Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f8/e1caef-ca6f-4881-bc58-0a131f65c968/1/LkFQndkTkONekNapkV4DtOKDmEU.roa
File: LkFQndkTkONekNapkV4DtOKDmEU.roa (raw, json)
Hash identifier: 1jjBQIgfBcqrHNcaMIOwtqltyylYANXbgu9HIVUbN1I=
Subject key identifier: 2E:41:50:9D:D9:13:90:E3:5E:90:D6:A9:91:5E:03:B4:E2:83:98:45
Certificate issuer: /CN=cf14db373085e28c0d9b74be7b8e89740b95f9fa
Certificate serial: 0182014056B31B1E4ADE6A890221734589E0
Authority key identifier: CF:14:DB:37:30:85:E2:8C:0D:9B:74:BE:7B:8E:89:74:0B:95:F9:FA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zxTbNzCF4owNm3S-e46JdAuV-fo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f8/e1caef-ca6f-4881-bc58-0a131f65c968/1/LkFQndkTkONekNapkV4DtOKDmEU.roa
Signing time: Fri 15 Jul 2022 09:46:09 +0000
ROA not before: Fri 15 Jul 2022 09:46:09 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 51565
IP address blocks: 91.217.122.0/23 maxlen: 23
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:01:40:56:b3:1b:1e:4a:de:6a:89:02:21:73:45:89:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cf14db373085e28c0d9b74be7b8e89740b95f9fa
Validity
Not Before: Jul 15 09:46:09 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2e41509dd91390e35e90d6a9915e03b4e2839845
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:0d:b1:85:c0:85:1e:c9:da:91:15:23:6b:20:
05:e5:95:4e:d1:12:83:1e:fa:5d:e7:92:b3:59:ab:
2d:64:3c:fb:92:e3:cb:bb:aa:75:91:07:67:5e:5f:
c3:43:45:56:52:29:6a:cc:e9:dd:ee:8d:8e:78:e6:
a5:0c:a2:61:44:71:ee:65:2c:98:a2:ce:59:6c:19:
17:68:47:0f:be:ac:25:10:8a:a6:c6:42:57:7b:8b:
79:00:c4:4c:83:ba:5a:c1:dd:de:7f:8a:54:a5:76:
fa:a0:a1:96:a6:d9:e2:c2:71:82:de:0b:19:49:1d:
0d:93:85:42:7d:12:38:b5:ca:7c:74:7c:e5:32:8c:
79:df:df:fd:cd:8a:b2:d6:17:e8:1d:a7:9f:81:e2:
b5:3e:99:88:a7:02:38:8b:5c:ec:18:3d:2f:ae:44:
cf:73:a7:2b:ac:94:f6:13:69:75:27:b8:7d:bb:45:
e3:87:a1:67:9e:80:7a:e4:34:7a:d3:6e:41:d2:08:
ea:35:98:78:e8:e6:bd:66:3e:c1:81:60:99:4f:c3:
d1:7c:f1:69:5b:5d:45:41:93:ae:56:5c:10:21:39:
89:31:11:a2:8c:b4:25:78:61:02:f5:71:2f:78:bc:
a6:28:05:33:33:9a:6a:12:dd:57:62:57:05:91:00:
fd:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:41:50:9D:D9:13:90:E3:5E:90:D6:A9:91:5E:03:B4:E2:83:98:45
X509v3 Authority Key Identifier:
keyid:CF:14:DB:37:30:85:E2:8C:0D:9B:74:BE:7B:8E:89:74:0B:95:F9:FA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zxTbNzCF4owNm3S-e46JdAuV-fo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/e1caef-ca6f-4881-bc58-0a131f65c968/1/LkFQndkTkONekNapkV4DtOKDmEU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/e1caef-ca6f-4881-bc58-0a131f65c968/1/zxTbNzCF4owNm3S-e46JdAuV-fo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.217.122.0/23
Signature Algorithm: sha256WithRSAEncryption
10:05:e3:b3:68:da:51:7a:8b:cf:e7:2b:7a:5a:62:c2:02:e3:
9f:96:5b:bc:1c:dc:db:ae:d0:08:14:a9:d2:05:90:5a:3a:79:
ce:8c:c5:9a:6e:8d:6c:07:f2:0b:79:2c:e1:b9:39:ef:78:15:
d5:26:64:42:7f:f1:be:dd:46:ed:1d:77:8e:f7:e4:ea:36:01:
ec:cd:f4:e2:27:99:74:e8:be:15:d1:00:1f:73:58:59:67:75:
d9:79:4a:fd:c2:d5:be:44:48:d7:7c:47:15:95:3d:b0:dc:e4:
fd:05:b0:67:e9:56:4c:09:3d:8a:aa:e7:8e:d9:2d:4c:2b:5b:
26:91:01:93:ed:7f:87:1c:1b:e4:69:e7:a8:a9:73:bf:21:9f:
3f:b3:95:dd:0c:b7:1c:5b:4b:55:c8:d6:79:b5:b9:78:c3:ad:
4b:b7:71:d5:c0:7e:67:78:b1:91:53:44:2f:f3:63:05:fe:47:
ad:b9:24:8c:d6:8a:d9:90:af:5a:87:57:a7:9e:d3:79:4d:b9:
7b:a9:a1:7e:ca:33:c8:eb:2b:1d:35:85:06:49:f0:c8:0f:04:
c8:10:fb:57:77:d5:f9:be:ff:af:2b:28:b0:2c:2b:f7:81:d2:
54:f3:7e:ea:62:be:6d:97:44:c4:02:28:a2:3d:ee:79:33:3b:
bb:dc:c7:ee
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYIBQFazGx5K3mqJAiFzRYngMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNmMTRkYjM3MzA4NWUyOGMwZDliNzRiZTdiOGU4OTc0MGI5
NWY5ZmEwHhcNMjIwNzE1MDk0NjA5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZTQxNTA5ZGQ5MTM5MGUzNWU5MGQ2YTk5MTVlMDNiNGUyODM5ODQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApQ2xhcCFHsnakRUjayAF5ZVO0RKD
Hvpd55KzWastZDz7kuPLu6p1kQdnXl/DQ0VWUilqzOnd7o2OeOalDKJhRHHuZSyY
os5ZbBkXaEcPvqwlEIqmxkJXe4t5AMRMg7pawd3ef4pUpXb6oKGWptniwnGC3gsZ
SR0Nk4VCfRI4tcp8dHzlMox539/9zYqy1hfoHaefgeK1PpmIpwI4i1zsGD0vrkTP
c6crrJT2E2l1J7h9u0Xjh6FnnoB65DR6025B0gjqNZh46Oa9Zj7BgWCZT8PRfPFp
W11FQZOuVlwQITmJMRGijLQleGEC9XEveLymKAUzM5pqEt1XYlcFkQD9kQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFC5BUJ3ZE5DjXpDWqZFeA7Tig5hFMB8GA1UdIwQY
MBaAFM8U2zcwheKMDZt0vnuOiXQLlfn6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvenhUYk56Q0Y0b3dObTNTLWU0NkpkQXVWLWZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOC9lMWNhZWYtY2E2Zi00ODgxLWJjNTgt
MGExMzFmNjVjOTY4LzEvTGtGUW5ka1RrT05la05hcGtWNER0T0tEbUVVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOC9lMWNhZWYtY2E2Zi00ODgxLWJjNTgtMGExMzFmNjVjOTY4
LzEvenhUYk56Q0Y0b3dObTNTLWU0NkpkQXVWLWZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBW9l6MA0G
CSqGSIb3DQEBCwUAA4IBAQAQBeOzaNpReovP5yt6WmLCAuOfllu8HNzbrtAIFKnS
BZBaOnnOjMWabo1sB/ILeSzhuTnveBXVJmRCf/G+3UbtHXeO9+TqNgHszfTiJ5l0
6L4V0QAfc1hZZ3XZeUr9wtW+REjXfEcVlT2w3OT9BbBn6VZMCT2KqueO2S1MK1sm
kQGT7X+HHBvkaeeoqXO/IZ8/s5XdDLccW0tVyNZ5tbl4w61Lt3HVwH5neLGRU0Qv
82MF/ketuSSM1orZkK9ah1enntN5Tbl7qaF+yjPI6ysdNYUGSfDIDwTIEPtXd9X5
vv+vKyiwLCv3gdJU837qYr5tl0TEAiiiPe55Mzu73Mfu
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:00:16 2024 by rpki-client on console-fra.rpki-client.org