Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/4de598-6b03-4bef-ab14-33894913dcb7/1/5Zrt7HxuHP7USmdjjctKkMbqr_M.roa
File: 5Zrt7HxuHP7USmdjjctKkMbqr_M.roa (raw, json)
Hash identifier: OND6L+RRXrKdnhMcoI75jTU1gf3KkwtXI1TJFAFYl44=
Subject key identifier: E5:9A:ED:EC:7C:6E:1C:FE:D4:4A:67:63:8D:CB:4A:90:C6:EA:AF:F3
Certificate issuer: /CN=fe779e56238b6f2ea068ede4e20aef00c904132b
Certificate serial: 0402C630
Authority key identifier: FE:77:9E:56:23:8B:6F:2E:A0:68:ED:E4:E2:0A:EF:00:C9:04:13:2B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_neeViOLby6gaO3k4grvAMkEEys.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/4de598-6b03-4bef-ab14-33894913dcb7/1/5Zrt7HxuHP7USmdjjctKkMbqr_M.roa
Signing time: Sun 06 Feb 2022 16:56:01 +0000
ROA not before: Sun 06 Feb 2022 16:56:01 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 1299
IP address blocks: 92.53.176.0/22 maxlen: 24
176.52.140.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 67290672 (0x402c630)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fe779e56238b6f2ea068ede4e20aef00c904132b
Validity
Not Before: Feb 6 16:56:01 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e59aedec7c6e1cfed44a67638dcb4a90c6eaaff3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:07:88:67:c0:c8:8b:ea:39:d2:27:e6:e6:bf:
3c:e8:c2:1a:ab:dc:18:71:73:00:43:09:98:c1:5c:
a2:df:dd:d6:54:82:71:e0:8d:a7:80:3a:4a:ff:24:
b3:b3:2b:6f:15:fb:93:6e:2c:4e:28:b8:05:84:0b:
75:c9:4b:be:f8:0b:fc:d9:d6:4b:84:37:c4:88:64:
1e:f6:f1:b6:60:e8:72:d4:ce:e9:04:5c:f2:46:48:
87:8b:27:13:3b:8e:32:c5:17:70:94:9d:fd:7e:cc:
d5:3c:a0:5e:8a:b6:8b:76:5c:52:92:31:ca:3b:89:
3b:89:ea:99:c7:e7:22:58:14:7d:02:7e:84:b5:61:
69:09:a1:4d:91:3f:39:a7:2f:22:de:48:73:fe:b5:
db:e5:75:8a:8a:ab:44:bd:74:93:a8:b3:50:48:38:
ce:4e:9f:c8:28:cd:c4:24:e4:3b:61:e0:31:bf:47:
b7:78:67:f2:f0:2f:b6:27:e8:a5:19:26:0a:a5:99:
23:8a:66:0c:4e:2a:43:b3:da:17:8b:d7:13:ac:0f:
a4:00:51:ae:e0:a0:67:20:c8:d9:f9:26:00:1e:db:
81:58:ce:30:28:33:56:29:e4:3b:31:96:42:64:08:
cd:34:be:10:d0:65:83:35:16:e2:6f:97:77:5d:52:
ac:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:9A:ED:EC:7C:6E:1C:FE:D4:4A:67:63:8D:CB:4A:90:C6:EA:AF:F3
X509v3 Authority Key Identifier:
keyid:FE:77:9E:56:23:8B:6F:2E:A0:68:ED:E4:E2:0A:EF:00:C9:04:13:2B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_neeViOLby6gaO3k4grvAMkEEys.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/4de598-6b03-4bef-ab14-33894913dcb7/1/5Zrt7HxuHP7USmdjjctKkMbqr_M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/4de598-6b03-4bef-ab14-33894913dcb7/1/_neeViOLby6gaO3k4grvAMkEEys.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
92.53.176.0/22
176.52.140.0/22
Signature Algorithm: sha256WithRSAEncryption
3f:ba:92:26:4a:18:91:d4:fe:65:4e:a4:0d:af:da:9b:03:17:
6b:f3:31:7d:ae:83:38:9c:2e:e9:50:e0:91:21:c1:e8:59:17:
31:45:32:c3:a4:5d:83:55:e0:90:b3:83:61:7c:93:57:2e:42:
f0:8f:33:89:44:7c:f8:c2:f2:ee:5c:c0:05:b5:bd:a8:ce:73:
53:80:d7:f0:56:56:8f:0f:e7:c9:25:21:ad:bf:1c:95:ed:fd:
1c:3d:47:a1:1c:d2:4b:bb:04:a2:8b:04:2c:e7:89:c5:d1:10:
02:a0:61:c4:e5:f9:db:cc:b6:85:75:83:5f:aa:99:c0:a2:10:
a4:f3:7b:53:1d:1c:84:20:b6:3d:6d:a3:0e:e9:e9:75:d3:4e:
f7:b1:62:c3:d9:c3:04:fc:ed:c4:a6:91:a4:c4:87:d1:db:84:
21:5c:03:c9:a3:c8:2a:20:78:f2:9b:20:ca:dd:a4:f8:44:8a:
27:dd:a3:4e:bb:d0:6c:1d:3d:9f:51:ae:81:e2:49:71:81:42:
29:3f:24:0d:ff:90:05:3c:34:0b:66:73:cb:29:3d:aa:ae:ce:
1e:10:7d:6f:32:c7:29:32:9c:dc:67:a4:90:9d:2e:61:0c:5b:
2f:03:fb:17:aa:70:7f:6d:c2:8d:40:38:a6:6a:5c:23:b3:3c:
12:a3:eb:18
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEBALGMDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
ZTc3OWU1NjIzOGI2ZjJlYTA2OGVkZTRlMjBhZWYwMGM5MDQxMzJiMB4XDTIyMDIw
NjE2NTYwMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZTU5YWVkZWM3YzZl
MWNmZWQ0NGE2NzYzOGRjYjRhOTBjNmVhYWZmMzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOcHiGfAyIvqOdIn5ua/POjCGqvcGHFzAEMJmMFcot/d1lSC
ceCNp4A6Sv8ks7MrbxX7k24sTii4BYQLdclLvvgL/NnWS4Q3xIhkHvbxtmDoctTO
6QRc8kZIh4snEzuOMsUXcJSd/X7M1TygXoq2i3ZcUpIxyjuJO4nqmcfnIlgUfQJ+
hLVhaQmhTZE/OacvIt5Ic/612+V1ioqrRL10k6izUEg4zk6fyCjNxCTkO2HgMb9H
t3hn8vAvtifopRkmCqWZI4pmDE4qQ7PaF4vXE6wPpABRruCgZyDI2fkmAB7bgVjO
MCgzVinkOzGWQmQIzTS+ENBlgzUW4m+Xd11SrJkCAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBTlmu3sfG4c/tRKZ2ONy0qQxuqv8zAfBgNVHSMEGDAWgBT+d55WI4tvLqBo
7eTiCu8AyQQTKzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L19uZWVWaU9MYnk2Z2FPM2s0Z3J2QU1rRUV5cy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjEvNGRlNTk4LTZiMDMtNGJlZi1hYjE0LTMzODk0OTEzZGNiNy8x
LzVacnQ3SHh1SFA3VVNtZGpqY3RLa01icXJfTS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjEv
NGRlNTk4LTZiMDMtNGJlZi1hYjE0LTMzODk0OTEzZGNiNy8xL19uZWVWaU9MYnk2
Z2FPM2s0Z3J2QU1rRUV5cy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAlw1sAMEArA0jDANBgkqhkiG9w0B
AQsFAAOCAQEAP7qSJkoYkdT+ZU6kDa/amwMXa/Mxfa6DOJwu6VDgkSHB6FkXMUUy
w6Rdg1XgkLODYXyTVy5C8I8ziUR8+MLy7lzABbW9qM5zU4DX8FZWjw/nySUhrb8c
le39HD1HoRzSS7sEoosELOeJxdEQAqBhxOX528y2hXWDX6qZwKIQpPN7Ux0chCC2
PW2jDunpddNO97Fiw9nDBPztxKaRpMSH0duEIVwDyaPIKiB48psgyt2k+ESKJ92j
TrvQbB09n1GugeJJcYFCKT8kDf+QBTw0C2Zzyyk9qq7OHhB9bzLHKTKc3GekkJ0u
YQxbLwP7F6pwf23CjUA4pmpcI7M8EqPrGA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:50:13 2024 by rpki-client on console-fra.rpki-client.org