Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/1bb45a-551c-4967-95ca-77344bcc9191/1/LgmCDWFTCvcMho0L6BjenEDPX4s.roa
File: LgmCDWFTCvcMho0L6BjenEDPX4s.roa (raw, json)
Hash identifier: VCRaFGs6Bs5nJHrIXnl5wFKFQ3KmPhAJppOUjmmM2sc=
Subject key identifier: 2E:09:82:0D:61:53:0A:F7:0C:86:8D:0B:E8:18:DE:9C:40:CF:5F:8B
Certificate issuer: /CN=3c4ed942e5c742e77bfb9beb954f872534f52848
Certificate serial: 0184A8A8A8F5DC49E9E161FF4F33ED42F137
Authority key identifier: 3C:4E:D9:42:E5:C7:42:E7:7B:FB:9B:EB:95:4F:87:25:34:F5:28:48
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PE7ZQuXHQud7-5vrlU-HJTT1KEg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/1bb45a-551c-4967-95ca-77344bcc9191/1/LgmCDWFTCvcMho0L6BjenEDPX4s.roa
Signing time: Thu 24 Nov 2022 08:02:16 +0000
ROA not before: Thu 24 Nov 2022 08:02:16 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 3320
IP address blocks: 62.182.168.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:a8:a8:a8:f5:dc:49:e9:e1:61:ff:4f:33:ed:42:f1:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3c4ed942e5c742e77bfb9beb954f872534f52848
Validity
Not Before: Nov 24 08:02:16 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2e09820d61530af70c868d0be818de9c40cf5f8b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:13:84:9f:cd:97:b7:69:97:61:08:a8:0e:93:
0f:5f:7b:cf:e6:b4:98:71:75:f1:84:fb:aa:ba:04:
25:1e:cb:d4:44:66:ff:70:b9:c0:59:70:c9:4c:e5:
2c:20:3f:68:79:2d:28:cc:bb:49:2f:de:78:76:ff:
7c:61:27:64:e3:91:1d:b3:0d:8b:de:c2:ac:ff:3c:
92:db:74:d7:57:ba:2b:a7:73:d9:9d:3f:b3:8c:70:
b3:3b:8a:18:cb:6e:65:f4:66:27:ce:32:de:34:b9:
06:ae:2f:3e:90:58:f6:60:72:75:e8:5b:82:e0:5e:
92:e9:e5:ab:45:36:53:e8:43:aa:14:cd:f0:32:4b:
c3:78:36:1e:47:c5:cb:39:1f:99:5d:70:40:d4:b4:
92:53:91:8f:14:33:5c:76:ec:96:2d:0c:0c:0f:5a:
2a:68:8e:65:93:62:e1:8c:f6:5e:b3:d2:89:54:7c:
20:64:8e:f3:2a:46:c8:59:b9:0c:c3:af:b0:74:0e:
8b:16:1f:35:2c:3e:82:b8:79:8f:ea:89:d8:42:35:
16:53:14:b6:2d:ba:91:2d:2d:cc:41:bb:20:e7:61:
3c:c2:b4:67:ee:a0:5f:80:12:a1:68:9c:82:bd:74:
aa:56:07:46:7c:e4:4b:ef:1c:ed:fa:44:82:56:88:
c9:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:09:82:0D:61:53:0A:F7:0C:86:8D:0B:E8:18:DE:9C:40:CF:5F:8B
X509v3 Authority Key Identifier:
keyid:3C:4E:D9:42:E5:C7:42:E7:7B:FB:9B:EB:95:4F:87:25:34:F5:28:48
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PE7ZQuXHQud7-5vrlU-HJTT1KEg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/1bb45a-551c-4967-95ca-77344bcc9191/1/LgmCDWFTCvcMho0L6BjenEDPX4s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/1bb45a-551c-4967-95ca-77344bcc9191/1/PE7ZQuXHQud7-5vrlU-HJTT1KEg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.182.168.0/24
Signature Algorithm: sha256WithRSAEncryption
1b:d7:a1:61:c0:d4:b7:6c:e2:df:f1:ac:06:65:52:01:ac:d3:
8f:76:64:68:25:7a:66:09:64:5b:fc:cd:b5:c4:8c:51:62:99:
92:1f:51:d0:25:3f:98:d2:b9:f5:51:5a:a6:40:94:01:09:12:
c9:06:fb:df:27:d8:2d:ef:46:9b:0f:04:a1:3b:30:21:92:be:
42:60:5a:04:10:83:c4:17:36:b1:a1:dd:04:5e:7f:5d:40:4a:
ea:3d:d7:14:6a:25:6a:1d:11:c4:a3:85:e8:73:0c:44:91:06:
07:e1:a7:a6:a2:97:5d:8a:d1:df:49:13:91:3e:36:54:39:81:
52:c2:73:7a:9f:51:96:2d:cb:9d:17:d9:dd:88:36:a5:eb:4c:
11:59:e1:04:bd:38:fa:ef:fb:e9:1b:37:18:b6:72:ad:3d:29:
bb:70:cd:51:d4:41:86:12:61:ce:d8:b5:2e:3b:87:30:86:36:
1c:2a:7e:53:45:5c:82:54:7e:55:f6:25:ec:c8:84:60:d0:ed:
2b:e2:4a:cf:fe:94:55:7a:aa:83:11:a6:53:9c:80:eb:49:a5:
ec:a4:33:02:0b:e1:bb:e2:d2:ad:12:37:c4:46:48:8e:e7:d1:
f5:7e:42:6f:23:e6:e5:55:50:f3:34:4f:90:67:d6:9b:d2:ef:
bb:5b:47:d1
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYSoqKj13Enp4WH/TzPtQvE3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNjNGVkOTQyZTVjNzQyZTc3YmZiOWJlYjk1NGY4NzI1MzRm
NTI4NDgwHhcNMjIxMTI0MDgwMjE2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZTA5ODIwZDYxNTMwYWY3MGM4NjhkMGJlODE4ZGU5YzQwY2Y1ZjhiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkhOEn82Xt2mXYQioDpMPX3vP5rSY
cXXxhPuqugQlHsvURGb/cLnAWXDJTOUsID9oeS0ozLtJL954dv98YSdk45Edsw2L
3sKs/zyS23TXV7orp3PZnT+zjHCzO4oYy25l9GYnzjLeNLkGri8+kFj2YHJ16FuC
4F6S6eWrRTZT6EOqFM3wMkvDeDYeR8XLOR+ZXXBA1LSSU5GPFDNcduyWLQwMD1oq
aI5lk2LhjPZes9KJVHwgZI7zKkbIWbkMw6+wdA6LFh81LD6CuHmP6onYQjUWUxS2
LbqRLS3MQbsg52E8wrRn7qBfgBKhaJyCvXSqVgdGfORL7xzt+kSCVojJXQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFC4Jgg1hUwr3DIaNC+gY3pxAz1+LMB8GA1UdIwQY
MBaAFDxO2ULlx0Lne/ub65VPhyU09ShIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUEU3WlF1WEhRdWQ3LTV2cmxVLUhKVFQxS0VnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni8xYmI0NWEtNTUxYy00OTY3LTk1Y2Et
NzczNDRiY2M5MTkxLzEvTGdtQ0RXRlRDdmNNaG8wTDZCamVuRURQWDRzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni8xYmI0NWEtNTUxYy00OTY3LTk1Y2EtNzczNDRiY2M5MTkx
LzEvUEU3WlF1WEhRdWQ3LTV2cmxVLUhKVFQxS0VnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAPraoMA0G
CSqGSIb3DQEBCwUAA4IBAQAb16FhwNS3bOLf8awGZVIBrNOPdmRoJXpmCWRb/M21
xIxRYpmSH1HQJT+Y0rn1UVqmQJQBCRLJBvvfJ9gt70abDwShOzAhkr5CYFoEEIPE
Fzaxod0EXn9dQErqPdcUaiVqHRHEo4XocwxEkQYH4aemopdditHfSRORPjZUOYFS
wnN6n1GWLcudF9ndiDal60wRWeEEvTj67/vpGzcYtnKtPSm7cM1R1EGGEmHO2LUu
O4cwhjYcKn5TRVyCVH5V9iXsyIRg0O0r4krP/pRVeqqDEaZTnIDrSaXspDMCC+G7
4tKtEjfERkiO59H1fkJvI+blVVDzNE+QZ9ab0u+7W0fR
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:33:16 2025 by rpki-client