Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/2ff98e-6ff9-4233-b9f1-227e21e691e7/1/UaD4v0t8GwQfz3E02JlsErp6yN4.roa
File: UaD4v0t8GwQfz3E02JlsErp6yN4.roa (raw, json)
Hash identifier: wawQphiMYs8hsbBb+A8B+bLjPTE0fvgVXtZdqFl5vUo=
Subject key identifier: 51:A0:F8:BF:4B:7C:1B:04:1F:CF:71:34:D8:99:6C:12:BA:7A:C8:DE
Certificate issuer: /CN=a68ff9229efd8d12b4273f346f8c6454ea587ecc
Certificate serial: 06D6EFBE
Authority key identifier: A6:8F:F9:22:9E:FD:8D:12:B4:27:3F:34:6F:8C:64:54:EA:58:7E:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/po_5Ip79jRK0Jz80b4xkVOpYfsw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/da/2ff98e-6ff9-4233-b9f1-227e21e691e7/1/UaD4v0t8GwQfz3E02JlsErp6yN4.roa
Signing time: Sat 01 Jan 2022 14:58:08 +0000
ROA not before: Sat 01 Jan 2022 14:58:08 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 8001
IP address blocks: 46.16.165.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 114749374 (0x6d6efbe)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a68ff9229efd8d12b4273f346f8c6454ea587ecc
Validity
Not Before: Jan 1 14:58:08 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=51a0f8bf4b7c1b041fcf7134d8996c12ba7ac8de
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:57:a3:4e:7b:5e:d5:0a:74:25:9d:ce:29:ec:
bc:f0:45:c2:f2:8a:27:78:aa:a1:f8:72:5b:5d:6c:
8d:3c:27:d2:c8:91:c5:f8:8d:4b:8f:86:f9:41:31:
07:ac:82:54:a8:52:85:0d:08:3b:41:29:58:cf:cb:
8f:05:d0:7e:3c:6f:b2:f6:53:69:e5:56:39:d9:3b:
63:be:d5:6a:87:92:00:0d:c7:12:bf:90:f5:cb:11:
86:a7:15:42:6f:66:e2:65:12:4e:c0:95:b6:1d:13:
d7:90:6b:bf:d1:b9:48:ad:db:a9:9f:dd:b3:94:96:
49:46:f8:05:96:b6:da:a5:2d:de:35:87:e2:7a:ef:
5f:67:f5:b5:56:d9:af:4b:ce:86:d3:5c:27:36:37:
ff:e4:f4:e5:91:1e:76:d9:d8:59:47:46:ce:ef:d9:
ce:19:51:3a:46:ea:08:50:95:08:45:e4:de:34:5f:
11:c5:ba:55:90:23:86:fc:69:f8:24:74:63:b8:48:
ae:c5:7b:87:39:ae:7e:ce:ef:b3:aa:ee:68:7d:cb:
ee:8d:59:da:8f:53:15:bd:db:61:fb:51:f9:d7:13:
aa:5f:98:51:87:e6:cd:76:03:5c:45:01:db:af:7f:
6c:f6:90:0a:a9:c7:ff:03:bc:c9:bf:3e:f3:33:43:
34:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:A0:F8:BF:4B:7C:1B:04:1F:CF:71:34:D8:99:6C:12:BA:7A:C8:DE
X509v3 Authority Key Identifier:
keyid:A6:8F:F9:22:9E:FD:8D:12:B4:27:3F:34:6F:8C:64:54:EA:58:7E:CC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/po_5Ip79jRK0Jz80b4xkVOpYfsw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/2ff98e-6ff9-4233-b9f1-227e21e691e7/1/UaD4v0t8GwQfz3E02JlsErp6yN4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/da/2ff98e-6ff9-4233-b9f1-227e21e691e7/1/po_5Ip79jRK0Jz80b4xkVOpYfsw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.16.165.0/24
Signature Algorithm: sha256WithRSAEncryption
1f:3a:2e:7f:09:89:20:00:b0:af:b7:e1:85:de:2a:db:74:02:
8a:94:1c:f7:43:1c:3f:8c:cc:8c:1a:81:d6:9e:15:56:62:74:
0a:7a:47:26:99:a0:18:d2:db:1b:a0:fa:45:d6:6c:61:2e:d7:
aa:43:d6:72:14:9b:2b:b3:62:3e:9e:60:ab:33:57:19:34:3a:
c5:6a:5e:a2:a7:d1:eb:ac:34:74:c0:8d:0d:1a:48:f7:dd:3e:
a2:1d:3d:20:39:4b:37:9f:c6:24:21:ed:c0:95:92:1d:e2:af:
6d:37:67:d9:e1:1a:42:5e:00:49:1d:8e:a9:ae:3f:cc:b8:88:
ed:2e:e1:a4:c8:6b:eb:b4:2e:28:3d:41:7e:a7:dc:3b:c7:27:
31:cd:47:f0:d9:69:48:94:e1:fa:14:28:30:6d:5e:e3:3b:cb:
f8:a3:fa:9a:b3:c9:3e:db:2d:ce:f7:5f:8c:bb:83:ef:8a:15:
3e:83:39:67:77:a5:9a:2c:81:ff:4b:c2:dd:42:5e:8f:33:29:
2f:7b:a7:86:30:2b:b5:70:e6:ac:a5:50:20:1a:22:e1:a9:f5:
a2:49:31:60:6d:f6:ee:eb:5d:31:6d:61:95:73:07:52:63:ca:
84:bf:6f:05:8d:65:86:2d:3d:cd:da:68:88:d8:8b:c6:76:8f:
92:50:59:79
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBtbvvjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
NjhmZjkyMjllZmQ4ZDEyYjQyNzNmMzQ2ZjhjNjQ1NGVhNTg3ZWNjMB4XDTIyMDEw
MTE0NTgwOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNTFhMGY4YmY0Yjdj
MWIwNDFmY2Y3MTM0ZDg5OTZjMTJiYTdhYzhkZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKRXo057XtUKdCWdzinsvPBFwvKKJ3iqofhyW11sjTwn0siR
xfiNS4+G+UExB6yCVKhShQ0IO0EpWM/LjwXQfjxvsvZTaeVWOdk7Y77VaoeSAA3H
Er+Q9csRhqcVQm9m4mUSTsCVth0T15Brv9G5SK3bqZ/ds5SWSUb4BZa22qUt3jWH
4nrvX2f1tVbZr0vOhtNcJzY3/+T05ZEedtnYWUdGzu/ZzhlROkbqCFCVCEXk3jRf
EcW6VZAjhvxp+CR0Y7hIrsV7hzmufs7vs6ruaH3L7o1Z2o9TFb3bYftR+dcTql+Y
UYfmzXYDXEUB269/bPaQCqnH/wO8yb8+8zNDNBcCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRRoPi/S3wbBB/PcTTYmWwSunrI3jAfBgNVHSMEGDAWgBSmj/kinv2NErQn
PzRvjGRU6lh+zDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3BvXzVJcDc5alJLMEp6ODBiNHhrVk9wWWZzdy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZGEvMmZmOThlLTZmZjktNDIzMy1iOWYxLTIyN2UyMWU2OTFlNy8x
L1VhRDR2MHQ4R3dRZnozRTAySmxzRXJwNnlONC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZGEv
MmZmOThlLTZmZjktNDIzMy1iOWYxLTIyN2UyMWU2OTFlNy8xL3BvXzVJcDc5alJL
MEp6ODBiNHhrVk9wWWZzdy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAC4QpTANBgkqhkiG9w0BAQsFAAOC
AQEAHzoufwmJIACwr7fhhd4q23QCipQc90McP4zMjBqB1p4VVmJ0CnpHJpmgGNLb
G6D6RdZsYS7XqkPWchSbK7NiPp5gqzNXGTQ6xWpeoqfR66w0dMCNDRpI990+oh09
IDlLN5/GJCHtwJWSHeKvbTdn2eEaQl4ASR2Oqa4/zLiI7S7hpMhr67QuKD1Bfqfc
O8cnMc1H8NlpSJTh+hQoMG1e4zvL+KP6mrPJPtstzvdfjLuD74oVPoM5Z3elmiyB
/0vC3UJejzMpL3unhjArtXDmrKVQIBoi4an1okkxYG327utdMW1hlXMHUmPKhL9v
BY1lhi09zdpoiNiLxnaPklBZeQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:56:03 2024 by rpki-client on console-fra.rpki-client.org