Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/4de598-6b03-4bef-ab14-33894913dcb7/1/Eujfa0nssMLUoZSCZx8MhxgzlSI.roa
File: Eujfa0nssMLUoZSCZx8MhxgzlSI.roa (raw, json)
Hash identifier: kIaWdSZjblwsbe0G1KVKJupIUVuubYHgkFx2E2pYcB8=
Subject key identifier: 12:E8:DF:6B:49:EC:B0:C2:D4:A1:94:82:67:1F:0C:87:18:33:95:22
Certificate issuer: /CN=fe779e56238b6f2ea068ede4e20aef00c904132b
Certificate serial: 04DBB306
Authority key identifier: FE:77:9E:56:23:8B:6F:2E:A0:68:ED:E4:E2:0A:EF:00:C9:04:13:2B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_neeViOLby6gaO3k4grvAMkEEys.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/4de598-6b03-4bef-ab14-33894913dcb7/1/Eujfa0nssMLUoZSCZx8MhxgzlSI.roa
Signing time: Wed 04 May 2022 08:28:40 +0000
ROA not before: Wed 04 May 2022 08:28:40 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 0
IP address blocks: 176.52.136.0/22 maxlen: 24
176.52.140.0/22 maxlen: 24
176.52.152.0/22 maxlen: 24
176.52.148.0/22 maxlen: 22
176.52.156.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 81507078 (0x4dbb306)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fe779e56238b6f2ea068ede4e20aef00c904132b
Validity
Not Before: May 4 08:28:40 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=12e8df6b49ecb0c2d4a19482671f0c8718339522
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:f4:e5:15:dc:12:36:70:2a:9e:46:f3:8e:38:
4b:5f:19:be:b0:cc:e6:97:0b:51:33:32:1b:b5:60:
f8:68:6f:cb:ca:a3:db:66:29:f6:05:24:81:ae:6f:
c9:06:cc:e3:2c:fd:3c:11:86:f2:f3:75:13:85:37:
98:be:b7:da:e0:5c:76:56:7d:fe:29:37:96:ee:9b:
e4:c9:4b:7c:87:d7:4d:05:23:72:b0:46:d5:32:98:
46:91:b6:d5:7b:ce:d0:15:ca:71:4d:63:61:19:73:
14:97:c1:54:82:ea:a2:9e:bb:b9:5f:fc:94:2e:c4:
e5:ec:42:e2:c4:7b:bc:6c:d2:6b:81:99:90:95:09:
10:70:bd:e8:db:46:62:ec:ed:83:5e:68:d2:0d:60:
8a:04:66:cf:ff:4d:5d:4a:7b:5c:f2:59:b0:56:f3:
2d:3c:18:30:b9:4a:61:17:70:72:90:80:37:4c:0c:
5b:53:f7:c5:f0:a1:01:6d:b7:46:28:2a:1e:82:ef:
62:76:50:53:6c:2d:f3:08:7f:20:ec:6f:3c:b8:0d:
0d:16:bc:e5:bf:70:4c:92:94:a0:fd:4f:69:e8:c6:
c3:88:30:d8:3c:4d:cc:08:74:62:ad:31:ab:df:da:
6a:c7:29:ba:1a:f9:f5:24:ed:94:3d:99:13:75:ca:
cf:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
12:E8:DF:6B:49:EC:B0:C2:D4:A1:94:82:67:1F:0C:87:18:33:95:22
X509v3 Authority Key Identifier:
keyid:FE:77:9E:56:23:8B:6F:2E:A0:68:ED:E4:E2:0A:EF:00:C9:04:13:2B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_neeViOLby6gaO3k4grvAMkEEys.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/4de598-6b03-4bef-ab14-33894913dcb7/1/Eujfa0nssMLUoZSCZx8MhxgzlSI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/4de598-6b03-4bef-ab14-33894913dcb7/1/_neeViOLby6gaO3k4grvAMkEEys.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.52.136.0/21
176.52.148.0-176.52.159.255
Signature Algorithm: sha256WithRSAEncryption
72:63:e6:0c:95:1c:45:14:74:b9:96:d9:56:e4:a8:aa:87:64:
7c:a0:36:d3:fd:8b:33:2e:b1:38:7b:1c:5a:d4:7a:28:8d:f7:
f9:be:49:38:e3:de:2f:ca:21:ad:5e:f1:39:b2:0b:b4:15:9c:
0e:a2:0d:5d:da:a2:80:96:11:f9:a3:56:37:cd:67:34:f0:87:
79:52:ea:41:6b:5a:36:15:8c:a5:a9:c1:96:2c:fb:7d:3a:96:
29:a3:53:75:75:54:49:81:89:12:9a:cf:7b:cd:c1:47:24:0a:
61:df:38:9c:a1:a7:79:a8:5a:ca:ed:1e:50:b3:a4:75:d3:62:
f8:fc:56:36:bb:6f:52:25:82:31:e8:22:cb:f2:15:aa:bc:59:
5b:7f:47:e7:1b:2b:74:3e:da:d8:0e:64:e3:4a:0a:f3:a1:ef:
a7:c2:9f:86:95:2c:b1:47:10:8b:39:8a:f5:10:0f:f9:4b:57:
73:3e:6f:87:99:e6:1f:10:c6:1b:0f:e3:e9:ba:9d:60:e0:0f:
d2:6e:c2:4f:a5:22:63:71:f1:17:a9:30:9f:e6:2e:07:07:8e:
9e:21:5b:75:57:43:b3:4c:a4:31:f3:c1:31:c5:ae:99:63:ac:
d7:95:b5:34:e3:56:1d:cc:42:9c:83:03:97:32:7e:05:44:6a:
f7:7e:88:dd
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgIEBNuzBjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
ZTc3OWU1NjIzOGI2ZjJlYTA2OGVkZTRlMjBhZWYwMGM5MDQxMzJiMB4XDTIyMDUw
NDA4Mjg0MFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMTJlOGRmNmI0OWVj
YjBjMmQ0YTE5NDgyNjcxZjBjODcxODMzOTUyMjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOD05RXcEjZwKp5G8444S18ZvrDM5pcLUTMyG7Vg+Ghvy8qj
22Yp9gUkga5vyQbM4yz9PBGG8vN1E4U3mL632uBcdlZ9/ik3lu6b5MlLfIfXTQUj
crBG1TKYRpG21XvO0BXKcU1jYRlzFJfBVILqop67uV/8lC7E5exC4sR7vGzSa4GZ
kJUJEHC96NtGYuztg15o0g1gigRmz/9NXUp7XPJZsFbzLTwYMLlKYRdwcpCAN0wM
W1P3xfChAW23RigqHoLvYnZQU2wt8wh/IOxvPLgNDRa85b9wTJKUoP1PaejGw4gw
2DxNzAh0Yq0xq9/aascpuhr59STtlD2ZE3XKz+kCAwEAAaOCAhcwggITMB0GA1Ud
DgQWBBQS6N9rSeywwtShlIJnHwyHGDOVIjAfBgNVHSMEGDAWgBT+d55WI4tvLqBo
7eTiCu8AyQQTKzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L19uZWVWaU9MYnk2Z2FPM2s0Z3J2QU1rRUV5cy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjEvNGRlNTk4LTZiMDMtNGJlZi1hYjE0LTMzODk0OTEzZGNiNy8x
L0V1amZhMG5zc01MVW9aU0NaeDhNaHhnemxTSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjEv
NGRlNTk4LTZiMDMtNGJlZi1hYjE0LTMzODk0OTEzZGNiNy8xL19uZWVWaU9MYnk2
Z2FPM2s0Z3J2QU1rRUV5cy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAt
BggrBgEFBQcBBwEB/wQeMBwwGgQCAAEwFAMEA7A0iDAMAwQCsDSUAwQFsDSAMA0G
CSqGSIb3DQEBCwUAA4IBAQByY+YMlRxFFHS5ltlW5Kiqh2R8oDbT/YszLrE4exxa
1Hoojff5vkk4494vyiGtXvE5sgu0FZwOog1d2qKAlhH5o1Y3zWc08Id5UupBa1o2
FYylqcGWLPt9OpYpo1N1dVRJgYkSms97zcFHJAph3zicoad5qFrK7R5Qs6R102L4
/FY2u29SJYIx6CLL8hWqvFlbf0fnGyt0PtrYDmTjSgrzoe+nwp+GlSyxRxCLOYr1
EA/5S1dzPm+HmeYfEMYbD+Ppup1g4A/SbsJPpSJjcfEXqTCf5i4HB46eIVt1V0Oz
TKQx88Exxa6ZY6zXlbU041YdzEKcgwOXMn4FRGr3fojd
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:50:13 2024 by rpki-client on console-fra.rpki-client.org