Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/4de598-6b03-4bef-ab14-33894913dcb7/1/4nMyxX-Ke_9BkWWdQ_fJd9lMQmg.roa
File: 4nMyxX-Ke_9BkWWdQ_fJd9lMQmg.roa (raw, json)
Hash identifier: h1nx+FT+zkzq2wwT9xfluPMWc2OdOUONQl529eyGp/U=
Subject key identifier: E2:73:32:C5:7F:8A:7B:FF:41:91:65:9D:43:F7:C9:77:D9:4C:42:68
Certificate issuer: /CN=fe779e56238b6f2ea068ede4e20aef00c904132b
Certificate serial: 0183078ECD3BC0D25BD599BC6F27F91EFEC4
Authority key identifier: FE:77:9E:56:23:8B:6F:2E:A0:68:ED:E4:E2:0A:EF:00:C9:04:13:2B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_neeViOLby6gaO3k4grvAMkEEys.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/4de598-6b03-4bef-ab14-33894913dcb7/1/4nMyxX-Ke_9BkWWdQ_fJd9lMQmg.roa
Signing time: Sun 04 Sep 2022 08:12:22 +0000
ROA not before: Sun 04 Sep 2022 08:12:22 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 0
IP address blocks: 92.53.176.0/22 maxlen: 22
176.52.128.0/22 maxlen: 24
176.52.140.0/22 maxlen: 22
176.52.148.0/22 maxlen: 22
92.53.160.0/22 maxlen: 24
92.53.164.0/22 maxlen: 24
92.53.172.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:07:8e:cd:3b:c0:d2:5b:d5:99:bc:6f:27:f9:1e:fe:c4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fe779e56238b6f2ea068ede4e20aef00c904132b
Validity
Not Before: Sep 4 08:12:22 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e27332c57f8a7bff4191659d43f7c977d94c4268
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:b5:55:51:a6:ab:c5:ac:4a:4f:b6:ef:a5:94:
61:eb:c3:c3:a2:76:b4:6b:2f:75:b7:fa:02:8c:c4:
95:71:91:a9:12:2a:06:25:bb:0d:27:9b:28:48:07:
c0:a7:32:20:89:d3:9b:42:63:d2:9f:80:92:63:5a:
bd:4d:c3:05:3b:65:8a:00:0c:0c:de:5a:33:28:a6:
54:99:bc:5c:5a:e0:bf:8f:8f:06:72:80:9a:8a:b8:
9d:05:cf:fd:83:3e:3b:03:da:6f:3a:53:9e:47:ca:
aa:39:14:7d:20:91:e2:45:f0:13:96:0b:cd:4d:88:
59:2a:98:9a:33:af:02:e5:ed:2d:e4:a9:12:0d:ba:
3e:85:52:7e:db:4e:d1:86:41:69:f1:85:36:44:75:
26:65:37:26:00:f8:a5:de:15:b7:69:fd:b8:5a:52:
96:66:77:44:91:7e:5a:55:a4:59:29:56:48:c8:49:
f9:7d:86:38:21:ca:91:a7:88:21:46:03:2a:d4:7c:
6a:4e:12:42:a6:67:1f:c6:de:5e:2d:48:4a:a1:8f:
23:34:c4:24:d6:f8:37:67:73:38:7c:2b:49:aa:1b:
1b:b5:a1:95:a9:84:fa:1b:89:24:19:ec:86:cc:47:
3c:e7:f0:14:bd:da:7f:4c:91:7b:22:cd:1c:0f:7c:
fd:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:73:32:C5:7F:8A:7B:FF:41:91:65:9D:43:F7:C9:77:D9:4C:42:68
X509v3 Authority Key Identifier:
keyid:FE:77:9E:56:23:8B:6F:2E:A0:68:ED:E4:E2:0A:EF:00:C9:04:13:2B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_neeViOLby6gaO3k4grvAMkEEys.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/4de598-6b03-4bef-ab14-33894913dcb7/1/4nMyxX-Ke_9BkWWdQ_fJd9lMQmg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/4de598-6b03-4bef-ab14-33894913dcb7/1/_neeViOLby6gaO3k4grvAMkEEys.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
92.53.160.0/21
92.53.172.0-92.53.179.255
176.52.128.0/22
176.52.140.0/22
176.52.148.0/22
Signature Algorithm: sha256WithRSAEncryption
33:5f:2e:bd:f4:37:c6:db:83:14:3d:be:c7:a1:15:3b:82:eb:
0c:78:9e:35:37:8b:c0:cb:53:a7:4f:7b:88:88:0d:8a:eb:ec:
04:61:51:81:f5:c8:b2:b2:8e:18:6e:d9:c2:42:30:85:7e:22:
35:51:ab:2b:04:84:d6:b2:bb:c6:f3:66:31:31:49:58:a2:56:
2b:ee:b7:a8:59:f8:4e:53:ff:23:e7:01:88:2c:f1:fc:40:1a:
45:e3:ea:3f:b7:f6:81:b0:8f:88:a1:59:2c:fe:d6:aa:ec:0d:
18:bb:99:4b:e8:51:bf:6a:c3:92:28:0f:7c:59:5b:ac:ee:f7:
61:af:1a:4b:5e:94:a0:80:52:46:9a:22:17:8a:f7:5a:67:11:
71:ea:04:43:e2:8e:77:db:b3:96:30:f1:6d:2d:9f:de:47:2e:
9d:4a:3c:39:3e:9c:77:58:d3:86:fb:d1:2f:a4:c7:be:6c:29:
a4:bc:1c:32:c1:06:21:c3:1e:7e:6a:f8:f5:15:53:a6:4a:80:
e4:ae:6c:e3:95:92:a6:b4:18:97:4c:a2:33:79:46:8e:89:2f:
6f:d7:23:3b:1e:01:ff:ef:38:36:ee:e4:b2:06:d9:64:58:8a:
89:27:8d:41:fa:4d:1e:f9:7e:ed:cd:8c:76:3e:c5:32:7f:ab:
c0:43:f6:4e
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAYMHjs07wNJb1Zm8byf5Hv7EMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZlNzc5ZTU2MjM4YjZmMmVhMDY4ZWRlNGUyMGFlZjAwYzkw
NDEzMmIwHhcNMjIwOTA0MDgxMjIyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMjczMzJjNTdmOGE3YmZmNDE5MTY1OWQ0M2Y3Yzk3N2Q5NGM0MjY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0bVVUaarxaxKT7bvpZRh68PDona0
ay91t/oCjMSVcZGpEioGJbsNJ5soSAfApzIgidObQmPSn4CSY1q9TcMFO2WKAAwM
3lozKKZUmbxcWuC/j48GcoCairidBc/9gz47A9pvOlOeR8qqORR9IJHiRfATlgvN
TYhZKpiaM68C5e0t5KkSDbo+hVJ+207RhkFp8YU2RHUmZTcmAPil3hW3af24WlKW
ZndEkX5aVaRZKVZIyEn5fYY4IcqRp4ghRgMq1HxqThJCpmcfxt5eLUhKoY8jNMQk
1vg3Z3M4fCtJqhsbtaGVqYT6G4kkGeyGzEc85/AUvdp/TJF7Is0cD3z9jQIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFOJzMsV/inv/QZFlnUP3yXfZTEJoMB8GA1UdIwQY
MBaAFP53nlYji28uoGjt5OIK7wDJBBMrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX25lZVZpT0xieTZnYU8zazRncnZBTWtFRXlzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS80ZGU1OTgtNmIwMy00YmVmLWFiMTQt
MzM4OTQ5MTNkY2I3LzEvNG5NeXhYLUtlXzlCa1dXZFFfZkpkOWxNUW1nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS80ZGU1OTgtNmIwMy00YmVmLWFiMTQtMzM4OTQ5MTNkY2I3
LzEvX25lZVZpT0xieTZnYU8zazRncnZBTWtFRXlzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmAwQDXDWgMAwD
BAJcNawDBAJcNbADBAKwNIADBAKwNIwDBAKwNJQwDQYJKoZIhvcNAQELBQADggEB
ADNfLr30N8bbgxQ9vsehFTuC6wx4njU3i8DLU6dPe4iIDYrr7ARhUYH1yLKyjhhu
2cJCMIV+IjVRqysEhNayu8bzZjExSViiVivut6hZ+E5T/yPnAYgs8fxAGkXj6j+3
9oGwj4ihWSz+1qrsDRi7mUvoUb9qw5IoD3xZW6zu92GvGktelKCAUkaaIheK91pn
EXHqBEPijnfbs5Yw8W0tn95HLp1KPDk+nHdY04b70S+kx75sKaS8HDLBBiHDHn5q
+PUVU6ZKgOSubOOVkqa0GJdMojN5Ro6JL2/XIzseAf/vODbu5LIG2WRYioknjUH6
TR75fu3NjHY+xTJ/q8BD9k4=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:39:04 2024 by rpki-client on console-ams.rpki-client.org