Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/9def08-7552-4b5a-966f-8ee0a12a359b/1/LcMVhl0UthDANQDVst_gL4mGV3M.roa
File: LcMVhl0UthDANQDVst_gL4mGV3M.roa (raw, json)
Hash identifier: V+rCZ9KcTnrph5EnULzJr5A9fteullZnEoE5gNOohCM=
Subject key identifier: 2D:C3:15:86:5D:14:B6:10:C0:35:00:D5:B2:DF:E0:2F:89:86:57:73
Certificate issuer: /CN=45f9e32ff6af3d5e5d77bdbb98da37d0b8e44519
Certificate serial: 0184CDEDBD7FD917CB2F9C2680ABF5655DC5
Authority key identifier: 45:F9:E3:2F:F6:AF:3D:5E:5D:77:BD:BB:98:DA:37:D0:B8:E4:45:19
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RfnjL_avPV5dd727mNo30LjkRRk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/9def08-7552-4b5a-966f-8ee0a12a359b/1/LcMVhl0UthDANQDVst_gL4mGV3M.roa
Signing time: Thu 01 Dec 2022 13:43:40 +0000
ROA not before: Thu 01 Dec 2022 13:43:40 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 49289
IP address blocks: 185.63.132.0/23 maxlen: 23
159.255.136.0/22 maxlen: 22
185.63.135.0/24 maxlen: 24
185.63.134.0/24 maxlen: 24
159.255.144.0/22 maxlen: 22
188.94.120.0/21 maxlen: 21
171.22.233.0/24 maxlen: 24
171.22.232.0/24 maxlen: 24
171.22.235.0/24 maxlen: 24
171.22.234.0/24 maxlen: 24
93.185.112.0/20 maxlen: 20
178.239.32.0/20 maxlen: 20
2a00:c50::/29 maxlen: 29
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:cd:ed:bd:7f:d9:17:cb:2f:9c:26:80:ab:f5:65:5d:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=45f9e32ff6af3d5e5d77bdbb98da37d0b8e44519
Validity
Not Before: Dec 1 13:43:40 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2dc315865d14b610c03500d5b2dfe02f89865773
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:65:ff:bc:b4:42:45:40:2a:04:60:f2:20:be:
91:37:f3:a3:c2:e9:8c:e5:aa:5f:a9:fb:a1:75:84:
81:8f:47:fe:62:5f:88:2e:60:64:e2:49:93:ba:4b:
ea:53:56:0b:02:f8:8b:d9:a4:6f:5d:e2:98:f0:c1:
2f:f6:7b:8d:ca:3f:8c:65:9a:c6:47:68:05:ac:82:
0d:b6:56:12:e4:4a:07:03:7f:87:61:11:15:95:b8:
a9:e1:c8:3d:40:90:c9:1a:47:1f:b9:8a:20:09:8f:
34:7c:30:de:cc:f6:c6:68:c3:47:a8:b0:61:e4:91:
54:c4:5e:e4:2d:ca:11:6e:67:3a:6e:2c:b2:49:0f:
5c:bb:1f:01:ae:47:c7:6e:57:c8:4c:11:8b:00:97:
27:b5:d3:ba:c4:d2:bb:76:f7:03:d5:62:4e:0d:4e:
05:ba:87:e0:26:5e:73:4b:61:b5:bc:be:7e:74:6d:
36:c3:77:b1:c4:3f:b6:27:f9:bf:8a:7f:ca:97:8d:
58:87:67:49:86:c4:f3:ba:9d:e3:89:f2:55:b6:aa:
8d:5a:ed:ce:22:4b:b8:ee:69:f0:9c:91:d6:53:7d:
ae:e6:bc:33:7e:9b:e5:66:b6:09:c5:87:ab:e8:e1:
68:5e:b8:ab:64:ba:8a:e1:e9:76:72:47:4f:16:88:
08:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:C3:15:86:5D:14:B6:10:C0:35:00:D5:B2:DF:E0:2F:89:86:57:73
X509v3 Authority Key Identifier:
keyid:45:F9:E3:2F:F6:AF:3D:5E:5D:77:BD:BB:98:DA:37:D0:B8:E4:45:19
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RfnjL_avPV5dd727mNo30LjkRRk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/9def08-7552-4b5a-966f-8ee0a12a359b/1/LcMVhl0UthDANQDVst_gL4mGV3M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/40/9def08-7552-4b5a-966f-8ee0a12a359b/1/RfnjL_avPV5dd727mNo30LjkRRk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.185.112.0/20
159.255.136.0/22
159.255.144.0/22
171.22.232.0/22
178.239.32.0/20
185.63.132.0/22
188.94.120.0/21
IPv6:
2a00:c50::/29
Signature Algorithm: sha256WithRSAEncryption
0a:e2:85:d9:95:8b:74:ca:5d:1b:3a:31:f3:5c:9b:3b:8f:d1:
59:75:7d:17:4d:0b:21:e3:10:1f:de:4b:7d:9f:bb:97:4e:11:
07:40:b7:c9:47:ce:00:7d:7d:d9:fd:53:44:44:88:e3:d4:f3:
a9:67:a1:01:3d:35:6c:52:16:a6:4b:3d:3b:4e:6f:6b:60:02:
9b:76:d6:6a:c4:0e:a1:11:c4:6d:ce:51:65:4a:14:37:63:4e:
29:13:0e:35:05:6c:2c:c1:8d:9c:4a:c3:17:c9:29:78:7c:cd:
04:37:ba:79:ab:7d:9e:67:19:34:75:36:95:5f:d4:0b:a6:ac:
5e:2c:1e:27:31:0b:1c:cb:e8:59:33:a0:4d:f4:8b:43:92:b7:
cb:d9:48:0d:61:c6:39:20:a2:77:3c:63:82:4f:47:f2:29:d7:
07:13:84:ed:44:36:f6:41:f1:5a:76:bf:5b:5c:79:43:14:fd:
54:f4:1d:02:41:28:f6:41:42:2b:3b:b5:da:90:1f:c1:f1:cc:
b5:e4:37:8d:05:2e:6f:72:32:2e:07:1c:b6:bf:b0:aa:27:70:
4b:ad:ad:3e:6d:ea:f2:9e:cb:24:03:48:2e:5c:f0:f0:d1:b6:
3d:b2:33:99:dc:4d:25:41:10:9b:17:b6:40:32:a9:d1:31:e1:
ed:f5:50:de
-----BEGIN CERTIFICATE-----
MIIFMDCCBBigAwIBAgISAYTN7b1/2RfLL5wmgKv1ZV3FMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ1ZjllMzJmZjZhZjNkNWU1ZDc3YmRiYjk4ZGEzN2QwYjhl
NDQ1MTkwHhcNMjIxMjAxMTM0MzQwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZGMzMTU4NjVkMTRiNjEwYzAzNTAwZDViMmRmZTAyZjg5ODY1NzczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn2X/vLRCRUAqBGDyIL6RN/OjwumM
5apfqfuhdYSBj0f+Yl+ILmBk4kmTukvqU1YLAviL2aRvXeKY8MEv9nuNyj+MZZrG
R2gFrIINtlYS5EoHA3+HYREVlbip4cg9QJDJGkcfuYogCY80fDDezPbGaMNHqLBh
5JFUxF7kLcoRbmc6biyySQ9cux8BrkfHblfITBGLAJcntdO6xNK7dvcD1WJODU4F
uofgJl5zS2G1vL5+dG02w3exxD+2J/m/in/Kl41Yh2dJhsTzup3jifJVtqqNWu3O
Iku47mnwnJHWU32u5rwzfpvlZrYJxYer6OFoXrirZLqK4el2ckdPFogILwIDAQAB
o4ICPDCCAjgwHQYDVR0OBBYEFC3DFYZdFLYQwDUA1bLf4C+JhldzMB8GA1UdIwQY
MBaAFEX54y/2rz1eXXe9u5jaN9C45EUZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUmZuakxfYXZQVjVkZDcyN21ObzMwTGprUlJrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC85ZGVmMDgtNzU1Mi00YjVhLTk2NmYt
OGVlMGExMmEzNTliLzEvTGNNVmhsMFV0aERBTlFEVnN0X2dMNG1HVjNNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC85ZGVmMDgtNzU1Mi00YjVhLTk2NmYtOGVlMGExMmEzNTli
LzEvUmZuakxfYXZQVjVkZDcyN21ObzMwTGprUlJrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFIGCCsGAQUFBwEHAQH/BEMwQTAwBAIAATAqAwQEXblwAwQC
n/+IAwQCn/+QAwQCqxboAwQEsu8gAwQCuT+EAwQDvF54MA0EAgACMAcDBQMqAAxQ
MA0GCSqGSIb3DQEBCwUAA4IBAQAK4oXZlYt0yl0bOjHzXJs7j9FZdX0XTQsh4xAf
3kt9n7uXThEHQLfJR84AfX3Z/VNERIjj1POpZ6EBPTVsUhamSz07Tm9rYAKbdtZq
xA6hEcRtzlFlShQ3Y04pEw41BWwswY2cSsMXySl4fM0EN7p5q32eZxk0dTaVX9QL
pqxeLB4nMQscy+hZM6BN9ItDkrfL2UgNYcY5IKJ3PGOCT0fyKdcHE4TtRDb2QfFa
dr9bXHlDFP1U9B0CQSj2QUIrO7XakB/B8cy15DeNBS5vcjIuBxy2v7CqJ3BLra0+
berynsskA0guXPDw0bY9sjOZ3E0lQRCbF7ZAMqnRMeHt9VDe
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:05:05 2024 by rpki-client on console-ams.rpki-client.org