Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/4de598-6b03-4bef-ab14-33894913dcb7/1/6xRx4zokzb11aFw276SkSeIA2HU.roa
File: 6xRx4zokzb11aFw276SkSeIA2HU.roa (raw, json)
Hash identifier: IcuOLVCVj3wgkGymKS+hT4uylbDq9RYM4jdl2QQTV3g=
Subject key identifier: EB:14:71:E3:3A:24:CD:BD:75:68:5C:36:EF:A4:A4:49:E2:00:D8:75
Certificate issuer: /CN=fe779e56238b6f2ea068ede4e20aef00c904132b
Certificate serial: 0438DEB9
Authority key identifier: FE:77:9E:56:23:8B:6F:2E:A0:68:ED:E4:E2:0A:EF:00:C9:04:13:2B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_neeViOLby6gaO3k4grvAMkEEys.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/4de598-6b03-4bef-ab14-33894913dcb7/1/6xRx4zokzb11aFw276SkSeIA2HU.roa
Signing time: Thu 03 Mar 2022 08:48:55 +0000
ROA not before: Thu 03 Mar 2022 08:48:55 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 1239
IP address blocks: 176.52.128.0/22 maxlen: 24
176.52.144.0/22 maxlen: 24
176.52.152.0/22 maxlen: 24
92.53.172.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 70835897 (0x438deb9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fe779e56238b6f2ea068ede4e20aef00c904132b
Validity
Not Before: Mar 3 08:48:55 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=eb1471e33a24cdbd75685c36efa4a449e200d875
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:7e:09:bc:1e:34:eb:e0:b9:bd:57:53:27:e7:
1b:aa:d1:05:e8:16:58:b6:bb:94:f0:16:60:ec:ae:
fc:cc:d5:02:2c:1b:b4:29:8e:7f:87:9c:c3:69:e0:
dc:6b:46:4a:90:8a:a4:02:98:52:6f:a5:d6:ea:d6:
7b:ab:85:b7:46:68:43:91:e0:2f:bc:8d:cd:63:1e:
f8:04:8a:f1:4c:4c:c0:24:09:c4:92:13:d1:68:9f:
a2:c8:dd:f6:66:e3:69:a3:92:b9:b4:5e:9f:19:e6:
98:13:59:83:1d:c8:03:ee:bf:85:dc:cb:26:a9:88:
b2:42:10:6c:2a:d6:c5:a7:e3:d6:ab:84:24:68:76:
14:5c:ed:60:35:81:74:a0:fd:af:e1:43:23:aa:5d:
8a:eb:b5:ec:9c:ef:50:05:a4:dc:2a:bf:77:f9:c8:
54:f6:5f:02:ab:b0:b4:08:67:0a:ba:ae:c0:dd:18:
bd:bd:f4:af:bc:6f:2b:f4:9e:e0:42:2b:61:80:69:
ce:43:6c:3f:4e:58:24:1b:bd:39:3d:de:37:2a:fb:
7a:dc:48:6a:42:c2:d0:ab:ef:70:eb:7f:85:cd:85:
61:f5:45:b5:16:ea:bf:31:26:04:31:5a:58:44:3e:
2b:af:d6:76:eb:71:a7:9b:9a:ba:78:d0:e1:63:b9:
4f:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:14:71:E3:3A:24:CD:BD:75:68:5C:36:EF:A4:A4:49:E2:00:D8:75
X509v3 Authority Key Identifier:
keyid:FE:77:9E:56:23:8B:6F:2E:A0:68:ED:E4:E2:0A:EF:00:C9:04:13:2B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_neeViOLby6gaO3k4grvAMkEEys.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/4de598-6b03-4bef-ab14-33894913dcb7/1/6xRx4zokzb11aFw276SkSeIA2HU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/4de598-6b03-4bef-ab14-33894913dcb7/1/_neeViOLby6gaO3k4grvAMkEEys.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
92.53.172.0/22
176.52.128.0/22
176.52.144.0/22
176.52.152.0/22
Signature Algorithm: sha256WithRSAEncryption
15:35:66:bb:c6:d4:1c:03:8a:c4:ac:dc:e1:ac:db:8d:7c:12:
c6:d1:44:b3:91:16:57:db:21:f1:ee:ff:c6:b1:84:a3:1a:bc:
34:f3:53:04:57:9d:77:21:35:bd:91:19:0a:07:bc:46:93:49:
ce:a5:df:0f:0e:b2:27:e6:1a:39:1c:07:04:f1:a2:6f:39:6e:
92:6e:94:50:35:f7:45:8b:83:93:83:a4:c4:fe:9d:6a:67:f3:
1b:e9:10:69:31:87:70:8d:d2:b3:45:d9:f7:c4:1e:23:0d:e3:
ff:30:f7:8c:b4:86:e1:2b:90:00:8a:9c:28:04:65:be:d8:12:
c9:cd:b7:32:63:dc:eb:5e:4b:4b:56:cf:a0:e4:14:50:a6:ae:
88:bd:f7:04:20:39:53:b6:06:b5:1e:9c:15:54:a3:07:73:5a:
56:78:dc:e7:01:8c:a6:d5:38:89:90:3b:d7:b6:10:b5:4b:ca:
44:f6:dc:52:6b:91:20:04:16:ed:c3:cf:f6:2c:bf:4f:9c:31:
f8:c8:cb:c5:5b:3f:61:81:ce:80:6b:c6:e4:54:56:f9:39:0c:
cf:bc:5e:5b:21:e4:98:7a:7d:6e:e1:81:71:30:fa:8c:a2:f0:
a8:4b:01:2e:bb:96:d6:0f:19:d1:ec:2b:d7:36:07:03:ad:bd:
ed:88:b2:df
-----BEGIN CERTIFICATE-----
MIIFATCCA+mgAwIBAgIEBDjeuTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
ZTc3OWU1NjIzOGI2ZjJlYTA2OGVkZTRlMjBhZWYwMGM5MDQxMzJiMB4XDTIyMDMw
MzA4NDg1NVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZWIxNDcxZTMzYTI0
Y2RiZDc1Njg1YzM2ZWZhNGE0NDllMjAwZDg3NTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALt+CbweNOvgub1XUyfnG6rRBegWWLa7lPAWYOyu/MzVAiwb
tCmOf4ecw2ng3GtGSpCKpAKYUm+l1urWe6uFt0ZoQ5HgL7yNzWMe+ASK8UxMwCQJ
xJIT0Wifosjd9mbjaaOSubRenxnmmBNZgx3IA+6/hdzLJqmIskIQbCrWxafj1quE
JGh2FFztYDWBdKD9r+FDI6pdiuu17JzvUAWk3Cq/d/nIVPZfAquwtAhnCrquwN0Y
vb30r7xvK/Se4EIrYYBpzkNsP05YJBu9OT3eNyr7etxIakLC0KvvcOt/hc2FYfVF
tRbqvzEmBDFaWEQ+K6/Wdutxp5uaunjQ4WO5T+sCAwEAAaOCAhswggIXMB0GA1Ud
DgQWBBTrFHHjOiTNvXVoXDbvpKRJ4gDYdTAfBgNVHSMEGDAWgBT+d55WI4tvLqBo
7eTiCu8AyQQTKzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L19uZWVWaU9MYnk2Z2FPM2s0Z3J2QU1rRUV5cy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjEvNGRlNTk4LTZiMDMtNGJlZi1hYjE0LTMzODk0OTEzZGNiNy8x
LzZ4Ung0em9remIxMWFGdzI3NlNrU2VJQTJIVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjEv
NGRlNTk4LTZiMDMtNGJlZi1hYjE0LTMzODk0OTEzZGNiNy8xL19uZWVWaU9MYnk2
Z2FPM2s0Z3J2QU1rRUV5cy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAx
BggrBgEFBQcBBwEB/wQiMCAwHgQCAAEwGAMEAlw1rAMEArA0gAMEArA0kAMEArA0
mDANBgkqhkiG9w0BAQsFAAOCAQEAFTVmu8bUHAOKxKzc4azbjXwSxtFEs5EWV9sh
8e7/xrGEoxq8NPNTBFeddyE1vZEZCge8RpNJzqXfDw6yJ+YaORwHBPGibzlukm6U
UDX3RYuDk4OkxP6damfzG+kQaTGHcI3Ss0XZ98QeIw3j/zD3jLSG4SuQAIqcKARl
vtgSyc23MmPc615LS1bPoOQUUKauiL33BCA5U7YGtR6cFVSjB3NaVnjc5wGMptU4
iZA717YQtUvKRPbcUmuRIAQW7cPP9iy/T5wx+MjLxVs/YYHOgGvG5FRW+TkMz7xe
WyHkmHp9buGBcTD6jKLwqEsBLruW1g8Z0ewr1zYHA6297Yiy3w==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:39:04 2024 by rpki-client on console-ams.rpki-client.org