Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/d-LLAedievHLKerdl4laNjq6bZc.roa
File: d-LLAedievHLKerdl4laNjq6bZc.roa (raw, json)
Hash identifier: 0EqDKOkIU4sS7sEux9foYA0VJwoFvnZfEQxlSfbX7Dg=
Subject key identifier: 77:E2:CB:01:E7:62:7A:F1:CB:29:EA:DD:97:89:5A:36:3A:BA:6D:97
Certificate issuer: /CN=ccd76159bfd9e337523ee930f3df111d6bae7306
Certificate serial: 0189784DAD304B25CED999579ABA15463905
Authority key identifier: CC:D7:61:59:BF:D9:E3:37:52:3E:E9:30:F3:DF:11:1D:6B:AE:73:06
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zNdhWb_Z4zdSPukw898RHWuucwY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/d-LLAedievHLKerdl4laNjq6bZc.roa
Signing time: Fri 21 Jul 2023 11:55:03 +0000
ROA not before: Fri 21 Jul 2023 11:55:03 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202656
IP address blocks: 94.154.190.0/24 maxlen: 24
45.87.126.0/24 maxlen: 24
194.59.187.0/24 maxlen: 24
45.95.29.0/24 maxlen: 24
193.187.105.0/24 maxlen: 24
45.128.125.0/24 maxlen: 24
45.128.127.0/24 maxlen: 24
45.128.126.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:78:4d:ad:30:4b:25:ce:d9:99:57:9a:ba:15:46:39:05
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ccd76159bfd9e337523ee930f3df111d6bae7306
Validity
Not Before: Jul 21 11:55:03 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=77e2cb01e7627af1cb29eadd97895a363aba6d97
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:05:00:81:d1:50:f0:c9:f9:3a:96:58:54:04:
69:0e:43:53:2e:aa:c6:77:ca:e1:6d:51:d1:73:29:
55:d5:2b:c3:ad:08:0e:48:17:6f:0b:5f:ba:87:5c:
20:cc:f0:1c:6e:c6:ce:f4:db:42:99:05:b3:af:9c:
b7:97:61:c1:49:9d:ea:9d:16:ab:26:4a:37:8e:c0:
1a:43:6e:21:b1:7e:04:32:fb:9a:ad:14:ec:9e:17:
2f:c3:18:f6:25:33:70:3c:f2:54:e0:7b:32:5f:2e:
c0:51:fc:3d:f1:66:0d:7d:8f:8e:1b:89:ed:6e:8f:
39:8c:6d:8e:09:ba:72:79:8d:9b:19:b4:72:04:9f:
2e:f6:92:43:8f:a3:00:5c:fd:e7:11:45:af:6e:1a:
6a:fc:d3:48:9f:a5:9a:48:55:0e:0d:fc:26:3a:a5:
b6:5b:e1:0a:64:3d:37:4c:cd:cd:58:9c:82:a2:db:
b2:53:da:da:cc:68:23:1c:5b:e2:13:73:c7:da:0b:
66:c6:98:4e:7e:ea:39:9b:0b:4e:7c:30:9d:cc:24:
94:74:3d:ca:4b:79:f6:10:51:5f:14:8b:f2:fc:d4:
e9:2d:d1:f3:14:91:26:d1:e5:d7:65:df:cf:03:dc:
71:69:54:68:7b:78:99:8e:fe:fa:9d:74:cd:d5:2d:
da:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:E2:CB:01:E7:62:7A:F1:CB:29:EA:DD:97:89:5A:36:3A:BA:6D:97
X509v3 Authority Key Identifier:
keyid:CC:D7:61:59:BF:D9:E3:37:52:3E:E9:30:F3:DF:11:1D:6B:AE:73:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zNdhWb_Z4zdSPukw898RHWuucwY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/d-LLAedievHLKerdl4laNjq6bZc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/zNdhWb_Z4zdSPukw898RHWuucwY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.87.126.0/24
45.95.29.0/24
45.128.125.0-45.128.127.255
94.154.190.0/24
193.187.105.0/24
194.59.187.0/24
Signature Algorithm: sha256WithRSAEncryption
83:f2:ad:9a:98:d2:bb:ae:fe:a9:6b:88:ed:0f:10:f9:26:b5:
4d:be:93:c3:1c:b0:65:ec:b5:f3:cc:94:31:ad:b2:94:cb:2f:
e3:ba:d0:c0:f3:08:71:d3:19:57:ce:c2:a1:96:c5:9e:e8:7f:
b6:8b:2a:f1:db:c4:ca:01:1e:30:d9:a3:52:ec:8e:92:34:79:
b6:ba:19:97:17:3c:ec:0a:ad:58:76:5a:f1:4a:84:f9:4c:ed:
82:16:33:9b:73:f3:2f:6f:41:f3:39:a6:99:2d:e7:83:55:0b:
b3:00:be:3c:4d:4e:3b:08:e1:9b:02:6b:38:74:d2:03:0a:07:
38:1c:bd:4a:b3:3b:a1:64:49:91:42:9f:b8:db:3f:69:3b:03:
d1:27:37:e0:60:3e:b1:ea:08:fe:f6:4c:97:72:4d:9d:3e:10:
ea:e9:3f:79:97:48:02:93:dd:bd:06:b5:31:1e:a0:79:37:cd:
e8:29:46:21:a6:2e:ab:5c:33:5b:bc:ab:b5:45:f3:52:b7:cb:
55:4b:21:1c:9f:20:e9:e4:18:b2:9c:65:c1:a9:60:d1:76:11:
14:2c:c8:46:fc:e7:33:df:3d:48:d4:5e:6d:d5:b6:50:35:ce:
c5:12:df:9b:49:3c:0c:d2:05:0b:4c:41:8b:63:2d:19:58:44:
f5:13:c5:d4
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAYl4Ta0wSyXO2ZlXmroVRjkFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNjZDc2MTU5YmZkOWUzMzc1MjNlZTkzMGYzZGYxMTFkNmJh
ZTczMDYwHhcNMjMwNzIxMTE1NTAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3N2UyY2IwMWU3NjI3YWYxY2IyOWVhZGQ5Nzg5NWEzNjNhYmE2ZDk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiAUAgdFQ8Mn5OpZYVARpDkNTLqrG
d8rhbVHRcylV1SvDrQgOSBdvC1+6h1wgzPAcbsbO9NtCmQWzr5y3l2HBSZ3qnRar
Jko3jsAaQ24hsX4EMvuarRTsnhcvwxj2JTNwPPJU4HsyXy7AUfw98WYNfY+OG4nt
bo85jG2OCbpyeY2bGbRyBJ8u9pJDj6MAXP3nEUWvbhpq/NNIn6WaSFUODfwmOqW2
W+EKZD03TM3NWJyCotuyU9razGgjHFviE3PH2gtmxphOfuo5mwtOfDCdzCSUdD3K
S3n2EFFfFIvy/NTpLdHzFJEm0eXXZd/PA9xxaVRoe3iZjv76nXTN1S3agwIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFHfiywHnYnrxyynq3ZeJWjY6um2XMB8GA1UdIwQY
MBaAFMzXYVm/2eM3Uj7pMPPfER1rrnMGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvek5kaFdiX1o0emRTUHVrdzg5OFJIV3V1Y3dZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MC9mNmFkYTEtN2U4YS00YjNlLWI3ZTgt
Zjg1ODlmNjgyNjkxLzEvZC1MTEFlZGlldkhMS2VyZGw0bGFOanE2YlpjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MC9mNmFkYTEtN2U4YS00YjNlLWI3ZTgtZjg1ODlmNjgyNjkx
LzEvek5kaFdiX1o0emRTUHVrdzg5OFJIV3V1Y3dZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAyBAIAATAsAwQALVd+AwQA
LV8dMAwDBAAtgH0DBActgAADBABemr4DBADBu2kDBADCO7swDQYJKoZIhvcNAQEL
BQADggEBAIPyrZqY0ruu/qlriO0PEPkmtU2+k8McsGXstfPMlDGtspTLL+O60MDz
CHHTGVfOwqGWxZ7of7aLKvHbxMoBHjDZo1LsjpI0eba6GZcXPOwKrVh2WvFKhPlM
7YIWM5tz8y9vQfM5ppkt54NVC7MAvjxNTjsI4ZsCazh00gMKBzgcvUqzO6FkSZFC
n7jbP2k7A9EnN+BgPrHqCP72TJdyTZ0+EOrpP3mXSAKT3b0GtTEeoHk3zegpRiGm
LqtcM1u8q7VF81K3y1VLIRyfIOnkGLKcZcGpYNF2ERQsyEb85zPfPUjUXm3VtlA1
zsUS35tJPAzSBQtMQYtjLRlYRPUTxdQ=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:08:46 2024 by rpki-client on console-ams.rpki-client.org