Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/LclQEnH3ANSwkvWX4VevY6fHSRQ.roa
File: LclQEnH3ANSwkvWX4VevY6fHSRQ.roa (raw, json)
Hash identifier: J+HWUcdfkYSNlRtxQoWeUWQQf8v16cttsxPLtWVJ5tk=
Subject key identifier: 2D:C9:50:12:71:F7:00:D4:B0:92:F5:97:E1:57:AF:63:A7:C7:49:14
Certificate issuer: /CN=6ddb38b343da2d119309edaa19c7a78870327ebe
Certificate serial: 1AC585C4
Authority key identifier: 6D:DB:38:B3:43:DA:2D:11:93:09:ED:AA:19:C7:A7:88:70:32:7E:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bds4s0PaLRGTCe2qGceniHAyfr4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/LclQEnH3ANSwkvWX4VevY6fHSRQ.roa
Signing time: Sun 02 Jan 2022 11:08:08 +0000
ROA not before: Sun 02 Jan 2022 11:08:08 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 39650
IP address blocks: 82.97.241.0/24 maxlen: 24
185.239.0.0/24 maxlen: 24
82.97.246.0/24 maxlen: 24
82.97.243.0/24 maxlen: 24
82.97.247.0/24 maxlen: 24
188.240.196.0/24 maxlen: 24
185.3.200.0/24 maxlen: 24
89.38.212.0/24 maxlen: 24
89.38.213.0/24 maxlen: 24
89.38.214.0/24 maxlen: 24
89.38.215.0/24 maxlen: 24
188.212.96.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 449152452 (0x1ac585c4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ddb38b343da2d119309edaa19c7a78870327ebe
Validity
Not Before: Jan 2 11:08:08 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2dc9501271f700d4b092f597e157af63a7c74914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:01:0c:8a:f9:79:2b:ab:e7:3c:29:51:d1:ea:
15:30:72:db:07:94:3f:a8:cf:bc:7f:15:7a:6f:1d:
be:d4:bf:f0:a4:48:18:2c:d0:e7:99:97:d6:69:6c:
c0:4b:04:57:d9:cf:28:b7:05:f4:b1:0b:5e:e8:65:
3e:de:69:d7:d7:94:66:7c:bc:51:67:41:85:ab:c6:
ec:3b:50:9e:83:67:2c:d4:65:0f:a4:50:c1:57:ae:
a2:ed:9d:99:b8:70:d2:b4:8e:13:eb:43:15:ff:a8:
79:ba:f0:21:c1:5d:3a:9e:ed:85:2e:2a:6c:f7:22:
0b:2d:3b:36:35:52:73:79:fd:ce:cd:b6:04:19:7e:
1f:1a:de:dc:33:72:98:7d:89:51:b8:6d:de:88:95:
a5:3d:66:16:48:97:9a:e9:90:a7:e5:17:5d:c8:0a:
ba:98:2c:eb:77:c6:99:8d:21:e6:79:fb:89:89:8f:
a5:42:a5:63:32:92:5b:73:2e:72:0c:7c:a4:e2:22:
5d:13:7e:5d:53:21:9a:cf:5a:79:3e:9b:f1:02:d8:
55:cd:9e:d2:06:6a:8b:11:ac:75:dd:54:f3:96:c6:
73:97:18:38:2d:bb:ea:d4:0e:0c:9b:96:23:cb:ba:
ef:c7:50:ce:79:db:80:95:2b:2e:b4:8b:74:54:93:
3f:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:C9:50:12:71:F7:00:D4:B0:92:F5:97:E1:57:AF:63:A7:C7:49:14
X509v3 Authority Key Identifier:
keyid:6D:DB:38:B3:43:DA:2D:11:93:09:ED:AA:19:C7:A7:88:70:32:7E:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bds4s0PaLRGTCe2qGceniHAyfr4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/LclQEnH3ANSwkvWX4VevY6fHSRQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/bds4s0PaLRGTCe2qGceniHAyfr4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.97.241.0/24
82.97.243.0/24
82.97.246.0/23
89.38.212.0/22
185.3.200.0/24
185.239.0.0/24
188.212.96.0/22
188.240.196.0/24
Signature Algorithm: sha256WithRSAEncryption
4c:9d:e9:41:82:ee:34:97:aa:5a:0b:a8:2a:a5:2c:d3:4d:93:
0a:d2:19:5f:5f:30:86:58:9b:a1:b0:f5:80:f2:2b:54:b4:67:
16:33:98:f0:39:df:9a:ff:da:93:62:e3:e4:d1:cd:9d:76:11:
9b:3f:0d:53:3e:de:eb:2f:e4:44:1f:ef:d6:fb:09:60:41:69:
e4:13:8c:16:4c:62:cc:28:61:e2:f0:4f:b4:0c:b9:92:d1:53:
e2:a5:36:0e:d6:05:49:6c:07:0c:ba:f6:c9:3e:3c:42:db:c4:
c4:36:e4:af:0b:af:8d:0d:2e:78:bc:92:76:cf:ad:2c:db:18:
99:77:1d:3d:90:59:7b:42:ec:bc:51:17:e0:73:46:c7:32:9e:
d7:fa:13:ff:12:88:fd:46:9d:c0:ee:f7:07:78:cb:34:c6:b8:
ae:a1:fe:88:94:f5:91:e0:15:fa:48:33:ee:fb:5e:97:5c:4b:
d7:1d:1e:3f:2f:dc:6b:c9:aa:00:c1:1a:34:4b:c5:bd:5c:78:
16:57:ff:a1:4f:5a:66:ec:1d:ab:6e:51:f5:35:dd:66:0e:96:
e5:d1:46:71:66:12:fc:72:d2:1c:d7:81:35:9d:98:82:c4:b5:
ce:85:43:74:a3:e1:7d:74:af:74:d8:a3:96:1d:9a:d3:c2:e2:
53:e1:a9:f1
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgIEGsWFxDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
ZGRiMzhiMzQzZGEyZDExOTMwOWVkYWExOWM3YTc4ODcwMzI3ZWJlMB4XDTIyMDEw
MjExMDgwOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMmRjOTUwMTI3MWY3
MDBkNGIwOTJmNTk3ZTE1N2FmNjNhN2M3NDkxNDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJUBDIr5eSur5zwpUdHqFTBy2weUP6jPvH8Vem8dvtS/8KRI
GCzQ55mX1mlswEsEV9nPKLcF9LELXuhlPt5p19eUZny8UWdBhavG7DtQnoNnLNRl
D6RQwVeuou2dmbhw0rSOE+tDFf+oebrwIcFdOp7thS4qbPciCy07NjVSc3n9zs22
BBl+Hxre3DNymH2JUbht3oiVpT1mFkiXmumQp+UXXcgKupgs63fGmY0h5nn7iYmP
pUKlYzKSW3Mucgx8pOIiXRN+XVMhms9aeT6b8QLYVc2e0gZqixGsdd1U85bGc5cY
OC276tQODJuWI8u678dQznnbgJUrLrSLdFSTP4UCAwEAAaOCAjMwggIvMB0GA1Ud
DgQWBBQtyVAScfcA1LCS9ZfhV69jp8dJFDAfBgNVHSMEGDAWgBRt2zizQ9otEZMJ
7aoZx6eIcDJ+vjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2JkczRzMFBhTFJHVENlMnFHY2VuaUhBeWZyNC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTIvYzk2MWEwLTRmNTMtNDIyYS1iN2RkLTNkZmE1MTBkNmIxNi8x
L0xjbFFFbkgzQU5Td2t2V1g0VmV2WTZmSFNSUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTIv
Yzk2MWEwLTRmNTMtNDIyYS1iN2RkLTNkZmE1MTBkNmIxNi8xL2JkczRzMFBhTFJH
VENlMnFHY2VuaUhBeWZyNC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBJ
BggrBgEFBQcBBwEB/wQ6MDgwNgQCAAEwMAMEAFJh8QMEAFJh8wMEAVJh9gMEAlkm
1AMEALkDyAMEALnvAAMEArzUYAMEALzwxDANBgkqhkiG9w0BAQsFAAOCAQEATJ3p
QYLuNJeqWguoKqUs002TCtIZX18whlibobD1gPIrVLRnFjOY8Dnfmv/ak2Lj5NHN
nXYRmz8NUz7e6y/kRB/v1vsJYEFp5BOMFkxizChh4vBPtAy5ktFT4qU2DtYFSWwH
DLr2yT48QtvExDbkrwuvjQ0ueLySds+tLNsYmXcdPZBZe0LsvFEX4HNGxzKe1/oT
/xKI/UadwO73B3jLNMa4rqH+iJT1keAV+kgz7vtel1xL1x0ePy/ca8mqAMEaNEvF
vVx4Flf/oU9aZuwdq25R9TXdZg6W5dFGcWYS/HLSHNeBNZ2YgsS1zoVDdKPhfXSv
dNijlh2a08LiU+Gp8Q==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:09:49 2024 by rpki-client on console-ams.rpki-client.org