Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/3bfc31-dc32-4541-8460-c927b8c2c7c4/1/LGcO_rv8ebl5PMfQVSrzVurEanw.roa
File: LGcO_rv8ebl5PMfQVSrzVurEanw.roa (raw, json)
Hash identifier: m0g3tUTsoctPE8EXp4KrIUQxHQE80T2A1BfQye7O0DY=
Subject key identifier: 2C:67:0E:FE:BB:FC:79:B9:79:3C:C7:D0:55:2A:F3:56:EA:C4:6A:7C
Certificate issuer: /CN=c398060f1bf22f0999cb071b1b42696dbc43e10c
Certificate serial: 2FB045C5
Authority key identifier: C3:98:06:0F:1B:F2:2F:09:99:CB:07:1B:1B:42:69:6D:BC:43:E1:0C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w5gGDxvyLwmZywcbG0JpbbxD4Qw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/3bfc31-dc32-4541-8460-c927b8c2c7c4/1/LGcO_rv8ebl5PMfQVSrzVurEanw.roa
Signing time: Sat 01 Jan 2022 10:04:45 +0000
ROA not before: Sat 01 Jan 2022 10:04:45 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 286
IP address blocks: 194.120.0.252/32 maxlen: 32
193.141.0.0/23 maxlen: 23
193.141.2.0/24 maxlen: 24
194.120.112.0/22 maxlen: 22
194.120.120.0/22 maxlen: 22
193.242.80.0/20 maxlen: 20
194.121.52.0/22 maxlen: 22
192.16.202.0/24 maxlen: 24
193.141.44.0/23 maxlen: 23
193.141.40.0/22 maxlen: 22
134.222.0.0/16 maxlen: 16
194.45.182.0/23 maxlen: 23
194.122.248.0/22 maxlen: 22
194.123.164.0/24 maxlen: 24
194.120.0.0/24 maxlen: 24
194.123.122.0/24 maxlen: 24
194.120.43.0/24 maxlen: 24
194.122.80.0/21 maxlen: 21
62.132.116.0/23 maxlen: 23
62.132.114.0/23 maxlen: 23
192.129.32.0/23 maxlen: 24
192.129.36.0/24 maxlen: 24
62.132.132.0/23 maxlen: 23
192.129.44.0/24 maxlen: 24
192.129.43.0/24 maxlen: 24
192.129.46.0/23 maxlen: 23
192.129.48.0/23 maxlen: 23
192.129.56.0/23 maxlen: 23
62.41.160.0/24 maxlen: 24
194.45.4.0/23 maxlen: 23
192.129.54.0/24 maxlen: 24
194.122.120.0/21 maxlen: 21
62.41.84.0/23 maxlen: 23
62.41.80.0/22 maxlen: 22
62.41.102.0/24 maxlen: 24
212.1.0.0/19 maxlen: 19
194.122.76.0/22 maxlen: 22
194.45.98.0/23 maxlen: 23
194.122.224.0/20 maxlen: 20
194.45.12.0/23 maxlen: 23
194.45.47.0/24 maxlen: 24
194.121.123.0/24 maxlen: 24
194.151.203.0/24 maxlen: 24
92.71.0.0/17 maxlen: 17
192.67.190.0/23 maxlen: 23
212.189.0.0/17 maxlen: 17
192.67.192.0/22 maxlen: 22
192.67.196.0/24 maxlen: 24
193.141.140.0/23 maxlen: 23
194.121.104.0/23 maxlen: 23
62.41.16.0/21 maxlen: 21
62.132.0.0/22 maxlen: 22
62.41.24.0/22 maxlen: 22
62.132.16.0/22 maxlen: 22
62.41.37.0/24 maxlen: 24
62.132.24.0/23 maxlen: 23
62.41.32.0/24 maxlen: 24
62.132.28.0/24 maxlen: 24
92.71.128.0/18 maxlen: 18
62.41.56.0/21 maxlen: 21
62.132.42.0/23 maxlen: 23
62.41.64.0/20 maxlen: 20
194.41.62.0/24 maxlen: 24
192.54.104.0/24 maxlen: 24
194.121.203.0/24 maxlen: 24
62.41.0.0/20 maxlen: 20
194.121.220.0/22 maxlen: 22
2a00:1750::/32 maxlen: 32
2001:680:12::/48 maxlen: 48
2001:680:19::/48 maxlen: 48
2001:680::/32 maxlen: 32
2001:680:20::/48 maxlen: 48
2001:680:16::/48 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 800081349 (0x2fb045c5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c398060f1bf22f0999cb071b1b42696dbc43e10c
Validity
Not Before: Jan 1 10:04:45 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2c670efebbfc79b9793cc7d0552af356eac46a7c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:b6:cb:94:04:87:bc:cf:65:cc:9e:37:c4:f9:
07:43:d3:d4:47:0f:b4:99:c8:8f:de:9a:d7:15:a6:
95:7d:da:4f:e2:a5:6a:76:57:36:85:2b:e8:45:1f:
91:df:0f:58:ab:d9:7e:0c:9e:3a:c1:c2:00:04:af:
b7:b8:f0:d0:a1:6d:97:b9:74:8d:9c:35:cc:87:04:
e4:e9:53:d0:33:c6:0f:5f:0d:a4:83:81:dc:11:d7:
c6:d6:c2:a1:ef:0f:9e:1b:6b:43:72:57:70:e1:c3:
1b:3e:f4:aa:eb:0a:b4:94:b5:dd:c8:e4:c3:6f:56:
8d:3e:7d:f0:79:dc:3e:3d:98:c8:63:13:f3:be:1a:
46:40:e5:4e:63:65:49:96:0a:32:7c:20:a2:7b:1f:
9d:e2:be:4a:c3:5e:71:af:77:40:20:ac:1a:d2:35:
e1:51:f3:c3:6c:17:dd:bb:20:a1:d8:c2:55:b4:82:
b7:04:9a:81:be:0e:16:a1:7b:ce:d6:e2:1a:d6:e4:
3e:7b:1b:09:74:f7:d8:8b:02:ef:1a:a5:b8:ef:c0:
cf:19:8e:a7:2e:12:34:d8:c8:e6:74:a7:2c:60:2f:
e5:07:38:20:bf:21:0f:bb:18:f3:21:c4:1b:ef:ca:
ef:18:a1:03:c3:fc:dd:4d:70:8a:45:2c:df:fb:72:
0f:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:67:0E:FE:BB:FC:79:B9:79:3C:C7:D0:55:2A:F3:56:EA:C4:6A:7C
X509v3 Authority Key Identifier:
keyid:C3:98:06:0F:1B:F2:2F:09:99:CB:07:1B:1B:42:69:6D:BC:43:E1:0C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w5gGDxvyLwmZywcbG0JpbbxD4Qw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/3bfc31-dc32-4541-8460-c927b8c2c7c4/1/LGcO_rv8ebl5PMfQVSrzVurEanw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/3bfc31-dc32-4541-8460-c927b8c2c7c4/1/w5gGDxvyLwmZywcbG0JpbbxD4Qw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.41.0.0-62.41.27.255
62.41.32.0/24
62.41.37.0/24
62.41.56.0-62.41.85.255
62.41.102.0/24
62.41.160.0/24
62.132.0.0/22
62.132.16.0/22
62.132.24.0/23
62.132.28.0/24
62.132.42.0/23
62.132.114.0-62.132.117.255
62.132.132.0/23
92.71.0.0-92.71.191.255
134.222.0.0/16
192.16.202.0/24
192.54.104.0/24
192.67.190.0-192.67.196.255
192.129.32.0/23
192.129.36.0/24
192.129.43.0-192.129.44.255
192.129.46.0-192.129.49.255
192.129.54.0/24
192.129.56.0/23
193.141.0.0-193.141.2.255
193.141.40.0-193.141.45.255
193.141.140.0/23
193.242.80.0/20
194.41.62.0/24
194.45.4.0/23
194.45.12.0/23
194.45.47.0/24
194.45.98.0/23
194.45.182.0/23
194.120.0.0/24
194.120.43.0/24
194.120.112.0/22
194.120.120.0/22
194.121.52.0/22
194.121.104.0/23
194.121.123.0/24
194.121.203.0/24
194.121.220.0/22
194.122.76.0-194.122.87.255
194.122.120.0/21
194.122.224.0/20
194.122.248.0/22
194.123.122.0/24
194.123.164.0/24
194.151.203.0/24
212.1.0.0/19
212.189.0.0/17
IPv6:
2001:680::/32
2a00:1750::/32
Signature Algorithm: sha256WithRSAEncryption
3c:df:00:2f:9f:e7:31:b1:57:17:0e:e8:fe:01:80:b5:5d:36:
06:4e:2b:92:d8:5d:03:85:40:88:98:54:4b:df:e3:27:ff:3d:
ee:1d:18:c1:30:6c:8e:51:ea:a7:82:72:83:cb:d9:18:1c:14:
54:43:e3:4e:f3:ae:65:c1:78:d3:bf:32:4b:9a:64:bc:68:b9:
5a:79:3d:bf:88:3c:1d:25:00:aa:be:a1:24:13:65:82:e4:55:
7a:54:ca:75:34:a2:ee:51:82:f5:3e:51:4d:e9:69:bc:eb:b3:
51:9d:e7:45:64:e2:b3:71:75:aa:34:34:00:b4:8f:79:56:eb:
3b:ff:d7:7f:74:a0:8f:53:01:4c:f3:53:3a:c0:c1:c2:30:a4:
a4:72:dc:4e:72:bc:35:33:ba:3c:d1:04:4e:3b:68:fc:f3:12:
a4:d3:80:7d:c7:d0:07:b8:46:e0:b2:98:73:1a:7c:b1:a3:11:
78:54:b8:a1:be:51:6c:77:22:7e:95:f6:95:38:5c:b8:ee:76:
1d:b0:01:8d:ac:43:95:25:f0:3b:72:07:c3:c9:00:48:0c:50:
03:9d:9c:5e:f5:2b:c4:86:67:72:fb:6e:9a:de:ab:1a:53:07:
e4:70:78:cc:1b:46:aa:02:bf:56:d6:62:d7:58:dd:04:a5:7a:
6c:97:1d:82
-----BEGIN CERTIFICATE-----
MIIGjTCCBXWgAwIBAgIEL7BFxTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
Mzk4MDYwZjFiZjIyZjA5OTljYjA3MWIxYjQyNjk2ZGJjNDNlMTBjMB4XDTIyMDEw
MTEwMDQ0NVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMmM2NzBlZmViYmZj
NzliOTc5M2NjN2QwNTUyYWYzNTZlYWM0NmE3YzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMy2y5QEh7zPZcyeN8T5B0PT1EcPtJnIj96a1xWmlX3aT+Kl
anZXNoUr6EUfkd8PWKvZfgyeOsHCAASvt7jw0KFtl7l0jZw1zIcE5OlT0DPGD18N
pIOB3BHXxtbCoe8PnhtrQ3JXcOHDGz70qusKtJS13cjkw29WjT598HncPj2YyGMT
874aRkDlTmNlSZYKMnwgonsfneK+SsNeca93QCCsGtI14VHzw2wX3bsgodjCVbSC
twSagb4OFqF7ztbiGtbkPnsbCXT32IsC7xqluO/AzxmOpy4SNNjI5nSnLGAv5Qc4
IL8hD7sY8yHEG+/K7xihA8P83U1wikUs3/tyD70CAwEAAaOCA6cwggOjMB0GA1Ud
DgQWBBQsZw7+u/x5uXk8x9BVKvNW6sRqfDAfBgNVHSMEGDAWgBTDmAYPG/IvCZnL
BxsbQmltvEPhDDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3c1Z0dEeHZ5THdtWnl3Y2JHMEpwYmJ4RDRRdy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjAvM2JmYzMxLWRjMzItNDU0MS04NDYwLWM5MjdiOGMyYzdjNC8x
L0xHY09fcnY4ZWJsNVBNZlFWU3J6VnVyRWFudy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjAv
M2JmYzMxLWRjMzItNDU0MS04NDYwLWM5MjdiOGMyYzdjNC8xL3c1Z0dEeHZ5THdt
Wnl3Y2JHMEpwYmJ4RDRRdy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCC
AbsGCCsGAQUFBwEHAQH/BIIBqjCCAaYwggGMBAIAATCCAYQwCwMDAD4pAwQCPikY
AwQAPikgAwQAPiklMAwDBAM+KTgDBAE+KVQDBAA+KWYDBAA+KaADBAI+hAADBAI+
hBADBAE+hBgDBAA+hBwDBAE+hCowDAMEAT6EcgMEAT6EdAMEAT6EhDALAwMAXEcD
BAZcR4ADAwCG3gMEAMAQygMEAMA2aDAMAwQBwEO+AwQAwEPEAwQBwIEgAwQAwIEk
MAwDBADAgSsDBADAgSwwDAMEAcCBLgMEAcCBMAMEAMCBNgMEAcCBODALAwMAwY0D
BADBjQIwDAMEA8GNKAMEAcGNLAMEAcGNjAMEBMHyUAMEAMIpPgMEAcItBAMEAcIt
DAMEAMItLwMEAcItYgMEAcIttgMEAMJ4AAMEAMJ4KwMEAsJ4cAMEAsJ4eAMEAsJ5
NAMEAcJ5aAMEAMJ5ewMEAMJ5ywMEAsJ53DAMAwQCwnpMAwQDwnpQAwQDwnp4AwQE
wnrgAwQCwnr4AwQAwnt6AwQAwnukAwQAwpfLAwQF1AEAAwQH1L0AMBQEAgACMA4D
BQAgAQaAAwUAKgAXUDANBgkqhkiG9w0BAQsFAAOCAQEAPN8AL5/nMbFXFw7o/gGA
tV02Bk4rkthdA4VAiJhUS9/jJ/897h0YwTBsjlHqp4Jyg8vZGBwUVEPjTvOuZcF4
078yS5pkvGi5Wnk9v4g8HSUAqr6hJBNlguRVelTKdTSi7lGC9T5RTelpvOuzUZ3n
RWTis3F1qjQ0ALSPeVbrO//Xf3Sgj1MBTPNTOsDBwjCkpHLcTnK8NTO6PNEETjto
/PMSpNOAfcfQB7hG4LKYcxp8saMReFS4ob5RbHcifpX2lThcuO52HbABjaxDlSXw
O3IHw8kASAxQA52cXvUrxIZncvtumt6rGlMH5HB4zBtGqgK/VtZi11jdBKV6bJcd
gg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:38:51 2024 by rpki-client on console-ams.rpki-client.org