Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/4de598-6b03-4bef-ab14-33894913dcb7/1/KSbPNBxPhHiF9nCcCoWcZfUPsQE.roa
File: KSbPNBxPhHiF9nCcCoWcZfUPsQE.roa (raw, json)
Hash identifier: aQ0QtjZP/1wzJjAnU4PwMqLpwkdd2doxVrOwzw5kPoA=
Subject key identifier: 29:26:CF:34:1C:4F:84:78:85:F6:70:9C:0A:85:9C:65:F5:0F:B1:01
Certificate issuer: /CN=fe779e56238b6f2ea068ede4e20aef00c904132b
Certificate serial: 04A43AF9
Authority key identifier: FE:77:9E:56:23:8B:6F:2E:A0:68:ED:E4:E2:0A:EF:00:C9:04:13:2B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_neeViOLby6gaO3k4grvAMkEEys.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/4de598-6b03-4bef-ab14-33894913dcb7/1/KSbPNBxPhHiF9nCcCoWcZfUPsQE.roa
Signing time: Thu 14 Apr 2022 08:10:25 +0000
ROA not before: Thu 14 Apr 2022 08:10:25 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 210441
IP address blocks: 176.52.132.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 77871865 (0x4a43af9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fe779e56238b6f2ea068ede4e20aef00c904132b
Validity
Not Before: Apr 14 08:10:25 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2926cf341c4f847885f6709c0a859c65f50fb101
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:b0:d6:6a:c6:a5:e8:7d:fa:db:f5:03:50:df:
35:71:64:cd:4d:cb:8a:af:d3:0f:86:7d:d3:74:af:
fb:03:4e:8c:d3:e1:7f:7f:22:aa:a5:c0:26:28:64:
7e:d1:4d:13:df:ef:9b:c4:e1:58:ed:1e:f1:55:e6:
b1:f3:83:80:5f:94:a4:9a:3f:53:b8:a6:c5:84:96:
96:93:2d:f8:14:81:e6:58:60:f8:54:21:6b:52:18:
b4:a5:b4:b2:f1:5b:62:f3:91:a8:41:c2:e9:1b:14:
40:d6:17:ab:11:15:2e:b4:0c:92:8a:50:7d:4c:02:
af:66:24:4c:34:ca:5f:01:fa:76:cf:92:8a:76:98:
9f:f5:41:84:7e:48:4b:f5:91:00:3e:5a:a2:24:d7:
43:24:53:b5:2d:27:cf:07:d1:40:1c:8a:87:b8:65:
89:a4:ed:ba:fc:1b:fe:47:65:1e:99:e1:5e:ae:8e:
4b:57:db:02:9a:63:72:98:fb:ba:6e:a5:9b:3e:a5:
75:a8:e7:55:3f:30:8a:0f:39:39:69:e0:2d:63:ac:
6a:ab:e7:8b:14:6a:b1:da:e1:c7:0f:db:64:76:c0:
48:63:e3:cb:44:2a:3c:d0:10:8e:e5:38:7f:ab:4f:
40:7b:2d:e0:ff:5c:8f:ba:64:82:51:16:09:c0:12:
a3:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:26:CF:34:1C:4F:84:78:85:F6:70:9C:0A:85:9C:65:F5:0F:B1:01
X509v3 Authority Key Identifier:
keyid:FE:77:9E:56:23:8B:6F:2E:A0:68:ED:E4:E2:0A:EF:00:C9:04:13:2B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_neeViOLby6gaO3k4grvAMkEEys.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/4de598-6b03-4bef-ab14-33894913dcb7/1/KSbPNBxPhHiF9nCcCoWcZfUPsQE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/4de598-6b03-4bef-ab14-33894913dcb7/1/_neeViOLby6gaO3k4grvAMkEEys.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.52.132.0/22
Signature Algorithm: sha256WithRSAEncryption
a1:51:d7:59:8f:8e:b8:54:4b:38:9d:e0:15:11:a0:93:2a:1a:
ed:76:07:6c:d3:fe:96:d0:f2:63:4e:94:d0:24:a3:d0:53:18:
29:58:01:b3:a4:75:7b:eb:38:7d:29:3a:c9:53:a1:12:db:87:
61:e9:27:12:76:67:3d:58:2e:33:45:9e:8d:f3:2e:3c:c3:9f:
86:ef:89:64:04:d8:ef:00:22:37:9d:d3:08:bf:1b:c7:88:f2:
b7:b7:43:ea:ef:1e:18:84:07:86:17:4b:7e:d0:c0:9e:f1:f3:
bc:82:1d:27:d9:3b:5d:c8:1a:27:c3:e8:7d:b8:88:0f:f7:ec:
3a:a8:7c:01:c5:41:72:f6:ad:ad:a2:ef:8e:92:42:66:a3:34:
7a:66:6a:04:26:77:fb:dd:70:50:14:bd:7b:0c:89:77:86:37:
5c:3c:35:a3:54:af:7f:54:1b:a6:33:06:12:9d:cf:46:62:4f:
c0:ca:67:c9:d9:d6:ba:89:f1:ef:fb:f5:e3:b3:f4:0c:b6:bf:
9b:85:51:86:6c:36:90:5c:f4:15:5e:4b:5a:e1:6e:22:cf:af:
6f:ac:08:67:06:36:81:36:08:16:5d:1e:89:89:fe:0c:9e:42:
4a:09:81:80:04:76:9f:83:f0:47:99:6b:29:49:cd:2c:fb:5d:
00:42:0e:01
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBKQ6+TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
ZTc3OWU1NjIzOGI2ZjJlYTA2OGVkZTRlMjBhZWYwMGM5MDQxMzJiMB4XDTIyMDQx
NDA4MTAyNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMjkyNmNmMzQxYzRm
ODQ3ODg1ZjY3MDljMGE4NTljNjVmNTBmYjEwMTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJyw1mrGpeh9+tv1A1DfNXFkzU3Liq/TD4Z903Sv+wNOjNPh
f38iqqXAJihkftFNE9/vm8ThWO0e8VXmsfODgF+UpJo/U7imxYSWlpMt+BSB5lhg
+FQha1IYtKW0svFbYvORqEHC6RsUQNYXqxEVLrQMkopQfUwCr2YkTDTKXwH6ds+S
inaYn/VBhH5IS/WRAD5aoiTXQyRTtS0nzwfRQByKh7hliaTtuvwb/kdlHpnhXq6O
S1fbAppjcpj7um6lmz6ldajnVT8wig85OWngLWOsaqvnixRqsdrhxw/bZHbASGPj
y0QqPNAQjuU4f6tPQHst4P9cj7pkglEWCcASozUCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQpJs80HE+EeIX2cJwKhZxl9Q+xATAfBgNVHSMEGDAWgBT+d55WI4tvLqBo
7eTiCu8AyQQTKzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L19uZWVWaU9MYnk2Z2FPM2s0Z3J2QU1rRUV5cy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjEvNGRlNTk4LTZiMDMtNGJlZi1hYjE0LTMzODk0OTEzZGNiNy8x
L0tTYlBOQnhQaEhpRjluQ2NDb1djWmZVUHNRRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjEv
NGRlNTk4LTZiMDMtNGJlZi1hYjE0LTMzODk0OTEzZGNiNy8xL19uZWVWaU9MYnk2
Z2FPM2s0Z3J2QU1rRUV5cy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArA0hDANBgkqhkiG9w0BAQsFAAOC
AQEAoVHXWY+OuFRLOJ3gFRGgkyoa7XYHbNP+ltDyY06U0CSj0FMYKVgBs6R1e+s4
fSk6yVOhEtuHYeknEnZnPVguM0WejfMuPMOfhu+JZATY7wAiN53TCL8bx4jyt7dD
6u8eGIQHhhdLftDAnvHzvIIdJ9k7XcgaJ8PofbiID/fsOqh8AcVBcvatraLvjpJC
ZqM0emZqBCZ3+91wUBS9ewyJd4Y3XDw1o1Svf1QbpjMGEp3PRmJPwMpnydnWuonx
7/v147P0DLa/m4VRhmw2kFz0FV5LWuFuIs+vb6wIZwY2gTYIFl0eiYn+DJ5CSgmB
gAR2n4PwR5lrKUnNLPtdAEIOAQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:39:04 2024 by rpki-client on console-ams.rpki-client.org