Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/13e12a-2bac-4752-997d-df86b6dd997c/1/luv-FCyUntVublpXr1NcJvFk4_U.roa
File: luv-FCyUntVublpXr1NcJvFk4_U.roa (raw, json)
Hash identifier: n8UbFgOEoSXJZxU2Xx3oqyDfCpA+T8cLTT91279uLIw=
Subject key identifier: 96:EB:FE:14:2C:94:9E:D5:6E:6E:5A:57:AF:53:5C:26:F1:64:E3:F5
Certificate issuer: /CN=2f814adc1d5209e098f078adbc856bad83b749c2
Certificate serial: 0183B634B43E168273C61085C43F9736CC82
Authority key identifier: 2F:81:4A:DC:1D:52:09:E0:98:F0:78:AD:BC:85:6B:AD:83:B7:49:C2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/L4FK3B1SCeCY8HitvIVrrYO3ScI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/02/13e12a-2bac-4752-997d-df86b6dd997c/1/luv-FCyUntVublpXr1NcJvFk4_U.roa
Signing time: Sat 08 Oct 2022 06:07:30 +0000
ROA not before: Sat 08 Oct 2022 06:07:30 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 60976
IP address blocks: 31.214.248.0/21 maxlen: 21
31.214.249.0/24 maxlen: 24
37.228.139.0/24 maxlen: 24
37.228.138.0/24 maxlen: 24
37.228.137.0/24 maxlen: 24
37.228.136.0/24 maxlen: 24
134.255.200.0/21 maxlen: 21
95.156.237.0/24 maxlen: 24
95.156.236.0/24 maxlen: 24
95.156.253.0/24 maxlen: 24
95.156.252.0/24 maxlen: 24
95.156.252.0/22 maxlen: 22
95.156.255.0/24 maxlen: 24
95.156.254.0/24 maxlen: 24
91.99.96.0/21 maxlen: 21
91.99.98.0/24 maxlen: 24
91.99.97.0/24 maxlen: 24
91.99.96.0/24 maxlen: 24
91.99.103.0/24 maxlen: 24
91.99.102.0/24 maxlen: 24
91.99.101.0/24 maxlen: 24
91.99.99.0/24 maxlen: 24
31.214.172.0/24 maxlen: 24
31.214.168.0/21 maxlen: 21
82.99.216.0/22 maxlen: 22
91.99.219.0/24 maxlen: 24
82.99.219.0/24 maxlen: 24
91.99.218.0/24 maxlen: 24
82.99.218.0/24 maxlen: 24
82.99.215.0/24 maxlen: 24
82.99.217.0/24 maxlen: 24
91.99.217.0/24 maxlen: 24
82.99.216.0/24 maxlen: 24
91.99.216.0/24 maxlen: 24
82.99.238.0/24 maxlen: 24
82.99.244.0/24 maxlen: 24
82.99.243.0/24 maxlen: 24
82.99.242.0/24 maxlen: 24
91.99.75.0/24 maxlen: 24
91.99.74.0/24 maxlen: 24
91.99.73.0/24 maxlen: 24
91.99.72.0/24 maxlen: 24
91.98.96.0/21 maxlen: 21
91.98.97.0/24 maxlen: 24
91.98.96.0/24 maxlen: 24
91.98.98.0/24 maxlen: 24
91.98.102.0/24 maxlen: 24
91.98.100.0/24 maxlen: 24
91.98.99.0/24 maxlen: 24
91.98.31.0/24 maxlen: 24
185.13.231.0/24 maxlen: 24
91.98.28.0/22 maxlen: 22
91.98.30.0/24 maxlen: 24
91.98.29.0/24 maxlen: 24
185.13.230.0/24 maxlen: 24
185.13.229.0/24 maxlen: 24
185.13.228.0/24 maxlen: 24
185.13.228.0/22 maxlen: 22
91.98.28.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:b6:34:b4:3e:16:82:73:c6:10:85:c4:3f:97:36:cc:82
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2f814adc1d5209e098f078adbc856bad83b749c2
Validity
Not Before: Oct 8 06:07:30 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=96ebfe142c949ed56e6e5a57af535c26f164e3f5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:91:6e:d0:7f:14:21:2f:2b:20:e9:9f:1c:d1:
9c:e9:78:47:8e:5f:1a:3e:91:96:f7:16:82:59:27:
c6:de:b9:f2:ab:78:3a:93:f3:3a:07:56:07:d7:c8:
ce:f5:8a:c4:78:7d:03:63:a6:be:62:16:5c:c0:75:
75:6c:bb:33:41:61:a5:56:60:e7:18:da:e9:bb:1a:
14:06:b4:9c:3b:6f:85:4f:bd:fe:0d:f0:8f:0d:cd:
14:a7:5c:de:9b:fd:0f:5c:97:64:b1:10:8e:af:de:
25:67:8a:b1:7e:20:77:07:59:7b:ee:02:f0:ad:85:
45:81:38:f9:62:e3:b9:db:ee:c3:83:20:a1:29:01:
a1:ac:31:17:0d:dc:7f:1a:9d:f1:cc:8b:7f:2f:f1:
0f:fc:75:c5:58:d9:e2:46:8a:f5:6e:7b:35:b8:7e:
a6:ca:20:98:52:ce:39:54:a8:41:e1:1f:12:84:65:
e1:dc:f3:3c:40:5c:62:65:59:93:e4:7f:02:0c:30:
63:69:9f:49:7f:9f:53:28:59:f0:48:b2:cb:08:7f:
5c:3e:e7:89:93:6a:7c:f4:5c:ed:b2:1b:af:10:73:
c9:02:f2:99:78:df:dc:d0:b2:65:ec:d2:f2:0f:57:
08:51:39:09:4b:64:a7:48:ff:f2:28:de:64:e6:05:
bc:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:EB:FE:14:2C:94:9E:D5:6E:6E:5A:57:AF:53:5C:26:F1:64:E3:F5
X509v3 Authority Key Identifier:
keyid:2F:81:4A:DC:1D:52:09:E0:98:F0:78:AD:BC:85:6B:AD:83:B7:49:C2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/L4FK3B1SCeCY8HitvIVrrYO3ScI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/13e12a-2bac-4752-997d-df86b6dd997c/1/luv-FCyUntVublpXr1NcJvFk4_U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/02/13e12a-2bac-4752-997d-df86b6dd997c/1/L4FK3B1SCeCY8HitvIVrrYO3ScI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.214.168.0/21
31.214.248.0/21
37.228.136.0/22
82.99.215.0-82.99.219.255
82.99.238.0/24
82.99.242.0-82.99.244.255
91.98.28.0/22
91.98.96.0/21
91.99.72.0/22
91.99.96.0/21
91.99.216.0/22
95.156.236.0/23
95.156.252.0/22
134.255.200.0/21
185.13.228.0/22
Signature Algorithm: sha256WithRSAEncryption
73:d2:ed:c5:9a:e6:eb:19:1e:f8:7d:f8:1f:9b:fb:45:1e:31:
b6:c2:b2:35:9c:36:a7:b1:fd:23:f3:a2:a7:d9:34:55:bf:4b:
ef:2c:81:24:0a:61:8f:4c:bc:b0:93:53:32:94:d3:cd:31:11:
fd:7b:3f:d4:5d:5c:62:5b:50:60:05:1d:79:2a:6c:32:b4:f3:
27:8b:f7:66:b6:b2:13:61:2a:42:90:76:14:6f:45:23:2a:03:
60:3b:18:b8:45:8b:fc:78:db:66:ee:7e:49:1d:d3:1a:02:e5:
00:1b:a6:d5:c0:9e:7e:94:3e:27:3f:63:51:4c:e1:28:92:5a:
09:ed:87:2a:d0:7f:b0:52:09:6b:08:dc:47:a8:1b:2a:a7:58:
4e:6c:fd:26:6d:19:b2:a7:56:63:85:a8:ac:bd:42:c2:1e:99:
39:4d:6c:1e:30:3c:e0:3d:4e:b7:31:cc:83:86:a9:4f:eb:ca:
96:27:04:9c:79:69:97:63:1c:bd:90:b8:6d:21:f7:b9:e8:62:
9f:2f:79:25:2a:ed:6a:52:bd:da:b6:04:e2:80:40:5e:a4:1e:
9a:8d:87:5a:f0:63:bc:40:a2:15:77:de:3b:73:b0:f6:c7:c0:
e9:8a:ed:b5:1b:fe:d3:c6:2b:e2:da:97:46:b5:26:b0:1e:e3:
01:54:b7:34
-----BEGIN CERTIFICATE-----
MIIFYjCCBEqgAwIBAgISAYO2NLQ+FoJzxhCFxD+XNsyCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJmODE0YWRjMWQ1MjA5ZTA5OGYwNzhhZGJjODU2YmFkODNi
NzQ5YzIwHhcNMjIxMDA4MDYwNzMwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NmViZmUxNDJjOTQ5ZWQ1NmU2ZTVhNTdhZjUzNWMyNmYxNjRlM2Y1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAopFu0H8UIS8rIOmfHNGc6XhHjl8a
PpGW9xaCWSfG3rnyq3g6k/M6B1YH18jO9YrEeH0DY6a+YhZcwHV1bLszQWGlVmDn
GNrpuxoUBrScO2+FT73+DfCPDc0Up1zem/0PXJdksRCOr94lZ4qxfiB3B1l77gLw
rYVFgTj5YuO52+7DgyChKQGhrDEXDdx/Gp3xzIt/L/EP/HXFWNniRor1bns1uH6m
yiCYUs45VKhB4R8ShGXh3PM8QFxiZVmT5H8CDDBjaZ9Jf59TKFnwSLLLCH9cPueJ
k2p89FztshuvEHPJAvKZeN/c0LJl7NLyD1cIUTkJS2SnSP/yKN5k5gW85QIDAQAB
o4ICbjCCAmowHQYDVR0OBBYEFJbr/hQslJ7Vbm5aV69TXCbxZOP1MB8GA1UdIwQY
MBaAFC+BStwdUgngmPB4rbyFa62Dt0nCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTDRGSzNCMVNDZUNZOEhpdHZJVnJyWU8zU2NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi8xM2UxMmEtMmJhYy00NzUyLTk5N2Qt
ZGY4NmI2ZGQ5OTdjLzEvbHV2LUZDeVVudFZ1YmxwWHIxTmNKdkZrNF9VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi8xM2UxMmEtMmJhYy00NzUyLTk5N2QtZGY4NmI2ZGQ5OTdj
LzEvTDRGSzNCMVNDZUNZOEhpdHZJVnJyWU8zU2NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGDBggrBgEFBQcBBwEB/wR0MHIwcAQCAAEwagMEAx/WqAME
Ax/W+AMEAiXkiDAMAwQAUmPXAwQCUmPYAwQAUmPuMAwDBAFSY/IDBABSY/QDBAJb
YhwDBANbYmADBAJbY0gDBANbY2ADBAJbY9gDBAFfnOwDBAJfnPwDBAOG/8gDBAK5
DeQwDQYJKoZIhvcNAQELBQADggEBAHPS7cWa5usZHvh9+B+b+0UeMbbCsjWcNqex
/SPzoqfZNFW/S+8sgSQKYY9MvLCTUzKU080xEf17P9RdXGJbUGAFHXkqbDK08yeL
92a2shNhKkKQdhRvRSMqA2A7GLhFi/x422bufkkd0xoC5QAbptXAnn6UPic/Y1FM
4SiSWgnthyrQf7BSCWsI3EeoGyqnWE5s/SZtGbKnVmOFqKy9QsIemTlNbB4wPOA9
TrcxzIOGqU/rypYnBJx5aZdjHL2QuG0h97noYp8veSUq7WpSvdq2BOKAQF6kHpqN
h1rwY7xAohV33jtzsPbHwOmK7bUb/tPGK+Lal0a1JrAe4wFUtzQ=
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:24:33 2025 by rpki-client