Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/4de598-6b03-4bef-ab14-33894913dcb7/1/986OGWUI7PtKmhIGC6CCjU9lSOM.roa
File: 986OGWUI7PtKmhIGC6CCjU9lSOM.roa (raw, json)
Hash identifier: sVwkNy0JuQIKqkIT2YgfyDaMGCjBDMz9kE8hOiWIx58=
Subject key identifier: F7:CE:8E:19:65:08:EC:FB:4A:9A:12:06:0B:A0:82:8D:4F:65:48:E3
Certificate issuer: /CN=fe779e56238b6f2ea068ede4e20aef00c904132b
Certificate serial: 057A1A53
Authority key identifier: FE:77:9E:56:23:8B:6F:2E:A0:68:ED:E4:E2:0A:EF:00:C9:04:13:2B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_neeViOLby6gaO3k4grvAMkEEys.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/4de598-6b03-4bef-ab14-33894913dcb7/1/986OGWUI7PtKmhIGC6CCjU9lSOM.roa
Signing time: Sun 03 Jul 2022 14:26:26 +0000
ROA not before: Sun 03 Jul 2022 14:26:26 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 61317
IP address blocks: 176.52.132.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 91888211 (0x57a1a53)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fe779e56238b6f2ea068ede4e20aef00c904132b
Validity
Not Before: Jul 3 14:26:26 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f7ce8e196508ecfb4a9a12060ba0828d4f6548e3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:46:c0:92:bd:cb:99:bb:77:48:d6:a6:7a:2c:
99:ab:eb:dc:b4:4e:09:96:48:d5:79:9f:ef:ab:ee:
c8:c7:75:27:91:74:fd:4f:08:1a:46:78:48:00:7c:
bb:7f:6d:d5:98:e7:c8:4c:7b:e6:8e:8e:d3:61:80:
92:4d:cf:d1:49:51:b8:96:6a:89:1c:ad:e4:be:1a:
2f:eb:f5:df:2e:bb:2e:ff:94:5d:eb:7f:17:30:3c:
07:fd:48:ca:8c:62:c9:e7:ad:be:f8:2f:3f:c0:3d:
4b:e7:63:9e:50:64:ee:9c:1f:67:c7:7f:f5:ec:90:
7e:17:ff:37:3d:bb:7e:ec:d3:4c:09:a8:9a:7e:47:
30:41:b8:a2:f9:0f:c0:3c:ca:23:02:a4:38:f7:88:
d3:af:e2:d8:de:93:e0:c9:f0:2b:46:4f:21:2c:03:
5c:43:18:c5:d7:d4:91:a5:1e:75:82:cb:57:86:6b:
86:e1:af:02:fd:0f:8d:96:8e:66:73:ab:d4:69:3a:
1d:72:fb:fa:82:b9:57:d7:32:9a:6c:fe:f5:22:57:
24:97:db:d7:1e:e5:a9:f2:82:d5:a4:52:4d:79:1b:
e1:42:01:83:2c:31:71:b7:bc:58:47:1f:aa:2b:0c:
d2:d6:9a:6e:71:f4:d4:18:cb:41:e8:cd:1f:35:a3:
36:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:CE:8E:19:65:08:EC:FB:4A:9A:12:06:0B:A0:82:8D:4F:65:48:E3
X509v3 Authority Key Identifier:
keyid:FE:77:9E:56:23:8B:6F:2E:A0:68:ED:E4:E2:0A:EF:00:C9:04:13:2B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_neeViOLby6gaO3k4grvAMkEEys.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/4de598-6b03-4bef-ab14-33894913dcb7/1/986OGWUI7PtKmhIGC6CCjU9lSOM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/4de598-6b03-4bef-ab14-33894913dcb7/1/_neeViOLby6gaO3k4grvAMkEEys.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.52.132.0/22
Signature Algorithm: sha256WithRSAEncryption
14:93:c8:3b:d4:38:51:62:da:6d:ed:a5:b4:89:00:c7:e7:41:
08:5f:67:40:cd:f4:0d:77:ae:1d:00:d1:53:c3:7c:76:91:e6:
b0:85:80:92:31:ab:a9:e2:da:af:41:68:a5:61:43:3c:c9:59:
99:13:e3:03:ae:5b:56:45:d0:10:8a:53:60:55:01:63:28:56:
33:a4:0f:89:f0:17:51:d0:11:bc:0a:8e:58:18:80:47:ca:b3:
4e:d1:a5:2c:46:3d:53:b5:5e:66:4a:3a:fb:4e:68:c0:85:1a:
1e:c5:32:82:7a:71:22:b2:ce:d9:f8:8e:19:57:6d:dc:2b:5b:
06:44:4e:78:3f:d0:32:a2:5e:ed:0a:6e:06:f7:22:10:4e:eb:
58:eb:af:2e:90:5f:6b:3f:6f:20:aa:16:b4:c6:f0:46:a1:4e:
6e:6b:03:48:de:d2:63:ec:a9:ad:ab:4d:54:62:72:64:9f:ac:
f8:15:c3:b3:cf:8d:cc:45:34:ef:85:29:aa:3f:92:2d:0c:30:
c4:94:ee:50:fb:50:ff:fd:f1:8a:a3:18:2a:2d:75:6d:51:63:
36:bb:78:d3:70:b6:6a:3d:78:b3:a5:f2:34:a1:2d:16:0a:88:
e6:ae:07:a8:82:42:6f:e0:ad:a0:0b:63:13:bd:5b:5f:97:00:
1f:9e:5e:27
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBXoaUzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
ZTc3OWU1NjIzOGI2ZjJlYTA2OGVkZTRlMjBhZWYwMGM5MDQxMzJiMB4XDTIyMDcw
MzE0MjYyNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZjdjZThlMTk2NTA4
ZWNmYjRhOWExMjA2MGJhMDgyOGQ0ZjY1NDhlMzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAIxGwJK9y5m7d0jWpnosmavr3LROCZZI1Xmf76vuyMd1J5F0
/U8IGkZ4SAB8u39t1ZjnyEx75o6O02GAkk3P0UlRuJZqiRyt5L4aL+v13y67Lv+U
Xet/FzA8B/1IyoxiyeetvvgvP8A9S+djnlBk7pwfZ8d/9eyQfhf/Nz27fuzTTAmo
mn5HMEG4ovkPwDzKIwKkOPeI06/i2N6T4MnwK0ZPISwDXEMYxdfUkaUedYLLV4Zr
huGvAv0PjZaOZnOr1Gk6HXL7+oK5V9cymmz+9SJXJJfb1x7lqfKC1aRSTXkb4UIB
gywxcbe8WEcfqisM0taabnH01BjLQejNHzWjNqkCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBT3zo4ZZQjs+0qaEgYLoIKNT2VI4zAfBgNVHSMEGDAWgBT+d55WI4tvLqBo
7eTiCu8AyQQTKzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L19uZWVWaU9MYnk2Z2FPM2s0Z3J2QU1rRUV5cy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjEvNGRlNTk4LTZiMDMtNGJlZi1hYjE0LTMzODk0OTEzZGNiNy8x
Lzk4Nk9HV1VJN1B0S21oSUdDNkNDalU5bFNPTS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjEv
NGRlNTk4LTZiMDMtNGJlZi1hYjE0LTMzODk0OTEzZGNiNy8xL19uZWVWaU9MYnk2
Z2FPM2s0Z3J2QU1rRUV5cy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArA0hDANBgkqhkiG9w0BAQsFAAOC
AQEAFJPIO9Q4UWLabe2ltIkAx+dBCF9nQM30DXeuHQDRU8N8dpHmsIWAkjGrqeLa
r0FopWFDPMlZmRPjA65bVkXQEIpTYFUBYyhWM6QPifAXUdARvAqOWBiAR8qzTtGl
LEY9U7VeZko6+05owIUaHsUygnpxIrLO2fiOGVdt3CtbBkROeD/QMqJe7QpuBvci
EE7rWOuvLpBfaz9vIKoWtMbwRqFObmsDSN7SY+ypratNVGJyZJ+s+BXDs8+NzEU0
74Upqj+SLQwwxJTuUPtQ//3xiqMYKi11bVFjNrt403C2aj14s6XyNKEtFgqI5q4H
qIJCb+CtoAtjE71bX5cAH55eJw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:50:13 2024 by rpki-client on console-fra.rpki-client.org