Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/74/f39a17-8387-4fba-9ed0-3ead7792073c/1/lwo-YUYsQE8oIZpi7DzSN3uxfIA.roa
File: lwo-YUYsQE8oIZpi7DzSN3uxfIA.roa (raw, json)
Hash identifier: Tdip8n42AjxzQYOiot2JfNy9xz0CELHMimVVfxc9CgQ=
Subject key identifier: 97:0A:3E:61:46:2C:40:4F:28:21:9A:62:EC:3C:D2:37:7B:B1:7C:80
Certificate issuer: /CN=e5f6ced27fc60f900fac1b751db1ee4bf785aab3
Certificate serial: 34B342E9
Authority key identifier: E5:F6:CE:D2:7F:C6:0F:90:0F:AC:1B:75:1D:B1:EE:4B:F7:85:AA:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5fbO0n_GD5APrBt1HbHuS_eFqrM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/74/f39a17-8387-4fba-9ed0-3ead7792073c/1/lwo-YUYsQE8oIZpi7DzSN3uxfIA.roa
Signing time: Sat 01 Jan 2022 00:55:06 +0000
ROA not before: Sat 01 Jan 2022 00:55:06 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 203540
IP address blocks: 176.62.63.0/24 maxlen: 24
176.62.62.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 884163305 (0x34b342e9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e5f6ced27fc60f900fac1b751db1ee4bf785aab3
Validity
Not Before: Jan 1 00:55:06 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=970a3e61462c404f28219a62ec3cd2377bb17c80
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:8a:5c:db:dc:6d:89:09:53:94:6b:61:e3:27:
89:4f:20:45:58:ed:7d:f5:a9:51:12:52:6a:1d:5b:
35:74:63:42:64:bc:dd:86:15:db:0d:57:a5:6e:b8:
c5:d6:5c:b8:e9:a0:ac:3c:cd:3c:5c:3a:ab:bb:7e:
3e:b8:48:6a:23:cf:82:d0:4c:50:4f:6a:07:1f:e8:
93:69:a6:11:eb:a5:c8:26:f8:68:9a:76:87:64:27:
a9:f8:23:ff:6a:29:92:f8:e0:9d:d2:8a:5e:84:d8:
f4:53:70:42:3f:fd:20:50:c4:ea:89:48:21:10:34:
9f:00:ac:60:6d:aa:84:37:7c:75:df:d2:9c:ad:1d:
3e:0b:de:86:8c:1e:ae:30:89:a0:45:31:bc:44:31:
aa:d3:fb:d3:43:88:1b:69:18:16:65:cf:bf:24:3f:
d8:60:cf:a1:6b:66:0d:a3:3c:06:b1:1a:61:ad:75:
52:69:68:e8:f7:d6:92:0a:e0:38:b8:93:78:bf:ca:
de:4e:2c:33:38:7f:65:ab:62:7b:de:67:d8:09:6b:
d8:56:67:67:93:77:63:6b:3c:1d:e9:ca:37:90:63:
f3:56:47:4c:83:63:92:4c:0c:27:44:25:3e:21:d7:
59:24:3e:8b:1c:8d:be:4d:ee:10:8e:f6:6a:5c:5b:
0f:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:0A:3E:61:46:2C:40:4F:28:21:9A:62:EC:3C:D2:37:7B:B1:7C:80
X509v3 Authority Key Identifier:
keyid:E5:F6:CE:D2:7F:C6:0F:90:0F:AC:1B:75:1D:B1:EE:4B:F7:85:AA:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5fbO0n_GD5APrBt1HbHuS_eFqrM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/74/f39a17-8387-4fba-9ed0-3ead7792073c/1/lwo-YUYsQE8oIZpi7DzSN3uxfIA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/74/f39a17-8387-4fba-9ed0-3ead7792073c/1/5fbO0n_GD5APrBt1HbHuS_eFqrM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.62.62.0/23
Signature Algorithm: sha256WithRSAEncryption
7a:b0:c4:20:e1:15:1f:19:26:e6:57:a7:d0:7e:4c:33:91:dc:
5a:9d:84:85:33:44:0e:f5:e7:89:16:ab:ed:82:2d:a7:cb:a3:
f0:40:98:1d:7a:48:9b:d1:c0:42:6d:ce:d9:28:3a:7c:b5:e2:
c3:72:b5:5a:95:6d:fa:7e:67:1a:c7:ad:3b:49:94:e7:32:e7:
e8:b1:48:e4:67:3e:79:c7:56:f1:43:de:45:94:fc:21:10:e1:
38:03:30:bc:e5:29:de:7b:ee:94:6e:2f:a0:4b:38:a3:e2:ea:
b5:92:18:4f:01:f3:3a:48:29:5e:6b:ea:da:24:e9:a3:89:56:
94:73:98:38:ac:8e:e3:c5:d1:4e:8e:3c:ed:e2:0e:06:7e:43:
f4:ee:61:eb:88:e4:74:37:79:86:5c:c1:69:f4:08:cc:4b:2d:
f2:eb:7d:3a:0d:46:e2:d7:60:09:c4:a4:d9:02:2c:86:c4:2a:
96:44:a8:65:c6:6e:19:d3:ec:53:f5:9a:9a:72:e7:a3:63:5d:
d4:56:0f:70:a1:ed:f8:82:d6:11:98:d9:46:d8:48:9c:fa:a9:
d4:36:80:d3:5a:7b:0d:a7:48:df:b9:6d:64:83:8c:c6:cb:03:
63:04:af:3c:35:de:3e:d7:ca:31:05:99:f2:d4:dd:ba:4b:1b:
a8:c7:28:8f
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIENLNC6TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
NWY2Y2VkMjdmYzYwZjkwMGZhYzFiNzUxZGIxZWU0YmY3ODVhYWIzMB4XDTIyMDEw
MTAwNTUwNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOTcwYTNlNjE0NjJj
NDA0ZjI4MjE5YTYyZWMzY2QyMzc3YmIxN2M4MDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANeKXNvcbYkJU5RrYeMniU8gRVjtffWpURJSah1bNXRjQmS8
3YYV2w1XpW64xdZcuOmgrDzNPFw6q7t+PrhIaiPPgtBMUE9qBx/ok2mmEeulyCb4
aJp2h2Qnqfgj/2opkvjgndKKXoTY9FNwQj/9IFDE6olIIRA0nwCsYG2qhDd8dd/S
nK0dPgvehowerjCJoEUxvEQxqtP700OIG2kYFmXPvyQ/2GDPoWtmDaM8BrEaYa11
Umlo6PfWkgrgOLiTeL/K3k4sMzh/Zatie95n2Alr2FZnZ5N3Y2s8HenKN5Bj81ZH
TINjkkwMJ0QlPiHXWSQ+ixyNvk3uEI72alxbD4MCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSXCj5hRixATyghmmLsPNI3e7F8gDAfBgNVHSMEGDAWgBTl9s7Sf8YPkA+s
G3Udse5L94WqszAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzVmYk8wbl9HRDVBUHJCdDFIYkh1U19lRnFyTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNzQvZjM5YTE3LTgzODctNGZiYS05ZWQwLTNlYWQ3NzkyMDczYy8x
L2x3by1ZVVlzUUU4b0lacGk3RHpTTjN1eGZJQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzQv
ZjM5YTE3LTgzODctNGZiYS05ZWQwLTNlYWQ3NzkyMDczYy8xLzVmYk8wbl9HRDVB
UHJCdDFIYkh1U19lRnFyTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAbA+PjANBgkqhkiG9w0BAQsFAAOC
AQEAerDEIOEVHxkm5len0H5MM5HcWp2EhTNEDvXniRar7YItp8uj8ECYHXpIm9HA
Qm3O2Sg6fLXiw3K1WpVt+n5nGsetO0mU5zLn6LFI5Gc+ecdW8UPeRZT8IRDhOAMw
vOUp3nvulG4voEs4o+LqtZIYTwHzOkgpXmvq2iTpo4lWlHOYOKyO48XRTo487eIO
Bn5D9O5h64jkdDd5hlzBafQIzEst8ut9Og1G4tdgCcSk2QIshsQqlkSoZcZuGdPs
U/WamnLno2Nd1FYPcKHt+ILWEZjZRthInPqp1DaA01p7DadI37ltZIOMxssDYwSv
PDXePtfKMQWZ8tTduksbqMcojw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:18:11 2024 by rpki-client on console-ams.rpki-client.org