Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/1-gb8kjmYJLHeaJ9khco6SkEUZmk.roa
File: 1-gb8kjmYJLHeaJ9khco6SkEUZmk.roa (raw, json)
Hash identifier: 7OV0SsHGeJLujCW338gGTe8QkiqnDEXSCJRDiPLHQpk=
Subject key identifier: FA:06:FC:92:39:98:24:B1:DE:68:9F:64:85:CA:3A:4A:41:14:66:69
Certificate issuer: /CN=ccd76159bfd9e337523ee930f3df111d6bae7306
Certificate serial: 0733B48B
Authority key identifier: CC:D7:61:59:BF:D9:E3:37:52:3E:E9:30:F3:DF:11:1D:6B:AE:73:06
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zNdhWb_Z4zdSPukw898RHWuucwY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/1-gb8kjmYJLHeaJ9khco6SkEUZmk.roa
Signing time: Tue 07 Jun 2022 14:52:04 +0000
ROA not before: Tue 07 Jun 2022 14:52:04 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 9123
IP address blocks: 176.53.163.0/24 maxlen: 24
176.53.160.0/24 maxlen: 24
176.53.161.0/24 maxlen: 24
176.53.162.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 120829067 (0x733b48b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ccd76159bfd9e337523ee930f3df111d6bae7306
Validity
Not Before: Jun 7 14:52:04 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=fa06fc92399824b1de689f6485ca3a4a41146669
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:20:f9:64:c8:7b:89:5d:dc:d1:94:f4:66:5b:
93:ac:d9:13:08:59:3d:aa:68:c2:3f:ac:8f:7a:15:
bb:c6:5b:62:81:0d:0e:b6:ab:37:4e:90:fe:f7:cf:
fc:db:9b:86:9e:ba:66:17:ed:fb:5b:e2:71:af:f4:
84:1f:b5:1a:15:ed:d2:59:c7:e4:e1:81:30:e6:6b:
30:34:38:99:e5:2d:1c:b5:18:a6:07:67:16:9f:e4:
2f:fc:b1:e5:78:fd:8b:35:98:70:d7:4f:e5:ff:72:
d7:cb:0f:3f:e3:e4:35:0c:2e:a5:75:20:0d:bd:5a:
68:4d:4f:d3:a7:89:c8:36:d2:c1:18:27:8d:5e:9b:
1e:44:a4:19:60:58:02:4c:2c:77:5a:4e:75:87:b8:
8f:ff:36:86:d4:2e:51:38:3e:14:a5:90:2b:16:a2:
e6:59:0c:54:93:bd:02:ac:c3:1f:1b:91:83:65:3c:
a9:ba:69:ff:9c:d8:99:60:e7:ed:eb:57:b0:a8:9b:
84:2f:b5:b9:6d:3b:07:c2:3d:cf:6a:17:73:36:96:
2c:56:ab:6a:46:41:5f:d3:2b:01:d5:48:51:48:8e:
bf:28:f5:8b:d4:f0:f8:c4:16:26:4a:b7:7b:ea:a9:
52:57:62:ab:94:37:de:f8:d7:fd:7d:53:d6:39:31:
d3:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:06:FC:92:39:98:24:B1:DE:68:9F:64:85:CA:3A:4A:41:14:66:69
X509v3 Authority Key Identifier:
keyid:CC:D7:61:59:BF:D9:E3:37:52:3E:E9:30:F3:DF:11:1D:6B:AE:73:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zNdhWb_Z4zdSPukw898RHWuucwY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/1-gb8kjmYJLHeaJ9khco6SkEUZmk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/zNdhWb_Z4zdSPukw898RHWuucwY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.53.160.0/22
Signature Algorithm: sha256WithRSAEncryption
4f:31:0c:58:44:17:90:2c:31:bc:ac:52:bd:a3:c4:c5:ae:d2:
e8:f1:22:fd:b8:1e:e3:77:ef:7f:e9:35:bf:07:37:95:9b:c7:
3d:4d:1d:98:c8:dd:19:23:26:dc:9a:3a:67:4d:ff:0c:98:ad:
bc:6d:df:b6:59:b7:1a:1a:f7:f0:f7:c5:a6:8c:3a:9e:4f:a6:
b6:54:96:d4:b1:81:4c:dc:59:27:4d:5b:fa:c9:84:d9:82:8a:
bd:38:2e:fd:2b:17:70:4e:6b:8d:d7:c6:60:fd:ee:1b:32:86:
6d:cc:cc:cd:00:bc:19:91:98:35:a4:98:c9:46:c0:22:10:30:
11:1b:9b:4d:f4:b1:72:f3:b3:bf:7f:65:45:d4:0a:f5:fd:55:
af:44:5c:e9:8e:c1:c8:09:cd:8e:c8:fa:bc:02:ac:a8:37:77:
02:b7:c7:b7:98:8e:f7:22:a3:71:6e:d0:65:02:73:8e:f2:99:
04:de:d2:9f:52:b8:c1:d6:69:2b:d8:a6:e7:80:ea:25:06:3a:
1c:c6:df:65:15:49:13:2c:90:5f:fa:8d:f1:b4:70:33:15:b0:
b2:50:11:1a:d4:65:93:3d:61:b4:ad:66:87:42:a4:85:5e:8e:
b0:52:8a:b5:1f:26:0d:2b:7f:c6:ce:b2:2f:f7:ee:50:af:0c:
d3:18:a9:47
-----BEGIN CERTIFICATE-----
MIIE8DCCA9igAwIBAgIEBzO0izANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
Y2Q3NjE1OWJmZDllMzM3NTIzZWU5MzBmM2RmMTExZDZiYWU3MzA2MB4XDTIyMDYw
NzE0NTIwNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZmEwNmZjOTIzOTk4
MjRiMWRlNjg5ZjY0ODVjYTNhNGE0MTE0NjY2OTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJIg+WTIe4ld3NGU9GZbk6zZEwhZPapowj+sj3oVu8ZbYoEN
DrarN06Q/vfP/Nubhp66Zhft+1vica/0hB+1GhXt0lnH5OGBMOZrMDQ4meUtHLUY
pgdnFp/kL/yx5Xj9izWYcNdP5f9y18sPP+PkNQwupXUgDb1aaE1P06eJyDbSwRgn
jV6bHkSkGWBYAkwsd1pOdYe4j/82htQuUTg+FKWQKxai5lkMVJO9AqzDHxuRg2U8
qbpp/5zYmWDn7etXsKibhC+1uW07B8I9z2oXczaWLFarakZBX9MrAdVIUUiOvyj1
i9Tw+MQWJkq3e+qpUldiq5Q33vjX/X1T1jkx0/8CAwEAAaOCAgowggIGMB0GA1Ud
DgQWBBT6BvySOZgksd5on2SFyjpKQRRmaTAfBgNVHSMEGDAWgBTM12FZv9njN1I+
6TDz3xEda65zBjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3pOZGhXYl9aNHpkU1B1a3c4OThSSFd1dWN3WS5jZXIwgY4GCCsGAQUFBwELBIGB
MH8wfQYIKwYBBQUHMAuGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTAvZjZhZGExLTdlOGEtNGIzZS1iN2U4LWY4NTg5ZjY4MjY5MS8x
LzEtZ2I4a2ptWUpMSGVhSjlraGNvNlNrRVVabWsucm9hMIGBBgNVHR8EejB4MHag
dKByhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzUw
L2Y2YWRhMS03ZThhLTRiM2UtYjdlOC1mODU4OWY2ODI2OTEvMS96TmRoV2JfWjR6
ZFNQdWt3ODk4UkhXdXVjd1kuY3JsMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIw
HwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAKwNaAwDQYJKoZIhvcNAQELBQAD
ggEBAE8xDFhEF5AsMbysUr2jxMWu0ujxIv24HuN373/pNb8HN5Wbxz1NHZjI3Rkj
JtyaOmdN/wyYrbxt37ZZtxoa9/D3xaaMOp5PprZUltSxgUzcWSdNW/rJhNmCir04
Lv0rF3BOa43XxmD97hsyhm3MzM0AvBmRmDWkmMlGwCIQMBEbm030sXLzs79/ZUXU
CvX9Va9EXOmOwcgJzY7I+rwCrKg3dwK3x7eYjvcio3Fu0GUCc47ymQTe0p9SuMHW
aSvYpueA6iUGOhzG32UVSRMskF/6jfG0cDMVsLJQERrUZZM9YbStZodCpIVejrBS
irUfJg0rf8bOsi/37lCvDNMYqUc=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:51:52 2023 by rpki-client on console-ams.rpki-client.org