Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/4de598-6b03-4bef-ab14-33894913dcb7/1/8vVa4Pi62Iy5R3hsOASJ4uN5Qlk.roa
File: 8vVa4Pi62Iy5R3hsOASJ4uN5Qlk.roa (raw, json)
Hash identifier: 9HQo3YUw3dOSpg1oNbwxWwxf3RLJxTBQpmp2EKgIgco=
Subject key identifier: F2:F5:5A:E0:F8:BA:D8:8C:B9:47:78:6C:38:04:89:E2:E3:79:42:59
Certificate issuer: /CN=fe779e56238b6f2ea068ede4e20aef00c904132b
Certificate serial: 0393D11F
Authority key identifier: FE:77:9E:56:23:8B:6F:2E:A0:68:ED:E4:E2:0A:EF:00:C9:04:13:2B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_neeViOLby6gaO3k4grvAMkEEys.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/4de598-6b03-4bef-ab14-33894913dcb7/1/8vVa4Pi62Iy5R3hsOASJ4uN5Qlk.roa
Signing time: Sat 01 Jan 2022 11:01:26 +0000
ROA not before: Sat 01 Jan 2022 11:01:26 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 3356
IP address blocks: 176.52.128.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 60018975 (0x393d11f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fe779e56238b6f2ea068ede4e20aef00c904132b
Validity
Not Before: Jan 1 11:01:26 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f2f55ae0f8bad88cb947786c380489e2e3794259
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:29:be:70:0c:ab:2f:ba:23:27:3a:19:ba:74:
dc:d3:61:ee:08:ae:ee:44:c0:2d:a9:08:31:31:fc:
5d:0b:a5:be:52:30:d8:07:96:f7:8a:e2:34:dc:18:
45:0c:2c:89:ef:ad:27:7b:81:3e:d6:34:d2:70:28:
85:77:cb:27:8f:fc:f6:8c:4b:18:91:48:41:02:e0:
3b:6b:84:31:8f:69:d9:04:3e:b1:12:b9:ea:8f:6b:
b2:07:df:00:d1:b4:53:c7:de:fa:05:22:9e:cf:bb:
9b:a5:57:b1:69:bb:89:cc:a5:90:0b:65:a8:46:0b:
c7:79:1c:34:ff:99:72:4e:05:37:bd:44:fc:84:95:
c5:e0:ba:ba:25:71:7c:1a:fc:91:94:68:e7:09:eb:
cb:d3:ea:c6:97:b3:1a:bf:5e:98:fd:67:1c:43:f3:
08:c0:d2:69:4a:f3:42:0d:7c:ad:92:76:fa:09:87:
1f:cf:4f:c4:5e:76:2e:8f:21:01:26:4e:84:4f:f8:
c7:9c:ec:65:2c:6c:65:50:8e:35:ba:64:e2:9c:28:
65:1b:be:d7:a2:d8:e6:b0:9a:ec:5e:3e:ba:d4:67:
30:9f:b1:7a:92:b5:17:70:95:46:32:e2:3f:94:cc:
9f:55:4e:47:f7:25:0f:3b:d8:67:b8:b0:a5:53:d3:
b9:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:F5:5A:E0:F8:BA:D8:8C:B9:47:78:6C:38:04:89:E2:E3:79:42:59
X509v3 Authority Key Identifier:
keyid:FE:77:9E:56:23:8B:6F:2E:A0:68:ED:E4:E2:0A:EF:00:C9:04:13:2B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_neeViOLby6gaO3k4grvAMkEEys.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/4de598-6b03-4bef-ab14-33894913dcb7/1/8vVa4Pi62Iy5R3hsOASJ4uN5Qlk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/4de598-6b03-4bef-ab14-33894913dcb7/1/_neeViOLby6gaO3k4grvAMkEEys.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.52.128.0/22
Signature Algorithm: sha256WithRSAEncryption
55:f4:48:95:c9:a4:86:0c:9b:ed:a9:32:c8:4e:97:8d:3e:c6:
07:b0:d0:f1:54:f5:85:51:24:e1:05:6c:98:26:97:9b:3f:4d:
8e:53:a0:4d:0f:b5:11:62:2f:d1:2c:f2:b0:45:5f:09:43:1a:
d9:44:ec:82:8e:1f:f9:7c:10:82:05:cf:56:68:5f:2e:50:a0:
bc:7a:40:df:09:d4:74:4a:df:29:17:84:0a:c5:3c:c5:f7:b6:
49:a9:06:aa:4d:9b:47:0a:ba:52:06:82:5e:a9:db:46:02:66:
d2:d0:b1:c9:72:81:d7:2d:ad:17:1b:b7:5e:b1:10:27:c7:9d:
fb:9c:86:7a:d6:21:d6:56:0b:dc:8f:8e:a3:1d:25:d7:13:db:
44:e6:f6:03:ca:8b:de:91:33:cf:b3:58:80:df:c3:fe:ce:d8:
f9:97:39:51:15:50:43:4f:d2:9c:a7:9e:94:51:4e:b4:cc:6b:
51:08:6c:fb:2e:0f:28:1b:34:c8:e7:1f:31:89:36:57:8c:6b:
a1:3f:cb:13:ec:be:43:3f:68:f1:48:c0:4e:b7:0e:d4:45:e9:
2b:08:bf:64:03:92:90:cd:f4:cd:a2:ad:12:27:36:0e:95:f1:
82:51:c1:f1:9a:1f:a9:c7:89:2a:03:66:35:59:68:55:c1:c6:
02:34:0a:7f
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEA5PRHzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
ZTc3OWU1NjIzOGI2ZjJlYTA2OGVkZTRlMjBhZWYwMGM5MDQxMzJiMB4XDTIyMDEw
MTExMDEyNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZjJmNTVhZTBmOGJh
ZDg4Y2I5NDc3ODZjMzgwNDg5ZTJlMzc5NDI1OTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKMpvnAMqy+6Iyc6Gbp03NNh7giu7kTALakIMTH8XQulvlIw
2AeW94riNNwYRQwsie+tJ3uBPtY00nAohXfLJ4/89oxLGJFIQQLgO2uEMY9p2QQ+
sRK56o9rsgffANG0U8fe+gUins+7m6VXsWm7icylkAtlqEYLx3kcNP+Zck4FN71E
/ISVxeC6uiVxfBr8kZRo5wnry9PqxpezGr9emP1nHEPzCMDSaUrzQg18rZJ2+gmH
H89PxF52Lo8hASZOhE/4x5zsZSxsZVCONbpk4pwoZRu+16LY5rCa7F4+utRnMJ+x
epK1F3CVRjLiP5TMn1VOR/clDzvYZ7iwpVPTuc8CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTy9Vrg+LrYjLlHeGw4BIni43lCWTAfBgNVHSMEGDAWgBT+d55WI4tvLqBo
7eTiCu8AyQQTKzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L19uZWVWaU9MYnk2Z2FPM2s0Z3J2QU1rRUV5cy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjEvNGRlNTk4LTZiMDMtNGJlZi1hYjE0LTMzODk0OTEzZGNiNy8x
Lzh2VmE0UGk2Mkl5NVIzaHNPQVNKNHVONVFsay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjEv
NGRlNTk4LTZiMDMtNGJlZi1hYjE0LTMzODk0OTEzZGNiNy8xL19uZWVWaU9MYnk2
Z2FPM2s0Z3J2QU1rRUV5cy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArA0gDANBgkqhkiG9w0BAQsFAAOC
AQEAVfRIlcmkhgyb7akyyE6XjT7GB7DQ8VT1hVEk4QVsmCaXmz9NjlOgTQ+1EWIv
0SzysEVfCUMa2UTsgo4f+XwQggXPVmhfLlCgvHpA3wnUdErfKReECsU8xfe2SakG
qk2bRwq6UgaCXqnbRgJm0tCxyXKB1y2tFxu3XrEQJ8ed+5yGetYh1lYL3I+Oox0l
1xPbROb2A8qL3pEzz7NYgN/D/s7Y+Zc5URVQQ0/SnKeelFFOtMxrUQhs+y4PKBs0
yOcfMYk2V4xroT/LE+y+Qz9o8UjATrcO1EXpKwi/ZAOSkM30zaKtEic2DpXxglHB
8ZofqceJKgNmNVloVcHGAjQKfw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:39:04 2024 by rpki-client on console-ams.rpki-client.org