Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/4de598-6b03-4bef-ab14-33894913dcb7/1/10RAufTTKl6HeO5deM2_gPdVvNs.roa
File: 10RAufTTKl6HeO5deM2_gPdVvNs.roa (raw, json)
Hash identifier: O8udWglqToRFHVgeir+VU728pLBvuBBMCtQgobgcxOU=
Subject key identifier: D7:44:40:B9:F4:D3:2A:5E:87:78:EE:5D:78:CD:BF:80:F7:55:BC:DB
Certificate issuer: /CN=fe779e56238b6f2ea068ede4e20aef00c904132b
Certificate serial: 04D87538
Authority key identifier: FE:77:9E:56:23:8B:6F:2E:A0:68:ED:E4:E2:0A:EF:00:C9:04:13:2B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_neeViOLby6gaO3k4grvAMkEEys.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/4de598-6b03-4bef-ab14-33894913dcb7/1/10RAufTTKl6HeO5deM2_gPdVvNs.roa
Signing time: Tue 03 May 2022 08:21:53 +0000
ROA not before: Tue 03 May 2022 08:21:53 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 1239
IP address blocks: 176.52.128.0/22 maxlen: 24
176.52.144.0/22 maxlen: 24
92.53.172.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 81294648 (0x4d87538)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fe779e56238b6f2ea068ede4e20aef00c904132b
Validity
Not Before: May 3 08:21:53 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d74440b9f4d32a5e8778ee5d78cdbf80f755bcdb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:75:d7:27:48:95:ac:fa:06:1b:5c:72:3b:cd:
e1:7c:d4:f7:c5:1f:de:0c:79:99:f2:bf:54:ab:06:
1b:d8:3b:aa:aa:74:1d:6a:60:4a:05:44:10:c5:8b:
b3:99:d2:25:00:df:61:36:e7:31:05:60:a5:87:7d:
c5:38:0e:94:1e:25:f0:6b:6b:ee:e2:71:a4:46:9b:
37:87:31:c0:be:ad:91:81:cb:6a:4a:d7:d8:e9:18:
64:50:f1:06:e1:07:8d:4e:97:62:52:7b:d5:15:59:
d1:f2:7e:6b:ca:df:e1:9d:d6:40:1d:eb:12:ff:8f:
30:fa:2f:d6:13:31:99:92:31:b2:dd:f6:d6:ce:57:
c3:ce:04:63:4f:23:d9:f4:8f:80:de:c4:9b:25:f3:
59:e8:a9:ea:f3:6d:ea:80:67:29:b2:03:ec:cf:6b:
71:90:18:8b:fe:ea:2d:7d:2b:d1:db:08:b3:56:a0:
9d:97:76:77:24:eb:d2:70:96:36:09:db:d4:e0:10:
49:c9:f2:47:ba:83:ce:cf:7d:2e:21:bc:20:58:c7:
2d:99:c5:22:42:38:72:4e:06:4e:55:e0:0e:7a:52:
c1:e7:0a:ee:9f:9c:cf:46:78:91:4d:5f:70:f8:d0:
ec:e3:29:eb:9f:e2:03:63:d7:1b:bf:90:06:52:a3:
30:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:44:40:B9:F4:D3:2A:5E:87:78:EE:5D:78:CD:BF:80:F7:55:BC:DB
X509v3 Authority Key Identifier:
keyid:FE:77:9E:56:23:8B:6F:2E:A0:68:ED:E4:E2:0A:EF:00:C9:04:13:2B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_neeViOLby6gaO3k4grvAMkEEys.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/4de598-6b03-4bef-ab14-33894913dcb7/1/10RAufTTKl6HeO5deM2_gPdVvNs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/4de598-6b03-4bef-ab14-33894913dcb7/1/_neeViOLby6gaO3k4grvAMkEEys.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
92.53.172.0/22
176.52.128.0/22
176.52.144.0/22
Signature Algorithm: sha256WithRSAEncryption
3b:28:72:2e:60:b2:9d:3d:14:b1:49:23:07:5b:1a:3a:b0:c3:
d5:1f:17:81:bf:c6:73:82:16:ec:ba:be:57:28:6e:fc:74:b0:
35:47:ee:79:5f:c6:2e:2b:27:a1:7c:3f:56:6f:86:d2:f1:1b:
07:37:ec:4c:fb:d8:24:47:5c:42:b7:42:cc:8a:b3:88:5f:b9:
7c:7a:23:d7:0f:fa:9c:a7:82:bb:c5:2b:90:13:70:9d:11:df:
45:58:aa:03:3e:b0:3f:28:43:db:c5:65:64:ce:a6:48:ee:fa:
e1:9f:36:8f:cc:ad:34:6c:41:ee:16:f0:2d:f6:23:7a:2b:7e:
bb:07:27:69:1b:31:d4:17:8d:63:0b:4b:3a:8d:0e:94:c2:8c:
20:53:4d:31:5f:13:e2:6a:a5:8b:ea:db:e9:88:08:d6:88:27:
da:76:0a:93:cc:34:df:9d:91:77:b8:b4:26:e8:e9:61:d7:b5:
69:5c:d0:89:26:9f:d4:66:26:cb:26:c0:d1:40:c6:7b:00:ee:
af:d1:56:c2:96:e1:e9:7a:8b:1f:7f:32:3e:4a:a7:df:a0:0b:
98:86:21:9c:41:fc:f6:97:2a:5e:5b:8e:98:81:b5:a8:9d:76:
6e:e6:00:a9:df:14:86:75:19:83:ca:70:2a:aa:f9:0a:8d:23:
53:d1:b2:8d
-----BEGIN CERTIFICATE-----
MIIE+zCCA+OgAwIBAgIEBNh1ODANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
ZTc3OWU1NjIzOGI2ZjJlYTA2OGVkZTRlMjBhZWYwMGM5MDQxMzJiMB4XDTIyMDUw
MzA4MjE1M1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZDc0NDQwYjlmNGQz
MmE1ZTg3NzhlZTVkNzhjZGJmODBmNzU1YmNkYjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK111ydIlaz6BhtccjvN4XzU98Uf3gx5mfK/VKsGG9g7qqp0
HWpgSgVEEMWLs5nSJQDfYTbnMQVgpYd9xTgOlB4l8Gtr7uJxpEabN4cxwL6tkYHL
akrX2OkYZFDxBuEHjU6XYlJ71RVZ0fJ+a8rf4Z3WQB3rEv+PMPov1hMxmZIxst32
1s5Xw84EY08j2fSPgN7EmyXzWeip6vNt6oBnKbID7M9rcZAYi/7qLX0r0dsIs1ag
nZd2dyTr0nCWNgnb1OAQScnyR7qDzs99LiG8IFjHLZnFIkI4ck4GTlXgDnpSwecK
7p+cz0Z4kU1fcPjQ7OMp65/iA2PXG7+QBlKjMA0CAwEAAaOCAhUwggIRMB0GA1Ud
DgQWBBTXREC59NMqXod47l14zb+A91W82zAfBgNVHSMEGDAWgBT+d55WI4tvLqBo
7eTiCu8AyQQTKzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L19uZWVWaU9MYnk2Z2FPM2s0Z3J2QU1rRUV5cy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjEvNGRlNTk4LTZiMDMtNGJlZi1hYjE0LTMzODk0OTEzZGNiNy8x
LzEwUkF1ZlRUS2w2SGVPNWRlTTJfZ1BkVnZOcy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjEv
NGRlNTk4LTZiMDMtNGJlZi1hYjE0LTMzODk0OTEzZGNiNy8xL19uZWVWaU9MYnk2
Z2FPM2s0Z3J2QU1rRUV5cy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAr
BggrBgEFBQcBBwEB/wQcMBowGAQCAAEwEgMEAlw1rAMEArA0gAMEArA0kDANBgkq
hkiG9w0BAQsFAAOCAQEAOyhyLmCynT0UsUkjB1saOrDD1R8Xgb/Gc4IW7Lq+Vyhu
/HSwNUfueV/GLisnoXw/Vm+G0vEbBzfsTPvYJEdcQrdCzIqziF+5fHoj1w/6nKeC
u8UrkBNwnRHfRViqAz6wPyhD28VlZM6mSO764Z82j8ytNGxB7hbwLfYjeit+uwcn
aRsx1BeNYwtLOo0OlMKMIFNNMV8T4mqli+rb6YgI1ogn2nYKk8w0352Rd7i0Jujp
Yde1aVzQiSaf1GYmyybA0UDGewDur9FWwpbh6XqLH38yPkqn36ALmIYhnEH89pcq
XluOmIG1qJ12buYAqd8UhnUZg8pwKqr5Co0jU9GyjQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:39:04 2024 by rpki-client on console-ams.rpki-client.org