Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/4de598-6b03-4bef-ab14-33894913dcb7/1/17V5_ZQoWa5yWsNgm6AdlrsWG6U.roa
File: 17V5_ZQoWa5yWsNgm6AdlrsWG6U.roa (raw, json)
Hash identifier: VpRVT8CbEYlqP1GscuQkF4HXfjmT0mnwl1CgB23w9Qs=
Subject key identifier: D7:B5:79:FD:94:28:59:AE:72:5A:C3:60:9B:A0:1D:96:BB:16:1B:A5
Certificate issuer: /CN=fe779e56238b6f2ea068ede4e20aef00c904132b
Certificate serial: 0536113D
Authority key identifier: FE:77:9E:56:23:8B:6F:2E:A0:68:ED:E4:E2:0A:EF:00:C9:04:13:2B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_neeViOLby6gaO3k4grvAMkEEys.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/4de598-6b03-4bef-ab14-33894913dcb7/1/17V5_ZQoWa5yWsNgm6AdlrsWG6U.roa
Signing time: Mon 06 Jun 2022 08:15:20 +0000
ROA not before: Mon 06 Jun 2022 08:15:20 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 0
IP address blocks: 176.52.136.0/22 maxlen: 24
176.52.152.0/22 maxlen: 24
92.53.160.0/22 maxlen: 24
92.53.172.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 87429437 (0x536113d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fe779e56238b6f2ea068ede4e20aef00c904132b
Validity
Not Before: Jun 6 08:15:20 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d7b579fd942859ae725ac3609ba01d96bb161ba5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:b3:5d:92:c1:5e:82:b1:b2:27:f9:05:3c:2c:
4d:92:a7:89:cc:21:52:03:11:0c:2f:ad:84:54:5a:
1b:9c:32:3c:cd:34:90:d4:4a:0c:fe:b6:3a:6a:34:
4e:76:05:cf:01:06:41:ad:ef:a1:ab:f0:22:5c:2b:
a7:7a:fe:8f:93:ed:2c:e5:88:be:fa:db:d1:61:65:
2c:62:33:10:49:f9:77:a5:75:26:86:64:e7:f2:48:
91:f3:32:0f:ed:67:0e:fb:65:81:93:7a:7e:13:94:
c9:49:24:ec:5b:2b:78:c3:49:e1:91:a7:d8:d7:be:
61:a8:ff:a9:e8:0c:1f:ec:c6:d7:bc:de:7b:1a:7f:
68:64:91:5f:fd:93:18:9c:72:dc:7a:c8:95:a2:42:
f8:6e:61:98:ac:0c:ef:66:53:77:40:82:fb:48:dc:
fb:a6:94:30:a2:4c:1f:d8:75:55:5b:70:1a:1c:e3:
96:60:d7:55:33:6a:01:8b:09:64:b2:a4:33:c6:1f:
61:eb:9e:44:a2:c7:5b:b1:71:1f:40:6c:f2:11:fa:
a8:6c:5f:9b:d5:97:09:24:92:69:1a:f7:5b:18:fd:
1d:10:2e:79:86:14:04:db:b9:35:cd:ac:ec:9c:6c:
3d:c0:40:b4:08:41:81:a1:7d:93:27:fb:07:9b:7c:
68:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:B5:79:FD:94:28:59:AE:72:5A:C3:60:9B:A0:1D:96:BB:16:1B:A5
X509v3 Authority Key Identifier:
keyid:FE:77:9E:56:23:8B:6F:2E:A0:68:ED:E4:E2:0A:EF:00:C9:04:13:2B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_neeViOLby6gaO3k4grvAMkEEys.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/4de598-6b03-4bef-ab14-33894913dcb7/1/17V5_ZQoWa5yWsNgm6AdlrsWG6U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/4de598-6b03-4bef-ab14-33894913dcb7/1/_neeViOLby6gaO3k4grvAMkEEys.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
92.53.160.0/22
92.53.172.0/22
176.52.136.0/22
176.52.152.0/22
Signature Algorithm: sha256WithRSAEncryption
39:f8:08:8d:43:44:2b:62:5f:58:47:70:af:0d:fd:76:69:d6:
71:d0:8e:60:7d:7e:a1:dd:2b:a1:01:89:95:d6:64:f2:4e:a9:
a2:31:ac:c3:71:5a:a2:06:c0:63:ef:44:69:ea:9b:e9:5b:6d:
dd:b6:56:07:b8:c7:7d:cd:70:f2:af:63:9e:21:64:0c:47:b2:
94:18:97:94:0b:13:6a:34:cc:21:bc:7b:28:b1:ea:0f:69:a4:
3c:20:01:dd:3d:3e:ec:47:64:86:d5:15:97:38:22:d9:19:3c:
ee:d6:00:19:2c:96:cf:71:77:13:f7:1a:17:0e:d4:0a:23:87:
ab:3d:76:d8:b8:f0:b3:cb:22:1b:0a:c4:89:98:88:1e:ac:54:
ae:5a:74:cd:4f:ac:2f:67:27:ab:bd:63:fb:1c:d4:b2:58:fd:
51:71:29:bc:c6:83:30:8b:a4:04:de:e2:8a:25:9f:03:aa:a5:
98:64:82:59:af:ab:16:d4:6b:a3:ea:b8:57:ff:fd:68:7a:cc:
36:60:55:22:e3:c7:65:ac:cb:39:cc:21:6e:65:86:c3:dc:90:
98:49:44:a9:10:ed:96:21:7b:cc:d5:1e:d7:9d:77:1d:67:c0:
47:47:c0:ff:37:84:3d:7b:bf:53:f7:9c:2c:d8:fd:6a:84:21:
06:86:aa:c0
-----BEGIN CERTIFICATE-----
MIIFATCCA+mgAwIBAgIEBTYRPTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
ZTc3OWU1NjIzOGI2ZjJlYTA2OGVkZTRlMjBhZWYwMGM5MDQxMzJiMB4XDTIyMDYw
NjA4MTUyMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZDdiNTc5ZmQ5NDI4
NTlhZTcyNWFjMzYwOWJhMDFkOTZiYjE2MWJhNTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAL2zXZLBXoKxsif5BTwsTZKnicwhUgMRDC+thFRaG5wyPM00
kNRKDP62Omo0TnYFzwEGQa3voavwIlwrp3r+j5PtLOWIvvrb0WFlLGIzEEn5d6V1
JoZk5/JIkfMyD+1nDvtlgZN6fhOUyUkk7FsreMNJ4ZGn2Ne+Yaj/qegMH+zG17ze
exp/aGSRX/2TGJxy3HrIlaJC+G5hmKwM72ZTd0CC+0jc+6aUMKJMH9h1VVtwGhzj
lmDXVTNqAYsJZLKkM8YfYeueRKLHW7FxH0Bs8hH6qGxfm9WXCSSSaRr3Wxj9HRAu
eYYUBNu5Nc2s7JxsPcBAtAhBgaF9kyf7B5t8aO0CAwEAAaOCAhswggIXMB0GA1Ud
DgQWBBTXtXn9lChZrnJaw2CboB2WuxYbpTAfBgNVHSMEGDAWgBT+d55WI4tvLqBo
7eTiCu8AyQQTKzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L19uZWVWaU9MYnk2Z2FPM2s0Z3J2QU1rRUV5cy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjEvNGRlNTk4LTZiMDMtNGJlZi1hYjE0LTMzODk0OTEzZGNiNy8x
LzE3VjVfWlFvV2E1eVdzTmdtNkFkbHJzV0c2VS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjEv
NGRlNTk4LTZiMDMtNGJlZi1hYjE0LTMzODk0OTEzZGNiNy8xL19uZWVWaU9MYnk2
Z2FPM2s0Z3J2QU1rRUV5cy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAx
BggrBgEFBQcBBwEB/wQiMCAwHgQCAAEwGAMEAlw1oAMEAlw1rAMEArA0iAMEArA0
mDANBgkqhkiG9w0BAQsFAAOCAQEAOfgIjUNEK2JfWEdwrw39dmnWcdCOYH1+od0r
oQGJldZk8k6pojGsw3FaogbAY+9Eaeqb6Vtt3bZWB7jHfc1w8q9jniFkDEeylBiX
lAsTajTMIbx7KLHqD2mkPCAB3T0+7EdkhtUVlzgi2Rk87tYAGSyWz3F3E/caFw7U
CiOHqz122Ljws8siGwrEiZiIHqxUrlp0zU+sL2cnq71j+xzUslj9UXEpvMaDMIuk
BN7iiiWfA6qlmGSCWa+rFtRro+q4V//9aHrMNmBVIuPHZazLOcwhbmWGw9yQmElE
qRDtliF7zNUe1513HWfAR0fA/zeEPXu/U/ecLNj9aoQhBoaqwA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:50:13 2024 by rpki-client on console-fra.rpki-client.org