Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/4de598-6b03-4bef-ab14-33894913dcb7/1/6M2qsTJsJ9WUXxlT09nreJrllfQ.roa
File: 6M2qsTJsJ9WUXxlT09nreJrllfQ.roa (raw, json)
Hash identifier: WQXAnkrtT+YdLvRGXjBL6eBv6ZREJ2cJI0Ob7BsMLgc=
Subject key identifier: E8:CD:AA:B1:32:6C:27:D5:94:5F:19:53:D3:D9:EB:78:9A:E5:95:F4
Certificate issuer: /CN=fe779e56238b6f2ea068ede4e20aef00c904132b
Certificate serial: 0181D7CDAA1CE5CE60FC502AD15ED60D1BE8
Authority key identifier: FE:77:9E:56:23:8B:6F:2E:A0:68:ED:E4:E2:0A:EF:00:C9:04:13:2B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_neeViOLby6gaO3k4grvAMkEEys.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/4de598-6b03-4bef-ab14-33894913dcb7/1/6M2qsTJsJ9WUXxlT09nreJrllfQ.roa
Signing time: Thu 07 Jul 2022 08:36:28 +0000
ROA not before: Thu 07 Jul 2022 08:36:28 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 834
IP address blocks: 176.52.136.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:81:d7:cd:aa:1c:e5:ce:60:fc:50:2a:d1:5e:d6:0d:1b:e8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fe779e56238b6f2ea068ede4e20aef00c904132b
Validity
Not Before: Jul 7 08:36:28 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e8cdaab1326c27d5945f1953d3d9eb789ae595f4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:30:28:6f:26:50:55:3e:bd:4c:2c:42:b3:61:
be:cb:9a:76:c5:0d:22:92:0f:ea:b3:46:bf:ad:bd:
8d:7d:9d:ad:89:1a:f2:de:ff:27:39:98:c3:7f:7c:
a6:fd:9c:b9:bc:00:9d:ee:b7:31:17:36:2e:92:ba:
78:a2:04:8c:27:0c:f6:dd:77:b3:59:63:d2:77:4b:
06:46:c9:67:5c:7d:73:67:80:8b:55:0a:ba:08:41:
40:c1:b2:27:e7:8f:7e:da:39:16:7b:fd:c2:db:6f:
50:df:1b:d1:61:ec:4c:73:a9:26:d3:59:a3:62:ad:
cc:da:15:53:17:f9:79:ad:90:82:98:68:89:00:a2:
66:76:f1:e6:21:32:64:3b:65:ef:ac:5a:d9:6a:9b:
cd:12:c0:bd:dc:15:85:cc:5d:28:fc:39:a6:88:a2:
af:8a:e3:cf:b0:42:ce:45:13:18:b9:f5:a2:1a:5c:
cd:c5:d8:c5:5f:e3:a9:72:99:3b:8e:e3:54:63:70:
44:ac:04:20:a1:1e:fb:85:75:8b:df:76:86:2b:ed:
f2:cf:94:14:b1:c3:f7:4a:36:1d:1b:98:ba:43:45:
db:4f:b7:0f:a0:c9:93:e5:7f:8c:60:df:d2:34:fe:
a2:43:4e:c7:a4:29:6e:36:b3:6d:c7:b9:08:86:56:
0f:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E8:CD:AA:B1:32:6C:27:D5:94:5F:19:53:D3:D9:EB:78:9A:E5:95:F4
X509v3 Authority Key Identifier:
keyid:FE:77:9E:56:23:8B:6F:2E:A0:68:ED:E4:E2:0A:EF:00:C9:04:13:2B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_neeViOLby6gaO3k4grvAMkEEys.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/4de598-6b03-4bef-ab14-33894913dcb7/1/6M2qsTJsJ9WUXxlT09nreJrllfQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/4de598-6b03-4bef-ab14-33894913dcb7/1/_neeViOLby6gaO3k4grvAMkEEys.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.52.136.0/22
Signature Algorithm: sha256WithRSAEncryption
5d:48:79:75:86:07:78:c1:8b:7f:fe:18:83:35:e4:92:8f:47:
33:f0:78:b9:5e:91:f8:d5:36:bc:42:35:d8:08:0f:52:ea:3a:
f0:1b:c2:d6:82:a7:1e:d5:1d:86:75:5f:66:dc:25:09:29:c7:
1d:9a:b4:d5:ca:b0:d5:c8:04:9f:8a:64:88:22:96:fd:c6:1a:
90:37:e6:de:5c:ee:37:5b:6e:73:0a:47:84:81:94:f3:ec:2c:
47:4e:3c:c0:b4:b5:78:91:0e:c3:5d:a6:7c:69:25:2e:60:70:
29:83:a7:96:0d:74:5f:89:7c:e0:2d:6c:72:07:02:39:b7:20:
d8:31:f6:31:8f:42:51:55:79:b2:f1:36:c2:57:9d:3b:3b:b6:
b6:d1:56:8e:5f:d2:20:61:b7:fa:b2:9e:91:2d:08:ab:92:a3:
1c:fd:80:2f:67:87:72:cb:a8:b5:5e:68:fb:54:81:b7:2d:03:
5a:d1:09:22:9f:fb:1a:31:35:f7:50:47:1e:d6:db:0c:4e:a7:
fe:eb:7f:87:90:8e:cc:58:04:25:f8:31:71:7e:2a:e0:b1:b5:
76:ae:fb:d4:ea:81:24:6a:96:f4:fb:51:87:22:7b:dc:31:12:
b5:11:af:19:a5:cf:b2:79:3d:21:39:96:ea:dd:41:e3:28:b0:
6f:77:ba:ac
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYHXzaoc5c5g/FAq0V7WDRvoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZlNzc5ZTU2MjM4YjZmMmVhMDY4ZWRlNGUyMGFlZjAwYzkw
NDEzMmIwHhcNMjIwNzA3MDgzNjI4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlOGNkYWFiMTMyNmMyN2Q1OTQ1ZjE5NTNkM2Q5ZWI3ODlhZTU5NWY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAljAobyZQVT69TCxCs2G+y5p2xQ0i
kg/qs0a/rb2NfZ2tiRry3v8nOZjDf3ym/Zy5vACd7rcxFzYukrp4ogSMJwz23Xez
WWPSd0sGRslnXH1zZ4CLVQq6CEFAwbIn549+2jkWe/3C229Q3xvRYexMc6km01mj
Yq3M2hVTF/l5rZCCmGiJAKJmdvHmITJkO2XvrFrZapvNEsC93BWFzF0o/DmmiKKv
iuPPsELORRMYufWiGlzNxdjFX+Opcpk7juNUY3BErAQgoR77hXWL33aGK+3yz5QU
scP3SjYdG5i6Q0XbT7cPoMmT5X+MYN/SNP6iQ07HpCluNrNtx7kIhlYPGQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOjNqrEybCfVlF8ZU9PZ63ia5ZX0MB8GA1UdIwQY
MBaAFP53nlYji28uoGjt5OIK7wDJBBMrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX25lZVZpT0xieTZnYU8zazRncnZBTWtFRXlzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS80ZGU1OTgtNmIwMy00YmVmLWFiMTQt
MzM4OTQ5MTNkY2I3LzEvNk0ycXNUSnNKOVdVWHhsVDA5bnJlSnJsbGZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS80ZGU1OTgtNmIwMy00YmVmLWFiMTQtMzM4OTQ5MTNkY2I3
LzEvX25lZVZpT0xieTZnYU8zazRncnZBTWtFRXlzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCsDSIMA0G
CSqGSIb3DQEBCwUAA4IBAQBdSHl1hgd4wYt//hiDNeSSj0cz8Hi5XpH41Ta8QjXY
CA9S6jrwG8LWgqce1R2GdV9m3CUJKccdmrTVyrDVyASfimSIIpb9xhqQN+beXO43
W25zCkeEgZTz7CxHTjzAtLV4kQ7DXaZ8aSUuYHApg6eWDXRfiXzgLWxyBwI5tyDY
MfYxj0JRVXmy8TbCV507O7a20VaOX9IgYbf6sp6RLQirkqMc/YAvZ4dyy6i1Xmj7
VIG3LQNa0Qkin/saMTX3UEce1tsMTqf+63+HkI7MWAQl+DFxfirgsbV2rvvU6oEk
apb0+1GHInvcMRK1Ea8Zpc+yeT0hOZbq3UHjKLBvd7qs
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:50:13 2024 by rpki-client on console-fra.rpki-client.org