Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/LiPwPBjkrOKF65rNoCn3RgIZL88.roa
File: LiPwPBjkrOKF65rNoCn3RgIZL88.roa (raw, json)
Hash identifier: lsWgDe3d/5xkTSA5kZmUaWVeCUVP6nvvD3TjIY3bxUw=
Subject key identifier: 2E:23:F0:3C:18:E4:AC:E2:85:EB:9A:CD:A0:29:F7:46:02:19:2F:CF
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 01896E22491EA3EE09FDEE0EB2A7F720AEDD
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/LiPwPBjkrOKF65rNoCn3RgIZL88.roa
Signing time: Wed 19 Jul 2023 12:31:27 +0000
ROA not before: Wed 19 Jul 2023 12:31:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 20454
IP address blocks: 81.161.237.0/24 maxlen: 24
93.123.81.0/24 maxlen: 24
94.156.182.0/23 maxlen: 24
94.154.174.0/23 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:6e:22:49:1e:a3:ee:09:fd:ee:0e:b2:a7:f7:20:ae:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Jul 19 12:31:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2e23f03c18e4ace285eb9acda029f74602192fcf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:4e:29:75:5f:0a:e5:1b:19:45:dd:5d:ec:0d:
3c:9a:05:e7:ce:f3:0c:86:0d:98:33:14:0a:c0:0c:
3f:15:14:90:98:c2:b3:f0:8a:5c:f9:c8:ef:07:8a:
16:39:a8:55:a1:49:70:de:01:ea:f9:fe:53:28:4f:
87:b3:22:ea:a0:7c:43:19:3b:62:7f:ce:75:2d:21:
41:e6:8f:74:a6:6d:4f:d0:38:30:96:88:a9:da:33:
a1:c2:54:ee:19:4a:d5:a7:57:ac:9a:e4:18:ff:5d:
77:8b:51:f7:b0:41:2c:e7:be:2c:5b:ac:48:22:b0:
e4:26:2a:af:e9:d8:b7:7d:fb:5c:48:da:cc:d9:fd:
43:d7:2d:47:ed:08:a9:2a:02:81:99:f1:fb:4d:29:
c4:1e:8f:a5:79:ee:ba:48:22:84:7d:39:ef:a8:ab:
7b:18:79:df:b3:6c:e9:e4:d3:cd:de:f4:33:a0:9a:
7d:f1:de:5e:90:ff:54:d0:8e:00:df:ba:db:f1:ee:
d0:38:31:bf:ae:b4:60:ea:9c:1b:4d:8e:7f:e4:5a:
ee:a3:4e:0f:a2:41:74:18:b6:ae:0d:23:63:62:e3:
5a:cb:4d:5e:67:cc:56:58:74:72:b9:86:9c:18:ad:
46:21:60:02:9a:dd:49:bf:0d:44:fb:9d:f8:88:e6:
c4:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:23:F0:3C:18:E4:AC:E2:85:EB:9A:CD:A0:29:F7:46:02:19:2F:CF
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/LiPwPBjkrOKF65rNoCn3RgIZL88.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.161.237.0/24
93.123.81.0/24
94.154.174.0/23
94.156.182.0/23
Signature Algorithm: sha256WithRSAEncryption
90:dc:8c:37:c5:10:03:13:03:0c:17:1a:96:d1:a5:2b:21:f9:
a6:cb:0b:25:bd:78:f0:21:49:42:17:90:9f:41:04:e3:b1:20:
f6:bb:1c:7b:a7:9c:e1:0a:ad:e2:48:c0:cd:17:72:44:8e:f1:
0c:22:b6:4e:7a:a8:ca:76:dc:8f:1b:df:d4:38:1a:3f:f5:47:
3b:83:c5:cb:bc:7e:cf:32:b4:ab:15:a1:ea:7b:a9:47:94:8f:
47:e0:97:47:6c:e8:16:a2:6c:46:d6:0f:64:c1:5f:db:8f:49:
b9:0c:f8:ea:a9:37:a2:ef:53:0f:9e:2d:1a:e0:89:33:cc:80:
1e:44:8b:e8:86:4c:16:9a:fa:52:1e:b1:c3:99:e8:7c:82:75:
62:19:8c:8b:8e:bf:cd:dd:b1:ab:70:24:fb:bc:ea:aa:8a:83:
99:9c:b3:79:5b:2e:a1:bf:ca:f2:22:b2:7d:e4:34:90:ad:63:
b7:8a:d9:ea:13:67:45:6e:84:39:ca:60:06:82:06:7e:85:ea:
21:69:f1:44:a9:f5:84:8e:44:b7:fd:c6:51:9d:65:d9:c0:62:
f2:2f:9b:85:6b:ff:11:f1:5a:ee:51:9a:7d:e6:ad:47:2f:71:
46:08:93:2a:98:93:4f:aa:a2:86:78:96:de:18:f1:8c:52:c2:
bf:54:1f:d8
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYluIkkeo+4J/e4Osqf3IK7dMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMwNzE5MTIzMTI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZTIzZjAzYzE4ZTRhY2UyODVlYjlhY2RhMDI5Zjc0NjAyMTkyZmNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhk4pdV8K5RsZRd1d7A08mgXnzvMM
hg2YMxQKwAw/FRSQmMKz8Ipc+cjvB4oWOahVoUlw3gHq+f5TKE+HsyLqoHxDGTti
f851LSFB5o90pm1P0Dgwloip2jOhwlTuGUrVp1esmuQY/113i1H3sEEs574sW6xI
IrDkJiqv6di3fftcSNrM2f1D1y1H7QipKgKBmfH7TSnEHo+lee66SCKEfTnvqKt7
GHnfs2zp5NPN3vQzoJp98d5ekP9U0I4A37rb8e7QODG/rrRg6pwbTY5/5Fruo04P
okF0GLauDSNjYuNay01eZ8xWWHRyuYacGK1GIWACmt1Jvw1E+534iObEjwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFC4j8DwY5KziheuazaAp90YCGS/PMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvTGlQd1BCamtyT0tGNjVyTm9DbjNSZ0laTDg4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAUaHtAwQA
XXtRAwQBXpquAwQBXpy2MA0GCSqGSIb3DQEBCwUAA4IBAQCQ3Iw3xRADEwMMFxqW
0aUrIfmmywslvXjwIUlCF5CfQQTjsSD2uxx7p5zhCq3iSMDNF3JEjvEMIrZOeqjK
dtyPG9/UOBo/9Uc7g8XLvH7PMrSrFaHqe6lHlI9H4JdHbOgWomxG1g9kwV/bj0m5
DPjqqTei71MPni0a4IkzzIAeRIvohkwWmvpSHrHDmeh8gnViGYyLjr/N3bGrcCT7
vOqqioOZnLN5Wy6hv8ryIrJ95DSQrWO3itnqE2dFboQ5ymAGggZ+heohafFEqfWE
jkS3/cZRnWXZwGLyL5uFa/8R8VruUZp95q1HL3FGCJMqmJNPqqKGeJbeGPGMUsK/
VB/Y
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:17:05 2024 by rpki-client on console-fra.rpki-client.org