Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/4de598-6b03-4bef-ab14-33894913dcb7/1/4j-wS0OmsjzY4OaJAqc75nweDyQ.roa
File: 4j-wS0OmsjzY4OaJAqc75nweDyQ.roa (raw, json)
Hash identifier: sbRnLsIe7i7/vVTXpEPArk2Vy8QfOi53zGUBflWZ08k=
Subject key identifier: E2:3F:B0:4B:43:A6:B2:3C:D8:E0:E6:89:02:A7:3B:E6:7C:1E:0F:24
Certificate issuer: /CN=fe779e56238b6f2ea068ede4e20aef00c904132b
Certificate serial: 03FD6882
Authority key identifier: FE:77:9E:56:23:8B:6F:2E:A0:68:ED:E4:E2:0A:EF:00:C9:04:13:2B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_neeViOLby6gaO3k4grvAMkEEys.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/4de598-6b03-4bef-ab14-33894913dcb7/1/4j-wS0OmsjzY4OaJAqc75nweDyQ.roa
Signing time: Fri 04 Feb 2022 20:00:40 +0000
ROA not before: Fri 04 Feb 2022 20:00:40 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 1239
IP address blocks: 176.52.128.0/22 maxlen: 24
176.52.144.0/22 maxlen: 24
92.53.172.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 66939010 (0x3fd6882)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fe779e56238b6f2ea068ede4e20aef00c904132b
Validity
Not Before: Feb 4 20:00:40 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e23fb04b43a6b23cd8e0e68902a73be67c1e0f24
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:d4:9f:63:a1:2a:ff:36:bc:49:27:98:d1:dd:
68:15:1c:47:9e:a1:48:77:3b:ae:30:94:14:a0:6e:
11:14:b7:94:db:eb:85:7c:e9:0e:00:dc:66:3c:8b:
7a:e7:9a:d6:dd:c6:41:99:53:cd:99:8c:ee:8b:32:
75:f4:ca:e1:30:0c:bb:d6:c6:32:6a:f8:8a:f0:e8:
05:29:51:f5:a6:89:56:1d:0a:9f:e4:9c:92:59:1a:
09:bc:60:61:1f:1c:98:e4:9f:86:71:81:9a:be:03:
67:e3:68:2f:7f:e0:b6:b8:2b:cd:5e:74:73:70:c9:
ca:68:77:e1:e1:0e:de:b9:b9:ea:48:6d:24:82:54:
c5:69:47:a4:a0:04:cf:de:1f:a9:dc:98:da:92:5e:
85:b6:26:d3:20:f0:13:cb:84:12:cb:46:d2:3c:52:
89:4b:74:0c:6c:9b:94:f2:6f:53:42:43:b1:4c:bd:
4e:e5:3f:d2:b1:f8:7f:4e:48:a9:14:d4:e4:2f:46:
42:bf:30:d4:69:bd:09:dc:db:bc:1a:94:98:80:e7:
4a:ce:62:e4:82:51:d3:ef:bb:31:31:2f:10:72:1e:
e7:2d:17:3c:2e:af:1a:3a:f8:cb:9b:94:4b:e2:f8:
4e:ba:83:2e:34:e3:1b:db:fc:7d:87:e3:da:d2:3b:
0a:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:3F:B0:4B:43:A6:B2:3C:D8:E0:E6:89:02:A7:3B:E6:7C:1E:0F:24
X509v3 Authority Key Identifier:
keyid:FE:77:9E:56:23:8B:6F:2E:A0:68:ED:E4:E2:0A:EF:00:C9:04:13:2B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_neeViOLby6gaO3k4grvAMkEEys.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/4de598-6b03-4bef-ab14-33894913dcb7/1/4j-wS0OmsjzY4OaJAqc75nweDyQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/4de598-6b03-4bef-ab14-33894913dcb7/1/_neeViOLby6gaO3k4grvAMkEEys.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
92.53.172.0/22
176.52.128.0/22
176.52.144.0/22
Signature Algorithm: sha256WithRSAEncryption
3c:16:de:01:2b:c6:f7:e9:4e:0d:78:6f:93:21:05:36:b4:5e:
44:07:1d:c4:b5:86:ac:25:16:a9:5f:c5:f0:6e:0d:9f:7b:1f:
25:4d:d1:f6:ea:42:35:71:2c:3d:60:9a:d6:09:ac:4a:81:d6:
eb:b1:3b:6b:90:6d:cf:cd:98:ac:5c:e7:47:e2:69:f2:1e:4b:
05:59:f6:57:4c:ca:6e:9d:93:b8:31:63:88:b3:93:e9:9b:0b:
fa:34:e6:5b:1e:e2:80:8a:a8:25:36:b8:b9:0f:6b:b5:bf:90:
51:fd:77:d0:21:f8:05:6e:6d:6d:91:1a:c8:19:c2:84:43:fc:
43:47:1c:6e:c4:52:6e:e4:8d:aa:d7:db:18:7c:d2:f5:d0:19:
cb:6a:c4:cc:44:7f:75:7f:9c:81:81:f7:4d:02:93:88:d1:ad:
99:8e:cb:8a:3b:b7:53:6a:29:89:45:50:9f:07:24:2f:9e:6f:
25:70:dd:2a:ad:07:42:59:c9:3a:fd:14:0c:3e:de:31:6c:d3:
66:2c:7e:fd:7d:c7:be:60:e8:32:5f:93:94:e0:29:73:68:4d:
62:ef:fc:77:ab:b8:df:34:97:58:8c:01:46:e1:18:66:05:54:
d0:e3:08:2c:d5:35:61:50:91:43:a5:cf:44:af:24:d9:83:f9:
e1:e5:ba:24
-----BEGIN CERTIFICATE-----
MIIE+zCCA+OgAwIBAgIEA/1ogjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
ZTc3OWU1NjIzOGI2ZjJlYTA2OGVkZTRlMjBhZWYwMGM5MDQxMzJiMB4XDTIyMDIw
NDIwMDA0MFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZTIzZmIwNGI0M2E2
YjIzY2Q4ZTBlNjg5MDJhNzNiZTY3YzFlMGYyNDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJPUn2OhKv82vEknmNHdaBUcR56hSHc7rjCUFKBuERS3lNvr
hXzpDgDcZjyLeuea1t3GQZlTzZmM7osydfTK4TAMu9bGMmr4ivDoBSlR9aaJVh0K
n+ScklkaCbxgYR8cmOSfhnGBmr4DZ+NoL3/gtrgrzV50c3DJymh34eEO3rm56kht
JIJUxWlHpKAEz94fqdyY2pJehbYm0yDwE8uEEstG0jxSiUt0DGyblPJvU0JDsUy9
TuU/0rH4f05IqRTU5C9GQr8w1Gm9CdzbvBqUmIDnSs5i5IJR0++7MTEvEHIe5y0X
PC6vGjr4y5uUS+L4TrqDLjTjG9v8fYfj2tI7CpECAwEAAaOCAhUwggIRMB0GA1Ud
DgQWBBTiP7BLQ6ayPNjg5okCpzvmfB4PJDAfBgNVHSMEGDAWgBT+d55WI4tvLqBo
7eTiCu8AyQQTKzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L19uZWVWaU9MYnk2Z2FPM2s0Z3J2QU1rRUV5cy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjEvNGRlNTk4LTZiMDMtNGJlZi1hYjE0LTMzODk0OTEzZGNiNy8x
LzRqLXdTME9tc2p6WTRPYUpBcWM3NW53ZUR5US5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjEv
NGRlNTk4LTZiMDMtNGJlZi1hYjE0LTMzODk0OTEzZGNiNy8xL19uZWVWaU9MYnk2
Z2FPM2s0Z3J2QU1rRUV5cy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAr
BggrBgEFBQcBBwEB/wQcMBowGAQCAAEwEgMEAlw1rAMEArA0gAMEArA0kDANBgkq
hkiG9w0BAQsFAAOCAQEAPBbeASvG9+lODXhvkyEFNrReRAcdxLWGrCUWqV/F8G4N
n3sfJU3R9upCNXEsPWCa1gmsSoHW67E7a5Btz82YrFznR+Jp8h5LBVn2V0zKbp2T
uDFjiLOT6ZsL+jTmWx7igIqoJTa4uQ9rtb+QUf130CH4BW5tbZEayBnChEP8Q0cc
bsRSbuSNqtfbGHzS9dAZy2rEzER/dX+cgYH3TQKTiNGtmY7Liju3U2opiUVQnwck
L55vJXDdKq0HQlnJOv0UDD7eMWzTZix+/X3HvmDoMl+TlOApc2hNYu/8d6u43zSX
WIwBRuEYZgVU0OMILNU1YVCRQ6XPRK8k2YP54eW6JA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:50:13 2024 by rpki-client on console-fra.rpki-client.org