Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ce/23d525-8296-4f9c-9de4-91e32c517152/1/LGUE0KP7QLm6gT6s6KE22VH43VY.roa
File: LGUE0KP7QLm6gT6s6KE22VH43VY.roa (raw, json)
Hash identifier: z/nJhz8W49ScgZQ3Xvo5qQEs8kxl5ZLZJVayxN6DxfA=
Subject key identifier: 2C:65:04:D0:A3:FB:40:B9:BA:81:3E:AC:E8:A1:36:D9:51:F8:DD:56
Certificate issuer: /CN=56c8a1713c7476e00ed2b77fd98fd89330365d87
Certificate serial: 01856FE71102E0350D45F9D75B2469D2C898
Authority key identifier: 56:C8:A1:71:3C:74:76:E0:0E:D2:B7:7F:D9:8F:D8:93:30:36:5D:87
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VsihcTx0duAO0rd_2Y_YkzA2XYc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ce/23d525-8296-4f9c-9de4-91e32c517152/1/LGUE0KP7QLm6gT6s6KE22VH43VY.roa
Signing time: Mon 02 Jan 2023 00:34:52 +0000
ROA not before: Mon 02 Jan 2023 00:34:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 210039
IP address blocks: 176.111.52.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:e7:11:02:e0:35:0d:45:f9:d7:5b:24:69:d2:c8:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=56c8a1713c7476e00ed2b77fd98fd89330365d87
Validity
Not Before: Jan 2 00:34:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2c6504d0a3fb40b9ba813eace8a136d951f8dd56
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:6c:3b:1d:4d:a5:de:32:34:af:fe:42:7b:da:
86:0c:6f:c0:35:c3:9e:11:82:1d:5d:d1:b9:74:bf:
e5:34:28:64:8e:d9:83:10:8b:59:d6:ec:10:e6:c9:
21:1a:c4:6d:4e:5d:73:e3:9d:1e:d0:6e:0b:79:7f:
7e:60:b2:85:cb:a4:15:1d:bc:b5:d1:0f:48:0a:08:
d7:b5:34:ca:38:8d:15:f5:2e:08:75:52:0a:5e:9b:
9f:a7:50:ce:78:90:d9:77:6b:4d:08:57:08:2e:31:
62:cc:65:4c:5c:41:21:1d:3f:5c:4a:23:16:0a:22:
95:cd:33:47:bc:50:2e:99:24:4c:bc:51:b0:85:fa:
9f:68:63:77:a8:bb:bb:f2:95:5a:19:fb:4a:bb:3b:
b2:10:fb:2b:e3:44:ab:97:75:88:19:3b:81:af:1c:
9e:01:08:92:21:e8:8c:d2:9b:9f:e0:5e:c3:b4:e7:
46:1d:ae:04:24:7a:1b:f0:8f:2c:00:ac:c8:d2:74:
79:de:8b:63:25:fb:26:48:14:a7:7f:01:5b:00:0a:
0a:98:d0:4f:0c:ca:20:e2:20:90:47:b7:4c:11:4b:
77:54:ce:f2:d6:76:2f:81:44:f3:4c:95:35:a3:fe:
ab:1d:dd:a9:91:61:7d:22:b4:3c:a0:ee:f0:00:ea:
3f:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:65:04:D0:A3:FB:40:B9:BA:81:3E:AC:E8:A1:36:D9:51:F8:DD:56
X509v3 Authority Key Identifier:
keyid:56:C8:A1:71:3C:74:76:E0:0E:D2:B7:7F:D9:8F:D8:93:30:36:5D:87
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VsihcTx0duAO0rd_2Y_YkzA2XYc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/23d525-8296-4f9c-9de4-91e32c517152/1/LGUE0KP7QLm6gT6s6KE22VH43VY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/23d525-8296-4f9c-9de4-91e32c517152/1/VsihcTx0duAO0rd_2Y_YkzA2XYc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.111.52.0/24
Signature Algorithm: sha256WithRSAEncryption
30:b4:5f:2e:47:44:a1:7d:b3:7f:6d:f4:80:77:d1:79:7c:6e:
74:32:76:bd:52:42:e0:b2:e4:05:19:e7:fb:a7:35:ef:61:66:
b8:e9:2f:05:b2:f5:83:c8:59:96:c0:75:e8:27:3e:57:a6:ab:
97:c0:ea:31:c3:42:05:56:33:3c:c2:b7:b9:83:2e:e1:d5:be:
97:c1:bf:d2:66:ae:b8:f4:80:ea:14:b2:3c:a9:62:dd:3a:f3:
5c:d1:62:7b:8e:60:d4:02:ea:15:2d:04:9f:3e:bf:43:cd:47:
fc:3a:4a:f9:63:46:00:3f:c7:27:f9:ac:49:76:5c:93:45:d4:
70:20:42:66:13:24:34:9e:31:2c:e0:17:53:4f:64:65:4f:54:
c3:6c:23:aa:a8:cb:2b:2f:91:94:37:8a:7e:78:a3:ff:d8:6e:
af:86:f9:1d:b1:ed:b6:01:9b:c6:c3:12:f4:c7:f8:05:65:e9:
e3:01:72:a2:22:44:80:19:a2:b6:36:34:16:07:bc:b1:94:2b:
b2:87:3b:05:a8:fd:39:c4:b6:d0:c1:aa:88:e1:45:0c:63:f7:
05:d7:cf:0b:87:10:65:74:fa:8c:a1:fe:99:f0:1d:13:e9:22:
fd:c1:30:2a:5f:71:2e:ce:30:a2:40:36:84:f7:23:92:33:4a:
c3:79:90:c0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVv5xEC4DUNRfnXWyRp0siYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU2YzhhMTcxM2M3NDc2ZTAwZWQyYjc3ZmQ5OGZkODkzMzAz
NjVkODcwHhcNMjMwMTAyMDAzNDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYzY1MDRkMGEzZmI0MGI5YmE4MTNlYWNlOGExMzZkOTUxZjhkZDU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu2w7HU2l3jI0r/5Ce9qGDG/ANcOe
EYIdXdG5dL/lNChkjtmDEItZ1uwQ5skhGsRtTl1z450e0G4LeX9+YLKFy6QVHby1
0Q9ICgjXtTTKOI0V9S4IdVIKXpufp1DOeJDZd2tNCFcILjFizGVMXEEhHT9cSiMW
CiKVzTNHvFAumSRMvFGwhfqfaGN3qLu78pVaGftKuzuyEPsr40Srl3WIGTuBrxye
AQiSIeiM0puf4F7DtOdGHa4EJHob8I8sAKzI0nR53otjJfsmSBSnfwFbAAoKmNBP
DMog4iCQR7dMEUt3VM7y1nYvgUTzTJU1o/6rHd2pkWF9IrQ8oO7wAOo/owIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCxlBNCj+0C5uoE+rOihNtlR+N1WMB8GA1UdIwQY
MBaAFFbIoXE8dHbgDtK3f9mP2JMwNl2HMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVnNpaGNUeDBkdUFPMHJkXzJZX1lrekEyWFljLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZS8yM2Q1MjUtODI5Ni00ZjljLTlkZTQt
OTFlMzJjNTE3MTUyLzEvTEdVRTBLUDdRTG02Z1Q2czZLRTIyVkg0M1ZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZS8yM2Q1MjUtODI5Ni00ZjljLTlkZTQtOTFlMzJjNTE3MTUy
LzEvVnNpaGNUeDBkdUFPMHJkXzJZX1lrekEyWFljLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAsG80MA0G
CSqGSIb3DQEBCwUAA4IBAQAwtF8uR0ShfbN/bfSAd9F5fG50Mna9UkLgsuQFGef7
pzXvYWa46S8FsvWDyFmWwHXoJz5XpquXwOoxw0IFVjM8wre5gy7h1b6Xwb/SZq64
9IDqFLI8qWLdOvNc0WJ7jmDUAuoVLQSfPr9DzUf8Okr5Y0YAP8cn+axJdlyTRdRw
IEJmEyQ0njEs4BdTT2RlT1TDbCOqqMsrL5GUN4p+eKP/2G6vhvkdse22AZvGwxL0
x/gFZenjAXKiIkSAGaK2NjQWB7yxlCuyhzsFqP05xLbQwaqI4UUMY/cF188LhxBl
dPqMof6Z8B0T6SL9wTAqX3EuzjCiQDaE9yOSM0rDeZDA
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:08:00 2023 by rpki-client on console-ams.rpki-client.org