Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/CquvTblNolEWkswiGtg7hEP2yZU.roa
File: CquvTblNolEWkswiGtg7hEP2yZU.roa (raw, json)
Hash identifier: xVoK/3oZm6PZ2ySd90bC9g3qLm6gZTBR1/IcGXxQ8ts=
Subject key identifier: 0A:AB:AF:4D:B9:4D:A2:51:16:92:CC:22:1A:D8:3B:84:43:F6:C9:95
Certificate issuer: /CN=ccd76159bfd9e337523ee930f3df111d6bae7306
Certificate serial: 018570D54EAC99109FDBAB8A3FA98A98A269
Authority key identifier: CC:D7:61:59:BF:D9:E3:37:52:3E:E9:30:F3:DF:11:1D:6B:AE:73:06
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zNdhWb_Z4zdSPukw898RHWuucwY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/CquvTblNolEWkswiGtg7hEP2yZU.roa
Signing time: Mon 02 Jan 2023 04:55:05 +0000
ROA not before: Mon 02 Jan 2023 04:55:05 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 9123
IP address blocks: 176.53.163.0/24 maxlen: 24
176.53.160.0/24 maxlen: 24
176.53.161.0/24 maxlen: 24
176.53.162.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:d5:4e:ac:99:10:9f:db:ab:8a:3f:a9:8a:98:a2:69
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ccd76159bfd9e337523ee930f3df111d6bae7306
Validity
Not Before: Jan 2 04:55:05 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0aabaf4db94da2511692cc221ad83b8443f6c995
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:1d:d0:9f:6b:8a:10:7e:c9:7c:a7:15:0b:f2:
20:d5:e2:fe:5f:90:57:c8:77:f9:73:7e:ed:fe:25:
6b:fb:79:05:4a:13:ba:a7:bb:ef:1a:11:70:32:25:
17:60:ee:36:a1:88:61:dc:cc:c8:3f:06:98:f3:fe:
de:f4:5c:7b:ad:2c:50:fb:2f:5f:49:6a:6d:10:e1:
08:a8:1c:d5:7e:1a:e4:4c:fe:28:21:60:a5:6b:3b:
1f:93:59:8e:1d:2f:0b:2c:ad:a1:de:aa:23:6c:1a:
4f:ec:f7:53:be:41:41:d0:51:2b:a6:f3:92:fd:3f:
49:99:77:67:bc:d1:51:85:44:55:c8:38:d3:63:99:
3f:e0:86:57:68:0a:d1:01:cf:3b:1e:3f:52:18:c3:
89:46:5c:7e:9d:e2:3a:b5:7c:30:73:9f:7c:9d:fc:
52:d9:35:b6:d1:02:48:53:1b:bc:b7:d5:e4:08:a0:
a3:84:94:64:08:9a:5f:13:31:05:ee:50:fb:e4:59:
37:53:81:99:90:88:15:cd:83:8b:20:1a:63:74:f3:
87:60:ea:6b:54:cc:2e:e9:75:3e:98:2c:b8:fc:b2:
9f:49:08:32:76:49:da:b9:ad:86:79:ec:74:5d:be:
6f:6e:a7:f3:42:0f:95:c8:a7:80:03:c5:d5:55:25:
bb:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:AB:AF:4D:B9:4D:A2:51:16:92:CC:22:1A:D8:3B:84:43:F6:C9:95
X509v3 Authority Key Identifier:
keyid:CC:D7:61:59:BF:D9:E3:37:52:3E:E9:30:F3:DF:11:1D:6B:AE:73:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zNdhWb_Z4zdSPukw898RHWuucwY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/CquvTblNolEWkswiGtg7hEP2yZU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/zNdhWb_Z4zdSPukw898RHWuucwY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.53.160.0/22
Signature Algorithm: sha256WithRSAEncryption
81:96:8f:da:73:59:1c:6c:21:1b:0f:3f:3b:07:db:8f:ef:31:
b8:07:89:d7:cb:e1:1a:b4:ff:93:47:8f:12:b8:17:57:5f:83:
26:5c:34:78:d7:f3:14:b1:23:89:98:51:99:6d:0e:9f:90:74:
be:74:67:c6:ab:5f:2d:a9:d4:c2:7f:2e:5f:36:f9:70:22:08:
1c:5b:dc:00:73:bb:09:ac:e8:a7:f2:48:5c:2e:05:23:6d:3d:
91:f8:1b:4e:29:55:d8:6f:42:af:99:59:5c:c9:d4:55:4e:e4:
47:4b:31:22:bc:50:a9:7a:aa:1f:21:d9:6b:25:33:dc:b5:5a:
9c:c8:96:76:92:d8:2c:c0:34:13:c7:39:2b:1b:d6:10:c4:a8:
ed:a0:4c:39:3c:6b:8d:f6:4d:b3:22:17:42:ed:e7:d2:c4:1c:
3e:3e:ed:08:9a:d1:6d:6a:b1:83:a4:9c:6a:32:dc:cf:b3:16:
a9:d9:5e:e9:19:53:3e:09:b8:ee:b3:71:cd:0d:12:46:5e:9b:
66:5f:45:14:23:de:a0:43:fe:c3:59:07:c9:b1:9f:af:ba:84:
c3:6c:d2:77:90:6a:be:27:e0:59:a8:d3:bc:ec:de:e3:a1:8c:
92:e3:56:66:e4:20:15:a9:bd:9b:07:02:cf:46:5e:ec:ce:69:
43:48:ca:a5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVw1U6smRCf26uKP6mKmKJpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNjZDc2MTU5YmZkOWUzMzc1MjNlZTkzMGYzZGYxMTFkNmJh
ZTczMDYwHhcNMjMwMTAyMDQ1NTA1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYWFiYWY0ZGI5NGRhMjUxMTY5MmNjMjIxYWQ4M2I4NDQzZjZjOTk1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuB3Qn2uKEH7JfKcVC/Ig1eL+X5BX
yHf5c37t/iVr+3kFShO6p7vvGhFwMiUXYO42oYhh3MzIPwaY8/7e9Fx7rSxQ+y9f
SWptEOEIqBzVfhrkTP4oIWClazsfk1mOHS8LLK2h3qojbBpP7PdTvkFB0FErpvOS
/T9JmXdnvNFRhURVyDjTY5k/4IZXaArRAc87Hj9SGMOJRlx+neI6tXwwc598nfxS
2TW20QJIUxu8t9XkCKCjhJRkCJpfEzEF7lD75Fk3U4GZkIgVzYOLIBpjdPOHYOpr
VMwu6XU+mCy4/LKfSQgydknaua2Geex0Xb5vbqfzQg+VyKeAA8XVVSW7SwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAqrr025TaJRFpLMIhrYO4RD9smVMB8GA1UdIwQY
MBaAFMzXYVm/2eM3Uj7pMPPfER1rrnMGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvek5kaFdiX1o0emRTUHVrdzg5OFJIV3V1Y3dZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MC9mNmFkYTEtN2U4YS00YjNlLWI3ZTgt
Zjg1ODlmNjgyNjkxLzEvQ3F1dlRibE5vbEVXa3N3aUd0ZzdoRVAyeVpVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MC9mNmFkYTEtN2U4YS00YjNlLWI3ZTgtZjg1ODlmNjgyNjkx
LzEvek5kaFdiX1o0emRTUHVrdzg5OFJIV3V1Y3dZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCsDWgMA0G
CSqGSIb3DQEBCwUAA4IBAQCBlo/ac1kcbCEbDz87B9uP7zG4B4nXy+EatP+TR48S
uBdXX4MmXDR41/MUsSOJmFGZbQ6fkHS+dGfGq18tqdTCfy5fNvlwIggcW9wAc7sJ
rOin8khcLgUjbT2R+BtOKVXYb0KvmVlcydRVTuRHSzEivFCpeqofIdlrJTPctVqc
yJZ2ktgswDQTxzkrG9YQxKjtoEw5PGuN9k2zIhdC7efSxBw+Pu0ImtFtarGDpJxq
MtzPsxap2V7pGVM+Cbjus3HNDRJGXptmX0UUI96gQ/7DWQfJsZ+vuoTDbNJ3kGq+
J+BZqNO87N7joYyS41Zm5CAVqb2bBwLPRl7szmlDSMql
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:08:46 2024 by rpki-client on console-ams.rpki-client.org