Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/ce21b3-c4de-456d-b538-97975d34fc6c/1/uu28Bsy7h-bxMn4KXhM8oLI96gY.roa
File: uu28Bsy7h-bxMn4KXhM8oLI96gY.roa (raw, json)
Hash identifier: BHPU1J8eihUUsn5vqNp8tPGmFwYFJPqupUb3EwLr5Ug=
Subject key identifier: BA:ED:BC:06:CC:BB:87:E6:F1:32:7E:0A:5E:13:3C:A0:B2:3D:EA:06
Certificate issuer: /CN=4148cbad1748205b4f4334bba638c64c2b21fc0e
Certificate serial: 02DDEC6F
Authority key identifier: 41:48:CB:AD:17:48:20:5B:4F:43:34:BB:A6:38:C6:4C:2B:21:FC:0E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QUjLrRdIIFtPQzS7pjjGTCsh_A4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/61/ce21b3-c4de-456d-b538-97975d34fc6c/1/uu28Bsy7h-bxMn4KXhM8oLI96gY.roa
Signing time: Wed 15 Jun 2022 18:40:44 +0000
ROA not before: Wed 15 Jun 2022 18:40:44 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 213220
IP address blocks: 46.149.68.0/22 maxlen: 22
46.149.72.0/21 maxlen: 21
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 48098415 (0x2ddec6f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4148cbad1748205b4f4334bba638c64c2b21fc0e
Validity
Not Before: Jun 15 18:40:44 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=baedbc06ccbb87e6f1327e0a5e133ca0b23dea06
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:23:0d:b3:8f:ac:a6:f3:df:07:67:6f:68:94:
d6:af:fb:0d:0c:40:fd:f1:96:e7:cb:3c:ae:bc:f5:
16:96:98:81:25:49:73:1e:bb:22:3f:44:e8:c1:3e:
61:02:58:2f:97:dd:83:a6:31:5a:50:55:04:00:90:
42:dc:3e:55:49:e0:24:79:ec:14:0f:a2:07:ee:63:
94:2e:b0:40:43:2f:d1:0a:3f:c7:9d:f4:81:49:a8:
61:a0:12:1d:ee:23:0c:8d:99:b2:0a:b9:c6:9b:15:
42:8c:29:a2:30:c5:47:08:9b:b1:45:21:18:5d:9f:
d5:ae:d0:27:82:b4:33:41:81:1b:11:0b:a9:a3:ad:
e6:65:a3:e2:7d:07:bf:f0:7d:cf:9e:47:73:9b:9b:
4a:52:9e:83:83:5c:3a:4e:c8:f7:ab:c5:be:44:cc:
e2:b6:9f:88:32:d4:0d:d1:36:09:44:21:5e:dc:8b:
ba:28:0d:c9:d7:4b:df:d9:20:ac:a0:4e:cc:70:d6:
68:7f:3e:01:a3:d4:03:d5:50:28:96:33:d0:c7:7d:
74:f7:6d:bc:06:cd:6c:d6:eb:37:7b:c5:28:5f:6f:
a8:d9:b0:57:ad:e2:48:0b:d6:d8:82:54:e5:5e:fd:
0b:3c:5c:27:b5:94:ef:fe:dc:f5:ce:f2:01:8e:88:
1b:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:ED:BC:06:CC:BB:87:E6:F1:32:7E:0A:5E:13:3C:A0:B2:3D:EA:06
X509v3 Authority Key Identifier:
keyid:41:48:CB:AD:17:48:20:5B:4F:43:34:BB:A6:38:C6:4C:2B:21:FC:0E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QUjLrRdIIFtPQzS7pjjGTCsh_A4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/ce21b3-c4de-456d-b538-97975d34fc6c/1/uu28Bsy7h-bxMn4KXhM8oLI96gY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/61/ce21b3-c4de-456d-b538-97975d34fc6c/1/QUjLrRdIIFtPQzS7pjjGTCsh_A4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.149.68.0-46.149.79.255
Signature Algorithm: sha256WithRSAEncryption
ac:b0:e3:36:07:d8:65:03:a2:05:8e:a5:cc:8c:e5:3f:b7:86:
18:9c:28:74:d0:ca:6c:11:e5:09:e1:ab:c2:ea:15:5d:3b:bc:
33:ff:f4:2e:f4:de:37:0a:0d:47:df:67:a8:04:13:7c:a3:b2:
99:f9:8a:93:a4:dc:22:bf:f4:af:73:ee:c2:86:3a:44:16:78:
36:a4:14:ab:d5:1c:5a:18:60:ee:8d:b3:d5:6b:0c:0d:09:40:
2a:9d:ef:4b:2d:1f:e3:33:71:f0:4f:bc:1c:d2:1b:c4:55:7c:
d6:d1:4d:79:07:ad:c3:92:6f:6d:86:4f:8b:c8:d3:1d:1d:d3:
1a:d4:29:e3:c0:40:d1:68:81:f8:9c:0d:ba:29:17:31:16:6c:
66:01:16:5e:3b:b9:1e:70:44:40:cd:3b:9d:ab:23:f3:16:da:
85:66:b3:d0:3f:c6:98:8a:33:e0:19:e0:90:2b:dc:5a:cc:7e:
e6:ba:43:0c:a2:89:6d:3d:99:58:57:7f:83:bc:16:c7:39:27:
82:bb:3f:93:cc:6d:2c:2e:86:04:5b:9f:05:77:d0:7e:c4:ca:
2d:47:3a:7b:90:c0:57:66:55:9e:e6:7b:df:bc:07:80:ba:f5:
9b:1a:b4:f3:c8:ca:ac:c4:cf:87:d7:f6:e1:d9:39:6c:0d:7f:
36:a1:67:63
-----BEGIN CERTIFICATE-----
MIIE9zCCA9+gAwIBAgIEAt3sbzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
MTQ4Y2JhZDE3NDgyMDViNGY0MzM0YmJhNjM4YzY0YzJiMjFmYzBlMB4XDTIyMDYx
NTE4NDA0NFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYmFlZGJjMDZjY2Ji
ODdlNmYxMzI3ZTBhNWUxMzNjYTBiMjNkZWEwNjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJMjDbOPrKbz3wdnb2iU1q/7DQxA/fGW58s8rrz1FpaYgSVJ
cx67Ij9E6ME+YQJYL5fdg6YxWlBVBACQQtw+VUngJHnsFA+iB+5jlC6wQEMv0Qo/
x530gUmoYaASHe4jDI2Zsgq5xpsVQowpojDFRwibsUUhGF2f1a7QJ4K0M0GBGxEL
qaOt5mWj4n0Hv/B9z55Hc5ubSlKeg4NcOk7I96vFvkTM4rafiDLUDdE2CUQhXtyL
uigNyddL39kgrKBOzHDWaH8+AaPUA9VQKJYz0Md9dPdtvAbNbNbrN3vFKF9vqNmw
V63iSAvW2IJU5V79CzxcJ7WU7/7c9c7yAY6IGwkCAwEAAaOCAhEwggINMB0GA1Ud
DgQWBBS67bwGzLuH5vEyfgpeEzygsj3qBjAfBgNVHSMEGDAWgBRBSMutF0ggW09D
NLumOMZMKyH8DjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1FVakxyUmRJSUZ0UFF6UzdwampHVENzaF9BNC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNjEvY2UyMWIzLWM0ZGUtNDU2ZC1iNTM4LTk3OTc1ZDM0ZmM2Yy8x
L3V1MjhCc3k3aC1ieE1uNEtYaE04b0xJOTZnWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjEv
Y2UyMWIzLWM0ZGUtNDU2ZC1iNTM4LTk3OTc1ZDM0ZmM2Yy8xL1FVakxyUmRJSUZ0
UFF6UzdwampHVENzaF9BNC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAn
BggrBgEFBQcBBwEB/wQYMBYwFAQCAAEwDjAMAwQCLpVEAwQELpVAMA0GCSqGSIb3
DQEBCwUAA4IBAQCssOM2B9hlA6IFjqXMjOU/t4YYnCh00MpsEeUJ4avC6hVdO7wz
//Qu9N43Cg1H32eoBBN8o7KZ+YqTpNwiv/Svc+7ChjpEFng2pBSr1RxaGGDujbPV
awwNCUAqne9LLR/jM3HwT7wc0hvEVXzW0U15B63Dkm9thk+LyNMdHdMa1CnjwEDR
aIH4nA26KRcxFmxmARZeO7kecERAzTudqyPzFtqFZrPQP8aYijPgGeCQK9xazH7m
ukMMooltPZlYV3+DvBbHOSeCuz+TzG0sLoYEW58Fd9B+xMotRzp7kMBXZlWe5nvf
vAeAuvWbGrTzyMqsxM+H1/bh2TlsDX82oWdj
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:41:36 2023 by rpki-client on console.sobornost.net