Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/42041d-5931-4824-9254-161f342387d1/1/Lq_OvEiAkO61zzbCh1rAeVoR6jY.roa
File: Lq_OvEiAkO61zzbCh1rAeVoR6jY.roa (raw, json)
Hash identifier: 4fFAcMdXRHcbyhA1dT1PuqSLYGwb4yPaoOXdtdUt5cc=
Subject key identifier: 2E:AF:CE:BC:48:80:90:EE:B5:CF:36:C2:87:5A:C0:79:5A:11:EA:36
Certificate issuer: /CN=ba6ed0fb7b320832ac1580534c7b263f304e981b
Certificate serial: 01856F42A06993A21B4ACCDEAF3C5AE31F45
Authority key identifier: BA:6E:D0:FB:7B:32:08:32:AC:15:80:53:4C:7B:26:3F:30:4E:98:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/um7Q-3syCDKsFYBTTHsmPzBOmBs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/20/42041d-5931-4824-9254-161f342387d1/1/Lq_OvEiAkO61zzbCh1rAeVoR6jY.roa
Signing time: Sun 01 Jan 2023 21:35:15 +0000
ROA not before: Sun 01 Jan 2023 21:35:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204116
IP address blocks: 146.0.239.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:42:a0:69:93:a2:1b:4a:cc:de:af:3c:5a:e3:1f:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ba6ed0fb7b320832ac1580534c7b263f304e981b
Validity
Not Before: Jan 1 21:35:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2eafcebc488090eeb5cf36c2875ac0795a11ea36
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f2:27:1f:b3:e8:95:a6:2e:39:ad:46:d3:e1:e8:
77:1b:b7:f6:7d:6f:87:20:79:c8:a5:c5:3f:57:26:
9b:88:b5:6f:98:96:f4:b5:ed:27:56:f8:e5:47:e1:
0f:7c:d2:11:7a:56:5d:79:ae:55:90:00:85:47:6d:
f0:38:1d:89:ff:5a:42:9e:f8:16:c3:2a:c9:cc:23:
13:e3:cf:5b:20:80:74:5a:84:2f:fd:a0:aa:aa:21:
ca:e2:29:bf:15:ca:11:38:68:4b:22:ad:63:91:ab:
da:19:5c:3a:e5:0c:04:0c:de:4e:39:0c:9b:54:94:
7e:d6:76:12:d0:4d:34:13:d7:5c:6a:aa:09:f0:c7:
66:b2:80:15:95:1d:d8:bf:20:b3:75:7e:4a:4c:06:
0b:6f:3f:07:b5:78:a2:e2:a4:76:99:12:1d:b9:35:
92:f8:e2:65:59:81:27:a7:c0:42:81:74:f5:75:84:
8e:3b:f9:3b:03:78:71:be:57:46:42:33:9b:c9:f5:
e7:d3:ae:60:64:08:d2:bc:ec:f8:b8:63:c8:07:6d:
2b:0c:31:fc:22:96:7c:7f:70:67:fc:5b:06:e6:22:
5c:7b:a1:3f:81:c1:0d:80:ca:ce:23:69:82:76:fe:
13:c2:3f:42:51:56:a2:8e:96:c4:25:93:c4:bd:57:
e9:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:AF:CE:BC:48:80:90:EE:B5:CF:36:C2:87:5A:C0:79:5A:11:EA:36
X509v3 Authority Key Identifier:
keyid:BA:6E:D0:FB:7B:32:08:32:AC:15:80:53:4C:7B:26:3F:30:4E:98:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/um7Q-3syCDKsFYBTTHsmPzBOmBs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/42041d-5931-4824-9254-161f342387d1/1/Lq_OvEiAkO61zzbCh1rAeVoR6jY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/20/42041d-5931-4824-9254-161f342387d1/1/um7Q-3syCDKsFYBTTHsmPzBOmBs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
146.0.239.0/24
Signature Algorithm: sha256WithRSAEncryption
8f:c4:8e:2f:a9:38:6f:5c:25:03:5a:9f:60:00:8c:5c:7c:9e:
ca:3c:f3:1c:45:ad:ad:3d:9a:69:29:8e:10:51:15:38:ff:8a:
27:e0:f6:13:91:88:ab:4d:30:ab:19:31:bb:e8:6a:7b:22:5e:
57:b7:89:7e:70:7d:c3:d0:87:62:cd:37:93:5d:42:31:5a:2a:
05:10:95:62:7f:c0:83:d9:ee:bd:20:96:d9:0d:2d:4a:a4:7d:
92:dd:99:4e:d2:ae:78:5d:91:93:c9:11:73:e4:7b:68:eb:18:
77:fd:51:31:7d:18:d3:ae:96:21:03:12:23:5f:24:50:76:00:
da:62:bb:14:de:44:a7:7d:5d:6a:f9:39:c8:14:20:4e:68:a4:
11:36:3d:77:bf:df:5f:d1:9d:02:b7:e4:04:bb:9d:46:07:e5:
0f:45:a7:d5:2b:e9:6c:e0:46:63:88:63:de:06:35:4a:70:4f:
70:fb:e4:89:22:39:66:f8:f4:9c:af:ca:44:a0:bd:2c:8e:02:
ab:65:6a:b5:4a:5d:65:5b:9d:5b:c9:d8:9d:c4:86:79:a2:6e:
01:50:07:db:74:27:59:40:92:70:84:6e:63:00:41:4b:73:37:
33:4d:1e:96:6c:9c:00:a1:a7:0c:c2:dd:bd:bd:98:8d:81:33:
72:8b:c1:96
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvQqBpk6IbSszerzxa4x9FMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJhNmVkMGZiN2IzMjA4MzJhYzE1ODA1MzRjN2IyNjNmMzA0
ZTk4MWIwHhcNMjMwMTAxMjEzNTE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZWFmY2ViYzQ4ODA5MGVlYjVjZjM2YzI4NzVhYzA3OTVhMTFlYTM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8icfs+iVpi45rUbT4eh3G7f2fW+H
IHnIpcU/VyabiLVvmJb0te0nVvjlR+EPfNIRelZdea5VkACFR23wOB2J/1pCnvgW
wyrJzCMT489bIIB0WoQv/aCqqiHK4im/FcoROGhLIq1jkavaGVw65QwEDN5OOQyb
VJR+1nYS0E00E9dcaqoJ8MdmsoAVlR3YvyCzdX5KTAYLbz8HtXii4qR2mRIduTWS
+OJlWYEnp8BCgXT1dYSOO/k7A3hxvldGQjObyfXn065gZAjSvOz4uGPIB20rDDH8
IpZ8f3Bn/FsG5iJce6E/gcENgMrOI2mCdv4Twj9CUVaijpbEJZPEvVfpQQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFC6vzrxIgJDutc82wodawHlaEeo2MB8GA1UdIwQY
MBaAFLpu0Pt7MggyrBWAU0x7Jj8wTpgbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdW03US0zc3lDREtzRllCVFRIc21QekJPbUJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMC80MjA0MWQtNTkzMS00ODI0LTkyNTQt
MTYxZjM0MjM4N2QxLzEvTHFfT3ZFaUFrTzYxenpiQ2gxckFlVm9SNmpZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMC80MjA0MWQtNTkzMS00ODI0LTkyNTQtMTYxZjM0MjM4N2Qx
LzEvdW03US0zc3lDREtzRllCVFRIc21QekJPbUJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAkgDvMA0G
CSqGSIb3DQEBCwUAA4IBAQCPxI4vqThvXCUDWp9gAIxcfJ7KPPMcRa2tPZppKY4Q
URU4/4on4PYTkYirTTCrGTG76Gp7Il5Xt4l+cH3D0IdizTeTXUIxWioFEJVif8CD
2e69IJbZDS1KpH2S3ZlO0q54XZGTyRFz5Hto6xh3/VExfRjTrpYhAxIjXyRQdgDa
YrsU3kSnfV1q+TnIFCBOaKQRNj13v99f0Z0Ct+QEu51GB+UPRafVK+ls4EZjiGPe
BjVKcE9w++SJIjlm+PScr8pEoL0sjgKrZWq1Sl1lW51bydidxIZ5om4BUAfbdCdZ
QJJwhG5jAEFLczczTR6WbJwAoacMwt29vZiNgTNyi8GW
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:22:03 2024 by rpki-client on console-fra.rpki-client.org