Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/635511-71f3-4f57-9139-7da3cd253bf6/1/LRZ5mPDx8oq5OaofTvIfqp71rRk.roa
File: LRZ5mPDx8oq5OaofTvIfqp71rRk.roa (raw, json)
Hash identifier: Nd0X+1Tef5HGOAWWHMewwJMFBA9V7PjrdC+UnxQprkM=
Subject key identifier: 2D:16:79:98:F0:F1:F2:8A:B9:39:AA:1F:4E:F2:1F:AA:9E:F5:AD:19
Certificate issuer: /CN=e7478550068bf78220408c25d612bc2fb02460c1
Certificate serial: 0D559A
Authority key identifier: E7:47:85:50:06:8B:F7:82:20:40:8C:25:D6:12:BC:2F:B0:24:60:C1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/50eFUAaL94IgQIwl1hK8L7AkYME.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/22/635511-71f3-4f57-9139-7da3cd253bf6/1/LRZ5mPDx8oq5OaofTvIfqp71rRk.roa
Signing time: Mon 21 Feb 2022 14:25:03 +0000
ROA not before: Mon 21 Feb 2022 14:25:03 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 16253
IP address blocks: 217.142.0.0/16 maxlen: 16
217.142.0.0/15 maxlen: 15
2a03:f0c0::/32 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 873882 (0xd559a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e7478550068bf78220408c25d612bc2fb02460c1
Validity
Not Before: Feb 21 14:25:03 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2d167998f0f1f28ab939aa1f4ef21faa9ef5ad19
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:41:81:6e:2f:65:ee:65:55:8f:9e:0d:43:91:
e7:25:24:be:58:54:32:f5:05:bf:f8:b4:83:ee:4a:
65:77:71:62:e4:81:ca:3e:32:e1:a5:24:22:7a:17:
00:d7:f4:41:90:7c:15:d7:18:e6:9b:1f:9e:1a:4a:
3b:79:c0:9f:17:7f:85:75:f1:2f:9d:3e:32:09:e7:
cf:66:ba:f4:2e:f9:e3:43:72:59:da:b6:43:e0:37:
48:e5:57:18:b9:06:c2:37:58:b4:f8:50:fd:91:ff:
72:7a:be:e3:83:37:65:4d:66:bf:d5:82:18:71:39:
e8:20:a9:f3:98:4a:65:d0:b9:ab:f1:0a:58:fe:31:
5d:45:da:b3:9a:69:89:95:c5:fd:ac:4e:45:3f:00:
e6:d5:7e:6c:e3:ee:70:0f:d2:32:60:30:99:7b:19:
7d:7d:54:07:a0:30:cd:11:b5:91:18:dd:04:ba:fe:
85:6c:fe:76:7e:f7:5a:65:ba:c2:8f:94:c8:a4:5d:
a4:d6:cf:6e:6d:3b:79:b6:c8:dd:8c:79:d6:c0:5a:
ef:c7:2e:1f:3b:af:d3:46:17:5a:c1:a0:14:73:b5:
5c:e1:9a:a8:69:2c:fd:4d:f0:a2:58:c9:a0:d6:7e:
fe:7f:55:f1:80:f4:5c:a8:66:3e:e7:82:0e:d3:d6:
9c:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:16:79:98:F0:F1:F2:8A:B9:39:AA:1F:4E:F2:1F:AA:9E:F5:AD:19
X509v3 Authority Key Identifier:
keyid:E7:47:85:50:06:8B:F7:82:20:40:8C:25:D6:12:BC:2F:B0:24:60:C1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/50eFUAaL94IgQIwl1hK8L7AkYME.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/635511-71f3-4f57-9139-7da3cd253bf6/1/LRZ5mPDx8oq5OaofTvIfqp71rRk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/22/635511-71f3-4f57-9139-7da3cd253bf6/1/50eFUAaL94IgQIwl1hK8L7AkYME.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.142.0.0/15
IPv6:
2a03:f0c0::/32
Signature Algorithm: sha256WithRSAEncryption
8f:66:f1:0c:eb:27:6a:4c:23:35:a0:8c:12:62:f6:d6:ed:7d:
20:b6:27:78:9e:79:57:76:6b:03:8d:1a:10:d7:9f:28:56:e4:
b9:c4:7b:40:b8:aa:b0:68:bf:a8:29:3c:0d:bd:b3:ff:87:74:
fa:c2:53:0c:03:d0:66:55:9e:71:80:f9:0c:0e:d6:49:c9:c2:
1e:32:4b:89:84:54:bc:b1:5a:6c:56:d9:ff:0f:7f:40:e0:dc:
e7:84:cd:93:e7:f3:e6:c9:d9:4c:7b:d7:8a:7d:4d:58:8b:44:
4c:6a:42:32:17:d8:c4:cc:fc:03:c8:22:20:bf:65:c8:d7:0e:
af:ca:0a:f0:82:cd:48:ac:55:15:58:f4:97:65:57:3d:e3:85:
96:05:98:6c:e6:d9:3a:06:d0:4e:7f:73:dc:32:c5:d7:bd:00:
81:ae:c5:f0:31:8d:df:66:d6:29:e5:e0:7c:42:33:0d:c9:6b:
a1:44:5e:11:9c:f5:b4:26:22:10:f1:6e:6e:02:60:99:ee:0b:
09:5e:d1:e0:d7:b1:36:cb:89:49:ed:ca:23:c8:d6:dc:a1:bb:
5d:11:f8:b0:08:aa:51:d2:ff:b7:48:ee:6b:e6:c4:89:47:99:
be:a9:ef:14:54:bc:57:58:58:d5:30:9b:7a:0b:ca:ee:34:a9:
84:b0:a6:89
-----BEGIN CERTIFICATE-----
MIIE/DCCA+SgAwIBAgIDDVWaMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGU3
NDc4NTUwMDY4YmY3ODIyMDQwOGMyNWQ2MTJiYzJmYjAyNDYwYzEwHhcNMjIwMjIx
MTQyNTAzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEygyZDE2Nzk5OGYwZjFm
MjhhYjkzOWFhMWY0ZWYyMWZhYTllZjVhZDE5MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAikGBbi9l7mVVj54NQ5HnJSS+WFQy9QW/+LSD7kpld3Fi5IHK
PjLhpSQiehcA1/RBkHwV1xjmmx+eGko7ecCfF3+FdfEvnT4yCefPZrr0LvnjQ3JZ
2rZD4DdI5VcYuQbCN1i0+FD9kf9yer7jgzdlTWa/1YIYcTnoIKnzmEpl0Lmr8QpY
/jFdRdqzmmmJlcX9rE5FPwDm1X5s4+5wD9IyYDCZexl9fVQHoDDNEbWRGN0Euv6F
bP52fvdaZbrCj5TIpF2k1s9ubTt5tsjdjHnWwFrvxy4fO6/TRhdawaAUc7Vc4Zqo
aSz9TfCiWMmg1n7+f1XxgPRcqGY+54IO09acCwIDAQABo4ICFzCCAhMwHQYDVR0O
BBYEFC0WeZjw8fKKuTmqH07yH6qe9a0ZMB8GA1UdIwQYMBaAFOdHhVAGi/eCIECM
JdYSvC+wJGDBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
NTBlRlVBYUw5NElnUUl3bDFoSzhMN0FrWU1FLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC8yMi82MzU1MTEtNzFmMy00ZjU3LTkxMzktN2RhM2NkMjUzYmY2LzEv
TFJaNW1QRHg4b3E1T2FvZlR2SWZxcDcxclJrLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMi82
MzU1MTEtNzFmMy00ZjU3LTkxMzktN2RhM2NkMjUzYmY2LzEvNTBlRlVBYUw5NEln
UUl3bDFoSzhMN0FrWU1FLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC0G
CCsGAQUFBwEHAQH/BB4wHDALBAIAATAFAwMB2Y4wDQQCAAIwBwMFACoD8MAwDQYJ
KoZIhvcNAQELBQADggEBAI9m8QzrJ2pMIzWgjBJi9tbtfSC2J3ieeVd2awONGhDX
nyhW5LnEe0C4qrBov6gpPA29s/+HdPrCUwwD0GZVnnGA+QwO1knJwh4yS4mEVLyx
WmxW2f8Pf0Dg3OeEzZPn8+bJ2Ux714p9TViLRExqQjIX2MTM/APIIiC/ZcjXDq/K
CvCCzUisVRVY9JdlVz3jhZYFmGzm2ToG0E5/c9wyxde9AIGuxfAxjd9m1inl4HxC
Mw3Ja6FEXhGc9bQmIhDxbm4CYJnuCwle0eDXsTbLiUntyiPI1tyhu10R+LAIqlHS
/7dI7mvmxIlHmb6p7xRUvFdYWNUwm3oLyu40qYSwpok=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:45:13 2023 by rpki-client on console-fra.rpki-client.org