Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/ce21b3-c4de-456d-b538-97975d34fc6c/1/LBrTBgsWOVhpcsTwhKxbgCIMSYg.roa
File: LBrTBgsWOVhpcsTwhKxbgCIMSYg.roa (raw, json)
Hash identifier: +qCQSmxacwroEbzEtE58//pbcVJhgwsFRuqOnwH4XHY=
Subject key identifier: 2C:1A:D3:06:0B:16:39:58:69:72:C4:F0:84:AC:5B:80:22:0C:49:88
Certificate issuer: /CN=4148cbad1748205b4f4334bba638c64c2b21fc0e
Certificate serial: 02BD07A6
Authority key identifier: 41:48:CB:AD:17:48:20:5B:4F:43:34:BB:A6:38:C6:4C:2B:21:FC:0E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QUjLrRdIIFtPQzS7pjjGTCsh_A4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/61/ce21b3-c4de-456d-b538-97975d34fc6c/1/LBrTBgsWOVhpcsTwhKxbgCIMSYg.roa
Signing time: Tue 31 May 2022 14:52:13 +0000
ROA not before: Tue 31 May 2022 14:52:13 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 196936
IP address blocks: 46.149.66.0/23 maxlen: 23
178.217.96.0/21 maxlen: 21
176.98.176.0/20 maxlen: 20
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 45942694 (0x2bd07a6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4148cbad1748205b4f4334bba638c64c2b21fc0e
Validity
Not Before: May 31 14:52:13 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2c1ad3060b1639586972c4f084ac5b80220c4988
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:d4:b6:55:d1:96:c0:cb:10:57:1d:b6:51:ba:
2e:a6:7a:b7:5e:9d:00:76:8b:f5:44:05:82:44:4a:
56:8c:0f:8a:a4:d3:44:73:5b:7e:2d:35:66:e3:cf:
ff:23:d0:f5:d0:b9:72:a9:48:04:8d:43:65:c2:b7:
01:e2:8c:bd:cf:b2:bd:95:a8:6f:a7:36:9d:9c:c2:
6d:56:e0:88:b6:0f:e5:2c:5b:7b:86:74:03:94:0f:
09:65:6d:17:90:d3:c8:44:20:70:4c:dd:7e:bd:48:
53:ee:b0:d6:d3:07:88:61:c0:1c:c8:01:4b:6b:b1:
6c:5c:31:b7:b8:2b:c8:35:3c:02:27:b2:e4:ce:21:
a1:ba:94:e6:34:06:d4:ff:1d:75:d5:4d:62:93:a1:
af:e2:bb:83:fc:3b:34:9c:9b:58:b3:58:d2:68:e3:
5d:14:cf:a2:4c:bc:3c:0c:43:3d:67:11:4d:29:53:
20:6d:37:62:46:9d:ce:e5:9a:9f:49:98:f2:68:3f:
5d:9b:bf:85:07:fc:3e:ba:06:17:2f:57:61:c7:ba:
8f:96:60:51:47:d5:08:88:0e:0c:fc:9d:3c:c3:4e:
19:1e:a9:c6:49:21:3f:d5:89:d4:d1:ef:04:b5:a7:
25:38:41:79:5d:ea:ba:3c:31:73:f5:25:9a:1d:64:
8e:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:1A:D3:06:0B:16:39:58:69:72:C4:F0:84:AC:5B:80:22:0C:49:88
X509v3 Authority Key Identifier:
keyid:41:48:CB:AD:17:48:20:5B:4F:43:34:BB:A6:38:C6:4C:2B:21:FC:0E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QUjLrRdIIFtPQzS7pjjGTCsh_A4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/ce21b3-c4de-456d-b538-97975d34fc6c/1/LBrTBgsWOVhpcsTwhKxbgCIMSYg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/61/ce21b3-c4de-456d-b538-97975d34fc6c/1/QUjLrRdIIFtPQzS7pjjGTCsh_A4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.149.66.0/23
176.98.176.0/20
178.217.96.0/21
Signature Algorithm: sha256WithRSAEncryption
09:15:77:11:53:4f:2a:7b:5c:e4:1c:68:6d:cc:87:cc:b2:ae:
12:e2:12:b0:4b:33:77:08:46:fa:ac:dd:98:09:28:e5:ed:7f:
f2:9a:58:30:6d:cc:a6:71:1f:a9:49:f7:92:4c:7e:15:62:79:
06:ca:47:5a:44:40:4d:80:6f:ec:24:48:39:92:07:9f:19:d0:
6c:7e:5e:0d:69:e1:4c:e8:ec:67:b2:26:88:cf:4e:dc:72:7c:
de:2c:8c:61:25:69:62:fe:d6:55:a0:3a:08:96:6a:62:c7:77:
63:bf:9d:51:0e:3b:61:99:99:c2:f0:84:13:1e:a6:67:6e:d5:
39:5d:1e:c2:73:e8:bf:1b:09:81:49:60:dc:83:e4:e3:56:ff:
49:51:a7:eb:3c:32:19:65:0e:00:c8:2c:d1:b6:cf:14:93:29:
63:5d:d3:ae:cd:a3:bb:0d:27:af:d2:72:57:c3:fe:7a:9c:e9:
95:98:52:c0:2f:31:88:45:96:e0:cb:5b:4e:ab:ed:65:54:45:
22:cc:e0:d8:66:36:fb:21:31:ac:ce:2e:04:45:2d:5b:e4:40:
d0:b8:09:df:e3:55:1f:ba:f6:f5:8f:22:7f:15:5f:cb:55:71:
33:39:90:4e:57:bc:24:78:3d:da:b2:b8:35:73:18:8f:b8:1f:
c6:43:be:27
-----BEGIN CERTIFICATE-----
MIIE+zCCA+OgAwIBAgIEAr0HpjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
MTQ4Y2JhZDE3NDgyMDViNGY0MzM0YmJhNjM4YzY0YzJiMjFmYzBlMB4XDTIyMDUz
MTE0NTIxM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMmMxYWQzMDYwYjE2
Mzk1ODY5NzJjNGYwODRhYzViODAyMjBjNDk4ODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKfUtlXRlsDLEFcdtlG6LqZ6t16dAHaL9UQFgkRKVowPiqTT
RHNbfi01ZuPP/yPQ9dC5cqlIBI1DZcK3AeKMvc+yvZWob6c2nZzCbVbgiLYP5Sxb
e4Z0A5QPCWVtF5DTyEQgcEzdfr1IU+6w1tMHiGHAHMgBS2uxbFwxt7gryDU8Aiey
5M4hobqU5jQG1P8dddVNYpOhr+K7g/w7NJybWLNY0mjjXRTPoky8PAxDPWcRTSlT
IG03YkadzuWan0mY8mg/XZu/hQf8ProGFy9XYce6j5ZgUUfVCIgODPydPMNOGR6p
xkkhP9WJ1NHvBLWnJThBeV3qujwxc/Ulmh1kjgECAwEAAaOCAhUwggIRMB0GA1Ud
DgQWBBQsGtMGCxY5WGlyxPCErFuAIgxJiDAfBgNVHSMEGDAWgBRBSMutF0ggW09D
NLumOMZMKyH8DjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1FVakxyUmRJSUZ0UFF6UzdwampHVENzaF9BNC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNjEvY2UyMWIzLWM0ZGUtNDU2ZC1iNTM4LTk3OTc1ZDM0ZmM2Yy8x
L0xCclRCZ3NXT1ZocGNzVHdoS3hiZ0NJTVNZZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjEv
Y2UyMWIzLWM0ZGUtNDU2ZC1iNTM4LTk3OTc1ZDM0ZmM2Yy8xL1FVakxyUmRJSUZ0
UFF6UzdwampHVENzaF9BNC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAr
BggrBgEFBQcBBwEB/wQcMBowGAQCAAEwEgMEAS6VQgMEBLBisAMEA7LZYDANBgkq
hkiG9w0BAQsFAAOCAQEACRV3EVNPKntc5BxobcyHzLKuEuISsEszdwhG+qzdmAko
5e1/8ppYMG3MpnEfqUn3kkx+FWJ5BspHWkRATYBv7CRIOZIHnxnQbH5eDWnhTOjs
Z7ImiM9O3HJ83iyMYSVpYv7WVaA6CJZqYsd3Y7+dUQ47YZmZwvCEEx6mZ27VOV0e
wnPovxsJgUlg3IPk41b/SVGn6zwyGWUOAMgs0bbPFJMpY13Trs2juw0nr9JyV8P+
epzplZhSwC8xiEWW4MtbTqvtZVRFIszg2GY2+yExrM4uBEUtW+RA0LgJ3+NVH7r2
9Y8ifxVfy1VxMzmQTle8JHg92rK4NXMYj7gfxkO+Jw==
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:41:36 2023 by rpki-client on console.sobornost.net