Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/4de598-6b03-4bef-ab14-33894913dcb7/1/TvNuWrys1Z-6cGxCgOFOf0qq1zE.roa
File: TvNuWrys1Z-6cGxCgOFOf0qq1zE.roa (raw, json)
Hash identifier: b+4P0R20zWrUsrPyuSkVvAVjXHyj1m1mliR6jsOoAy4=
Subject key identifier: 4E:F3:6E:5A:BC:AC:D5:9F:BA:70:6C:42:80:E1:4E:7F:4A:AA:D7:31
Certificate issuer: /CN=fe779e56238b6f2ea068ede4e20aef00c904132b
Certificate serial: 01822543E6F5A16E5824C104CBEC6539553D
Authority key identifier: FE:77:9E:56:23:8B:6F:2E:A0:68:ED:E4:E2:0A:EF:00:C9:04:13:2B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_neeViOLby6gaO3k4grvAMkEEys.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/4de598-6b03-4bef-ab14-33894913dcb7/1/TvNuWrys1Z-6cGxCgOFOf0qq1zE.roa
Signing time: Fri 22 Jul 2022 09:36:23 +0000
ROA not before: Fri 22 Jul 2022 09:36:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 7018
IP address blocks: 92.53.184.0/22 maxlen: 22
92.53.188.0/22 maxlen: 24
176.52.140.0/22 maxlen: 22
92.53.168.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:25:43:e6:f5:a1:6e:58:24:c1:04:cb:ec:65:39:55:3d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fe779e56238b6f2ea068ede4e20aef00c904132b
Validity
Not Before: Jul 22 09:36:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=4ef36e5abcacd59fba706c4280e14e7f4aaad731
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:1a:04:fe:cf:c2:fa:fd:f3:7e:ae:91:e2:42:
42:16:28:d5:7e:1f:e1:8d:73:02:82:11:65:4b:91:
2e:41:4f:4b:27:f7:b2:fd:fa:35:af:74:93:d1:ac:
8a:ae:e2:18:fe:6a:34:09:85:4e:95:fa:c3:3e:af:
ac:f5:c2:61:27:85:13:fe:5c:35:d2:52:ea:d3:e0:
e5:25:fa:f9:fc:0d:d0:96:64:92:4d:89:be:95:bc:
48:be:d4:2b:c8:f7:8d:6c:12:cf:3f:b7:ea:84:05:
ab:40:47:39:9d:a0:5e:79:6c:bf:7e:59:6c:b2:62:
2d:c3:4d:49:9c:75:d8:37:d8:63:80:45:45:76:14:
03:fe:34:3d:7d:0b:c6:93:30:23:40:20:aa:40:3b:
2e:4f:a0:ed:5e:31:d3:3f:64:9a:e4:01:40:56:bb:
66:ed:d2:3e:4d:45:29:25:93:ab:ca:1b:5c:3d:62:
f9:df:cb:80:32:0e:06:c8:4a:ca:e3:bf:05:83:45:
94:3f:6d:3d:d4:c8:34:9e:b5:fa:ed:53:9a:3a:0d:
8f:d1:b2:04:a4:77:ae:a9:8e:a4:9f:69:c7:39:15:
9f:ff:5c:34:f4:20:a8:e0:a4:33:70:b5:9a:09:ea:
57:1a:08:aa:37:d3:24:23:b1:40:d2:53:66:85:1e:
1a:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:F3:6E:5A:BC:AC:D5:9F:BA:70:6C:42:80:E1:4E:7F:4A:AA:D7:31
X509v3 Authority Key Identifier:
keyid:FE:77:9E:56:23:8B:6F:2E:A0:68:ED:E4:E2:0A:EF:00:C9:04:13:2B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_neeViOLby6gaO3k4grvAMkEEys.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/4de598-6b03-4bef-ab14-33894913dcb7/1/TvNuWrys1Z-6cGxCgOFOf0qq1zE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/4de598-6b03-4bef-ab14-33894913dcb7/1/_neeViOLby6gaO3k4grvAMkEEys.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
92.53.168.0/22
92.53.184.0/21
176.52.140.0/22
Signature Algorithm: sha256WithRSAEncryption
87:91:df:3c:d4:6c:02:70:7f:a1:96:ac:54:e7:9d:05:66:98:
42:00:be:88:68:12:e5:ed:da:f3:56:c3:8a:d7:bc:d4:47:77:
a3:2f:6c:76:cb:a2:d2:d1:2b:11:08:67:ef:b9:16:6f:9c:22:
ff:00:7f:f6:a8:5b:f3:29:22:0d:e0:6b:8f:ce:fe:21:0a:75:
c1:e7:d9:81:bb:db:20:5f:ff:38:e8:50:7b:a4:ce:f5:c4:2e:
a1:b3:8c:70:8a:6f:35:fd:7e:32:87:dd:a5:bf:10:92:15:87:
47:98:72:25:fd:7c:b2:2d:1f:13:89:39:9e:ca:c1:5c:12:1c:
20:a7:43:e6:9f:bc:19:a5:63:f7:d7:a6:50:86:24:b8:c1:35:
9d:b6:8d:a2:00:93:cd:05:d9:dd:93:6c:a6:1a:fc:a9:d3:2c:
f3:50:3a:e0:4a:90:67:36:7d:cf:51:1e:be:06:71:47:52:bf:
16:b6:a5:67:fc:03:40:1b:a9:00:d4:34:c3:bc:f0:fb:36:6c:
6a:36:40:81:5e:be:f1:4b:89:cf:41:bc:11:f4:5f:37:d7:3b:
26:b5:fc:6e:cc:51:77:02:e9:21:75:86:4a:d1:d4:d9:96:e7:
4d:e0:54:10:b4:7b:c3:30:0f:20:30:37:0e:c2:cf:29:60:be:
58:af:fd:0f
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYIlQ+b1oW5YJMEEy+xlOVU9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZlNzc5ZTU2MjM4YjZmMmVhMDY4ZWRlNGUyMGFlZjAwYzkw
NDEzMmIwHhcNMjIwNzIyMDkzNjIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZWYzNmU1YWJjYWNkNTlmYmE3MDZjNDI4MGUxNGU3ZjRhYWFkNzMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxBoE/s/C+v3zfq6R4kJCFijVfh/h
jXMCghFlS5EuQU9LJ/ey/fo1r3ST0ayKruIY/mo0CYVOlfrDPq+s9cJhJ4UT/lw1
0lLq0+DlJfr5/A3QlmSSTYm+lbxIvtQryPeNbBLPP7fqhAWrQEc5naBeeWy/flls
smItw01JnHXYN9hjgEVFdhQD/jQ9fQvGkzAjQCCqQDsuT6DtXjHTP2Sa5AFAVrtm
7dI+TUUpJZOryhtcPWL538uAMg4GyErK478Fg0WUP2091Mg0nrX67VOaOg2P0bIE
pHeuqY6kn2nHORWf/1w09CCo4KQzcLWaCepXGgiqN9MkI7FA0lNmhR4aowIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFE7zblq8rNWfunBsQoDhTn9KqtcxMB8GA1UdIwQY
MBaAFP53nlYji28uoGjt5OIK7wDJBBMrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX25lZVZpT0xieTZnYU8zazRncnZBTWtFRXlzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS80ZGU1OTgtNmIwMy00YmVmLWFiMTQt
MzM4OTQ5MTNkY2I3LzEvVHZOdVdyeXMxWi02Y0d4Q2dPRk9mMHFxMXpFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS80ZGU1OTgtNmIwMy00YmVmLWFiMTQtMzM4OTQ5MTNkY2I3
LzEvX25lZVZpT0xieTZnYU8zazRncnZBTWtFRXlzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCXDWoAwQD
XDW4AwQCsDSMMA0GCSqGSIb3DQEBCwUAA4IBAQCHkd881GwCcH+hlqxU550FZphC
AL6IaBLl7drzVsOK17zUR3ejL2x2y6LS0SsRCGfvuRZvnCL/AH/2qFvzKSIN4GuP
zv4hCnXB59mBu9sgX/846FB7pM71xC6hs4xwim81/X4yh92lvxCSFYdHmHIl/Xyy
LR8TiTmeysFcEhwgp0Pmn7wZpWP316ZQhiS4wTWdto2iAJPNBdndk2ymGvyp0yzz
UDrgSpBnNn3PUR6+BnFHUr8WtqVn/ANAG6kA1DTDvPD7NmxqNkCBXr7xS4nPQbwR
9F831zsmtfxuzFF3AukhdYZK0dTZludN4FQQtHvDMA8gMDcOws8pYL5Yr/0P
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:39:05 2024 by rpki-client on console-ams.rpki-client.org