Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/d51f64-5d06-4fc0-ab69-2cd98ee53569/1/ddBPYQHat-vLrzPUbAM-ltEcVpw.roa
File: ddBPYQHat-vLrzPUbAM-ltEcVpw.roa (raw, json)
Hash identifier: HoOpTZZU8loA/WG/zkm0pyBMUP50ZNhQmWFJKOrV5lU=
Subject key identifier: 75:D0:4F:61:01:DA:B7:EB:CB:AF:33:D4:6C:03:3E:96:D1:1C:56:9C
Certificate issuer: /CN=8d84404e5f8a4b117ae44e73d53c44ecdd578342
Certificate serial: 01876BE06BDF400A858D1D048E173D7EC7B6
Authority key identifier: 8D:84:40:4E:5F:8A:4B:11:7A:E4:4E:73:D5:3C:44:EC:DD:57:83:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jYRATl-KSxF65E5z1TxE7N1Xg0I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/d51f64-5d06-4fc0-ab69-2cd98ee53569/1/ddBPYQHat-vLrzPUbAM-ltEcVpw.roa
Signing time: Mon 10 Apr 2023 15:54:42 +0000
ROA not before: Mon 10 Apr 2023 15:54:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 213291
IP address blocks: 46.243.212.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:6b:e0:6b:df:40:0a:85:8d:1d:04:8e:17:3d:7e:c7:b6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8d84404e5f8a4b117ae44e73d53c44ecdd578342
Validity
Not Before: Apr 10 15:54:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=75d04f6101dab7ebcbaf33d46c033e96d11c569c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:88:10:f1:9e:11:a3:f0:3b:bb:49:87:c7:94:
aa:41:f5:e1:9d:42:ef:b4:13:a2:25:c8:b7:b6:e3:
0c:ce:1e:04:9e:44:c4:9f:f2:c4:e8:c0:22:98:98:
74:92:13:1f:75:a5:6a:ba:55:b6:46:0c:e4:83:79:
b1:30:c8:9f:55:6a:cb:22:97:ba:9c:6c:78:fb:ea:
f2:69:6d:bc:a4:21:fe:de:e5:1c:88:39:8b:89:f7:
c9:d9:d1:56:0c:16:ea:4b:01:bd:0d:50:07:eb:3c:
66:3a:af:e8:ad:2b:74:02:50:62:f2:40:40:37:3d:
a1:5c:24:a6:48:b6:02:d3:44:a9:a9:84:9c:9a:e1:
c5:53:54:d1:d4:d8:9d:49:00:75:49:4c:a1:3c:34:
cb:56:3e:fa:d4:88:29:e0:8e:c3:72:59:d6:7f:01:
66:e6:ed:f3:5a:de:2d:c7:f1:ad:e9:3d:6a:b1:1c:
ed:4b:3c:4c:d2:8d:dd:e0:28:e4:34:e8:82:a6:a4:
4f:67:16:a5:8f:e1:d3:4f:c0:66:1e:6f:2f:a1:ed:
c9:2c:68:62:36:60:9e:0a:fa:94:2a:31:f3:70:cd:
eb:d0:d9:a1:df:d6:7b:c2:3c:d7:51:d0:5c:73:54:
9d:fb:8f:11:9b:2b:0b:0a:c3:68:4b:05:fb:c4:ad:
a6:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:D0:4F:61:01:DA:B7:EB:CB:AF:33:D4:6C:03:3E:96:D1:1C:56:9C
X509v3 Authority Key Identifier:
keyid:8D:84:40:4E:5F:8A:4B:11:7A:E4:4E:73:D5:3C:44:EC:DD:57:83:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jYRATl-KSxF65E5z1TxE7N1Xg0I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/d51f64-5d06-4fc0-ab69-2cd98ee53569/1/ddBPYQHat-vLrzPUbAM-ltEcVpw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/d51f64-5d06-4fc0-ab69-2cd98ee53569/1/jYRATl-KSxF65E5z1TxE7N1Xg0I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.243.212.0/24
Signature Algorithm: sha256WithRSAEncryption
9a:ac:b3:e9:88:d1:ef:12:eb:08:f7:d0:35:ec:50:68:2f:b9:
98:66:88:f3:58:52:6a:47:eb:d8:ce:0e:45:26:03:16:54:14:
91:d5:db:00:74:ef:58:05:f5:63:c4:39:9d:04:58:14:e9:6a:
a7:7b:94:94:82:ab:10:4b:88:a9:8f:ee:04:e9:bf:a2:06:16:
22:92:1d:a9:4a:49:1c:ef:c7:ea:f4:fa:3d:a8:4c:0f:31:1a:
76:b9:88:15:fc:4e:05:5f:b8:62:40:2a:78:7c:69:bc:40:22:
d2:fc:08:d6:55:3e:2d:df:13:c6:5e:f8:ae:77:f1:85:3e:50:
6a:25:a8:35:ef:39:71:a4:82:bf:77:9f:fa:cb:7f:2f:30:63:
fe:c6:0c:c7:e3:ad:bb:21:4c:e4:df:c7:b8:0d:c1:15:12:c9:
63:ff:4c:05:a5:3b:bc:82:70:17:ef:8d:11:b9:52:5a:5b:ab:
3a:d6:b8:88:1d:57:4f:cb:8d:de:40:ad:db:77:6c:ae:53:f9:
0a:1a:60:c0:8c:03:27:45:11:08:c0:4d:1d:95:29:07:b3:a5:
01:c3:a7:b4:d6:11:f9:c8:0e:2c:df:1c:57:75:cc:23:85:91:
9a:52:26:d6:e3:7e:72:7c:c6:09:be:61:3a:ab:7e:f5:95:fc:
cc:fd:62:16
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYdr4GvfQAqFjR0Ejhc9fse2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhkODQ0MDRlNWY4YTRiMTE3YWU0NGU3M2Q1M2M0NGVjZGQ1
NzgzNDIwHhcNMjMwNDEwMTU1NDQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NWQwNGY2MTAxZGFiN2ViY2JhZjMzZDQ2YzAzM2U5NmQxMWM1NjljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwYgQ8Z4Ro/A7u0mHx5SqQfXhnULv
tBOiJci3tuMMzh4EnkTEn/LE6MAimJh0khMfdaVqulW2Rgzkg3mxMMifVWrLIpe6
nGx4++ryaW28pCH+3uUciDmLiffJ2dFWDBbqSwG9DVAH6zxmOq/orSt0AlBi8kBA
Nz2hXCSmSLYC00SpqYScmuHFU1TR1NidSQB1SUyhPDTLVj761Igp4I7DclnWfwFm
5u3zWt4tx/Gt6T1qsRztSzxM0o3d4CjkNOiCpqRPZxalj+HTT8BmHm8voe3JLGhi
NmCeCvqUKjHzcM3r0Nmh39Z7wjzXUdBcc1Sd+48RmysLCsNoSwX7xK2mtwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHXQT2EB2rfry68z1GwDPpbRHFacMB8GA1UdIwQY
MBaAFI2EQE5fiksReuROc9U8ROzdV4NCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvallSQVRsLUtTeEY2NUU1ejFUeEU3TjFYZzBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS9kNTFmNjQtNWQwNi00ZmMwLWFiNjkt
MmNkOThlZTUzNTY5LzEvZGRCUFlRSGF0LXZMcnpQVWJBTS1sdEVjVnB3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS9kNTFmNjQtNWQwNi00ZmMwLWFiNjktMmNkOThlZTUzNTY5
LzEvallSQVRsLUtTeEY2NUU1ejFUeEU3TjFYZzBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALvPUMA0G
CSqGSIb3DQEBCwUAA4IBAQCarLPpiNHvEusI99A17FBoL7mYZojzWFJqR+vYzg5F
JgMWVBSR1dsAdO9YBfVjxDmdBFgU6Wqne5SUgqsQS4ipj+4E6b+iBhYikh2pSkkc
78fq9Po9qEwPMRp2uYgV/E4FX7hiQCp4fGm8QCLS/AjWVT4t3xPGXviud/GFPlBq
Jag17zlxpIK/d5/6y38vMGP+xgzH4627IUzk38e4DcEVEslj/0wFpTu8gnAX740R
uVJaW6s61riIHVdPy43eQK3bd2yuU/kKGmDAjAMnRREIwE0dlSkHs6UBw6e01hH5
yA4s3xxXdcwjhZGaUibW435yfMYJvmE6q371lfzM/WIW
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:44:21 2024 by rpki-client on console-ams.rpki-client.org