Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/4de598-6b03-4bef-ab14-33894913dcb7/1/KIC9qCI1JlOYQgkmjQxp2mCF8RM.roa
File: KIC9qCI1JlOYQgkmjQxp2mCF8RM.roa (raw, json)
Hash identifier: 7H6+wI9oy4fkplJ3JLBAdkJr3kElmPD5WDO41VwFQIM=
Subject key identifier: 28:80:BD:A8:22:35:26:53:98:42:09:26:8D:0C:69:DA:60:85:F1:13
Certificate issuer: /CN=fe779e56238b6f2ea068ede4e20aef00c904132b
Certificate serial: 01844CC946EA6ABE3E491612BFA0B0E7A375
Authority key identifier: FE:77:9E:56:23:8B:6F:2E:A0:68:ED:E4:E2:0A:EF:00:C9:04:13:2B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_neeViOLby6gaO3k4grvAMkEEys.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/4de598-6b03-4bef-ab14-33894913dcb7/1/KIC9qCI1JlOYQgkmjQxp2mCF8RM.roa
Signing time: Sun 06 Nov 2022 11:52:50 +0000
ROA not before: Sun 06 Nov 2022 11:52:50 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 0
IP address blocks: 176.52.128.0/22 maxlen: 24
176.52.132.0/22 maxlen: 24
176.52.136.0/22 maxlen: 22
176.52.144.0/22 maxlen: 24
176.52.140.0/22 maxlen: 22
176.52.152.0/22 maxlen: 22
176.52.148.0/22 maxlen: 24
176.52.156.0/22 maxlen: 22
92.53.160.0/22 maxlen: 24
92.53.172.0/22 maxlen: 22
92.53.168.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:4c:c9:46:ea:6a:be:3e:49:16:12:bf:a0:b0:e7:a3:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fe779e56238b6f2ea068ede4e20aef00c904132b
Validity
Not Before: Nov 6 11:52:50 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2880bda822352653984209268d0c69da6085f113
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:9a:4d:d6:ec:c6:30:83:48:2c:62:7e:ac:ec:
4d:e7:c2:f3:ab:9f:15:79:45:98:da:dc:ee:7e:04:
92:41:77:43:05:c0:89:51:e8:aa:00:62:de:c0:7d:
16:2e:a7:d0:a3:ef:75:66:33:e6:88:b6:14:41:bb:
fd:59:bd:bd:68:05:5c:87:a1:4d:6d:64:7a:a4:91:
4f:1e:3f:1a:0b:57:13:99:61:c5:17:e0:11:6d:a7:
78:50:61:58:d1:f9:91:90:49:66:6a:f9:36:b2:b7:
64:ee:ce:04:78:7c:a7:06:f6:52:be:33:e2:6c:3e:
5d:5a:07:07:22:73:eb:3e:6a:93:65:ca:78:17:6d:
25:70:84:10:d6:ce:60:0a:eb:27:60:b7:e0:d6:30:
3d:fb:bf:63:d0:7f:57:41:84:67:89:71:56:45:48:
eb:73:29:fa:89:21:b5:7b:a4:92:11:dc:1d:98:97:
a7:1d:6b:53:cb:15:21:fa:79:1d:0c:f4:df:3e:90:
ee:cd:18:8c:e9:ce:c7:41:84:25:07:9c:fa:4e:ab:
0a:9e:42:11:6c:b1:dc:70:08:de:fa:91:2d:8a:35:
3b:2f:7f:1c:0b:9b:54:4a:8c:cd:0a:0e:99:52:af:
32:1c:88:7e:05:9f:e7:1c:1a:39:fa:06:fa:68:4d:
32:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:80:BD:A8:22:35:26:53:98:42:09:26:8D:0C:69:DA:60:85:F1:13
X509v3 Authority Key Identifier:
keyid:FE:77:9E:56:23:8B:6F:2E:A0:68:ED:E4:E2:0A:EF:00:C9:04:13:2B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_neeViOLby6gaO3k4grvAMkEEys.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/4de598-6b03-4bef-ab14-33894913dcb7/1/KIC9qCI1JlOYQgkmjQxp2mCF8RM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/4de598-6b03-4bef-ab14-33894913dcb7/1/_neeViOLby6gaO3k4grvAMkEEys.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
92.53.160.0/22
92.53.168.0/21
176.52.128.0/19
Signature Algorithm: sha256WithRSAEncryption
08:8d:44:d4:7c:9e:08:9a:da:81:34:58:ec:8d:62:0a:ec:51:
c8:01:3d:34:09:5c:21:0e:64:f5:49:83:61:32:18:52:75:fd:
b8:d2:62:70:87:df:68:3b:48:21:8f:f7:f9:04:ed:4b:9f:62:
32:d7:7a:0d:08:15:8f:6d:04:56:c0:33:b1:09:8e:a1:3a:f9:
de:9c:62:bb:1d:f7:30:8e:8e:1e:bb:69:af:e4:dc:af:3a:af:
58:8e:2f:95:53:68:ab:82:b6:94:ec:32:05:50:cb:72:68:a3:
8d:39:47:d6:4a:66:3c:7e:4a:eb:e6:35:a8:a1:55:8c:56:8f:
2a:21:7e:8a:57:75:b9:46:0b:e8:19:fb:06:c0:cc:84:52:4c:
fb:a1:04:ac:6e:31:26:39:08:b4:8b:bc:19:dd:77:2f:77:a1:
ec:8b:ff:08:22:27:5f:ec:ac:1f:38:a8:8d:77:4f:ec:1d:fa:
43:01:4d:4f:3e:95:65:10:46:8e:1a:2a:cf:18:16:d2:28:ae:
30:bf:3d:4f:3f:8b:8c:04:36:77:33:8a:7d:99:ed:50:dc:f0:
ce:b4:ce:a5:ef:7b:7a:08:0b:63:02:f8:cf:e2:0b:67:82:dc:
b2:40:9c:4f:aa:03:f2:00:c5:12:b5:68:96:1f:a4:29:09:52:
0e:88:40:34
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYRMyUbqar4+SRYSv6Cw56N1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZlNzc5ZTU2MjM4YjZmMmVhMDY4ZWRlNGUyMGFlZjAwYzkw
NDEzMmIwHhcNMjIxMTA2MTE1MjUwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyODgwYmRhODIyMzUyNjUzOTg0MjA5MjY4ZDBjNjlkYTYwODVmMTEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs5pN1uzGMINILGJ+rOxN58Lzq58V
eUWY2tzufgSSQXdDBcCJUeiqAGLewH0WLqfQo+91ZjPmiLYUQbv9Wb29aAVch6FN
bWR6pJFPHj8aC1cTmWHFF+ARbad4UGFY0fmRkElmavk2srdk7s4EeHynBvZSvjPi
bD5dWgcHInPrPmqTZcp4F20lcIQQ1s5gCusnYLfg1jA9+79j0H9XQYRniXFWRUjr
cyn6iSG1e6SSEdwdmJenHWtTyxUh+nkdDPTfPpDuzRiM6c7HQYQlB5z6TqsKnkIR
bLHccAje+pEtijU7L38cC5tUSozNCg6ZUq8yHIh+BZ/nHBo5+gb6aE0yDwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFCiAvagiNSZTmEIJJo0MadpghfETMB8GA1UdIwQY
MBaAFP53nlYji28uoGjt5OIK7wDJBBMrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX25lZVZpT0xieTZnYU8zazRncnZBTWtFRXlzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS80ZGU1OTgtNmIwMy00YmVmLWFiMTQt
MzM4OTQ5MTNkY2I3LzEvS0lDOXFDSTFKbE9ZUWdrbWpReHAybUNGOFJNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS80ZGU1OTgtNmIwMy00YmVmLWFiMTQtMzM4OTQ5MTNkY2I3
LzEvX25lZVZpT0xieTZnYU8zazRncnZBTWtFRXlzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCXDWgAwQD
XDWoAwQFsDSAMA0GCSqGSIb3DQEBCwUAA4IBAQAIjUTUfJ4ImtqBNFjsjWIK7FHI
AT00CVwhDmT1SYNhMhhSdf240mJwh99oO0ghj/f5BO1Ln2Iy13oNCBWPbQRWwDOx
CY6hOvnenGK7Hfcwjo4eu2mv5NyvOq9Yji+VU2irgraU7DIFUMtyaKONOUfWSmY8
fkrr5jWooVWMVo8qIX6KV3W5RgvoGfsGwMyEUkz7oQSsbjEmOQi0i7wZ3Xcvd6Hs
i/8IIidf7KwfOKiNd0/sHfpDAU1PPpVlEEaOGirPGBbSKK4wvz1PP4uMBDZ3M4p9
me1Q3PDOtM6l73t6CAtjAvjP4gtngtyyQJxPqgPyAMUStWiWH6QpCVIOiEA0
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:39:04 2024 by rpki-client on console-ams.rpki-client.org