Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/4de598-6b03-4bef-ab14-33894913dcb7/1/TnhSe8Dm2A-Ok45FLy5qamJuiDI.roa
File: TnhSe8Dm2A-Ok45FLy5qamJuiDI.roa (raw, json)
Hash identifier: 18bub4oqExKTQ6VNtIM4DI5Esb40Zxr1fINYEicH0RY=
Subject key identifier: 4E:78:52:7B:C0:E6:D8:0F:8E:93:8E:45:2F:2E:6A:6A:62:6E:88:32
Certificate issuer: /CN=fe779e56238b6f2ea068ede4e20aef00c904132b
Certificate serial: 0182065ACBFD101D1FE83E4EEA8FD1884A97
Authority key identifier: FE:77:9E:56:23:8B:6F:2E:A0:68:ED:E4:E2:0A:EF:00:C9:04:13:2B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_neeViOLby6gaO3k4grvAMkEEys.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/4de598-6b03-4bef-ab14-33894913dcb7/1/TnhSe8Dm2A-Ok45FLy5qamJuiDI.roa
Signing time: Sat 16 Jul 2022 09:33:09 +0000
ROA not before: Sat 16 Jul 2022 09:33:09 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 0
IP address blocks: 176.52.128.0/22 maxlen: 24
92.53.160.0/22 maxlen: 24
92.53.164.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:06:5a:cb:fd:10:1d:1f:e8:3e:4e:ea:8f:d1:88:4a:97
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fe779e56238b6f2ea068ede4e20aef00c904132b
Validity
Not Before: Jul 16 09:33:09 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=4e78527bc0e6d80f8e938e452f2e6a6a626e8832
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:91:10:66:7e:b9:8b:85:c8:fd:fd:f8:42:b5:
a5:30:22:a2:ee:9d:11:b6:99:cb:7f:66:93:44:9d:
2c:4b:bb:27:4c:c6:44:d4:56:13:8e:6b:db:74:bd:
d1:57:a5:c1:93:a3:0d:00:ef:5d:fb:16:1c:fd:da:
d9:cc:5b:e3:53:6d:58:7f:b7:60:c2:9b:16:8f:90:
ce:79:cd:e3:02:bf:b7:ed:d0:6c:ff:42:b5:53:f5:
42:6f:29:9a:e3:2c:f0:b4:a6:e0:c7:75:10:7f:8a:
c3:23:9e:83:5f:e9:2a:c3:60:00:84:af:d3:ef:ce:
a5:26:33:7a:27:df:0b:dc:48:b7:f6:57:5d:38:99:
15:ed:40:ec:3e:53:78:9b:2c:73:2e:af:b5:82:86:
06:d9:6f:f8:b4:e3:40:24:6f:1b:20:a9:c9:d5:a3:
e2:52:74:c4:29:37:a4:16:12:e8:f3:fb:56:ee:dd:
9c:a7:ed:71:8f:6f:a8:62:68:2d:78:50:c4:6a:98:
69:d5:89:8e:26:af:c5:b6:5a:4e:0f:24:1b:ca:0c:
61:fc:ca:81:5c:74:e5:bb:bf:03:91:5f:3e:b9:b4:
8e:1e:29:c6:35:6d:3f:5b:3b:57:f1:02:a7:b1:82:
e2:af:b3:74:04:5f:e4:86:f1:a0:30:a8:d1:b4:6f:
70:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:78:52:7B:C0:E6:D8:0F:8E:93:8E:45:2F:2E:6A:6A:62:6E:88:32
X509v3 Authority Key Identifier:
keyid:FE:77:9E:56:23:8B:6F:2E:A0:68:ED:E4:E2:0A:EF:00:C9:04:13:2B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_neeViOLby6gaO3k4grvAMkEEys.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/4de598-6b03-4bef-ab14-33894913dcb7/1/TnhSe8Dm2A-Ok45FLy5qamJuiDI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/4de598-6b03-4bef-ab14-33894913dcb7/1/_neeViOLby6gaO3k4grvAMkEEys.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
92.53.160.0/21
176.52.128.0/22
Signature Algorithm: sha256WithRSAEncryption
4b:9e:d9:e5:c6:63:83:f0:06:f4:c7:b7:83:42:72:01:b8:59:
9b:4e:f8:7e:ab:bb:b9:1a:7c:82:58:1a:37:61:32:e7:44:25:
aa:0f:7b:e4:66:bb:0e:da:ac:a8:5a:6f:99:89:eb:56:b8:0d:
d9:4f:37:1b:fb:7a:97:71:60:c4:7d:22:d6:88:6d:6e:c1:c8:
e4:7b:a0:89:00:49:bf:99:2b:b3:da:ec:09:a0:2f:5b:e1:4a:
d8:84:ce:a3:c2:3c:12:de:0d:97:98:2f:eb:f7:87:62:b9:ca:
6a:c7:1f:71:4b:42:5e:5b:a9:c3:db:4d:b5:10:3b:83:0d:ec:
96:3c:ab:b4:0e:65:b6:f8:75:23:7d:9e:eb:d8:fb:f9:de:bb:
bf:09:bc:ee:3d:32:19:33:72:61:fd:07:2c:83:29:33:e1:3a:
35:9b:9b:07:ba:0a:77:14:10:59:b0:f4:ce:8c:51:d2:b2:54:
03:dd:00:a4:bc:e1:b4:c9:63:11:fc:01:1a:9b:31:7c:58:44:
44:65:c0:e9:67:45:77:d1:ae:1e:0a:89:d9:b8:a3:42:61:71:
ab:31:3c:00:15:26:0d:63:aa:8d:da:fe:fc:fa:2f:93:23:05:
fb:f2:e1:21:3f:03:fd:cc:61:cb:1e:ed:66:33:12:86:2e:4c:
6f:ce:00:e7
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYIGWsv9EB0f6D5O6o/RiEqXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZlNzc5ZTU2MjM4YjZmMmVhMDY4ZWRlNGUyMGFlZjAwYzkw
NDEzMmIwHhcNMjIwNzE2MDkzMzA5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZTc4NTI3YmMwZTZkODBmOGU5MzhlNDUyZjJlNmE2YTYyNmU4ODMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhJEQZn65i4XI/f34QrWlMCKi7p0R
tpnLf2aTRJ0sS7snTMZE1FYTjmvbdL3RV6XBk6MNAO9d+xYc/drZzFvjU21Yf7dg
wpsWj5DOec3jAr+37dBs/0K1U/VCbyma4yzwtKbgx3UQf4rDI56DX+kqw2AAhK/T
786lJjN6J98L3Ei39lddOJkV7UDsPlN4myxzLq+1goYG2W/4tONAJG8bIKnJ1aPi
UnTEKTekFhLo8/tW7t2cp+1xj2+oYmgteFDEaphp1YmOJq/FtlpODyQbygxh/MqB
XHTlu78DkV8+ubSOHinGNW0/WztX8QKnsYLir7N0BF/khvGgMKjRtG9wCwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFE54UnvA5tgPjpOORS8uampibogyMB8GA1UdIwQY
MBaAFP53nlYji28uoGjt5OIK7wDJBBMrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX25lZVZpT0xieTZnYU8zazRncnZBTWtFRXlzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS80ZGU1OTgtNmIwMy00YmVmLWFiMTQt
MzM4OTQ5MTNkY2I3LzEvVG5oU2U4RG0yQS1PazQ1Rkx5NXFhbUp1aURJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS80ZGU1OTgtNmIwMy00YmVmLWFiMTQtMzM4OTQ5MTNkY2I3
LzEvX25lZVZpT0xieTZnYU8zazRncnZBTWtFRXlzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDXDWgAwQC
sDSAMA0GCSqGSIb3DQEBCwUAA4IBAQBLntnlxmOD8Ab0x7eDQnIBuFmbTvh+q7u5
GnyCWBo3YTLnRCWqD3vkZrsO2qyoWm+ZietWuA3ZTzcb+3qXcWDEfSLWiG1uwcjk
e6CJAEm/mSuz2uwJoC9b4UrYhM6jwjwS3g2XmC/r94diucpqxx9xS0JeW6nD2021
EDuDDeyWPKu0DmW2+HUjfZ7r2Pv53ru/CbzuPTIZM3Jh/Qcsgykz4To1m5sHugp3
FBBZsPTOjFHSslQD3QCkvOG0yWMR/AEamzF8WEREZcDpZ0V30a4eConZuKNCYXGr
MTwAFSYNY6qN2v78+i+TIwX78uEhPwP9zGHLHu1mMxKGLkxvzgDn
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:39:05 2024 by rpki-client on console-ams.rpki-client.org