Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/4de598-6b03-4bef-ab14-33894913dcb7/1/700Mm6Zw0HmGdBrLSGWsM9hmXqE.roa
File: 700Mm6Zw0HmGdBrLSGWsM9hmXqE.roa (raw, json)
Hash identifier: pK8w4gMSNsXQw0uiHthJF1AGlhVbTDpKv05qroAHrFU=
Subject key identifier: EF:4D:0C:9B:A6:70:D0:79:86:74:1A:CB:48:65:AC:33:D8:66:5E:A1
Certificate issuer: /CN=fe779e56238b6f2ea068ede4e20aef00c904132b
Certificate serial: 04A5C4AD
Authority key identifier: FE:77:9E:56:23:8B:6F:2E:A0:68:ED:E4:E2:0A:EF:00:C9:04:13:2B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_neeViOLby6gaO3k4grvAMkEEys.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/4de598-6b03-4bef-ab14-33894913dcb7/1/700Mm6Zw0HmGdBrLSGWsM9hmXqE.roa
Signing time: Thu 14 Apr 2022 11:38:47 +0000
ROA not before: Thu 14 Apr 2022 11:38:47 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 61317
IP address blocks: 176.52.128.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 77972653 (0x4a5c4ad)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fe779e56238b6f2ea068ede4e20aef00c904132b
Validity
Not Before: Apr 14 11:38:47 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ef4d0c9ba670d07986741acb4865ac33d8665ea1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:4f:aa:48:98:06:d0:67:95:fa:14:da:04:6d:
13:31:fe:ba:70:dd:7a:53:1e:fb:ac:4c:3c:5f:0a:
57:bc:ec:f5:2d:b3:5a:70:58:b3:c8:16:ef:e8:c8:
ab:af:ed:46:d1:2d:b3:21:e5:21:71:6a:7f:b4:f2:
e4:9a:14:ff:8f:c1:00:2c:c6:81:de:d4:0b:49:5f:
49:08:17:65:ec:91:7d:08:9d:6d:c6:84:ba:74:34:
0a:8e:56:0e:f1:7b:ae:49:72:0f:73:aa:5f:68:b0:
d5:d8:10:a2:a3:e5:80:af:33:10:cf:68:6a:21:05:
32:48:ab:2c:18:44:b0:a7:ac:14:58:9e:95:9f:53:
02:d8:69:fb:a4:65:cc:5a:3f:02:2b:50:06:8d:53:
c1:5a:df:ed:d0:15:4c:c7:2c:5a:b8:61:7c:82:5a:
5f:82:4c:bf:42:14:e3:c3:26:d0:e0:d7:b7:41:95:
45:4e:79:cc:6b:97:f3:dd:4f:65:aa:d9:d3:8c:73:
56:71:82:5d:40:37:64:d7:c8:df:f0:36:00:34:2f:
79:c3:dd:58:ef:d0:2c:3d:49:27:b5:53:b2:70:c2:
47:9f:c0:d7:73:0e:d8:e9:b4:d7:53:c9:46:a9:c9:
2d:ff:5e:79:8b:e3:d0:31:11:5f:95:c4:84:93:f2:
f1:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EF:4D:0C:9B:A6:70:D0:79:86:74:1A:CB:48:65:AC:33:D8:66:5E:A1
X509v3 Authority Key Identifier:
keyid:FE:77:9E:56:23:8B:6F:2E:A0:68:ED:E4:E2:0A:EF:00:C9:04:13:2B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_neeViOLby6gaO3k4grvAMkEEys.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/4de598-6b03-4bef-ab14-33894913dcb7/1/700Mm6Zw0HmGdBrLSGWsM9hmXqE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/4de598-6b03-4bef-ab14-33894913dcb7/1/_neeViOLby6gaO3k4grvAMkEEys.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.52.128.0/22
Signature Algorithm: sha256WithRSAEncryption
49:ea:84:37:8e:6d:ba:b0:fc:0e:5e:9b:a2:94:22:f8:67:58:
fd:2b:dd:0e:6d:79:8a:ae:c1:b9:4f:8d:ff:6d:07:96:40:45:
f2:7d:87:61:d2:cc:c5:19:18:f2:e5:ab:63:89:fc:fd:ff:59:
fd:80:f8:34:1e:56:43:7a:31:ac:f7:45:58:89:f9:2e:f5:7d:
6c:c1:98:95:3c:30:36:eb:ae:a1:48:98:16:cf:8e:bc:3a:c0:
d8:66:11:e3:d8:60:cc:54:83:4e:eb:4e:f3:97:48:e8:60:4a:
a7:03:a9:94:e9:c2:db:79:ee:13:0f:f4:ed:90:82:c7:39:81:
03:13:18:5f:da:8f:9c:a4:a9:9a:37:81:c5:73:43:b2:80:35:
36:1c:17:26:cb:81:d1:80:8b:ae:ff:f0:1e:62:de:cc:83:17:
f8:55:04:9b:33:86:20:45:88:3f:0d:0d:77:d7:f5:b4:3e:b1:
b8:17:93:07:86:9b:5e:45:6c:93:42:cb:57:92:a7:a2:b8:54:
eb:07:5d:7f:61:db:c9:04:44:35:25:89:0e:ae:81:d3:7d:5a:
ef:7e:bf:30:94:91:ab:25:4e:c3:dd:98:7a:32:62:d5:b9:6e:
21:6e:66:08:0b:50:5c:ac:1b:3e:d3:4c:6c:7c:d7:72:ef:7f:
8d:b1:39:ce
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBKXErTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
ZTc3OWU1NjIzOGI2ZjJlYTA2OGVkZTRlMjBhZWYwMGM5MDQxMzJiMB4XDTIyMDQx
NDExMzg0N1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZWY0ZDBjOWJhNjcw
ZDA3OTg2NzQxYWNiNDg2NWFjMzNkODY2NWVhMTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKhPqkiYBtBnlfoU2gRtEzH+unDdelMe+6xMPF8KV7zs9S2z
WnBYs8gW7+jIq6/tRtEtsyHlIXFqf7Ty5JoU/4/BACzGgd7UC0lfSQgXZeyRfQid
bcaEunQ0Co5WDvF7rklyD3OqX2iw1dgQoqPlgK8zEM9oaiEFMkirLBhEsKesFFie
lZ9TAthp+6RlzFo/AitQBo1TwVrf7dAVTMcsWrhhfIJaX4JMv0IU48Mm0ODXt0GV
RU55zGuX891PZarZ04xzVnGCXUA3ZNfI3/A2ADQvecPdWO/QLD1JJ7VTsnDCR5/A
13MO2Om011PJRqnJLf9eeYvj0DERX5XEhJPy8csCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTvTQybpnDQeYZ0GstIZawz2GZeoTAfBgNVHSMEGDAWgBT+d55WI4tvLqBo
7eTiCu8AyQQTKzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L19uZWVWaU9MYnk2Z2FPM2s0Z3J2QU1rRUV5cy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjEvNGRlNTk4LTZiMDMtNGJlZi1hYjE0LTMzODk0OTEzZGNiNy8x
LzcwME1tNlp3MEhtR2RCckxTR1dzTTlobVhxRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjEv
NGRlNTk4LTZiMDMtNGJlZi1hYjE0LTMzODk0OTEzZGNiNy8xL19uZWVWaU9MYnk2
Z2FPM2s0Z3J2QU1rRUV5cy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArA0gDANBgkqhkiG9w0BAQsFAAOC
AQEASeqEN45turD8Dl6bopQi+GdY/SvdDm15iq7BuU+N/20HlkBF8n2HYdLMxRkY
8uWrY4n8/f9Z/YD4NB5WQ3oxrPdFWIn5LvV9bMGYlTwwNuuuoUiYFs+OvDrA2GYR
49hgzFSDTutO85dI6GBKpwOplOnC23nuEw/07ZCCxzmBAxMYX9qPnKSpmjeBxXND
soA1NhwXJsuB0YCLrv/wHmLezIMX+FUEmzOGIEWIPw0Nd9f1tD6xuBeTB4abXkVs
k0LLV5KnorhU6wddf2HbyQRENSWJDq6B031a736/MJSRqyVOw92YejJi1bluIW5m
CAtQXKwbPtNMbHzXcu9/jbE5zg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:50:13 2024 by rpki-client on console-fra.rpki-client.org