Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/1bb45a-551c-4967-95ca-77344bcc9191/1/LjqiVpSf1F5cFkiy1OlKbRQrkpk.roa
File: LjqiVpSf1F5cFkiy1OlKbRQrkpk.roa (raw, json)
Hash identifier: dLlYaKc2rjwP1L9oN3LIn1yWD9xh0TNqqlT0glh2DUY=
Subject key identifier: 2E:3A:A2:56:94:9F:D4:5E:5C:16:48:B2:D4:E9:4A:6D:14:2B:92:99
Certificate issuer: /CN=3c4ed942e5c742e77bfb9beb954f872534f52848
Certificate serial: 0185AC3E649B1CAC85D40555545977809C01
Authority key identifier: 3C:4E:D9:42:E5:C7:42:E7:7B:FB:9B:EB:95:4F:87:25:34:F5:28:48
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PE7ZQuXHQud7-5vrlU-HJTT1KEg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/1bb45a-551c-4967-95ca-77344bcc9191/1/LjqiVpSf1F5cFkiy1OlKbRQrkpk.roa
Signing time: Fri 13 Jan 2023 17:47:28 +0000
ROA not before: Fri 13 Jan 2023 17:47:28 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 14618
IP address blocks: 62.182.170.0/24 maxlen: 24
83.97.100.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:ac:3e:64:9b:1c:ac:85:d4:05:55:54:59:77:80:9c:01
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3c4ed942e5c742e77bfb9beb954f872534f52848
Validity
Not Before: Jan 13 17:47:28 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2e3aa256949fd45e5c1648b2d4e94a6d142b9299
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:89:7f:7e:95:82:a7:b2:03:a1:45:ea:00:11:
78:2d:26:bd:e0:70:1f:40:85:7f:a4:f5:a5:5b:9e:
90:e2:2e:4f:fe:e4:60:2f:aa:27:3d:73:ce:5a:de:
96:bb:35:57:b6:73:60:61:df:c2:59:29:e6:aa:7d:
1f:8d:b9:da:59:f6:b6:9c:fe:7e:8c:fd:77:81:e8:
46:0e:1a:b7:13:5b:f4:80:9d:67:fe:48:7c:4d:82:
92:9e:04:c0:25:9c:1a:f0:0d:38:19:9f:fc:a4:b0:
15:53:da:60:7b:b3:40:66:3b:15:18:ff:7f:f8:9f:
6d:65:68:da:18:16:88:0d:38:18:f2:d1:e6:b0:79:
56:39:50:9c:79:31:2a:43:83:e0:71:4e:c0:00:f5:
f8:4c:d6:13:2d:1a:11:37:a4:10:0b:ec:12:ac:73:
b4:e9:0d:04:de:6e:9a:5b:d8:52:53:9d:01:78:43:
7e:76:f9:9b:b2:ba:c2:3c:d7:56:ee:bf:b9:53:5a:
9d:b6:b4:01:2d:52:84:83:71:32:24:69:e1:da:e0:
1e:c8:a5:f5:75:ee:f7:80:8b:f8:8f:e9:a2:25:16:
c5:5c:98:8f:74:5e:d5:34:2b:2d:2b:37:66:25:cf:
df:e8:a3:5e:e4:be:cd:db:0e:78:54:23:0c:2d:47:
98:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:3A:A2:56:94:9F:D4:5E:5C:16:48:B2:D4:E9:4A:6D:14:2B:92:99
X509v3 Authority Key Identifier:
keyid:3C:4E:D9:42:E5:C7:42:E7:7B:FB:9B:EB:95:4F:87:25:34:F5:28:48
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PE7ZQuXHQud7-5vrlU-HJTT1KEg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/1bb45a-551c-4967-95ca-77344bcc9191/1/LjqiVpSf1F5cFkiy1OlKbRQrkpk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/1bb45a-551c-4967-95ca-77344bcc9191/1/PE7ZQuXHQud7-5vrlU-HJTT1KEg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.182.170.0/24
83.97.100.0/22
Signature Algorithm: sha256WithRSAEncryption
14:11:0e:5a:c9:35:a9:c2:a7:46:4c:c1:ad:d5:6a:f9:52:e6:
da:84:95:f9:c6:01:a3:a0:9f:f0:72:8a:07:7b:58:5b:73:ff:
e7:13:0b:d9:8f:fc:88:f5:0b:f9:22:d3:83:4d:70:19:b9:02:
9c:7e:42:fb:1a:40:00:f5:a1:55:1d:c4:2a:5e:2b:70:59:aa:
74:94:1f:e0:07:67:ae:7d:62:f2:93:bd:55:0e:b4:a0:d9:b5:
54:3e:4c:fb:ce:73:bc:e2:19:f2:6c:ea:bf:e3:4c:25:d4:63:
99:c3:58:05:54:12:7b:73:c2:a1:8c:8d:12:ee:40:64:01:6e:
9f:8e:42:2e:a1:09:d2:71:36:2e:9f:a0:b9:a0:af:8c:35:20:
da:e7:75:cc:73:34:fd:c1:ed:1b:be:6a:3d:8e:11:71:34:bf:
5d:65:de:1a:75:01:b8:d6:1c:71:84:02:17:bc:06:d9:51:56:
b0:cd:13:bb:8d:48:35:e4:37:de:4d:c6:2f:9a:50:93:69:91:
08:ad:e8:93:3c:cc:cb:e8:4e:ec:f3:ac:80:4b:76:74:cd:88:
9c:8d:34:7e:67:23:b4:37:f9:84:ce:51:e6:4b:09:71:59:b2:
a5:8e:0b:f4:0c:52:62:40:43:f1:47:dc:a5:f0:fd:e6:5c:bf:
21:9f:c7:93
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYWsPmSbHKyF1AVVVFl3gJwBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNjNGVkOTQyZTVjNzQyZTc3YmZiOWJlYjk1NGY4NzI1MzRm
NTI4NDgwHhcNMjMwMTEzMTc0NzI4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZTNhYTI1Njk0OWZkNDVlNWMxNjQ4YjJkNGU5NGE2ZDE0MmI5Mjk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApIl/fpWCp7IDoUXqABF4LSa94HAf
QIV/pPWlW56Q4i5P/uRgL6onPXPOWt6WuzVXtnNgYd/CWSnmqn0fjbnaWfa2nP5+
jP13gehGDhq3E1v0gJ1n/kh8TYKSngTAJZwa8A04GZ/8pLAVU9pge7NAZjsVGP9/
+J9tZWjaGBaIDTgY8tHmsHlWOVCceTEqQ4PgcU7AAPX4TNYTLRoRN6QQC+wSrHO0
6Q0E3m6aW9hSU50BeEN+dvmbsrrCPNdW7r+5U1qdtrQBLVKEg3EyJGnh2uAeyKX1
de73gIv4j+miJRbFXJiPdF7VNCstKzdmJc/f6KNe5L7N2w54VCMMLUeYiQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFC46olaUn9ReXBZIstTpSm0UK5KZMB8GA1UdIwQY
MBaAFDxO2ULlx0Lne/ub65VPhyU09ShIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUEU3WlF1WEhRdWQ3LTV2cmxVLUhKVFQxS0VnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni8xYmI0NWEtNTUxYy00OTY3LTk1Y2Et
NzczNDRiY2M5MTkxLzEvTGpxaVZwU2YxRjVjRmtpeTFPbEtiUlFya3BrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni8xYmI0NWEtNTUxYy00OTY3LTk1Y2EtNzczNDRiY2M5MTkx
LzEvUEU3WlF1WEhRdWQ3LTV2cmxVLUhKVFQxS0VnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAPraqAwQC
U2FkMA0GCSqGSIb3DQEBCwUAA4IBAQAUEQ5ayTWpwqdGTMGt1Wr5UubahJX5xgGj
oJ/wcooHe1hbc//nEwvZj/yI9Qv5ItODTXAZuQKcfkL7GkAA9aFVHcQqXitwWap0
lB/gB2eufWLyk71VDrSg2bVUPkz7znO84hnybOq/40wl1GOZw1gFVBJ7c8KhjI0S
7kBkAW6fjkIuoQnScTYun6C5oK+MNSDa53XMczT9we0bvmo9jhFxNL9dZd4adQG4
1hxxhAIXvAbZUVawzRO7jUg15DfeTcYvmlCTaZEIreiTPMzL6E7s86yAS3Z0zYic
jTR+ZyO0N/mEzlHmSwlxWbKljgv0DFJiQEPxR9yl8P3mXL8hn8eT
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:27:30 2025 by rpki-client