Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/d1a261-8f83-4f6a-87ab-cf41f76d7f03/1/LPpKb6ERi_SrlGNezw7OMfuK2lc.roa
File: LPpKb6ERi_SrlGNezw7OMfuK2lc.roa (raw, json)
Hash identifier: kmBoTtIorjNTnEZVUYm4Pk5nfNM8hZF7RbLbi6INv04=
Subject key identifier: 2C:FA:4A:6F:A1:11:8B:F4:AB:94:63:5E:CF:0E:CE:31:FB:8A:DA:57
Certificate issuer: /CN=342b03896c76698286f881a6ba472a08b7963ca2
Certificate serial: 0185841451C96C0A822091D1A8469F311305
Authority key identifier: 34:2B:03:89:6C:76:69:82:86:F8:81:A6:BA:47:2A:08:B7:96:3C:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NCsDiWx2aYKG-IGmukcqCLeWPKI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/33/d1a261-8f83-4f6a-87ab-cf41f76d7f03/1/LPpKb6ERi_SrlGNezw7OMfuK2lc.roa
Signing time: Thu 05 Jan 2023 22:36:42 +0000
ROA not before: Thu 05 Jan 2023 22:36:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 34695
IP address blocks: 80.79.48.0/20 maxlen: 20
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:84:14:51:c9:6c:0a:82:20:91:d1:a8:46:9f:31:13:05
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=342b03896c76698286f881a6ba472a08b7963ca2
Validity
Not Before: Jan 5 22:36:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2cfa4a6fa1118bf4ab94635ecf0ece31fb8ada57
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:3d:cf:ca:cc:04:bc:e6:94:cc:95:29:3b:b2:
f9:66:47:74:0c:2e:24:b3:d8:16:e3:a8:4c:40:46:
f8:36:26:4b:30:59:4b:25:98:ec:50:60:1c:78:63:
15:87:cd:c7:fe:91:0f:c7:40:fa:c5:fd:ff:00:3f:
a5:ea:2a:74:47:10:80:76:0b:19:ff:3f:f0:97:df:
f8:1e:19:b1:4c:f5:04:f2:a8:fa:e9:ad:bf:fe:92:
2e:df:74:45:32:bb:e4:4d:ff:05:5d:6f:70:14:38:
d9:62:5a:48:0f:6a:58:1d:f6:65:0e:f3:0c:a2:a1:
21:28:3e:b9:47:ea:35:ce:56:e0:9b:0e:7a:77:e2:
d8:e2:66:c3:08:84:a2:0a:cd:79:f6:33:57:ae:0b:
78:3d:87:b5:58:46:ae:06:f3:44:47:bf:76:5e:a5:
d1:94:11:e3:7b:78:a6:02:1e:af:be:24:2a:16:3b:
52:24:06:4f:55:65:91:b9:fc:cc:c6:74:c7:fe:cd:
d1:e3:74:1d:40:55:51:1b:79:37:ea:f5:ee:0d:61:
a8:0e:3b:38:76:f7:ef:50:ba:d0:de:78:00:e0:0d:
bc:47:c2:26:bd:a4:ec:7b:62:d7:90:d4:52:98:2b:
26:a1:b0:b9:39:9f:0b:d6:e0:f4:7e:71:24:5a:fd:
a9:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:FA:4A:6F:A1:11:8B:F4:AB:94:63:5E:CF:0E:CE:31:FB:8A:DA:57
X509v3 Authority Key Identifier:
keyid:34:2B:03:89:6C:76:69:82:86:F8:81:A6:BA:47:2A:08:B7:96:3C:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NCsDiWx2aYKG-IGmukcqCLeWPKI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/d1a261-8f83-4f6a-87ab-cf41f76d7f03/1/LPpKb6ERi_SrlGNezw7OMfuK2lc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/33/d1a261-8f83-4f6a-87ab-cf41f76d7f03/1/NCsDiWx2aYKG-IGmukcqCLeWPKI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.79.48.0/20
Signature Algorithm: sha256WithRSAEncryption
61:19:e2:e4:9d:d4:a7:b8:90:6f:e0:b8:54:9c:92:f3:a1:5b:
30:61:b8:1f:c3:0b:25:ca:6a:e5:f4:af:9c:9c:25:a4:c0:1b:
98:4d:5d:45:8f:e4:ad:08:d0:23:6c:d4:96:90:08:64:ee:ed:
de:a1:2a:8f:28:33:86:83:10:2c:2b:fc:59:03:55:e4:26:e9:
84:3a:36:8a:7b:c2:93:93:bf:59:6e:26:ef:a2:24:39:b6:c8:
fa:e7:75:71:ce:e9:0a:3a:ac:b4:e6:fc:44:55:c6:b3:4f:a5:
9e:78:c3:03:7e:e0:12:53:42:f0:52:c6:25:f2:e7:d1:71:65:
18:35:19:6c:6b:7d:74:e4:9f:cc:00:eb:2d:09:1c:4f:7f:bf:
bf:f1:7e:e5:bd:b4:1f:10:a9:95:76:ed:4d:cd:19:89:c2:47:
01:85:87:06:f1:86:38:7e:92:61:8e:8c:86:1e:b2:1e:ce:a6:
bf:d5:99:b4:a6:9f:43:5a:aa:0d:54:fa:4a:ed:b7:68:e6:e4:
a7:05:3e:7a:0d:51:38:27:26:06:58:8b:6c:b9:23:d6:68:55:
bb:1b:1f:d9:ef:f7:05:58:8a:79:14:1d:bb:27:47:3b:54:24:
ef:ec:2c:8d:17:91:56:dd:86:a3:2b:d6:23:57:9d:96:81:a1:
70:68:6b:04
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYWEFFHJbAqCIJHRqEafMRMFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0MmIwMzg5NmM3NjY5ODI4NmY4ODFhNmJhNDcyYTA4Yjc5
NjNjYTIwHhcNMjMwMTA1MjIzNjQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyY2ZhNGE2ZmExMTE4YmY0YWI5NDYzNWVjZjBlY2UzMWZiOGFkYTU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkz3PyswEvOaUzJUpO7L5Zkd0DC4k
s9gW46hMQEb4NiZLMFlLJZjsUGAceGMVh83H/pEPx0D6xf3/AD+l6ip0RxCAdgsZ
/z/wl9/4HhmxTPUE8qj66a2//pIu33RFMrvkTf8FXW9wFDjZYlpID2pYHfZlDvMM
oqEhKD65R+o1zlbgmw56d+LY4mbDCISiCs159jNXrgt4PYe1WEauBvNER792XqXR
lBHje3imAh6vviQqFjtSJAZPVWWRufzMxnTH/s3R43QdQFVRG3k36vXuDWGoDjs4
dvfvULrQ3ngA4A28R8ImvaTse2LXkNRSmCsmobC5OZ8L1uD0fnEkWv2p0wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCz6Sm+hEYv0q5RjXs8OzjH7itpXMB8GA1UdIwQY
MBaAFDQrA4lsdmmChviBprpHKgi3ljyiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkNzRGlXeDJhWUtHLUlHbXVrY3FDTGVXUEtJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy9kMWEyNjEtOGY4My00ZjZhLTg3YWIt
Y2Y0MWY3NmQ3ZjAzLzEvTFBwS2I2RVJpX1NybEdOZXp3N09NZnVLMmxjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMy9kMWEyNjEtOGY4My00ZjZhLTg3YWItY2Y0MWY3NmQ3ZjAz
LzEvTkNzRGlXeDJhWUtHLUlHbXVrY3FDTGVXUEtJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEUE8wMA0G
CSqGSIb3DQEBCwUAA4IBAQBhGeLkndSnuJBv4LhUnJLzoVswYbgfwwslymrl9K+c
nCWkwBuYTV1Fj+StCNAjbNSWkAhk7u3eoSqPKDOGgxAsK/xZA1XkJumEOjaKe8KT
k79ZbibvoiQ5tsj653VxzukKOqy05vxEVcazT6WeeMMDfuASU0LwUsYl8ufRcWUY
NRlsa3105J/MAOstCRxPf7+/8X7lvbQfEKmVdu1NzRmJwkcBhYcG8YY4fpJhjoyG
HrIezqa/1Zm0pp9DWqoNVPpK7bdo5uSnBT56DVE4JyYGWItsuSPWaFW7Gx/Z7/cF
WIp5FB27J0c7VCTv7CyNF5FW3YajK9YjV52WgaFwaGsE
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:53 2024 by rpki-client on console-fra.rpki-client.org