Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/4de598-6b03-4bef-ab14-33894913dcb7/1/1Ggd-MSRS3IBUI-arPsQlv9iqrI.roa
File: 1Ggd-MSRS3IBUI-arPsQlv9iqrI.roa (raw, json)
Hash identifier: aClMR5IJihywHrsjxMPWt53busK/MUpARuQ83BCBFfw=
Subject key identifier: D4:68:1D:F8:C4:91:4B:72:01:50:8F:9A:AC:FB:10:96:FF:62:AA:B2
Certificate issuer: /CN=fe779e56238b6f2ea068ede4e20aef00c904132b
Certificate serial: 018482EF7D6E746721AEA13523871469A965
Authority key identifier: FE:77:9E:56:23:8B:6F:2E:A0:68:ED:E4:E2:0A:EF:00:C9:04:13:2B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_neeViOLby6gaO3k4grvAMkEEys.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/4de598-6b03-4bef-ab14-33894913dcb7/1/1Ggd-MSRS3IBUI-arPsQlv9iqrI.roa
Signing time: Thu 17 Nov 2022 00:14:04 +0000
ROA not before: Thu 17 Nov 2022 00:14:04 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 0
IP address blocks: 92.53.180.0/22 maxlen: 24
176.52.128.0/22 maxlen: 24
176.52.132.0/22 maxlen: 24
176.52.136.0/22 maxlen: 22
176.52.144.0/22 maxlen: 24
176.52.140.0/22 maxlen: 22
176.52.152.0/22 maxlen: 22
176.52.148.0/22 maxlen: 24
176.52.156.0/22 maxlen: 22
92.53.172.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:82:ef:7d:6e:74:67:21:ae:a1:35:23:87:14:69:a9:65
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fe779e56238b6f2ea068ede4e20aef00c904132b
Validity
Not Before: Nov 17 00:14:04 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d4681df8c4914b7201508f9aacfb1096ff62aab2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:32:fa:4f:6b:66:3c:dc:d0:e0:a2:68:c3:0d:
34:94:d4:07:bd:c6:d3:af:5d:90:7f:4d:d4:a0:87:
d5:14:87:5a:8e:02:a2:ff:bf:5d:79:bf:3c:89:c5:
4f:b3:4b:03:85:64:ac:e6:32:c0:3d:9e:b6:79:d1:
aa:cf:f7:3c:5e:10:94:3c:47:fc:88:15:75:3b:b8:
f2:b0:5e:30:0b:0c:76:62:b5:6e:8a:87:62:1c:26:
04:6e:b7:48:46:68:cb:24:0b:cb:52:b0:68:c3:3d:
91:23:39:f3:da:37:9f:fe:a0:6f:1c:3f:8e:3a:d2:
a8:b7:14:43:60:e9:10:a0:65:2f:b8:84:f0:91:71:
b6:ce:2d:ef:fa:fe:0e:f8:43:99:d4:6a:ea:9b:9b:
47:40:27:18:60:e4:71:09:fc:b9:7b:86:82:5f:b7:
56:b7:6a:29:02:5f:76:a3:5f:47:aa:07:9f:95:04:
fb:07:56:1c:95:e7:bd:00:84:0e:eb:9b:b7:3b:c9:
39:3c:fa:b6:8f:9b:e9:6c:54:1a:38:72:3e:00:b5:
62:d1:d0:e1:7d:53:14:db:5b:3d:f3:e9:f3:6d:03:
f9:82:2e:54:0f:67:d3:d3:f1:a2:c4:85:eb:13:c8:
c5:b5:80:83:88:34:df:a8:28:69:e5:e1:33:c8:d5:
c4:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:68:1D:F8:C4:91:4B:72:01:50:8F:9A:AC:FB:10:96:FF:62:AA:B2
X509v3 Authority Key Identifier:
keyid:FE:77:9E:56:23:8B:6F:2E:A0:68:ED:E4:E2:0A:EF:00:C9:04:13:2B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_neeViOLby6gaO3k4grvAMkEEys.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/4de598-6b03-4bef-ab14-33894913dcb7/1/1Ggd-MSRS3IBUI-arPsQlv9iqrI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/4de598-6b03-4bef-ab14-33894913dcb7/1/_neeViOLby6gaO3k4grvAMkEEys.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
92.53.172.0/22
92.53.180.0/22
176.52.128.0/19
Signature Algorithm: sha256WithRSAEncryption
44:0e:68:fb:cc:08:81:3b:53:73:1a:ec:a5:6e:c7:09:9c:56:
4e:07:3c:25:6d:c5:2c:24:cb:64:dc:f9:92:5f:d7:ab:eb:1c:
6b:52:d9:25:89:da:1a:35:92:14:c2:22:d4:e6:ee:6c:31:7d:
2a:00:c1:6d:1c:0b:f0:bc:8e:80:45:a6:3e:22:be:a5:5a:73:
19:ac:10:da:3f:6e:85:dd:5d:c2:28:ad:2d:d0:a4:2f:99:5e:
f2:81:86:19:ef:68:1d:15:b4:c2:5d:96:75:b4:0d:e2:6d:c0:
a1:c8:02:f9:0d:18:1b:ae:e7:3a:28:18:9f:35:6a:12:89:f2:
db:76:49:71:e0:6c:bd:54:4b:eb:94:6e:b3:a2:0a:b9:e8:e8:
7a:ea:f8:50:13:e4:18:7f:44:03:59:2b:fd:a3:fc:71:bc:54:
d7:73:40:d9:94:2e:5b:24:f0:65:f7:c6:17:a3:28:3d:c2:89:
85:8b:72:54:71:95:ff:60:73:b1:c0:15:68:6d:23:e1:08:ef:
14:1e:22:44:b9:ca:c2:c4:94:7c:32:dd:58:d5:58:6c:da:75:
78:c9:a1:e4:2a:76:1f:3d:60:45:29:f2:03:41:3e:fa:e1:f3:
3f:6d:6e:f7:50:d6:c8:82:ef:8e:69:38:5c:7e:4f:be:fd:39:
19:9a:45:1c
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYSC731udGchrqE1I4cUaallMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZlNzc5ZTU2MjM4YjZmMmVhMDY4ZWRlNGUyMGFlZjAwYzkw
NDEzMmIwHhcNMjIxMTE3MDAxNDA0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNDY4MWRmOGM0OTE0YjcyMDE1MDhmOWFhY2ZiMTA5NmZmNjJhYWIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhDL6T2tmPNzQ4KJoww00lNQHvcbT
r12Qf03UoIfVFIdajgKi/79deb88icVPs0sDhWSs5jLAPZ62edGqz/c8XhCUPEf8
iBV1O7jysF4wCwx2YrVuiodiHCYEbrdIRmjLJAvLUrBowz2RIznz2jef/qBvHD+O
OtKotxRDYOkQoGUvuITwkXG2zi3v+v4O+EOZ1Grqm5tHQCcYYORxCfy5e4aCX7dW
t2opAl92o19HqgeflQT7B1Yclee9AIQO65u3O8k5PPq2j5vpbFQaOHI+ALVi0dDh
fVMU21s98+nzbQP5gi5UD2fT0/GixIXrE8jFtYCDiDTfqChp5eEzyNXEQwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFNRoHfjEkUtyAVCPmqz7EJb/YqqyMB8GA1UdIwQY
MBaAFP53nlYji28uoGjt5OIK7wDJBBMrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX25lZVZpT0xieTZnYU8zazRncnZBTWtFRXlzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS80ZGU1OTgtNmIwMy00YmVmLWFiMTQt
MzM4OTQ5MTNkY2I3LzEvMUdnZC1NU1JTM0lCVUktYXJQc1FsdjlpcXJJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS80ZGU1OTgtNmIwMy00YmVmLWFiMTQtMzM4OTQ5MTNkY2I3
LzEvX25lZVZpT0xieTZnYU8zazRncnZBTWtFRXlzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCXDWsAwQC
XDW0AwQFsDSAMA0GCSqGSIb3DQEBCwUAA4IBAQBEDmj7zAiBO1NzGuylbscJnFZO
BzwlbcUsJMtk3PmSX9er6xxrUtklidoaNZIUwiLU5u5sMX0qAMFtHAvwvI6ARaY+
Ir6lWnMZrBDaP26F3V3CKK0t0KQvmV7ygYYZ72gdFbTCXZZ1tA3ibcChyAL5DRgb
ruc6KBifNWoSifLbdklx4Gy9VEvrlG6zogq56Oh66vhQE+QYf0QDWSv9o/xxvFTX
c0DZlC5bJPBl98YXoyg9womFi3JUcZX/YHOxwBVobSPhCO8UHiJEucrCxJR8Mt1Y
1Vhs2nV4yaHkKnYfPWBFKfIDQT764fM/bW73UNbIgu+OaThcfk++/TkZmkUc
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:50:13 2024 by rpki-client on console-fra.rpki-client.org