Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/4de598-6b03-4bef-ab14-33894913dcb7/1/2BYK2RNYWcpyh1ZNbPtgavWrlcc.roa
File: 2BYK2RNYWcpyh1ZNbPtgavWrlcc.roa (raw, json)
Hash identifier: wGXJBkdabXwTInyB4XipHye28iw8mfMzsxoQwMXkPDs=
Subject key identifier: D8:16:0A:D9:13:58:59:CA:72:87:56:4D:6C:FB:60:6A:F5:AB:95:C7
Certificate issuer: /CN=fe779e56238b6f2ea068ede4e20aef00c904132b
Certificate serial: 0181D7CDAB55A6A00975B01BA34F61EAAA3F
Authority key identifier: FE:77:9E:56:23:8B:6F:2E:A0:68:ED:E4:E2:0A:EF:00:C9:04:13:2B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_neeViOLby6gaO3k4grvAMkEEys.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/4de598-6b03-4bef-ab14-33894913dcb7/1/2BYK2RNYWcpyh1ZNbPtgavWrlcc.roa
Signing time: Thu 07 Jul 2022 08:36:28 +0000
ROA not before: Thu 07 Jul 2022 08:36:28 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 200019
IP address blocks: 176.52.136.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:81:d7:cd:ab:55:a6:a0:09:75:b0:1b:a3:4f:61:ea:aa:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fe779e56238b6f2ea068ede4e20aef00c904132b
Validity
Not Before: Jul 7 08:36:28 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d8160ad9135859ca7287564d6cfb606af5ab95c7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:49:5f:dd:60:5c:9e:ac:8d:e8:53:5e:7a:24:
b5:9e:9e:34:fc:0c:84:f9:02:dd:48:f7:4b:15:ae:
d5:e2:b1:d9:d8:ad:5b:3a:a3:e5:f8:65:65:56:30:
f5:9b:72:96:27:e8:82:1b:10:82:a2:98:7c:9e:b3:
23:50:66:1c:a4:39:16:3e:4e:63:5a:80:87:51:25:
dc:62:cc:a2:d2:0d:e4:07:d6:30:30:21:86:81:e0:
63:0c:89:ec:4d:80:f7:2b:cf:30:98:da:7e:ac:03:
22:5e:c2:41:83:59:73:9d:8c:1b:b1:8b:57:2a:02:
5a:24:58:16:56:94:ab:c2:98:56:bc:7b:b7:63:68:
1b:c1:b0:28:82:61:c6:76:1d:3d:7a:9f:ed:5f:f4:
47:ae:02:72:58:d6:74:bb:de:49:d9:93:f0:02:ee:
c6:22:2a:69:4a:bb:d4:7c:32:f0:85:16:60:8f:de:
eb:4a:71:0b:77:70:2c:9a:cb:1f:96:e0:3f:69:d8:
71:a8:3b:a0:7e:bf:6d:82:86:5c:5e:ee:e1:0c:6e:
fd:79:7a:22:43:9b:62:f7:9a:54:ff:7b:02:1f:58:
8c:26:88:13:43:ad:75:95:ea:bd:f6:43:2a:70:15:
21:fe:bc:f8:3b:83:64:50:13:21:b3:75:22:c6:1d:
a5:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:16:0A:D9:13:58:59:CA:72:87:56:4D:6C:FB:60:6A:F5:AB:95:C7
X509v3 Authority Key Identifier:
keyid:FE:77:9E:56:23:8B:6F:2E:A0:68:ED:E4:E2:0A:EF:00:C9:04:13:2B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_neeViOLby6gaO3k4grvAMkEEys.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/4de598-6b03-4bef-ab14-33894913dcb7/1/2BYK2RNYWcpyh1ZNbPtgavWrlcc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/4de598-6b03-4bef-ab14-33894913dcb7/1/_neeViOLby6gaO3k4grvAMkEEys.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.52.136.0/22
Signature Algorithm: sha256WithRSAEncryption
16:ad:f4:16:d9:ec:e6:4d:60:69:71:3d:75:16:e3:2f:b0:dd:
b7:cd:0a:56:d9:e4:5e:51:23:d3:de:e6:92:22:57:b0:62:d7:
34:0e:d7:3d:21:78:bd:1c:f1:2d:ee:b4:cb:82:d8:9a:1c:73:
60:b3:31:d1:7f:cd:f4:7c:74:d0:4c:47:f0:84:53:30:1e:31:
c1:dd:fa:f3:a7:10:45:87:e2:e9:c6:54:3f:5d:20:a5:9b:70:
2e:9c:85:7b:b3:9e:35:2f:6e:cd:06:f0:fa:bc:e2:46:0b:dd:
0f:c8:77:b0:75:18:f8:f0:1a:d1:03:32:44:a0:c1:2c:78:c9:
fb:c1:47:7c:20:5a:30:7b:73:06:18:8a:9f:71:2d:7b:04:6f:
21:be:87:25:65:7a:6f:a3:b5:2b:41:a4:e0:7b:12:ce:8e:16:
b6:b0:4c:90:15:23:63:b9:e8:db:6c:a7:cf:ba:68:75:57:d2:
7e:21:82:12:3d:b1:d8:82:50:8d:d4:ed:b7:fd:25:af:15:87:
80:16:fc:e3:bc:6a:e1:f4:10:d3:56:74:16:4f:04:0b:63:ad:
3c:5a:ee:85:9a:88:34:8c:18:ec:29:17:92:ff:0c:3c:84:59:
46:73:cf:f4:07:c4:2d:8a:9f:f2:2b:83:5e:e0:65:a9:d1:83:
44:cb:d9:3c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYHXzatVpqAJdbAbo09h6qo/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZlNzc5ZTU2MjM4YjZmMmVhMDY4ZWRlNGUyMGFlZjAwYzkw
NDEzMmIwHhcNMjIwNzA3MDgzNjI4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkODE2MGFkOTEzNTg1OWNhNzI4NzU2NGQ2Y2ZiNjA2YWY1YWI5NWM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl0lf3WBcnqyN6FNeeiS1np40/AyE
+QLdSPdLFa7V4rHZ2K1bOqPl+GVlVjD1m3KWJ+iCGxCCoph8nrMjUGYcpDkWPk5j
WoCHUSXcYsyi0g3kB9YwMCGGgeBjDInsTYD3K88wmNp+rAMiXsJBg1lznYwbsYtX
KgJaJFgWVpSrwphWvHu3Y2gbwbAogmHGdh09ep/tX/RHrgJyWNZ0u95J2ZPwAu7G
IippSrvUfDLwhRZgj97rSnELd3AsmssfluA/adhxqDugfr9tgoZcXu7hDG79eXoi
Q5ti95pU/3sCH1iMJogTQ611leq99kMqcBUh/rz4O4NkUBMhs3Uixh2lQQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNgWCtkTWFnKcodWTWz7YGr1q5XHMB8GA1UdIwQY
MBaAFP53nlYji28uoGjt5OIK7wDJBBMrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX25lZVZpT0xieTZnYU8zazRncnZBTWtFRXlzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS80ZGU1OTgtNmIwMy00YmVmLWFiMTQt
MzM4OTQ5MTNkY2I3LzEvMkJZSzJSTllXY3B5aDFaTmJQdGdhdldybGNjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS80ZGU1OTgtNmIwMy00YmVmLWFiMTQtMzM4OTQ5MTNkY2I3
LzEvX25lZVZpT0xieTZnYU8zazRncnZBTWtFRXlzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCsDSIMA0G
CSqGSIb3DQEBCwUAA4IBAQAWrfQW2ezmTWBpcT11FuMvsN23zQpW2eReUSPT3uaS
IlewYtc0Dtc9IXi9HPEt7rTLgtiaHHNgszHRf830fHTQTEfwhFMwHjHB3frzpxBF
h+LpxlQ/XSClm3AunIV7s541L27NBvD6vOJGC90PyHewdRj48BrRAzJEoMEseMn7
wUd8IFowe3MGGIqfcS17BG8hvoclZXpvo7UrQaTgexLOjha2sEyQFSNjuejbbKfP
umh1V9J+IYISPbHYglCN1O23/SWvFYeAFvzjvGrh9BDTVnQWTwQLY608Wu6Fmog0
jBjsKReS/ww8hFlGc8/0B8Qtip/yK4Ne4GWp0YNEy9k8
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:39:04 2024 by rpki-client on console-ams.rpki-client.org