Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/1ccf25-20de-4b2e-a0e1-de4acf447fae/1/LXE8QK7DC0B69ClVrsuGJhtbWuM.roa
File: LXE8QK7DC0B69ClVrsuGJhtbWuM.roa (raw, json)
Hash identifier: OtyYmiOxQO3tTVFki22eG0CTCItW5n5TUytBI1Hq1Dc=
Subject key identifier: 2D:71:3C:40:AE:C3:0B:40:7A:F4:29:55:AE:CB:86:26:1B:5B:5A:E3
Certificate issuer: /CN=7979863cea82aeb8e9df384b39aa5176f4bcfa61
Certificate serial: 24223C8D
Authority key identifier: 79:79:86:3C:EA:82:AE:B8:E9:DF:38:4B:39:AA:51:76:F4:BC:FA:61
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eXmGPOqCrrjp3zhLOapRdvS8-mE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/1ccf25-20de-4b2e-a0e1-de4acf447fae/1/LXE8QK7DC0B69ClVrsuGJhtbWuM.roa
Signing time: Sat 01 Jan 2022 02:57:15 +0000
ROA not before: Sat 01 Jan 2022 02:57:15 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 43370
IP address blocks: 62.32.84.0/23 maxlen: 23
37.221.202.0/24 maxlen: 24
37.221.207.0/24 maxlen: 24
46.34.130.0/23 maxlen: 23
37.77.128.0/24 maxlen: 24
95.161.184.0/22 maxlen: 22
79.142.94.0/23 maxlen: 23
46.34.146.0/23 maxlen: 23
79.142.93.0/24 maxlen: 24
95.161.196.0/22 maxlen: 22
95.161.224.0/22 maxlen: 22
178.16.157.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 606223501 (0x24223c8d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7979863cea82aeb8e9df384b39aa5176f4bcfa61
Validity
Not Before: Jan 1 02:57:15 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2d713c40aec30b407af42955aecb86261b5b5ae3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:9d:53:ee:73:2a:b0:78:5a:fa:bd:c9:76:80:
fe:32:dc:9c:48:f9:1f:0a:72:5e:04:52:fc:03:34:
f4:72:3a:b6:f7:70:79:b8:3d:a4:2a:81:07:98:66:
3c:b1:9d:60:f5:dd:41:ab:8b:b0:e4:9f:92:ef:48:
3d:f6:60:37:a8:28:ec:07:ab:48:ab:80:7c:de:4b:
e0:23:aa:a0:e7:e4:67:d2:7e:e6:0a:6f:ac:e1:ce:
ae:c8:22:37:a4:66:33:fe:37:36:65:bc:b9:3d:e7:
c4:97:47:68:1e:75:55:dd:df:bc:fa:9a:37:02:6e:
41:e9:c5:ea:5d:f6:57:8a:09:1c:f9:f8:48:51:8c:
11:33:93:35:a0:9e:af:98:46:47:6f:ac:ea:1d:02:
71:d4:d5:fd:fc:38:d0:35:02:b5:dc:20:70:f6:ef:
d2:00:db:7d:f9:48:b0:51:19:fc:2c:2f:f1:e5:9c:
dd:63:cf:ae:34:47:eb:af:13:8c:c0:65:bd:d9:bf:
80:e8:03:0d:b4:aa:a2:88:f3:10:3a:01:0d:dd:20:
7c:ff:63:2e:d3:75:48:c1:9f:35:3c:fd:0f:4f:79:
ab:fd:29:f1:46:38:a5:50:af:26:c6:e9:2b:e4:e8:
89:b7:9e:5d:dd:13:89:95:2a:b8:e2:0d:41:a9:9b:
b2:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:71:3C:40:AE:C3:0B:40:7A:F4:29:55:AE:CB:86:26:1B:5B:5A:E3
X509v3 Authority Key Identifier:
keyid:79:79:86:3C:EA:82:AE:B8:E9:DF:38:4B:39:AA:51:76:F4:BC:FA:61
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eXmGPOqCrrjp3zhLOapRdvS8-mE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/1ccf25-20de-4b2e-a0e1-de4acf447fae/1/LXE8QK7DC0B69ClVrsuGJhtbWuM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/1ccf25-20de-4b2e-a0e1-de4acf447fae/1/eXmGPOqCrrjp3zhLOapRdvS8-mE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.77.128.0/24
37.221.202.0/24
37.221.207.0/24
46.34.130.0/23
46.34.146.0/23
62.32.84.0/23
79.142.93.0-79.142.95.255
95.161.184.0/22
95.161.196.0/22
95.161.224.0/22
178.16.157.0/24
Signature Algorithm: sha256WithRSAEncryption
28:bd:a5:bb:ce:44:6b:0f:cb:ad:ca:7b:77:f4:a5:22:23:2c:
ad:23:50:9c:85:14:cf:3f:90:c0:b9:70:42:ee:b3:30:3e:b8:
6b:04:40:17:6e:3b:a8:94:b9:22:8c:27:e2:37:00:24:43:0f:
2f:cf:6c:d8:98:ce:8b:40:08:6c:a8:ae:cf:ef:b5:47:14:12:
e7:c3:f2:f7:bf:d1:76:0f:e5:0b:e9:c8:94:60:99:5c:ef:7f:
b4:a7:5e:1e:09:2f:2e:2a:ee:8c:46:72:2f:88:75:75:cf:35:
d9:b2:4b:b7:f5:5d:00:9c:04:6a:2c:a5:7e:2c:8a:a9:6d:07:
e9:b8:69:fa:17:18:eb:01:cb:23:37:82:12:dc:59:fd:5c:45:
41:db:2a:54:98:04:bf:c5:e6:b4:95:44:bc:d6:81:f4:4c:08:
49:cc:1e:37:51:a2:1d:72:75:86:51:f4:19:83:28:90:1e:ad:
a9:bd:30:0b:8e:51:8e:6e:0d:e9:c5:60:ae:ad:a0:0f:c6:4e:
66:08:63:e6:b2:43:69:eb:cb:0e:9a:67:68:38:4b:f4:7d:f8:
7d:eb:c5:98:47:77:24:f5:6f:3c:b3:1b:af:e9:43:a8:2a:d1:
19:4a:7c:2e:4e:5e:f3:64:62:55:fb:15:8f:62:37:5d:cf:dc:
d1:5c:84:8e
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIEJCI8jTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
OTc5ODYzY2VhODJhZWI4ZTlkZjM4NGIzOWFhNTE3NmY0YmNmYTYxMB4XDTIyMDEw
MTAyNTcxNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMmQ3MTNjNDBhZWMz
MGI0MDdhZjQyOTU1YWVjYjg2MjYxYjViNWFlMzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALydU+5zKrB4Wvq9yXaA/jLcnEj5HwpyXgRS/AM09HI6tvdw
ebg9pCqBB5hmPLGdYPXdQauLsOSfku9IPfZgN6go7AerSKuAfN5L4COqoOfkZ9J+
5gpvrOHOrsgiN6RmM/43NmW8uT3nxJdHaB51Vd3fvPqaNwJuQenF6l32V4oJHPn4
SFGMETOTNaCer5hGR2+s6h0CcdTV/fw40DUCtdwgcPbv0gDbfflIsFEZ/Cwv8eWc
3WPPrjRH668TjMBlvdm/gOgDDbSqoojzEDoBDd0gfP9jLtN1SMGfNTz9D095q/0p
8UY4pVCvJsbpK+ToibeeXd0TiZUquOINQambsnkCAwEAAaOCAk0wggJJMB0GA1Ud
DgQWBBQtcTxArsMLQHr0KVWuy4YmG1ta4zAfBgNVHSMEGDAWgBR5eYY86oKuuOnf
OEs5qlF29Lz6YTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2VYbUdQT3FDcnJqcDN6aExPYXBSZHZTOC1tRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZmQvMWNjZjI1LTIwZGUtNGIyZS1hMGUxLWRlNGFjZjQ0N2ZhZS8x
L0xYRThRSzdEQzBCNjlDbFZyc3VHSmh0Yld1TS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZmQv
MWNjZjI1LTIwZGUtNGIyZS1hMGUxLWRlNGFjZjQ0N2ZhZS8xL2VYbUdQT3FDcnJq
cDN6aExPYXBSZHZTOC1tRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBj
BggrBgEFBQcBBwEB/wRUMFIwUAQCAAEwSgMEACVNgAMEACXdygMEACXdzwMEAS4i
ggMEAS4ikgMEAT4gVDAMAwQAT45dAwQFT45AAwQCX6G4AwQCX6HEAwQCX6HgAwQA
shCdMA0GCSqGSIb3DQEBCwUAA4IBAQAovaW7zkRrD8utynt39KUiIyytI1CchRTP
P5DAuXBC7rMwPrhrBEAXbjuolLkijCfiNwAkQw8vz2zYmM6LQAhsqK7P77VHFBLn
w/L3v9F2D+UL6ciUYJlc73+0p14eCS8uKu6MRnIviHV1zzXZsku39V0AnARqLKV+
LIqpbQfpuGn6FxjrAcsjN4IS3Fn9XEVB2ypUmAS/xea0lUS81oH0TAhJzB43UaId
cnWGUfQZgyiQHq2pvTALjlGObg3pxWCuraAPxk5mCGPmskNp68sOmmdoOEv0ffh9
68WYR3ck9W88sxuv6UOoKtEZSnwuTl7zZGJV+xWPYjddz9zRXISO
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:00:51 2024 by rpki-client on console-fra.rpki-client.org