Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/4de598-6b03-4bef-ab14-33894913dcb7/1/3zVcZBfHqwMVbWCs7uWbU4OIzV0.roa
File: 3zVcZBfHqwMVbWCs7uWbU4OIzV0.roa (raw, json)
Hash identifier: IrUXANb+gOb8OdWpxgvR3BDnbJ8yDUK99nSVde9PRH0=
Subject key identifier: DF:35:5C:64:17:C7:AB:03:15:6D:60:AC:EE:E5:9B:53:83:88:CD:5D
Certificate issuer: /CN=fe779e56238b6f2ea068ede4e20aef00c904132b
Certificate serial: 018227927041A53A6F7AFBE871236DB0AEE9
Authority key identifier: FE:77:9E:56:23:8B:6F:2E:A0:68:ED:E4:E2:0A:EF:00:C9:04:13:2B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_neeViOLby6gaO3k4grvAMkEEys.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/4de598-6b03-4bef-ab14-33894913dcb7/1/3zVcZBfHqwMVbWCs7uWbU4OIzV0.roa
Signing time: Fri 22 Jul 2022 20:21:24 +0000
ROA not before: Fri 22 Jul 2022 20:21:24 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 61317
IP address blocks: 176.52.132.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:27:92:70:41:a5:3a:6f:7a:fb:e8:71:23:6d:b0:ae:e9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fe779e56238b6f2ea068ede4e20aef00c904132b
Validity
Not Before: Jul 22 20:21:24 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=df355c6417c7ab03156d60aceee59b538388cd5d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:da:38:c5:ef:bd:b9:4d:3f:3f:90:2d:35:7d:
78:7c:cc:86:66:b5:35:e1:80:6e:d0:ee:01:83:ed:
4f:7f:2d:81:74:db:18:74:ba:15:85:ae:81:01:aa:
5f:0c:4f:a1:9f:2b:50:0b:62:3b:41:3b:4b:a4:ae:
c1:56:5f:31:65:a7:43:cb:6b:af:5f:91:d3:d2:3e:
0b:49:bf:3c:5e:1e:91:b4:48:0c:12:90:e3:31:f5:
c9:0d:ee:5d:b5:77:64:c7:d9:f2:89:cd:33:9c:ec:
35:60:4f:11:ff:05:d6:69:85:93:e4:a0:24:8e:6d:
22:44:15:d0:01:6d:1a:f6:06:4d:4e:1b:04:5e:1a:
22:16:f1:57:2d:a6:f7:62:29:84:68:75:49:d0:aa:
c0:52:5b:07:80:2e:37:81:a2:ba:89:69:6d:b6:01:
8a:15:0a:d5:de:5d:79:3c:7b:7d:b7:1b:30:6c:ba:
70:19:87:f4:17:12:b8:0f:48:c2:d7:b1:76:32:5b:
7b:3a:9c:0f:e8:29:47:63:8e:7a:09:7b:32:f5:b0:
2c:8a:79:96:fd:01:09:d5:12:11:ff:b7:c8:f7:05:
a6:04:e8:89:47:e9:06:47:63:86:0b:a2:3e:5c:9e:
2b:78:c3:17:94:ea:8c:0e:2a:39:c5:8a:65:81:bd:
5f:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:35:5C:64:17:C7:AB:03:15:6D:60:AC:EE:E5:9B:53:83:88:CD:5D
X509v3 Authority Key Identifier:
keyid:FE:77:9E:56:23:8B:6F:2E:A0:68:ED:E4:E2:0A:EF:00:C9:04:13:2B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_neeViOLby6gaO3k4grvAMkEEys.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/4de598-6b03-4bef-ab14-33894913dcb7/1/3zVcZBfHqwMVbWCs7uWbU4OIzV0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/4de598-6b03-4bef-ab14-33894913dcb7/1/_neeViOLby6gaO3k4grvAMkEEys.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.52.132.0/22
Signature Algorithm: sha256WithRSAEncryption
2f:79:0d:58:0d:f2:32:50:4a:65:fe:27:3f:1c:f2:a3:5b:c2:
86:cc:37:3a:d9:2c:65:43:bb:ee:2d:fc:f5:06:b3:e2:db:c0:
bc:4f:5e:16:d9:61:05:07:0e:3e:e9:33:c0:af:a0:27:74:d1:
fe:02:5b:6f:0b:a7:9e:51:4a:3f:26:19:52:78:44:c9:2b:3a:
38:89:98:fc:79:31:1d:d7:2f:c6:11:18:10:24:93:3c:c2:0b:
60:72:f6:2c:87:83:72:47:aa:72:4d:53:88:82:a7:17:75:4f:
bd:2a:55:ea:ae:f5:36:65:88:71:8f:2f:c0:72:38:cd:25:10:
32:7f:7a:46:63:6e:c6:51:0f:a2:13:93:4b:9f:45:51:8c:a2:
84:b2:90:cd:74:60:e5:55:1b:56:ba:95:9b:81:1d:63:5e:31:
8c:a2:d8:97:fd:c7:0e:b1:bb:df:d3:0f:17:73:a7:a6:1b:d3:
b1:81:a2:14:da:d3:42:29:cc:dc:b9:ec:8a:75:d4:42:14:75:
46:63:22:b2:5d:5d:23:1c:07:32:3f:61:eb:51:cc:8a:c4:a5:
40:7a:db:9e:3f:4d:00:41:5a:c5:b6:6f:11:2c:bd:c8:fd:11:
10:02:62:b3:35:78:18:ee:58:db:f2:ec:f3:e5:c0:40:95:93:
ae:f9:29:ab
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYInknBBpTpvevvocSNtsK7pMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZlNzc5ZTU2MjM4YjZmMmVhMDY4ZWRlNGUyMGFlZjAwYzkw
NDEzMmIwHhcNMjIwNzIyMjAyMTI0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZjM1NWM2NDE3YzdhYjAzMTU2ZDYwYWNlZWU1OWI1MzgzODhjZDVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArNo4xe+9uU0/P5AtNX14fMyGZrU1
4YBu0O4Bg+1Pfy2BdNsYdLoVha6BAapfDE+hnytQC2I7QTtLpK7BVl8xZadDy2uv
X5HT0j4LSb88Xh6RtEgMEpDjMfXJDe5dtXdkx9nyic0znOw1YE8R/wXWaYWT5KAk
jm0iRBXQAW0a9gZNThsEXhoiFvFXLab3YimEaHVJ0KrAUlsHgC43gaK6iWlttgGK
FQrV3l15PHt9txswbLpwGYf0FxK4D0jC17F2Mlt7OpwP6ClHY456CXsy9bAsinmW
/QEJ1RIR/7fI9wWmBOiJR+kGR2OGC6I+XJ4reMMXlOqMDio5xYplgb1f4QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFN81XGQXx6sDFW1grO7lm1ODiM1dMB8GA1UdIwQY
MBaAFP53nlYji28uoGjt5OIK7wDJBBMrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX25lZVZpT0xieTZnYU8zazRncnZBTWtFRXlzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS80ZGU1OTgtNmIwMy00YmVmLWFiMTQt
MzM4OTQ5MTNkY2I3LzEvM3pWY1pCZkhxd01WYldDczd1V2JVNE9JelYwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS80ZGU1OTgtNmIwMy00YmVmLWFiMTQtMzM4OTQ5MTNkY2I3
LzEvX25lZVZpT0xieTZnYU8zazRncnZBTWtFRXlzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCsDSEMA0G
CSqGSIb3DQEBCwUAA4IBAQAveQ1YDfIyUEpl/ic/HPKjW8KGzDc62SxlQ7vuLfz1
BrPi28C8T14W2WEFBw4+6TPAr6AndNH+AltvC6eeUUo/JhlSeETJKzo4iZj8eTEd
1y/GERgQJJM8wgtgcvYsh4NyR6pyTVOIgqcXdU+9KlXqrvU2ZYhxjy/AcjjNJRAy
f3pGY27GUQ+iE5NLn0VRjKKEspDNdGDlVRtWupWbgR1jXjGMotiX/ccOsbvf0w8X
c6emG9OxgaIU2tNCKczcueyKddRCFHVGYyKyXV0jHAcyP2HrUcyKxKVAetueP00A
QVrFtm8RLL3I/REQAmKzNXgY7ljb8uzz5cBAlZOu+Smr
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:50:13 2024 by rpki-client on console-fra.rpki-client.org