Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/4de598-6b03-4bef-ab14-33894913dcb7/1/1hVqdo2cJ0JcbROaxX2ZGH_vHeQ.roa
File: 1hVqdo2cJ0JcbROaxX2ZGH_vHeQ.roa (raw, json)
Hash identifier: PzO4uuBZmRxP/eqEvycHdf/VZ4AFfc0hXn+OseabARs=
Subject key identifier: D6:15:6A:76:8D:9C:27:42:5C:6D:13:9A:C5:7D:99:18:7F:EF:1D:E4
Certificate issuer: /CN=fe779e56238b6f2ea068ede4e20aef00c904132b
Certificate serial: 03C5D157
Authority key identifier: FE:77:9E:56:23:8B:6F:2E:A0:68:ED:E4:E2:0A:EF:00:C9:04:13:2B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_neeViOLby6gaO3k4grvAMkEEys.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/4de598-6b03-4bef-ab14-33894913dcb7/1/1hVqdo2cJ0JcbROaxX2ZGH_vHeQ.roa
Signing time: Tue 11 Jan 2022 18:25:43 +0000
ROA not before: Tue 11 Jan 2022 18:25:43 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 61317
IP address blocks: 176.52.132.0/22 maxlen: 24
176.52.128.0/22 maxlen: 24
176.52.136.0/22 maxlen: 24
176.52.140.0/22 maxlen: 24
176.52.144.0/22 maxlen: 24
176.52.152.0/22 maxlen: 24
176.52.148.0/22 maxlen: 24
176.52.156.0/22 maxlen: 24
92.53.176.0/22 maxlen: 24
92.53.180.0/22 maxlen: 24
92.53.188.0/22 maxlen: 24
185.93.104.0/22 maxlen: 24
92.53.172.0/22 maxlen: 24
92.53.168.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 63295831 (0x3c5d157)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fe779e56238b6f2ea068ede4e20aef00c904132b
Validity
Not Before: Jan 11 18:25:43 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d6156a768d9c27425c6d139ac57d99187fef1de4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:f9:db:50:de:35:fd:9c:24:cf:e6:5d:00:ca:
19:86:8e:71:fe:f2:07:0e:43:dd:7d:a5:fd:6b:6c:
4d:26:a3:84:91:31:73:51:50:95:e3:a9:fc:5c:b0:
b7:c8:8a:87:74:5a:45:a9:7b:10:b9:d4:89:7e:16:
ca:dc:73:bd:28:87:8b:8b:89:ee:ff:48:a6:93:e8:
71:4c:2a:90:70:b7:9d:54:f1:c8:ad:f9:c3:3d:74:
df:50:15:63:88:87:c3:46:17:e1:e7:79:48:cf:1f:
c8:5d:b9:3f:62:e2:5c:26:eb:92:10:d8:cf:f3:ba:
5d:ef:96:50:77:c4:e6:dc:76:5f:cb:18:93:b6:cb:
07:29:ed:ba:41:2c:94:1d:da:ac:93:ad:6d:35:fc:
d6:1f:a7:11:53:de:e4:ad:39:33:bb:c5:c5:25:65:
1b:c5:21:56:90:6c:35:7d:4c:1a:b7:17:fd:ab:0a:
81:5c:85:b9:43:22:de:05:47:cc:0c:bf:58:a4:67:
cc:89:18:7e:85:0a:39:45:83:53:93:21:f3:2c:82:
34:99:e8:40:da:76:1a:2d:55:23:17:03:e7:c8:64:
bf:30:96:dc:ce:69:49:3e:e3:69:f1:d4:8b:45:68:
18:be:09:c7:fc:24:bd:71:96:40:67:1d:d8:98:71:
c6:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:15:6A:76:8D:9C:27:42:5C:6D:13:9A:C5:7D:99:18:7F:EF:1D:E4
X509v3 Authority Key Identifier:
keyid:FE:77:9E:56:23:8B:6F:2E:A0:68:ED:E4:E2:0A:EF:00:C9:04:13:2B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_neeViOLby6gaO3k4grvAMkEEys.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/4de598-6b03-4bef-ab14-33894913dcb7/1/1hVqdo2cJ0JcbROaxX2ZGH_vHeQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/4de598-6b03-4bef-ab14-33894913dcb7/1/_neeViOLby6gaO3k4grvAMkEEys.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
92.53.168.0-92.53.183.255
92.53.188.0/22
176.52.128.0/19
185.93.104.0/22
Signature Algorithm: sha256WithRSAEncryption
08:4e:23:4b:69:57:48:cb:12:e6:fb:d2:f9:65:c1:19:b4:cb:
cb:30:71:5a:c7:52:d5:80:0e:01:bc:20:ba:81:8b:d2:1c:12:
da:06:9f:53:dd:ff:43:0c:51:5c:b5:49:94:a4:07:8d:46:b4:
40:20:ae:e1:9f:fe:64:a7:b8:59:e0:1e:cd:5e:0a:99:bc:ca:
08:79:32:6d:65:cd:c0:44:ab:1c:24:47:99:51:5c:54:06:c5:
3c:40:a7:6b:b2:29:87:cd:de:a1:77:5d:78:3e:c3:28:35:a0:
bf:75:b4:bc:3c:08:bf:54:3a:86:ba:31:a9:9c:57:bb:c7:d1:
08:32:9c:8e:b4:1f:fc:93:2a:55:8d:99:65:dd:f5:95:11:2d:
33:04:e5:c5:e2:d1:7c:a7:08:57:fb:86:a0:25:45:6c:6a:79:
e4:04:ec:de:3c:e2:38:ae:45:c6:ee:44:f3:a1:6f:83:f7:16:
5a:b1:bf:3b:4b:16:c5:b5:3c:ff:50:b6:d9:8c:38:a7:ef:fe:
67:9b:74:ec:1c:b8:25:42:bd:25:96:34:8b:83:da:e6:55:91:
1b:b0:60:7b:ae:30:69:62:3f:a3:6d:c6:e0:e3:18:8f:96:fe:
f5:e8:85:28:fe:22:13:f2:3d:68:46:c6:6e:24:d4:a3:a8:7e:
6b:2d:b9:48
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgIEA8XRVzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
ZTc3OWU1NjIzOGI2ZjJlYTA2OGVkZTRlMjBhZWYwMGM5MDQxMzJiMB4XDTIyMDEx
MTE4MjU0M1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZDYxNTZhNzY4ZDlj
Mjc0MjVjNmQxMzlhYzU3ZDk5MTg3ZmVmMWRlNDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKH521DeNf2cJM/mXQDKGYaOcf7yBw5D3X2l/WtsTSajhJEx
c1FQleOp/Fywt8iKh3RaRal7ELnUiX4WytxzvSiHi4uJ7v9IppPocUwqkHC3nVTx
yK35wz1031AVY4iHw0YX4ed5SM8fyF25P2LiXCbrkhDYz/O6Xe+WUHfE5tx2X8sY
k7bLByntukEslB3arJOtbTX81h+nEVPe5K05M7vFxSVlG8UhVpBsNX1MGrcX/asK
gVyFuUMi3gVHzAy/WKRnzIkYfoUKOUWDU5Mh8yyCNJnoQNp2Gi1VIxcD58hkvzCW
3M5pST7jafHUi0VoGL4Jx/wkvXGWQGcd2JhxxjkCAwEAAaOCAiMwggIfMB0GA1Ud
DgQWBBTWFWp2jZwnQlxtE5rFfZkYf+8d5DAfBgNVHSMEGDAWgBT+d55WI4tvLqBo
7eTiCu8AyQQTKzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L19uZWVWaU9MYnk2Z2FPM2s0Z3J2QU1rRUV5cy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjEvNGRlNTk4LTZiMDMtNGJlZi1hYjE0LTMzODk0OTEzZGNiNy8x
LzFoVnFkbzJjSjBKY2JST2F4WDJaR0hfdkhlUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjEv
NGRlNTk4LTZiMDMtNGJlZi1hYjE0LTMzODk0OTEzZGNiNy8xL19uZWVWaU9MYnk2
Z2FPM2s0Z3J2QU1rRUV5cy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA5
BggrBgEFBQcBBwEB/wQqMCgwJgQCAAEwIDAMAwQDXDWoAwQDXDWwAwQCXDW8AwQF
sDSAAwQCuV1oMA0GCSqGSIb3DQEBCwUAA4IBAQAITiNLaVdIyxLm+9L5ZcEZtMvL
MHFax1LVgA4BvCC6gYvSHBLaBp9T3f9DDFFctUmUpAeNRrRAIK7hn/5kp7hZ4B7N
XgqZvMoIeTJtZc3ARKscJEeZUVxUBsU8QKdrsimHzd6hd114PsMoNaC/dbS8PAi/
VDqGujGpnFe7x9EIMpyOtB/8kypVjZll3fWVES0zBOXF4tF8pwhX+4agJUVsannk
BOzePOI4rkXG7kTzoW+D9xZasb87SxbFtTz/ULbZjDin7/5nm3TsHLglQr0lljSL
g9rmVZEbsGB7rjBpYj+jbcbg4xiPlv716IUo/iIT8j1oRsZuJNSjqH5rLblI
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:50:13 2024 by rpki-client on console-fra.rpki-client.org