Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/4de598-6b03-4bef-ab14-33894913dcb7/1/KF1yPDZ7UwwBFiNhERleOneachI.roa
File: KF1yPDZ7UwwBFiNhERleOneachI.roa (raw, json)
Hash identifier: E8/qW+eHY/3TqtDY92hWNLcmIHlqZYZbfxh4jgKjyGs=
Subject key identifier: 28:5D:72:3C:36:7B:53:0C:01:16:23:61:11:19:5E:3A:77:9A:72:12
Certificate issuer: /CN=fe779e56238b6f2ea068ede4e20aef00c904132b
Certificate serial: 01837DEC6A028E92CA82B86B76A0F0789838
Authority key identifier: FE:77:9E:56:23:8B:6F:2E:A0:68:ED:E4:E2:0A:EF:00:C9:04:13:2B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_neeViOLby6gaO3k4grvAMkEEys.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/4de598-6b03-4bef-ab14-33894913dcb7/1/KF1yPDZ7UwwBFiNhERleOneachI.roa
Signing time: Tue 27 Sep 2022 07:49:49 +0000
ROA not before: Tue 27 Sep 2022 07:49:49 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 0
IP address blocks: 92.53.176.0/22 maxlen: 22
92.53.184.0/22 maxlen: 22
176.52.128.0/22 maxlen: 24
176.52.140.0/22 maxlen: 22
176.52.152.0/22 maxlen: 22
92.53.160.0/22 maxlen: 24
92.53.164.0/22 maxlen: 24
92.53.172.0/22 maxlen: 22
92.53.168.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:7d:ec:6a:02:8e:92:ca:82:b8:6b:76:a0:f0:78:98:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fe779e56238b6f2ea068ede4e20aef00c904132b
Validity
Not Before: Sep 27 07:49:49 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=285d723c367b530c0116236111195e3a779a7212
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:67:48:fb:3f:d4:83:d8:2c:e3:ce:30:79:ea:
a1:57:a1:2a:22:18:cf:1d:2a:d6:4e:b5:53:15:c7:
84:e6:2f:21:e3:75:ff:85:db:83:01:0b:fd:20:c6:
08:c6:8e:f5:f2:87:8b:26:d3:ea:ac:b6:fa:54:2c:
30:24:af:ef:ce:31:99:0a:ca:e1:96:36:c6:e0:6f:
1b:df:5b:9f:56:d2:da:f8:e9:85:3e:e0:50:4c:18:
54:46:1e:89:58:d9:21:09:0f:c3:57:46:4c:d2:91:
11:82:02:5d:43:b7:27:dd:1e:9a:1a:bd:fc:79:e6:
72:d3:54:4c:db:c7:a5:f9:6f:93:71:a2:9b:4e:b1:
7b:98:4c:d6:7d:5a:b4:91:ae:88:8b:5f:8c:c6:48:
d2:07:bd:86:d2:f4:8e:7a:b2:c2:8c:18:96:c8:8d:
89:34:4b:59:da:37:c9:61:5e:84:60:5c:10:f7:2c:
e3:fa:c7:5a:b1:68:74:43:bf:f1:89:b7:18:ec:91:
54:3d:9c:f8:c2:8c:81:b5:05:20:8d:2b:c6:c6:a8:
cd:1f:6a:74:e6:28:47:dd:af:cb:f1:6f:a4:42:55:
e3:fa:c6:fb:9d:4f:50:3d:4f:b0:34:98:e1:dc:0a:
a1:5e:8b:c4:69:67:62:f3:b0:2b:8a:d4:a8:80:2e:
5c:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:5D:72:3C:36:7B:53:0C:01:16:23:61:11:19:5E:3A:77:9A:72:12
X509v3 Authority Key Identifier:
keyid:FE:77:9E:56:23:8B:6F:2E:A0:68:ED:E4:E2:0A:EF:00:C9:04:13:2B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_neeViOLby6gaO3k4grvAMkEEys.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/4de598-6b03-4bef-ab14-33894913dcb7/1/KF1yPDZ7UwwBFiNhERleOneachI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/4de598-6b03-4bef-ab14-33894913dcb7/1/_neeViOLby6gaO3k4grvAMkEEys.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
92.53.160.0-92.53.179.255
92.53.184.0/22
176.52.128.0/22
176.52.140.0/22
176.52.152.0/22
Signature Algorithm: sha256WithRSAEncryption
8b:71:29:5a:09:72:5c:cf:5a:c4:de:e9:b5:c4:11:b4:38:3d:
91:70:64:17:03:3b:16:9a:67:bc:44:c1:29:a0:e0:fa:d2:f5:
68:62:2d:dd:28:41:69:ff:d2:ca:58:79:15:79:38:08:da:8e:
99:da:22:b0:19:9c:97:b1:8d:c2:d4:75:5d:73:a1:4c:21:c1:
19:32:9f:38:51:18:b5:fa:46:81:ce:2f:6a:21:d2:ca:ed:a2:
8f:ec:34:2f:d2:5c:f4:b8:e8:44:af:05:9f:16:b6:6b:6d:43:
c9:a1:e2:8f:99:a5:93:6b:93:d2:dd:9e:dd:1c:2c:29:ee:ab:
94:70:0d:c2:69:f3:75:75:b4:23:a8:5d:a2:fe:8d:65:b2:3b:
b7:f3:08:14:f8:5b:21:58:76:77:9c:dc:5f:20:8c:28:20:a4:
14:61:41:4c:cd:c1:33:0c:12:97:8f:58:c0:fd:33:73:a6:c6:
59:71:49:cb:4a:97:37:46:f5:5c:20:23:11:48:d6:da:3e:ca:
c6:30:d4:a6:b2:a2:e4:b1:aa:1e:8c:ec:88:73:5f:82:b7:b3:
72:1c:bc:a2:bc:22:4d:6b:44:4f:f9:07:47:1f:b7:b4:7e:ea:
7e:13:38:f8:43:13:48:50:2d:fb:d0:3a:b7:99:3c:37:42:09:
3a:c3:90:34
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAYN97GoCjpLKgrhrdqDweJg4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZlNzc5ZTU2MjM4YjZmMmVhMDY4ZWRlNGUyMGFlZjAwYzkw
NDEzMmIwHhcNMjIwOTI3MDc0OTQ5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyODVkNzIzYzM2N2I1MzBjMDExNjIzNjExMTE5NWUzYTc3OWE3MjEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv2dI+z/Ug9gs484weeqhV6EqIhjP
HSrWTrVTFceE5i8h43X/hduDAQv9IMYIxo718oeLJtPqrLb6VCwwJK/vzjGZCsrh
ljbG4G8b31ufVtLa+OmFPuBQTBhURh6JWNkhCQ/DV0ZM0pERggJdQ7cn3R6aGr38
eeZy01RM28el+W+TcaKbTrF7mEzWfVq0ka6Ii1+MxkjSB72G0vSOerLCjBiWyI2J
NEtZ2jfJYV6EYFwQ9yzj+sdasWh0Q7/xibcY7JFUPZz4woyBtQUgjSvGxqjNH2p0
5ihH3a/L8W+kQlXj+sb7nU9QPU+wNJjh3AqhXovEaWdi87AritSogC5cwwIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFChdcjw2e1MMARYjYREZXjp3mnISMB8GA1UdIwQY
MBaAFP53nlYji28uoGjt5OIK7wDJBBMrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX25lZVZpT0xieTZnYU8zazRncnZBTWtFRXlzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS80ZGU1OTgtNmIwMy00YmVmLWFiMTQt
MzM4OTQ5MTNkY2I3LzEvS0YxeVBEWjdVd3dCRmlOaEVSbGVPbmVhY2hJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS80ZGU1OTgtNmIwMy00YmVmLWFiMTQtMzM4OTQ5MTNkY2I3
LzEvX25lZVZpT0xieTZnYU8zazRncnZBTWtFRXlzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmMAwDBAVcNaAD
BAJcNbADBAJcNbgDBAKwNIADBAKwNIwDBAKwNJgwDQYJKoZIhvcNAQELBQADggEB
AItxKVoJclzPWsTe6bXEEbQ4PZFwZBcDOxaaZ7xEwSmg4PrS9WhiLd0oQWn/0spY
eRV5OAjajpnaIrAZnJexjcLUdV1zoUwhwRkynzhRGLX6RoHOL2oh0srtoo/sNC/S
XPS46ESvBZ8WtmttQ8mh4o+ZpZNrk9Ldnt0cLCnuq5RwDcJp83V1tCOoXaL+jWWy
O7fzCBT4WyFYdnec3F8gjCggpBRhQUzNwTMMEpePWMD9M3OmxllxSctKlzdG9Vwg
IxFI1to+ysYw1KayouSxqh6M7IhzX4K3s3IcvKK8Ik1rRE/5B0cft7R+6n4TOPhD
E0hQLfvQOreZPDdCCTrDkDQ=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:50:13 2024 by rpki-client on console-fra.rpki-client.org