Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/04d348-75b9-48d2-be10-91190a02db70/1/lz6oOUDmQrgDVahnxrJo29kqe7o.roa
File: lz6oOUDmQrgDVahnxrJo29kqe7o.roa (raw, json)
Hash identifier: F9ppSRuIX2vUrWA1XL1XdkYrrDe9ZAdGzM5d0RcYSPQ=
Subject key identifier: 97:3E:A8:39:40:E6:42:B8:03:55:A8:67:C6:B2:68:DB:D9:2A:7B:BA
Certificate issuer: /CN=2e8b24c76ad87a6c1fedffaf08d9b17b45249991
Certificate serial: 01856B6EAA2C455B47AE7E9F2991E44D2989
Authority key identifier: 2E:8B:24:C7:6A:D8:7A:6C:1F:ED:FF:AF:08:D9:B1:7B:45:24:99:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Loskx2rYemwf7f-vCNmxe0UkmZE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/04d348-75b9-48d2-be10-91190a02db70/1/lz6oOUDmQrgDVahnxrJo29kqe7o.roa
Signing time: Sun 01 Jan 2023 03:44:52 +0000
ROA not before: Sun 01 Jan 2023 03:44:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 15516
IP address blocks: 82.192.128.0/19 maxlen: 19
89.19.128.0/19 maxlen: 19
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:6e:aa:2c:45:5b:47:ae:7e:9f:29:91:e4:4d:29:89
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2e8b24c76ad87a6c1fedffaf08d9b17b45249991
Validity
Not Before: Jan 1 03:44:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=973ea83940e642b80355a867c6b268dbd92a7bba
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:22:31:65:6a:1e:76:c6:1c:a2:3b:1d:77:20:
97:7d:46:9d:d3:e1:ce:9b:4c:29:fd:a8:5f:c4:32:
25:68:54:a0:25:47:52:85:44:13:4a:42:41:ce:c4:
31:ae:09:ce:15:11:7a:b4:44:63:41:41:86:3f:c2:
e2:60:d5:bd:36:1a:ad:e2:e6:b7:b4:f9:1d:f2:71:
62:1a:1e:65:f8:e6:0a:5a:82:e8:c9:a8:35:d6:1c:
6b:5a:38:1b:08:b9:14:f9:c6:2a:92:25:e8:2d:42:
a3:e1:40:b8:28:1d:67:82:6e:df:45:86:55:50:6e:
f3:06:1b:84:3a:c4:02:ea:a0:cf:82:40:20:b6:b0:
15:f5:02:a8:2d:ad:51:99:f8:35:b4:2e:ef:d5:d8:
db:92:eb:6c:cb:29:66:24:57:75:b0:26:be:2d:1a:
7e:03:86:17:73:9a:96:28:a2:7c:85:d9:11:d2:e0:
40:d1:57:ff:d4:a3:cf:dc:ef:05:65:9a:5e:60:d2:
e2:fb:37:ec:af:24:27:9d:1c:5e:22:b6:1a:8a:71:
68:b9:14:3a:ed:26:b6:cf:63:55:e3:73:84:73:d0:
7d:fb:fc:66:cf:a4:f5:cd:61:3f:13:28:18:bf:40:
8b:2f:b3:69:dd:f2:a1:8a:e4:6c:67:a6:a6:24:2d:
9a:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:3E:A8:39:40:E6:42:B8:03:55:A8:67:C6:B2:68:DB:D9:2A:7B:BA
X509v3 Authority Key Identifier:
keyid:2E:8B:24:C7:6A:D8:7A:6C:1F:ED:FF:AF:08:D9:B1:7B:45:24:99:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Loskx2rYemwf7f-vCNmxe0UkmZE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/04d348-75b9-48d2-be10-91190a02db70/1/lz6oOUDmQrgDVahnxrJo29kqe7o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/04d348-75b9-48d2-be10-91190a02db70/1/Loskx2rYemwf7f-vCNmxe0UkmZE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.192.128.0/19
89.19.128.0/19
Signature Algorithm: sha256WithRSAEncryption
a1:a7:50:e5:17:03:6f:a8:1c:6e:3f:9d:67:17:9f:2f:d2:17:
8f:59:ac:0e:68:5e:08:f2:a9:07:e4:93:13:62:14:37:72:3a:
f4:e3:a6:9c:27:32:fa:57:f4:63:38:24:16:83:04:ee:b1:06:
20:0a:79:11:e2:c5:8d:31:11:e1:b6:6d:84:2b:d2:b9:c7:85:
18:5f:c6:8f:25:8a:30:7d:a3:11:89:a2:45:1b:4c:e8:d5:dd:
15:83:70:bf:27:08:09:85:1d:78:1a:b7:e3:e3:d3:c8:ac:ae:
4a:7d:d8:06:1b:2c:1a:17:33:42:95:a3:7f:77:a7:95:ce:c1:
64:c0:db:bd:1c:32:cb:28:e5:0e:ee:86:26:32:8e:95:35:ff:
19:ad:2b:5f:12:aa:6b:e1:f6:05:e2:dd:84:71:85:49:8a:2a:
a0:02:00:d4:d7:ec:e5:21:fe:df:99:37:e0:4f:b7:74:1a:9a:
57:36:9b:50:88:5c:dc:0d:9e:57:59:31:c2:a3:55:b0:25:2e:
5e:98:94:85:ef:82:a4:14:d4:24:5d:bc:2d:b0:9a:0e:e5:df:
75:c1:c7:fa:31:f8:d2:6f:90:c8:11:4b:f1:c0:a3:38:cf:75:
c2:8e:02:c0:f2:d9:11:83:ab:7f:ba:ee:e2:ae:91:d5:a3:5d:
6f:67:c1:31
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVrbqosRVtHrn6fKZHkTSmJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJlOGIyNGM3NmFkODdhNmMxZmVkZmZhZjA4ZDliMTdiNDUy
NDk5OTEwHhcNMjMwMTAxMDM0NDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NzNlYTgzOTQwZTY0MmI4MDM1NWE4NjdjNmIyNjhkYmQ5MmE3YmJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnSIxZWoedsYcojsddyCXfUad0+HO
m0wp/ahfxDIlaFSgJUdShUQTSkJBzsQxrgnOFRF6tERjQUGGP8LiYNW9Nhqt4ua3
tPkd8nFiGh5l+OYKWoLoyag11hxrWjgbCLkU+cYqkiXoLUKj4UC4KB1ngm7fRYZV
UG7zBhuEOsQC6qDPgkAgtrAV9QKoLa1Rmfg1tC7v1djbkutsyylmJFd1sCa+LRp+
A4YXc5qWKKJ8hdkR0uBA0Vf/1KPP3O8FZZpeYNLi+zfsryQnnRxeIrYainFouRQ6
7Sa2z2NV43OEc9B9+/xmz6T1zWE/EygYv0CLL7Np3fKhiuRsZ6amJC2axQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJc+qDlA5kK4A1WoZ8ayaNvZKnu6MB8GA1UdIwQY
MBaAFC6LJMdq2HpsH+3/rwjZsXtFJJmRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTG9za3gyclllbXdmN2YtdkNObXhlMFVrbVpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS8wNGQzNDgtNzViOS00OGQyLWJlMTAt
OTExOTBhMDJkYjcwLzEvbHo2b09VRG1RcmdEVmFobnhySm8yOWtxZTdvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS8wNGQzNDgtNzViOS00OGQyLWJlMTAtOTExOTBhMDJkYjcw
LzEvTG9za3gyclllbXdmN2YtdkNObXhlMFVrbVpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQFUsCAAwQF
WROAMA0GCSqGSIb3DQEBCwUAA4IBAQChp1DlFwNvqBxuP51nF58v0hePWawOaF4I
8qkH5JMTYhQ3cjr046acJzL6V/RjOCQWgwTusQYgCnkR4sWNMRHhtm2EK9K5x4UY
X8aPJYowfaMRiaJFG0zo1d0Vg3C/JwgJhR14Grfj49PIrK5KfdgGGywaFzNClaN/
d6eVzsFkwNu9HDLLKOUO7oYmMo6VNf8ZrStfEqpr4fYF4t2EcYVJiiqgAgDU1+zl
If7fmTfgT7d0GppXNptQiFzcDZ5XWTHCo1WwJS5emJSF74KkFNQkXbwtsJoO5d91
wcf6MfjSb5DIEUvxwKM4z3XCjgLA8tkRg6t/uu7irpHVo11vZ8Ex
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:00 2024 by rpki-client on console-fra.rpki-client.org