Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/4de598-6b03-4bef-ab14-33894913dcb7/1/Er_aOeai5B7xvQCN8f_MKQYCoMU.roa
File: Er_aOeai5B7xvQCN8f_MKQYCoMU.roa (raw, json)
Hash identifier: v7HQQBVTg0p697yoJ6YZYzLUJCOjv5XeRE5DTRZXprM=
Subject key identifier: 12:BF:DA:39:E6:A2:E4:1E:F1:BD:00:8D:F1:FF:CC:29:06:02:A0:C5
Certificate issuer: /CN=fe779e56238b6f2ea068ede4e20aef00c904132b
Certificate serial: 04C93C27
Authority key identifier: FE:77:9E:56:23:8B:6F:2E:A0:68:ED:E4:E2:0A:EF:00:C9:04:13:2B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_neeViOLby6gaO3k4grvAMkEEys.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/4de598-6b03-4bef-ab14-33894913dcb7/1/Er_aOeai5B7xvQCN8f_MKQYCoMU.roa
Signing time: Thu 28 Apr 2022 23:06:50 +0000
ROA not before: Thu 28 Apr 2022 23:06:50 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 0
IP address blocks: 92.53.176.0/22 maxlen: 24
176.52.148.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 80296999 (0x4c93c27)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fe779e56238b6f2ea068ede4e20aef00c904132b
Validity
Not Before: Apr 28 23:06:50 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=12bfda39e6a2e41ef1bd008df1ffcc290602a0c5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:4f:21:5e:e8:c2:e8:a3:29:01:e6:20:6d:36:
2d:7c:69:c9:82:83:c3:87:00:39:ce:bc:1e:02:8c:
90:b6:b0:75:74:55:54:aa:a8:23:ec:d4:1a:f9:55:
6d:92:d1:d7:05:d8:76:b3:0c:19:a3:b1:e3:e8:d0:
2a:4e:9f:76:aa:24:0e:a6:f0:7e:3f:e4:a7:a9:c0:
58:9a:52:35:f3:fe:39:d7:e4:8a:39:28:0f:e5:ac:
53:e9:e5:2a:55:37:22:8f:5c:0f:33:fb:fb:d8:71:
03:38:c6:89:0b:19:e1:5f:dc:a6:47:39:79:46:cc:
ff:15:0e:e1:80:ad:2c:e2:f7:ff:16:34:6a:30:2a:
6e:e0:9f:1b:9a:4b:eb:29:c2:80:ac:d3:c4:03:06:
a9:71:1b:00:5d:d0:f1:dc:c0:74:a5:26:af:2e:d8:
a4:49:7e:8a:c2:7d:5c:4f:a2:b0:cf:2f:57:73:8a:
3f:9a:d7:29:01:60:6d:65:2f:5c:c3:49:ff:62:a5:
3c:a1:6c:ce:df:6d:3c:0c:89:1d:84:8a:b9:ef:98:
93:67:50:a4:8c:55:ee:1b:c6:b7:e8:0f:6c:bd:a8:
11:76:70:26:c5:17:0e:9f:25:49:93:e3:dc:5a:c2:
86:97:6e:18:31:f9:fb:e6:8c:51:68:7d:c0:e2:bf:
d0:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
12:BF:DA:39:E6:A2:E4:1E:F1:BD:00:8D:F1:FF:CC:29:06:02:A0:C5
X509v3 Authority Key Identifier:
keyid:FE:77:9E:56:23:8B:6F:2E:A0:68:ED:E4:E2:0A:EF:00:C9:04:13:2B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_neeViOLby6gaO3k4grvAMkEEys.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/4de598-6b03-4bef-ab14-33894913dcb7/1/Er_aOeai5B7xvQCN8f_MKQYCoMU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/4de598-6b03-4bef-ab14-33894913dcb7/1/_neeViOLby6gaO3k4grvAMkEEys.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
92.53.176.0/22
176.52.148.0/22
Signature Algorithm: sha256WithRSAEncryption
25:ac:39:5c:5c:f3:a2:07:91:e8:79:1f:d0:d3:b1:53:cb:76:
82:eb:29:95:e8:59:8d:a3:5e:d7:bb:27:c8:56:5b:6d:ca:1d:
e8:74:cf:2b:90:d1:87:e5:0d:12:a4:11:2d:51:55:65:0c:d3:
3b:29:3d:a7:f6:70:7c:f4:8f:85:1a:96:55:9b:47:06:51:df:
60:38:8e:a7:36:13:8c:06:32:7e:2f:fc:f4:58:a6:df:0f:5e:
0d:8c:92:2d:ff:10:c2:e9:a8:de:94:b3:e4:17:ff:45:30:14:
ec:22:44:d7:4c:8a:87:7d:20:75:e0:a0:e3:e3:70:43:ba:05:
a5:11:20:10:45:7c:a0:6e:cf:83:f4:68:26:7b:61:82:cf:c7:
2d:0a:44:6c:ad:18:d4:43:5a:c0:7a:3b:8c:fb:49:26:46:74:
c9:bd:71:dc:90:7c:b7:6a:d6:67:83:a1:02:bc:6f:d7:db:0d:
48:b7:41:00:f6:12:68:8f:56:4d:0c:92:57:9b:2f:9d:91:aa:
6a:12:61:93:41:1f:84:21:2c:6f:37:38:f6:65:1a:e3:b5:8a:
ed:7f:01:33:75:bb:c3:5b:43:d2:e2:91:cc:b7:19:57:4d:91:
99:7b:62:d9:6e:16:cc:60:fa:fe:29:cc:8a:41:21:d3:03:0c:
76:e2:f0:c6
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEBMk8JzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
ZTc3OWU1NjIzOGI2ZjJlYTA2OGVkZTRlMjBhZWYwMGM5MDQxMzJiMB4XDTIyMDQy
ODIzMDY1MFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMTJiZmRhMzllNmEy
ZTQxZWYxYmQwMDhkZjFmZmNjMjkwNjAyYTBjNTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAN5PIV7owuijKQHmIG02LXxpyYKDw4cAOc68HgKMkLawdXRV
VKqoI+zUGvlVbZLR1wXYdrMMGaOx4+jQKk6fdqokDqbwfj/kp6nAWJpSNfP+Odfk
ijkoD+WsU+nlKlU3Io9cDzP7+9hxAzjGiQsZ4V/cpkc5eUbM/xUO4YCtLOL3/xY0
ajAqbuCfG5pL6ynCgKzTxAMGqXEbAF3Q8dzAdKUmry7YpEl+isJ9XE+isM8vV3OK
P5rXKQFgbWUvXMNJ/2KlPKFszt9tPAyJHYSKue+Yk2dQpIxV7hvGt+gPbL2oEXZw
JsUXDp8lSZPj3FrChpduGDH5++aMUWh9wOK/0NMCAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBQSv9o55qLkHvG9AI3x/8wpBgKgxTAfBgNVHSMEGDAWgBT+d55WI4tvLqBo
7eTiCu8AyQQTKzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L19uZWVWaU9MYnk2Z2FPM2s0Z3J2QU1rRUV5cy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjEvNGRlNTk4LTZiMDMtNGJlZi1hYjE0LTMzODk0OTEzZGNiNy8x
L0VyX2FPZWFpNUI3eHZRQ044Zl9NS1FZQ29NVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjEv
NGRlNTk4LTZiMDMtNGJlZi1hYjE0LTMzODk0OTEzZGNiNy8xL19uZWVWaU9MYnk2
Z2FPM2s0Z3J2QU1rRUV5cy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAlw1sAMEArA0lDANBgkqhkiG9w0B
AQsFAAOCAQEAJaw5XFzzogeR6Hkf0NOxU8t2gusplehZjaNe17snyFZbbcod6HTP
K5DRh+UNEqQRLVFVZQzTOyk9p/ZwfPSPhRqWVZtHBlHfYDiOpzYTjAYyfi/89Fim
3w9eDYySLf8Qwumo3pSz5Bf/RTAU7CJE10yKh30gdeCg4+NwQ7oFpREgEEV8oG7P
g/RoJnthgs/HLQpEbK0Y1ENawHo7jPtJJkZ0yb1x3JB8t2rWZ4OhArxv19sNSLdB
APYSaI9WTQySV5svnZGqahJhk0EfhCEsbzc49mUa47WK7X8BM3W7w1tD0uKRzLcZ
V02RmXti2W4WzGD6/inMikEh0wMMduLwxg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:39:04 2024 by rpki-client on console-ams.rpki-client.org