Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d2/ec1721-75c5-40f5-9345-c2fd0f958d4b/1/LNPaMYejkOmbG58rafVhgBrooIo.roa
File: LNPaMYejkOmbG58rafVhgBrooIo.roa (raw, json)
Hash identifier: BnmDbkLaWy+O8zLbdjbWq6iLxsf4Q6vREfU8JD+MINU=
Subject key identifier: 2C:D3:DA:31:87:A3:90:E9:9B:1B:9F:2B:69:F5:61:80:1A:E8:A0:8A
Certificate issuer: /CN=4e5ebb9b051ad5ec7a36989fc3fcc94c1cabcc74
Certificate serial: 14783707
Authority key identifier: 4E:5E:BB:9B:05:1A:D5:EC:7A:36:98:9F:C3:FC:C9:4C:1C:AB:CC:74
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tl67mwUa1ex6Npifw_zJTByrzHQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d2/ec1721-75c5-40f5-9345-c2fd0f958d4b/1/LNPaMYejkOmbG58rafVhgBrooIo.roa
Signing time: Sat 01 Jan 2022 06:54:31 +0000
ROA not before: Sat 01 Jan 2022 06:54:31 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 38972
IP address blocks: 80.251.152.0/22 maxlen: 22
80.251.144.0/21 maxlen: 21
46.254.24.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 343422727 (0x14783707)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e5ebb9b051ad5ec7a36989fc3fcc94c1cabcc74
Validity
Not Before: Jan 1 06:54:31 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2cd3da3187a390e99b1b9f2b69f561801ae8a08a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:6b:0f:d5:39:52:0a:fa:c5:41:b1:56:3f:bc:
b8:17:7e:10:c9:78:f8:54:bb:17:89:74:10:bd:e7:
0c:6b:ff:30:7a:5a:02:e9:6c:97:4a:23:1f:dd:4e:
bf:35:38:f1:81:ae:72:21:74:f5:a3:d1:a8:de:ec:
59:65:53:12:08:c3:8e:70:75:88:c2:b8:a1:93:4a:
bd:3a:91:74:bc:7f:9e:ff:6a:ea:60:80:30:61:a6:
a1:6a:5f:cc:7e:2b:15:a9:76:28:85:30:9c:f5:fb:
e2:37:31:f1:2b:4d:b0:33:dd:72:74:30:2b:e5:53:
38:e7:f5:42:f2:87:90:8f:02:e1:19:7c:d1:8e:5d:
86:69:0a:df:60:fb:5d:17:0f:6b:9b:73:ab:e0:d8:
c3:6a:ad:7c:30:f7:42:1f:34:fa:29:3d:18:87:a4:
a3:23:71:b0:bb:ad:0c:99:e4:ff:18:ef:a4:d2:54:
05:97:4a:cf:b0:15:2d:ab:d6:22:ae:e7:d7:98:18:
ce:9e:35:05:39:77:27:db:4e:46:db:8f:79:8e:a1:
9c:9a:a9:4b:e9:89:3b:77:ee:ab:f8:ff:f3:85:73:
ed:3d:56:5b:16:3e:39:16:e7:b4:a8:65:bf:a2:0f:
cf:47:4f:ab:ad:01:da:0b:0a:3b:2b:bb:28:43:7d:
7d:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:D3:DA:31:87:A3:90:E9:9B:1B:9F:2B:69:F5:61:80:1A:E8:A0:8A
X509v3 Authority Key Identifier:
keyid:4E:5E:BB:9B:05:1A:D5:EC:7A:36:98:9F:C3:FC:C9:4C:1C:AB:CC:74
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tl67mwUa1ex6Npifw_zJTByrzHQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/ec1721-75c5-40f5-9345-c2fd0f958d4b/1/LNPaMYejkOmbG58rafVhgBrooIo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/ec1721-75c5-40f5-9345-c2fd0f958d4b/1/Tl67mwUa1ex6Npifw_zJTByrzHQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.254.24.0/22
80.251.144.0-80.251.155.255
Signature Algorithm: sha256WithRSAEncryption
c4:84:e0:9d:2b:9f:51:66:b3:81:a0:d5:e5:6f:2a:7f:15:de:
ed:26:6c:d4:f2:f3:c2:fd:01:45:65:b8:67:f0:0e:ab:ee:36:
33:ce:83:17:fb:fc:5c:70:30:f1:3d:f0:57:3a:ee:65:22:1d:
fc:8d:7a:dd:75:69:98:76:31:10:02:58:e7:c6:80:7f:09:27:
c5:ac:4d:d3:42:42:30:fb:9b:3c:a6:1c:1d:43:41:84:da:a8:
86:88:74:2d:56:46:32:01:3c:e1:68:52:fa:d8:b6:0b:e4:8a:
bf:fc:71:3a:85:15:71:57:ea:91:fd:38:e4:d2:cc:2d:86:d6:
87:0f:fc:f0:16:cf:ea:77:87:b2:56:e8:43:53:6f:7f:fe:6e:
87:c7:d6:ae:e1:4b:e6:ad:f3:02:90:a8:2b:fb:bc:4c:65:3f:
86:0c:d7:03:e8:74:e3:0b:98:e5:52:2b:00:9a:6e:a3:31:f7:
1b:05:6a:89:ac:ae:0a:4e:d6:94:69:a4:38:21:bb:b8:c8:d3:
2b:0c:b6:11:86:b4:f6:b1:7f:b8:fb:51:63:5a:46:9f:54:6f:
c5:d5:b7:e9:c2:2e:2f:e9:ad:06:2f:df:e5:03:9f:b7:c6:4c:
36:87:6d:ca:a7:f9:6a:18:20:44:46:8c:d1:91:b8:f8:ac:cd:
1f:6a:a9:85
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgIEFHg3BzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
ZTVlYmI5YjA1MWFkNWVjN2EzNjk4OWZjM2ZjYzk0YzFjYWJjYzc0MB4XDTIyMDEw
MTA2NTQzMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMmNkM2RhMzE4N2Ez
OTBlOTliMWI5ZjJiNjlmNTYxODAxYWU4YTA4YTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAI5rD9U5Ugr6xUGxVj+8uBd+EMl4+FS7F4l0EL3nDGv/MHpa
Aulsl0ojH91OvzU48YGuciF09aPRqN7sWWVTEgjDjnB1iMK4oZNKvTqRdLx/nv9q
6mCAMGGmoWpfzH4rFal2KIUwnPX74jcx8StNsDPdcnQwK+VTOOf1QvKHkI8C4Rl8
0Y5dhmkK32D7XRcPa5tzq+DYw2qtfDD3Qh80+ik9GIekoyNxsLutDJnk/xjvpNJU
BZdKz7AVLavWIq7n15gYzp41BTl3J9tORtuPeY6hnJqpS+mJO3fuq/j/84Vz7T1W
WxY+ORbntKhlv6IPz0dPq60B2gsKOyu7KEN9fT0CAwEAAaOCAhcwggITMB0GA1Ud
DgQWBBQs09oxh6OQ6Zsbnytp9WGAGuigijAfBgNVHSMEGDAWgBROXrubBRrV7Ho2
mJ/D/MlMHKvMdDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1RsNjdtd1VhMWV4Nk5waWZ3X3pKVEJ5cnpIUS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDIvZWMxNzIxLTc1YzUtNDBmNS05MzQ1LWMyZmQwZjk1OGQ0Yi8x
L0xOUGFNWWVqa09tYkc1OHJhZlZoZ0Jyb29Jby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDIv
ZWMxNzIxLTc1YzUtNDBmNS05MzQ1LWMyZmQwZjk1OGQ0Yi8xL1RsNjdtd1VhMWV4
Nk5waWZ3X3pKVEJ5cnpIUS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAt
BggrBgEFBQcBBwEB/wQeMBwwGgQCAAEwFAMEAi7+GDAMAwQEUPuQAwQCUPuYMA0G
CSqGSIb3DQEBCwUAA4IBAQDEhOCdK59RZrOBoNXlbyp/Fd7tJmzU8vPC/QFFZbhn
8A6r7jYzzoMX+/xccDDxPfBXOu5lIh38jXrddWmYdjEQAljnxoB/CSfFrE3TQkIw
+5s8phwdQ0GE2qiGiHQtVkYyATzhaFL62LYL5Iq//HE6hRVxV+qR/Tjk0swthtaH
D/zwFs/qd4eyVuhDU29//m6Hx9au4UvmrfMCkKgr+7xMZT+GDNcD6HTjC5jlUisA
mm6jMfcbBWqJrK4KTtaUaaQ4Ibu4yNMrDLYRhrT2sX+4+1FjWkafVG/F1bfpwi4v
6a0GL9/lA5+3xkw2h23Kp/lqGCBERozRkbj4rM0faqmF
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:46:00 2024 by rpki-client on console-ams.rpki-client.org