Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/4de598-6b03-4bef-ab14-33894913dcb7/1/Cr7_ZD_S9jt09lUCMmajWv1Ihoo.roa
File: Cr7_ZD_S9jt09lUCMmajWv1Ihoo.roa (raw, json)
Hash identifier: HfeA+AFB25An2okun2Kzw43gxbzwDw4GoIg0iNcLMI8=
Subject key identifier: 0A:BE:FF:64:3F:D2:F6:3B:74:F6:55:02:32:66:A3:5A:FD:48:86:8A
Certificate issuer: /CN=fe779e56238b6f2ea068ede4e20aef00c904132b
Certificate serial: 052F842D
Authority key identifier: FE:77:9E:56:23:8B:6F:2E:A0:68:ED:E4:E2:0A:EF:00:C9:04:13:2B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_neeViOLby6gaO3k4grvAMkEEys.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/4de598-6b03-4bef-ab14-33894913dcb7/1/Cr7_ZD_S9jt09lUCMmajWv1Ihoo.roa
Signing time: Sat 04 Jun 2022 08:56:20 +0000
ROA not before: Sat 04 Jun 2022 08:56:20 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 0
IP address blocks: 176.52.136.0/22 maxlen: 24
176.52.152.0/22 maxlen: 24
92.53.172.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 87000109 (0x52f842d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fe779e56238b6f2ea068ede4e20aef00c904132b
Validity
Not Before: Jun 4 08:56:20 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0abeff643fd2f63b74f655023266a35afd48868a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:59:a8:fc:2c:f7:ca:dd:d4:22:7e:5a:a5:8d:
0f:f7:77:96:d1:25:42:0d:ab:0d:4b:40:b3:0b:36:
a5:54:b4:65:82:9b:0c:46:d4:30:3c:c6:78:d4:f6:
a2:15:69:16:01:30:0d:59:20:48:31:21:b4:b1:bc:
fd:ed:33:80:6e:a9:46:18:3b:d5:7c:97:f5:1c:11:
55:ea:08:ba:96:7f:55:1d:97:3d:b5:83:53:05:d5:
17:95:a8:ba:6f:ad:2c:00:34:aa:a7:81:ac:16:28:
14:62:a9:fb:0f:9e:1f:5d:d3:91:9b:02:2a:b3:37:
e6:45:41:27:e9:60:8f:2d:1d:1c:e7:9e:b0:82:6a:
67:f8:86:a9:d6:10:87:d3:96:e2:a7:2a:14:51:b2:
97:d7:35:45:b6:39:60:75:e8:21:1e:e8:70:12:2e:
5c:cb:7a:f2:8d:06:12:4b:36:47:47:d8:b0:6a:0f:
15:04:e4:3e:1a:d2:34:2b:c4:be:37:53:e5:f0:c2:
47:af:c5:2d:42:3c:af:93:15:85:ef:b3:cf:d9:cf:
88:cd:fe:a3:55:0e:55:33:54:f6:9b:88:f8:21:31:
2e:8f:98:05:de:ea:0d:f9:08:a1:2c:fb:f6:fc:bb:
c1:10:09:e3:ef:db:ed:94:07:e4:c7:ec:98:0f:7f:
c7:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:BE:FF:64:3F:D2:F6:3B:74:F6:55:02:32:66:A3:5A:FD:48:86:8A
X509v3 Authority Key Identifier:
keyid:FE:77:9E:56:23:8B:6F:2E:A0:68:ED:E4:E2:0A:EF:00:C9:04:13:2B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_neeViOLby6gaO3k4grvAMkEEys.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/4de598-6b03-4bef-ab14-33894913dcb7/1/Cr7_ZD_S9jt09lUCMmajWv1Ihoo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/4de598-6b03-4bef-ab14-33894913dcb7/1/_neeViOLby6gaO3k4grvAMkEEys.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
92.53.172.0/22
176.52.136.0/22
176.52.152.0/22
Signature Algorithm: sha256WithRSAEncryption
81:33:21:18:fd:0a:a9:00:1d:0b:d5:4d:a1:a0:ef:d8:6c:91:
fc:c4:3a:c1:d9:68:a1:f2:d6:b7:cf:75:5b:26:3b:cb:df:14:
56:d7:be:f2:08:29:47:cf:d2:cf:30:46:c2:45:60:9a:87:84:
4a:79:60:49:4d:ca:3d:61:45:37:50:57:b7:ad:f7:ce:27:43:
67:0f:59:b3:f5:c7:cf:41:63:52:b9:17:21:73:7c:22:7f:fe:
7e:78:b8:ba:96:dc:2f:93:b5:f7:37:fa:ba:e2:43:70:a5:d8:
f2:0b:85:17:90:3f:ff:cc:db:4c:7f:17:c9:15:5d:83:54:6f:
14:b2:81:d9:fa:87:22:9e:5a:f8:7d:81:c0:1e:33:dc:38:04:
26:25:ec:a8:7b:cf:fa:f7:c9:3c:d4:b5:e7:14:3e:35:52:69:
fc:f2:97:0d:0a:d8:b9:1a:d9:14:33:b4:64:65:17:ea:43:10:
37:26:db:67:72:1f:26:04:d7:b2:c8:12:62:60:57:ce:4d:4f:
43:2d:97:f0:70:f0:c2:63:ed:98:fb:35:02:a9:94:d9:94:c2:
c4:41:f4:58:db:55:f9:4d:33:9a:27:d2:69:b9:b7:55:91:48:
7f:95:39:f2:3d:fc:ec:d2:b4:c2:93:a7:66:00:8c:39:d5:22:
9e:dc:28:aa
-----BEGIN CERTIFICATE-----
MIIE+zCCA+OgAwIBAgIEBS+ELTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
ZTc3OWU1NjIzOGI2ZjJlYTA2OGVkZTRlMjBhZWYwMGM5MDQxMzJiMB4XDTIyMDYw
NDA4NTYyMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMGFiZWZmNjQzZmQy
ZjYzYjc0ZjY1NTAyMzI2NmEzNWFmZDQ4ODY4YTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANBZqPws98rd1CJ+WqWND/d3ltElQg2rDUtAsws2pVS0ZYKb
DEbUMDzGeNT2ohVpFgEwDVkgSDEhtLG8/e0zgG6pRhg71XyX9RwRVeoIupZ/VR2X
PbWDUwXVF5Woum+tLAA0qqeBrBYoFGKp+w+eH13TkZsCKrM35kVBJ+lgjy0dHOee
sIJqZ/iGqdYQh9OW4qcqFFGyl9c1RbY5YHXoIR7ocBIuXMt68o0GEks2R0fYsGoP
FQTkPhrSNCvEvjdT5fDCR6/FLUI8r5MVhe+zz9nPiM3+o1UOVTNU9puI+CExLo+Y
Bd7qDfkIoSz79vy7wRAJ4+/b7ZQH5MfsmA9/x58CAwEAAaOCAhUwggIRMB0GA1Ud
DgQWBBQKvv9kP9L2O3T2VQIyZqNa/UiGijAfBgNVHSMEGDAWgBT+d55WI4tvLqBo
7eTiCu8AyQQTKzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L19uZWVWaU9MYnk2Z2FPM2s0Z3J2QU1rRUV5cy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjEvNGRlNTk4LTZiMDMtNGJlZi1hYjE0LTMzODk0OTEzZGNiNy8x
L0NyN19aRF9TOWp0MDlsVUNNbWFqV3YxSWhvby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjEv
NGRlNTk4LTZiMDMtNGJlZi1hYjE0LTMzODk0OTEzZGNiNy8xL19uZWVWaU9MYnk2
Z2FPM2s0Z3J2QU1rRUV5cy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAr
BggrBgEFBQcBBwEB/wQcMBowGAQCAAEwEgMEAlw1rAMEArA0iAMEArA0mDANBgkq
hkiG9w0BAQsFAAOCAQEAgTMhGP0KqQAdC9VNoaDv2GyR/MQ6wdloofLWt891WyY7
y98UVte+8ggpR8/SzzBGwkVgmoeESnlgSU3KPWFFN1BXt633zidDZw9Zs/XHz0Fj
UrkXIXN8In/+fni4upbcL5O19zf6uuJDcKXY8guFF5A//8zbTH8XyRVdg1RvFLKB
2fqHIp5a+H2BwB4z3DgEJiXsqHvP+vfJPNS15xQ+NVJp/PKXDQrYuRrZFDO0ZGUX
6kMQNybbZ3IfJgTXssgSYmBXzk1PQy2X8HDwwmPtmPs1AqmU2ZTCxEH0WNtV+U0z
mifSabm3VZFIf5U58j387NK0wpOnZgCMOdUintwoqg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:39:04 2024 by rpki-client on console-ams.rpki-client.org