Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/207b40-5fff-4f43-8b82-103b9f327924/1/lhWM5JyaQ8BXe4efowpwViBquYs.roa
File: lhWM5JyaQ8BXe4efowpwViBquYs.roa (raw, json)
Hash identifier: cSB4GxTw2uBtdR9/I/Udj2yVMkbMmjZRaFFaNoNpSVM=
Subject key identifier: 96:15:8C:E4:9C:9A:43:C0:57:7B:87:9F:A3:0A:70:56:20:6A:B9:8B
Certificate issuer: /CN=0e1fb63628fe3a11065189bdcf1357fbfc06dade
Certificate serial: 09BBA6E0
Authority key identifier: 0E:1F:B6:36:28:FE:3A:11:06:51:89:BD:CF:13:57:FB:FC:06:DA:DE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Dh-2Nij-OhEGUYm9zxNX-_wG2t4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2f/207b40-5fff-4f43-8b82-103b9f327924/1/lhWM5JyaQ8BXe4efowpwViBquYs.roa
Signing time: Sat 01 Jan 2022 00:53:22 +0000
ROA not before: Sat 01 Jan 2022 00:53:22 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 16003
IP address blocks: 77.83.56.0/22 maxlen: 24
2a09:7380::/29 maxlen: 64
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 163292896 (0x9bba6e0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0e1fb63628fe3a11065189bdcf1357fbfc06dade
Validity
Not Before: Jan 1 00:53:22 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=96158ce49c9a43c0577b879fa30a7056206ab98b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:84:9e:e0:b0:3c:f3:15:e1:a9:2b:b4:e8:5e:
84:d5:d5:d6:17:5b:bd:c5:61:4c:9b:87:c7:a1:b7:
e2:f9:5c:11:0b:6d:61:9f:6f:b7:a5:1e:32:28:e2:
14:3e:11:a9:21:c0:23:15:b2:fd:6b:f5:1e:23:97:
26:44:1f:cb:cd:00:44:fc:bf:ba:15:ea:c5:51:38:
dc:04:d4:15:49:68:2a:20:05:92:22:22:b9:d9:8f:
1f:e4:93:ff:a8:a6:c9:7a:2a:8d:c4:d3:27:15:5f:
ad:8c:36:d2:ad:ea:b2:f7:6b:04:be:e0:4b:4d:c8:
f9:b3:2f:2a:8b:f4:cd:6d:53:ff:76:da:a4:87:fe:
ec:23:33:73:8c:88:1a:2c:b6:85:f6:54:cb:cb:7f:
df:b1:91:ea:59:fc:95:29:10:fd:46:06:28:78:49:
3b:15:76:1f:2c:52:d7:73:39:dc:10:a9:38:1d:46:
bc:33:52:22:ed:8a:c8:f2:02:2d:24:13:4c:fa:88:
7e:2e:90:3e:d3:14:4b:10:ad:5d:14:f7:c8:ae:9f:
07:f2:98:f5:71:83:df:90:6d:7d:07:77:84:37:8c:
78:ed:fd:3d:ec:ea:ab:a6:ee:33:11:04:ec:03:0d:
f6:cf:3a:7d:ea:57:82:3b:26:46:22:76:90:84:30:
a7:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:15:8C:E4:9C:9A:43:C0:57:7B:87:9F:A3:0A:70:56:20:6A:B9:8B
X509v3 Authority Key Identifier:
keyid:0E:1F:B6:36:28:FE:3A:11:06:51:89:BD:CF:13:57:FB:FC:06:DA:DE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Dh-2Nij-OhEGUYm9zxNX-_wG2t4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/207b40-5fff-4f43-8b82-103b9f327924/1/lhWM5JyaQ8BXe4efowpwViBquYs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/207b40-5fff-4f43-8b82-103b9f327924/1/Dh-2Nij-OhEGUYm9zxNX-_wG2t4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.83.56.0/22
IPv6:
2a09:7380::/29
Signature Algorithm: sha256WithRSAEncryption
04:49:a1:fd:9c:71:64:ab:f9:0c:51:91:63:76:7d:a2:97:7a:
6b:0a:c0:2e:fd:f5:1e:ab:f8:42:d5:9c:08:0b:a4:87:01:4c:
d3:93:f3:9b:39:6b:f4:26:b0:38:34:ec:f5:38:3d:58:32:67:
94:a3:7a:b0:1d:51:5e:b9:0e:55:ca:60:82:f4:78:75:e1:94:
3a:09:c2:97:34:19:55:88:35:b4:2a:54:ee:eb:22:48:a5:00:
cb:42:30:a6:19:0d:e5:e1:4b:fa:d3:cb:ef:e5:cf:1c:59:b9:
be:bf:3e:46:59:20:5a:8a:34:b0:b6:0a:d9:ee:65:7d:6a:d4:
13:2a:c5:cc:62:65:47:79:06:74:3b:7d:22:c7:92:c9:66:7c:
5f:f4:f5:d4:00:62:c7:e6:a6:76:f8:37:31:4d:86:e1:12:5a:
0a:ec:d4:96:10:f5:e4:6a:85:1f:89:fb:fc:8f:76:f0:78:1c:
0e:46:b1:6e:0f:10:e2:f1:0b:fa:91:2c:cf:f5:10:0d:3f:a1:
41:4e:9f:94:78:81:1a:9c:6d:3a:d3:eb:65:c9:35:7b:a8:2d:
1f:54:ec:26:d9:cd:31:c1:b6:15:9e:a6:9b:7a:d8:5f:e5:4b:
9f:be:40:57:b3:e2:41:73:65:fb:71:0c:b4:88:10:9e:ed:89:
09:01:40:15
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIECbum4DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
ZTFmYjYzNjI4ZmUzYTExMDY1MTg5YmRjZjEzNTdmYmZjMDZkYWRlMB4XDTIyMDEw
MTAwNTMyMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOTYxNThjZTQ5Yzlh
NDNjMDU3N2I4NzlmYTMwYTcwNTYyMDZhYjk4YjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMSEnuCwPPMV4akrtOhehNXV1hdbvcVhTJuHx6G34vlcEQtt
YZ9vt6UeMijiFD4RqSHAIxWy/Wv1HiOXJkQfy80ARPy/uhXqxVE43ATUFUloKiAF
kiIiudmPH+ST/6imyXoqjcTTJxVfrYw20q3qsvdrBL7gS03I+bMvKov0zW1T/3ba
pIf+7CMzc4yIGiy2hfZUy8t/37GR6ln8lSkQ/UYGKHhJOxV2HyxS13M53BCpOB1G
vDNSIu2KyPICLSQTTPqIfi6QPtMUSxCtXRT3yK6fB/KY9XGD35BtfQd3hDeMeO39
Pezqq6buMxEE7AMN9s86fepXgjsmRiJ2kIQwp/cCAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBSWFYzknJpDwFd7h5+jCnBWIGq5izAfBgNVHSMEGDAWgBQOH7Y2KP46EQZR
ib3PE1f7/Aba3jAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0RoLTJOaWotT2hFR1VZbTl6eE5YLV93RzJ0NC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMmYvMjA3YjQwLTVmZmYtNGY0My04YjgyLTEwM2I5ZjMyNzkyNC8x
L2xoV001SnlhUThCWGU0ZWZvd3B3VmlCcXVZcy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMmYv
MjA3YjQwLTVmZmYtNGY0My04YjgyLTEwM2I5ZjMyNzkyNC8xL0RoLTJOaWotT2hF
R1VZbTl6eE5YLV93RzJ0NC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEAk1TODANBAIAAjAHAwUDKglzgDAN
BgkqhkiG9w0BAQsFAAOCAQEABEmh/ZxxZKv5DFGRY3Z9opd6awrALv31Hqv4QtWc
CAukhwFM05Pzmzlr9CawODTs9Tg9WDJnlKN6sB1RXrkOVcpggvR4deGUOgnClzQZ
VYg1tCpU7usiSKUAy0IwphkN5eFL+tPL7+XPHFm5vr8+RlkgWoo0sLYK2e5lfWrU
EyrFzGJlR3kGdDt9IseSyWZ8X/T11ABix+amdvg3MU2G4RJaCuzUlhD15GqFH4n7
/I928HgcDkaxbg8Q4vEL+pEsz/UQDT+hQU6flHiBGpxtOtPrZck1e6gtH1TsJtnN
McG2FZ6mm3rYX+VLn75AV7PiQXNl+3EMtIgQnu2JCQFAFQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:09 2024 by rpki-client on console-fra.rpki-client.org