:E3:43:77:95
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/437h7O0Z-KCjpjW_qiZCk-NDd5U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/6d5d75-4d1e-4697-b1d3-36e344abc9d3/1/mD4BbdO8RVb89rK3YeG2hgLgExY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/6d5d75-4d1e-4697-b1d3-36e344abc9d3/1/437h7O0Z-KCjpjW_qiZCk-NDd5U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.32.160.0-46.32.162.255
46.32.164.0-46.32.166.255
46.32.170.0-46.32.179.255
46.32.184.0/21
Signature Algorithm: sha256WithRSAEncryption
1b:09:2d:08:4b:5f:ca:65:17:89:08:6b:49:85:29:de:18:87:
06:a7:a5:79:a2:d6:3e:20:84:b8:d9:93:f9:23:91:c4:26:05:
c6:04:6f:c7:b4:af:97:37:a4:a6:96:d5:bb:d7:44:45:8d:ae:
5c:32:d8:08:07:eb:57:5f:c0:8d:90:10:30:97:9a:c1:8d:6b:
09:03:9e:7e:44:55:99:b0:ec:40:15:70:fb:bd:7a:50:32:7b:
1c:a6:e4:13:d6:ce:3f:16:74:22:8e:d3:cb:ed:85:4c:ef:14:
77:b6:25:ac:29:1e:f9:7b:60:aa:33:74:13:2d:b4:94:f7:fc:
23:ae:4f:d3:dc:8e:da:d8:90:19:5e:02:17:c5:49:50:e7:a2:
2b:95:a5:34:9a:ef:de:81:73:af:3e:bd:9d:30:49:9d:22:cc:
7d:ed:f4:b3:ec:f4:74:db:fb:07:73:da:a8:63:9a:2f:2d:19:
42:d8:b4:85:04:dc:5a:78:77:28:f3:4a:98:6b:4e:c5:9e:da:
ba:d1:9c:6d:0a:4d:ae:e9:92:b5:86:e1:a5:3f:4b:c1:79:f7:
d2:63:24:15:f5:4d:87:ad:94:52:5f:3e:b9:d2:aa:56:b0:02:
0c:4a:b0:c0:51:54:62:26:7d:d5:86:11:2e:8a:bb:b2:65:ef:
d1:d9:2f:44
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgIENLu2vDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
MzdlZTFlY2VkMTlmOGEwYTNhNjM1YmZhYTI2NDI5M2UzNDM3Nzk1MB4XDTIyMDIw
ODIyMTE1OFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOTgzZTAxNmRkM2Jj
NDU1NmZjZjZiMmI3NjFlMWI2ODYwMmUwMTMxNjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAPJ0FwZroD1Lpi3vd/w4fsR37JGAXFEDSE8YtenDPQWaoxwQ
CKebHz5XNS6Oddw1TCavpuSd+/h2HV3rFqW1fvCQd5yflUDcWqXGe4MoVTdWICMP
1HX8OFqrFU/2Od9YqGqiwROix1fI87DUPKqWviDIUh7roLZNyf1kn0qLWReev3DZ
XwLu5RX/nazR8igO08QbRmJmKtMYmTmVPYwlIPKmUM0JCe6c2cUGswOFTvofvd5l
bD7EU7pzthj2inLbxFg+HIfRY3bwSLmQuBDHyBPm+qKFAa2A6No9lNUnfMuo8oQP
xMtGDytHAWQZYy1x89em6F+mW0t6SzrwkBgXYHUCAwEAAaOCAjMwggIvMB0GA1Ud
DgQWBBSYPgFt07xFVvz2srdh4baGAuATFjAfBgNVHSMEGDAWgBTjfuHs7Rn4oKOm
Nb+qJkKT40N3lTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzQzN2g3TzBaLUtDanBqV19xaVpDay1ORGQ1VS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjgvNmQ1ZDc1LTRkMWUtNDY5Ny1iMWQzLTM2ZTM0NGFiYzlkMy8x
L21ENEJiZE84UlZiODlySzNZZUcyaGdMZ0V4WS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjgv
NmQ1ZDc1LTRkMWUtNDY5Ny1iMWQzLTM2ZTM0NGFiYzlkMy8xLzQzN2g3TzBaLUtD
anBqV19xaVpDay1ORGQ1VS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBJ
BggrBgEFBQcBBwEB/wQ6MDgwNgQCAAEwMDAMAwQFLiCgAwQALiCiMAwDBAIuIKQD
BAAuIKYwDAMEAS4gqgMEAi4gsAMEAy4guDANBgkqhkiG9w0BAQsFAAOCAQEAGwkt
CEtfymUXiQhrSYUp3hiHBqeleaLWPiCEuNmT+SORxCYFxgRvx7SvlzekppbVu9dE
RY2uXDLYCAfrV1/AjZAQMJeawY1rCQOefkRVmbDsQBVw+716UDJ7HKbkE9bOPxZ0
Io7Ty+2FTO8Ud7YlrCke+XtgqjN0Ey20lPf8I65P09yO2tiQGV4CF8VJUOeiK5Wl
NJrv3oFzrz69nTBJnSLMfe30s+z0dNv7B3PaqGOaLy0ZQti0hQTcWnh3KPNKmGtO
xZ7autGcbQpNrumStYbhpT9LwXn30mMkFfVNh62UUl8+udKqVrACDEqwwFFUYiZ9
1YYRLoq7smXv0dkvRA==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:39 2023 by rpki-client on console-ams.rpki-client.org