Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/4de598-6b03-4bef-ab14-33894913dcb7/1/FJod1gGgFiSsQyRHmIBiKu5lbXw.roa
File: FJod1gGgFiSsQyRHmIBiKu5lbXw.roa (raw, json)
Hash identifier: IuX1EH/1ccqgnMdcy6Zvn7PlulIZetSQYqckwXm2KUA=
Subject key identifier: 14:9A:1D:D6:01:A0:16:24:AC:43:24:47:98:80:62:2A:EE:65:6D:7C
Certificate issuer: /CN=fe779e56238b6f2ea068ede4e20aef00c904132b
Certificate serial: 018631222B8BB809BBFF5E5F92D5268A6181
Authority key identifier: FE:77:9E:56:23:8B:6F:2E:A0:68:ED:E4:E2:0A:EF:00:C9:04:13:2B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_neeViOLby6gaO3k4grvAMkEEys.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/4de598-6b03-4bef-ab14-33894913dcb7/1/FJod1gGgFiSsQyRHmIBiKu5lbXw.roa
Signing time: Wed 08 Feb 2023 13:06:08 +0000
ROA not before: Wed 08 Feb 2023 13:06:08 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 0
IP address blocks: 176.52.128.0/20 maxlen: 24
176.52.144.0/20 maxlen: 24
92.53.168.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:31:22:2b:8b:b8:09:bb:ff:5e:5f:92:d5:26:8a:61:81
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fe779e56238b6f2ea068ede4e20aef00c904132b
Validity
Not Before: Feb 8 13:06:08 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=149a1dd601a01624ac4324479880622aee656d7c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:2c:8d:0d:c1:ec:92:08:fc:4a:fd:85:f6:65:
ec:ee:2e:b2:a7:25:d4:4d:9e:d7:f7:be:4b:e2:e3:
10:8c:85:d7:3c:5f:0a:00:ba:1c:65:4a:fa:fc:f1:
b0:c9:55:11:ea:2c:55:04:36:8b:00:77:65:a8:92:
6b:c5:d3:f5:82:2b:82:f2:e4:1e:fb:34:6c:a3:7d:
c8:88:dc:31:89:82:cd:be:53:44:19:0b:c7:02:65:
43:ab:84:fc:c4:b4:c9:c1:f1:19:8c:c6:bc:25:c4:
38:5d:3f:0c:80:57:f4:d4:0f:97:76:0a:9d:68:bd:
68:3e:3c:28:96:58:d3:23:02:e2:47:58:9d:84:64:
e2:a5:fa:a3:3d:d9:e4:6f:0d:f7:c4:9e:f3:ff:a1:
ae:32:c2:52:a8:0f:90:3d:64:28:8b:c7:b3:7b:b6:
62:2f:0b:1e:4b:f8:8c:d7:2d:07:d8:7e:3a:d0:97:
b5:a2:e5:8f:70:b1:3b:70:67:2c:27:07:d2:dc:e8:
b8:2e:9a:7b:e1:c7:9a:47:88:b8:82:5c:86:3a:ad:
b7:30:da:06:f6:8b:c8:3d:18:63:7d:56:f2:5d:d5:
29:ca:2d:61:4d:54:2b:ce:92:46:b8:ed:0d:f7:de:
f3:98:09:2d:1d:34:97:3c:51:1e:bd:dd:63:4e:a0:
bf:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:9A:1D:D6:01:A0:16:24:AC:43:24:47:98:80:62:2A:EE:65:6D:7C
X509v3 Authority Key Identifier:
keyid:FE:77:9E:56:23:8B:6F:2E:A0:68:ED:E4:E2:0A:EF:00:C9:04:13:2B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_neeViOLby6gaO3k4grvAMkEEys.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/4de598-6b03-4bef-ab14-33894913dcb7/1/FJod1gGgFiSsQyRHmIBiKu5lbXw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/4de598-6b03-4bef-ab14-33894913dcb7/1/_neeViOLby6gaO3k4grvAMkEEys.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
92.53.168.0/22
176.52.128.0/19
Signature Algorithm: sha256WithRSAEncryption
62:3d:3f:a2:36:70:f7:b5:c6:60:80:4f:ae:5b:2c:15:fe:d1:
97:2f:5b:24:3f:21:fc:39:90:64:65:6e:34:f8:57:88:8c:ec:
8a:e4:7f:ee:f7:3e:ae:76:7c:ca:b2:62:3b:49:d2:be:6d:62:
7c:3d:b4:32:d9:15:55:51:c1:4f:88:e3:03:fa:ce:9e:66:12:
92:94:8a:62:80:5a:02:69:d4:66:cf:8c:c9:5d:a3:72:b2:a1:
3b:a0:34:67:b4:67:e0:da:08:ac:1b:8f:48:ba:ef:eb:6a:87:
cb:35:30:d1:72:ae:16:60:5f:c0:46:83:ee:bc:3b:59:11:57:
d8:99:72:1c:51:d8:a0:d5:bd:54:25:9c:af:4f:f0:d8:fc:30:
a4:c3:6c:86:1b:9b:89:a0:c9:69:97:9e:dd:7d:49:5e:e9:b9:
93:5f:ff:a3:2a:70:63:c3:8c:2e:d0:dc:73:f5:6f:39:21:9a:
4e:04:e1:e1:86:7e:04:5f:bb:a8:4e:0c:b2:dc:f2:66:37:43:
51:97:37:8d:7b:eb:d2:6b:aa:fb:3d:23:e1:40:fc:a9:c3:d2:
eb:6c:8c:ac:a4:47:bc:7f:96:4c:0d:98:68:e6:c6:7e:b2:46:
fc:d0:6d:1b:fa:cf:50:59:bd:60:67:0a:df:1d:25:4d:23:c0:
9b:1b:91:6f
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYYxIiuLuAm7/15fktUmimGBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZlNzc5ZTU2MjM4YjZmMmVhMDY4ZWRlNGUyMGFlZjAwYzkw
NDEzMmIwHhcNMjMwMjA4MTMwNjA4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNDlhMWRkNjAxYTAxNjI0YWM0MzI0NDc5ODgwNjIyYWVlNjU2ZDdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjyyNDcHskgj8Sv2F9mXs7i6ypyXU
TZ7X975L4uMQjIXXPF8KALocZUr6/PGwyVUR6ixVBDaLAHdlqJJrxdP1giuC8uQe
+zRso33IiNwxiYLNvlNEGQvHAmVDq4T8xLTJwfEZjMa8JcQ4XT8MgFf01A+Xdgqd
aL1oPjwolljTIwLiR1idhGTipfqjPdnkbw33xJ7z/6GuMsJSqA+QPWQoi8eze7Zi
LwseS/iM1y0H2H460Je1ouWPcLE7cGcsJwfS3Oi4Lpp74ceaR4i4glyGOq23MNoG
9ovIPRhjfVbyXdUpyi1hTVQrzpJGuO0N997zmAktHTSXPFEevd1jTqC/ZQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFBSaHdYBoBYkrEMkR5iAYiruZW18MB8GA1UdIwQY
MBaAFP53nlYji28uoGjt5OIK7wDJBBMrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX25lZVZpT0xieTZnYU8zazRncnZBTWtFRXlzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS80ZGU1OTgtNmIwMy00YmVmLWFiMTQt
MzM4OTQ5MTNkY2I3LzEvRkpvZDFnR2dGaVNzUXlSSG1JQmlLdTVsYlh3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS80ZGU1OTgtNmIwMy00YmVmLWFiMTQtMzM4OTQ5MTNkY2I3
LzEvX25lZVZpT0xieTZnYU8zazRncnZBTWtFRXlzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCXDWoAwQF
sDSAMA0GCSqGSIb3DQEBCwUAA4IBAQBiPT+iNnD3tcZggE+uWywV/tGXL1skPyH8
OZBkZW40+FeIjOyK5H/u9z6udnzKsmI7SdK+bWJ8PbQy2RVVUcFPiOMD+s6eZhKS
lIpigFoCadRmz4zJXaNysqE7oDRntGfg2gisG49Iuu/raofLNTDRcq4WYF/ARoPu
vDtZEVfYmXIcUdig1b1UJZyvT/DY/DCkw2yGG5uJoMlpl57dfUle6bmTX/+jKnBj
w4wu0Nxz9W85IZpOBOHhhn4EX7uoTgyy3PJmN0NRlzeNe+vSa6r7PSPhQPypw9Lr
bIyspEe8f5ZMDZho5sZ+skb80G0b+s9QWb1gZwrfHSVNI8CbG5Fv
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:50:13 2024 by rpki-client on console-fra.rpki-client.org