Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b5/7a39b1-1d1c-4919-b19c-3eebe7196972/1/Lid08dpcfS3oBRCOFUG-JBpaNfc.roa
File: Lid08dpcfS3oBRCOFUG-JBpaNfc.roa (raw, json)
Hash identifier: pP0IX21SW48g7kDsKd0wVG/I2Es4IP/srTJfQlt/jZg=
Subject key identifier: 2E:27:74:F1:DA:5C:7D:2D:E8:05:10:8E:15:41:BE:24:1A:5A:35:F7
Certificate issuer: /CN=679a75debd65359a45317f203f11a321e14b2f2c
Certificate serial: 0701B406
Authority key identifier: 67:9A:75:DE:BD:65:35:9A:45:31:7F:20:3F:11:A3:21:E1:4B:2F:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Z5p13r1lNZpFMX8gPxGjIeFLLyw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b5/7a39b1-1d1c-4919-b19c-3eebe7196972/1/Lid08dpcfS3oBRCOFUG-JBpaNfc.roa
Signing time: Wed 08 Jun 2022 17:08:03 +0000
ROA not before: Wed 08 Jun 2022 17:08:03 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 61317
IP address blocks: 37.156.226.0/24 maxlen: 24
87.121.136.0/21 maxlen: 24
185.137.36.0/22 maxlen: 24
94.176.96.0/24 maxlen: 24
93.114.129.0/24 maxlen: 24
86.106.135.0/24 maxlen: 24
89.44.77.0/24 maxlen: 24
46.102.116.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 117552134 (0x701b406)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=679a75debd65359a45317f203f11a321e14b2f2c
Validity
Not Before: Jun 8 17:08:03 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2e2774f1da5c7d2de805108e1541be241a5a35f7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:8f:bc:a2:59:42:d3:f1:5d:85:15:44:e9:d7:
ba:81:b8:3e:bc:00:85:7c:41:a1:e1:cf:67:f5:53:
a0:67:fa:45:42:c2:d4:28:e9:f9:91:26:7b:e6:d7:
4b:9c:32:7a:2a:78:2f:c7:d8:55:1f:94:ac:e5:62:
36:f7:77:79:e4:1c:ef:9a:b9:72:e9:53:e4:f4:f5:
6c:21:ab:9f:a2:9a:79:50:88:18:98:38:3d:7f:e9:
bb:53:c6:92:6a:55:2d:b1:68:26:b6:e5:04:80:5a:
9f:aa:9a:5e:b7:4c:42:58:4b:eb:81:8e:67:c4:bd:
84:35:f7:a5:52:97:f8:b3:8e:75:34:0c:4e:3b:3d:
68:70:8b:ca:96:66:7f:0b:db:a7:ff:94:ec:86:70:
8a:98:c6:8c:be:1b:b8:23:7d:14:ab:66:51:4b:04:
63:8d:2c:95:1d:70:9a:a1:2d:69:92:2c:dc:d7:73:
0b:aa:4b:70:59:ce:63:fb:ab:cd:fb:65:3b:ec:65:
50:b6:24:53:91:88:9a:d1:b1:fe:0f:e6:2e:15:37:
c8:fc:59:2e:1d:fc:f8:b1:9b:aa:07:83:93:f3:76:
be:c0:67:fb:ec:36:c3:34:ac:58:ad:a4:77:ef:1a:
92:2e:6a:99:8d:3a:04:f3:bb:be:ce:19:cb:9e:13:
9c:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:27:74:F1:DA:5C:7D:2D:E8:05:10:8E:15:41:BE:24:1A:5A:35:F7
X509v3 Authority Key Identifier:
keyid:67:9A:75:DE:BD:65:35:9A:45:31:7F:20:3F:11:A3:21:E1:4B:2F:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Z5p13r1lNZpFMX8gPxGjIeFLLyw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/7a39b1-1d1c-4919-b19c-3eebe7196972/1/Lid08dpcfS3oBRCOFUG-JBpaNfc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/7a39b1-1d1c-4919-b19c-3eebe7196972/1/Z5p13r1lNZpFMX8gPxGjIeFLLyw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.156.226.0/24
46.102.116.0/24
86.106.135.0/24
87.121.136.0/21
89.44.77.0/24
93.114.129.0/24
94.176.96.0/24
185.137.36.0/22
Signature Algorithm: sha256WithRSAEncryption
76:50:49:ff:39:28:17:0c:b9:c9:5a:4c:22:50:66:2e:5e:c3:
fc:a8:9b:f2:91:e1:4e:b2:e0:d1:a3:b8:38:5e:b8:f2:57:c7:
0b:b6:43:53:35:a7:db:53:f3:d6:28:e8:78:ec:a6:61:fb:c7:
0f:65:e8:09:9a:cc:dd:c9:d5:7c:bb:c1:49:fb:bf:b1:9c:51:
16:ac:d5:0f:cd:42:a9:75:f8:a6:f7:b9:05:39:b6:9d:84:60:
8b:f9:4e:ad:f5:06:8c:ce:57:0a:c7:ca:7d:7b:9d:19:40:48:
d0:f6:3e:66:f6:04:dc:af:e9:02:d5:de:2d:77:85:69:d4:19:
31:93:c6:30:69:2a:b7:ce:1c:16:4d:0b:39:64:fe:bf:33:a0:
a2:09:ee:94:97:35:f0:e8:fa:f6:f6:60:ea:df:20:c3:d9:f6:
bd:cb:1e:dc:a4:da:3f:51:9f:b2:90:ac:14:d6:29:da:87:c0:
02:7c:04:d6:7b:cc:d2:7d:e9:c6:20:e5:55:88:72:a4:1b:57:
c3:f3:0c:6e:35:80:56:06:bb:96:09:cb:ba:69:33:5f:0a:b7:
e4:f0:e8:9e:1d:6d:4b:04:95:12:c7:86:5f:e8:8f:2f:04:e7:
25:1b:a2:13:a8:b5:34:b6:d7:65:52:5d:81:b7:6c:88:1e:4d:
fa:b0:24:7c
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgIEBwG0BjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
NzlhNzVkZWJkNjUzNTlhNDUzMTdmMjAzZjExYTMyMWUxNGIyZjJjMB4XDTIyMDYw
ODE3MDgwM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMmUyNzc0ZjFkYTVj
N2QyZGU4MDUxMDhlMTU0MWJlMjQxYTVhMzVmNzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALmPvKJZQtPxXYUVROnXuoG4PrwAhXxBoeHPZ/VToGf6RULC
1Cjp+ZEme+bXS5wyeip4L8fYVR+UrOViNvd3eeQc75q5culT5PT1bCGrn6KaeVCI
GJg4PX/pu1PGkmpVLbFoJrblBIBan6qaXrdMQlhL64GOZ8S9hDX3pVKX+LOOdTQM
Tjs9aHCLypZmfwvbp/+U7IZwipjGjL4buCN9FKtmUUsEY40slR1wmqEtaZIs3Ndz
C6pLcFnOY/urzftlO+xlULYkU5GImtGx/g/mLhU3yPxZLh38+LGbqgeDk/N2vsBn
++w2wzSsWK2kd+8aki5qmY06BPO7vs4Zy54TnEkCAwEAAaOCAjMwggIvMB0GA1Ud
DgQWBBQuJ3Tx2lx9LegFEI4VQb4kGlo19zAfBgNVHSMEGDAWgBRnmnXevWU1mkUx
fyA/EaMh4UsvLDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1o1cDEzcjFsTlpwRk1YOGdQeEdqSWVGTEx5dy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjUvN2EzOWIxLTFkMWMtNDkxOS1iMTljLTNlZWJlNzE5Njk3Mi8x
L0xpZDA4ZHBjZlMzb0JSQ09GVUctSkJwYU5mYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjUv
N2EzOWIxLTFkMWMtNDkxOS1iMTljLTNlZWJlNzE5Njk3Mi8xL1o1cDEzcjFsTlpw
Rk1YOGdQeEdqSWVGTEx5dy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBJ
BggrBgEFBQcBBwEB/wQ6MDgwNgQCAAEwMAMEACWc4gMEAC5mdAMEAFZqhwMEA1d5
iAMEAFksTQMEAF1ygQMEAF6wYAMEArmJJDANBgkqhkiG9w0BAQsFAAOCAQEAdlBJ
/zkoFwy5yVpMIlBmLl7D/Kib8pHhTrLg0aO4OF648lfHC7ZDUzWn21Pz1ijoeOym
YfvHD2XoCZrM3cnVfLvBSfu/sZxRFqzVD81CqXX4pve5BTm2nYRgi/lOrfUGjM5X
CsfKfXudGUBI0PY+ZvYE3K/pAtXeLXeFadQZMZPGMGkqt84cFk0LOWT+vzOgognu
lJc18Oj69vZg6t8gw9n2vcse3KTaP1GfspCsFNYp2ofAAnwE1nvM0n3pxiDlVYhy
pBtXw/MMbjWAVga7lgnLumkzXwq35PDonh1tSwSVEseGX+iPLwTnJRuiE6i1NLbX
ZVJdgbdsiB5N+rAkfA==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:30 2023 by rpki-client on console-ams.rpki-client.org