Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/LqkicjsDfb5IcBUxoGlxAdoS_aQ.roa
File: LqkicjsDfb5IcBUxoGlxAdoS_aQ.roa (raw, json)
Hash identifier: haVL00tkEDHIFiyN7mgYZYCCTgP7amDkSWiFMnV8yb0=
Subject key identifier: 2E:A9:22:72:3B:03:7D:BE:48:70:15:31:A0:69:71:01:DA:12:FD:A4
Certificate issuer: /CN=ccd76159bfd9e337523ee930f3df111d6bae7306
Certificate serial: 0189784DAC320A73489A99F195C03D113FCC
Authority key identifier: CC:D7:61:59:BF:D9:E3:37:52:3E:E9:30:F3:DF:11:1D:6B:AE:73:06
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zNdhWb_Z4zdSPukw898RHWuucwY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/LqkicjsDfb5IcBUxoGlxAdoS_aQ.roa
Signing time: Fri 21 Jul 2023 11:55:03 +0000
ROA not before: Fri 21 Jul 2023 11:55:03 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49505
IP address blocks: 212.60.7.0/24 maxlen: 24
194.156.106.0/24 maxlen: 24
194.156.107.0/24 maxlen: 24
94.154.191.0/24 maxlen: 24
94.154.188.0/24 maxlen: 24
94.154.189.0/24 maxlen: 24
45.81.139.0/24 maxlen: 24
45.95.28.0/24 maxlen: 24
45.87.255.0/24 maxlen: 24
45.129.79.0/24 maxlen: 24
193.187.106.0/24 maxlen: 24
194.156.104.0/24 maxlen: 24
194.156.105.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:78:4d:ac:32:0a:73:48:9a:99:f1:95:c0:3d:11:3f:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ccd76159bfd9e337523ee930f3df111d6bae7306
Validity
Not Before: Jul 21 11:55:03 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2ea922723b037dbe48701531a0697101da12fda4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:60:0d:ef:27:b4:73:3d:18:c8:a5:ef:13:3c:
58:b1:71:1c:57:38:69:91:09:71:51:8f:b6:a8:c6:
13:7f:07:1e:4b:a0:5e:33:22:51:b4:be:73:82:5a:
b2:2b:99:98:e4:dc:06:99:70:09:92:20:2e:32:51:
14:41:92:e5:2c:6a:95:f7:d4:93:be:1d:c0:1e:94:
20:40:cf:5d:f5:7c:3d:8d:e0:dd:d0:6c:e2:57:c0:
68:72:0f:98:b6:f0:02:1e:4c:e0:f8:0d:20:c7:f1:
ef:ad:44:50:55:85:62:68:45:4d:8d:2a:dd:8d:f0:
a7:03:f6:16:ab:69:40:a6:12:84:80:a4:23:3e:47:
d7:b8:3e:0d:83:88:5b:70:5d:d2:06:aa:58:af:9d:
f2:ae:60:3b:1b:3a:04:23:02:f9:a3:b1:3b:38:7f:
88:27:8d:89:34:2d:27:bd:0f:d9:4e:0c:7d:2b:73:
4b:c2:df:b9:b7:d0:46:06:10:ad:5a:62:12:76:46:
1e:ed:1b:80:65:58:3d:75:63:a6:b8:39:b2:cd:bd:
81:85:32:35:da:80:60:21:ad:7f:fc:fe:db:f2:2d:
28:5e:16:82:9c:3e:56:64:44:67:54:47:5f:2c:6a:
58:2f:8a:e1:63:e4:16:01:d6:94:cb:28:c1:cd:be:
87:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:A9:22:72:3B:03:7D:BE:48:70:15:31:A0:69:71:01:DA:12:FD:A4
X509v3 Authority Key Identifier:
keyid:CC:D7:61:59:BF:D9:E3:37:52:3E:E9:30:F3:DF:11:1D:6B:AE:73:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zNdhWb_Z4zdSPukw898RHWuucwY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/LqkicjsDfb5IcBUxoGlxAdoS_aQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/zNdhWb_Z4zdSPukw898RHWuucwY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.81.139.0/24
45.87.255.0/24
45.95.28.0/24
45.129.79.0/24
94.154.188.0/23
94.154.191.0/24
193.187.106.0/24
194.156.104.0/22
212.60.7.0/24
Signature Algorithm: sha256WithRSAEncryption
bd:fd:1d:95:ea:f8:f4:8f:d0:4d:94:f3:e9:56:f6:f9:05:3d:
ef:f9:c3:4b:7b:38:e9:57:de:89:13:35:db:80:2a:7b:6b:4d:
b3:c3:97:1a:63:ab:02:e9:9b:27:41:38:c0:e8:3f:d8:ea:56:
77:38:fd:63:a1:17:a2:d7:99:1f:85:19:d3:56:28:b3:8e:23:
18:d2:1c:6b:f8:33:ff:f0:5f:b7:77:80:ce:62:7c:42:35:b2:
14:5e:c9:51:47:7b:76:09:c3:02:83:72:e8:bf:82:4c:6d:59:
56:f6:ca:da:07:3b:2e:46:4e:92:c8:82:63:ce:c8:97:51:25:
df:37:e8:7a:3d:a8:41:03:9a:1f:d8:7b:54:01:97:e4:15:a6:
f7:81:a7:6f:a2:5b:6c:76:ab:fd:cb:3a:fc:4a:12:e5:51:47:
1e:c1:a8:dd:b9:81:8a:14:c5:b7:df:f7:ed:05:1b:61:8b:db:
e2:da:5b:09:30:0a:fd:04:63:fb:72:1d:19:7f:35:81:1e:7d:
a1:47:22:f9:c9:b4:9e:85:7d:28:8a:d6:34:6b:34:fc:bc:a1:
57:aa:6b:ba:17:d2:85:2c:cd:5f:5a:a3:fa:fc:dd:26:7f:08:
d6:d5:df:0a:83:27:d7:65:6b:32:c8:40:a7:8e:c5:74:41:e2:
cb:e2:1b:99
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAYl4TawyCnNImpnxlcA9ET/MMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNjZDc2MTU5YmZkOWUzMzc1MjNlZTkzMGYzZGYxMTFkNmJh
ZTczMDYwHhcNMjMwNzIxMTE1NTAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZWE5MjI3MjNiMDM3ZGJlNDg3MDE1MzFhMDY5NzEwMWRhMTJmZGE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1GAN7ye0cz0YyKXvEzxYsXEcVzhp
kQlxUY+2qMYTfwceS6BeMyJRtL5zglqyK5mY5NwGmXAJkiAuMlEUQZLlLGqV99ST
vh3AHpQgQM9d9Xw9jeDd0GziV8Bocg+YtvACHkzg+A0gx/HvrURQVYViaEVNjSrd
jfCnA/YWq2lAphKEgKQjPkfXuD4Ng4hbcF3SBqpYr53yrmA7GzoEIwL5o7E7OH+I
J42JNC0nvQ/ZTgx9K3NLwt+5t9BGBhCtWmISdkYe7RuAZVg9dWOmuDmyzb2BhTI1
2oBgIa1//P7b8i0oXhaCnD5WZERnVEdfLGpYL4rhY+QWAdaUyyjBzb6HjwIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFC6pInI7A32+SHAVMaBpcQHaEv2kMB8GA1UdIwQY
MBaAFMzXYVm/2eM3Uj7pMPPfER1rrnMGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvek5kaFdiX1o0emRTUHVrdzg5OFJIV3V1Y3dZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MC9mNmFkYTEtN2U4YS00YjNlLWI3ZTgt
Zjg1ODlmNjgyNjkxLzEvTHFraWNqc0RmYjVJY0JVeG9HbHhBZG9TX2FRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MC9mNmFkYTEtN2U4YS00YjNlLWI3ZTgtZjg1ODlmNjgyNjkx
LzEvek5kaFdiX1o0emRTUHVrdzg5OFJIV3V1Y3dZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQALVGLAwQA
LVf/AwQALV8cAwQALYFPAwQBXpq8AwQAXpq/AwQAwbtqAwQCwpxoAwQA1DwHMA0G
CSqGSIb3DQEBCwUAA4IBAQC9/R2V6vj0j9BNlPPpVvb5BT3v+cNLezjpV96JEzXb
gCp7a02zw5caY6sC6ZsnQTjA6D/Y6lZ3OP1joRei15kfhRnTViizjiMY0hxr+DP/
8F+3d4DOYnxCNbIUXslRR3t2CcMCg3Lov4JMbVlW9sraBzsuRk6SyIJjzsiXUSXf
N+h6PahBA5of2HtUAZfkFab3gadvoltsdqv9yzr8ShLlUUcewajduYGKFMW33/ft
BRthi9vi2lsJMAr9BGP7ch0ZfzWBHn2hRyL5ybSehX0oitY0azT8vKFXqmu6F9KF
LM1fWqP6/N0mfwjW1d8KgyfXZWsyyECnjsV0QeLL4huZ
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:08:46 2024 by rpki-client on console-ams.rpki-client.org