Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/4de598-6b03-4bef-ab14-33894913dcb7/1/9Hw890ouH3F0D-TtJc7lmlrciXA.roa
File: 9Hw890ouH3F0D-TtJc7lmlrciXA.roa (raw, json)
Hash identifier: Xn5SLllKX4bVo2bzlpdO80eGB3IwZ4u86yoHSfJdsQA=
Subject key identifier: F4:7C:3C:F7:4A:2E:1F:71:74:0F:E4:ED:25:CE:E5:9A:5A:DC:89:70
Certificate issuer: /CN=fe779e56238b6f2ea068ede4e20aef00c904132b
Certificate serial: 018404DC682C990728ACFFEA740921593A9B
Authority key identifier: FE:77:9E:56:23:8B:6F:2E:A0:68:ED:E4:E2:0A:EF:00:C9:04:13:2B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_neeViOLby6gaO3k4grvAMkEEys.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/4de598-6b03-4bef-ab14-33894913dcb7/1/9Hw890ouH3F0D-TtJc7lmlrciXA.roa
Signing time: Sun 23 Oct 2022 12:41:04 +0000
ROA not before: Sun 23 Oct 2022 12:41:04 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 0
IP address blocks: 176.52.128.0/22 maxlen: 24
176.52.132.0/22 maxlen: 24
176.52.144.0/22 maxlen: 24
176.52.140.0/22 maxlen: 22
176.52.152.0/22 maxlen: 22
176.52.148.0/22 maxlen: 24
92.53.160.0/22 maxlen: 24
92.53.172.0/22 maxlen: 22
92.53.168.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:04:dc:68:2c:99:07:28:ac:ff:ea:74:09:21:59:3a:9b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fe779e56238b6f2ea068ede4e20aef00c904132b
Validity
Not Before: Oct 23 12:41:04 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f47c3cf74a2e1f71740fe4ed25cee59a5adc8970
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:e7:74:c5:14:26:ef:67:39:a2:58:7c:e8:fc:
11:0b:7a:54:91:10:8c:da:8f:d6:8f:4c:73:a4:60:
0e:71:4c:47:7d:57:63:7a:51:dc:a3:83:c9:9f:c3:
8e:99:f8:17:c2:f3:ee:aa:bf:fd:ed:e4:f2:45:1d:
03:56:66:30:f5:84:0d:5a:2f:2b:9c:ed:63:30:c6:
bc:5a:47:5a:03:8c:49:c2:8f:b7:bc:94:2c:54:82:
d9:41:97:8e:0c:99:a9:aa:e7:b6:59:c8:6a:85:57:
8e:b6:e7:14:90:65:7e:50:a4:53:14:4a:83:ed:69:
06:5b:6e:bf:01:4c:14:cd:7a:d1:8d:5a:a4:e7:52:
ba:09:4c:3b:38:ca:7f:73:fd:67:e8:81:2e:ef:09:
8c:1e:48:57:d0:92:dd:0a:2a:94:97:8a:61:96:8c:
5d:b2:44:a0:99:92:34:25:43:2c:96:8c:b7:3a:74:
8d:1a:5f:52:46:21:eb:51:72:ea:9d:65:45:f8:30:
af:ba:c6:5d:b7:c0:ef:8d:9a:0d:90:ef:1d:7f:15:
a8:cb:c0:35:31:6a:93:35:9b:80:f1:b7:14:5d:98:
90:d2:22:bb:7e:c6:97:8c:6c:be:b1:09:6e:30:f1:
4e:f9:24:00:0d:e2:b8:c5:54:81:cf:43:96:9e:94:
ff:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:7C:3C:F7:4A:2E:1F:71:74:0F:E4:ED:25:CE:E5:9A:5A:DC:89:70
X509v3 Authority Key Identifier:
keyid:FE:77:9E:56:23:8B:6F:2E:A0:68:ED:E4:E2:0A:EF:00:C9:04:13:2B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_neeViOLby6gaO3k4grvAMkEEys.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/4de598-6b03-4bef-ab14-33894913dcb7/1/9Hw890ouH3F0D-TtJc7lmlrciXA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/4de598-6b03-4bef-ab14-33894913dcb7/1/_neeViOLby6gaO3k4grvAMkEEys.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
92.53.160.0/22
92.53.168.0/21
176.52.128.0/21
176.52.140.0-176.52.155.255
Signature Algorithm: sha256WithRSAEncryption
89:bd:d9:2a:07:17:5a:c6:36:dd:86:e8:03:6e:6e:2a:6d:ec:
15:28:a3:a3:ac:6a:5d:67:fc:75:c1:fd:ef:71:9c:7f:e5:e3:
f5:8d:8a:52:a9:1c:1a:03:7d:b8:b9:7d:b1:6f:05:4e:cc:25:
5c:de:13:81:13:bb:71:52:3e:2d:db:6c:f5:8f:d5:91:bc:e3:
8b:c0:26:b1:cb:28:71:41:1d:7f:e6:73:2b:ac:19:b2:fc:36:
04:9f:16:a7:92:b7:1a:75:02:2a:1e:b7:8b:66:84:cc:9d:5d:
0f:e3:49:99:e1:e8:f5:36:8d:63:6a:af:03:03:51:17:b0:04:
ac:8d:44:7c:27:7c:1a:14:58:48:5b:76:e3:4d:73:28:1d:ea:
a7:1e:70:10:56:90:14:95:a9:81:73:5d:98:19:bc:8e:ae:b2:
d9:21:31:a0:ec:8f:0a:50:d8:c6:d0:26:0b:31:b8:89:da:7a:
14:71:c0:9b:97:90:07:58:1a:c4:60:1d:48:f8:12:ae:70:ce:
b0:b8:08:5b:5b:64:91:1e:da:88:09:07:34:a9:85:fc:af:7b:
9c:5c:7a:d1:59:32:1b:b8:aa:28:fd:48:43:50:28:f5:6b:72:
42:8d:2f:c7:76:e0:f0:eb:e9:a7:86:b3:1a:48:a8:2d:b8:49:
14:65:62:01
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYQE3GgsmQcorP/qdAkhWTqbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZlNzc5ZTU2MjM4YjZmMmVhMDY4ZWRlNGUyMGFlZjAwYzkw
NDEzMmIwHhcNMjIxMDIzMTI0MTA0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNDdjM2NmNzRhMmUxZjcxNzQwZmU0ZWQyNWNlZTU5YTVhZGM4OTcwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuOd0xRQm72c5olh86PwRC3pUkRCM
2o/Wj0xzpGAOcUxHfVdjelHco4PJn8OOmfgXwvPuqr/97eTyRR0DVmYw9YQNWi8r
nO1jMMa8WkdaA4xJwo+3vJQsVILZQZeODJmpque2WchqhVeOtucUkGV+UKRTFEqD
7WkGW26/AUwUzXrRjVqk51K6CUw7OMp/c/1n6IEu7wmMHkhX0JLdCiqUl4phloxd
skSgmZI0JUMsloy3OnSNGl9SRiHrUXLqnWVF+DCvusZdt8DvjZoNkO8dfxWoy8A1
MWqTNZuA8bcUXZiQ0iK7fsaXjGy+sQluMPFO+SQADeK4xVSBz0OWnpT/fQIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFPR8PPdKLh9xdA/k7SXO5Zpa3IlwMB8GA1UdIwQY
MBaAFP53nlYji28uoGjt5OIK7wDJBBMrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX25lZVZpT0xieTZnYU8zazRncnZBTWtFRXlzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS80ZGU1OTgtNmIwMy00YmVmLWFiMTQt
MzM4OTQ5MTNkY2I3LzEvOUh3ODkwb3VIM0YwRC1UdEpjN2xtbHJjaVhBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS80ZGU1OTgtNmIwMy00YmVmLWFiMTQtMzM4OTQ5MTNkY2I3
LzEvX25lZVZpT0xieTZnYU8zazRncnZBTWtFRXlzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQCXDWgAwQD
XDWoAwQDsDSAMAwDBAKwNIwDBAKwNJgwDQYJKoZIhvcNAQELBQADggEBAIm92SoH
F1rGNt2G6ANubipt7BUoo6Osal1n/HXB/e9xnH/l4/WNilKpHBoDfbi5fbFvBU7M
JVzeE4ETu3FSPi3bbPWP1ZG844vAJrHLKHFBHX/mcyusGbL8NgSfFqeStxp1Aioe
t4tmhMydXQ/jSZnh6PU2jWNqrwMDURewBKyNRHwnfBoUWEhbduNNcygd6qcecBBW
kBSVqYFzXZgZvI6ustkhMaDsjwpQ2MbQJgsxuInaehRxwJuXkAdYGsRgHUj4Eq5w
zrC4CFtbZJEe2ogJBzSphfyve5xcetFZMhu4qij9SENQKPVrckKNL8d24PDr6aeG
sxpIqC24SRRlYgE=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:50:13 2024 by rpki-client on console-fra.rpki-client.org