Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/4de598-6b03-4bef-ab14-33894913dcb7/1/VHB8h6zNzShUMkYrTrehzqo3Nw4.roa
File: VHB8h6zNzShUMkYrTrehzqo3Nw4.roa (raw, json)
Hash identifier: tQBm138QsYx1Zlc4cQT5tq/o6CNp0DWVDLmDEGBCENI=
Subject key identifier: 54:70:7C:87:AC:CD:CD:28:54:32:46:2B:4E:B7:A1:CE:AA:37:37:0E
Certificate issuer: /CN=fe779e56238b6f2ea068ede4e20aef00c904132b
Certificate serial: 0183E4CB5ECD7D25FEAE47A9B5366345F399
Authority key identifier: FE:77:9E:56:23:8B:6F:2E:A0:68:ED:E4:E2:0A:EF:00:C9:04:13:2B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_neeViOLby6gaO3k4grvAMkEEys.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/4de598-6b03-4bef-ab14-33894913dcb7/1/VHB8h6zNzShUMkYrTrehzqo3Nw4.roa
Signing time: Mon 17 Oct 2022 07:14:36 +0000
ROA not before: Mon 17 Oct 2022 07:14:36 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 0
IP address blocks: 92.53.176.0/22 maxlen: 22
92.53.184.0/22 maxlen: 22
176.52.128.0/22 maxlen: 24
176.52.132.0/22 maxlen: 24
176.52.144.0/22 maxlen: 24
176.52.140.0/22 maxlen: 22
176.52.152.0/22 maxlen: 22
176.52.148.0/22 maxlen: 24
92.53.160.0/22 maxlen: 24
92.53.172.0/22 maxlen: 22
92.53.168.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:e4:cb:5e:cd:7d:25:fe:ae:47:a9:b5:36:63:45:f3:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fe779e56238b6f2ea068ede4e20aef00c904132b
Validity
Not Before: Oct 17 07:14:36 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=54707c87accdcd285432462b4eb7a1ceaa37370e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:c9:f5:e1:04:dc:80:f9:b9:50:36:a8:b7:85:
73:88:f8:c6:34:91:da:87:47:72:7c:77:9e:69:d0:
e5:28:07:47:77:43:d4:d1:ba:8f:d5:65:b3:9f:5d:
7f:d5:ea:51:f5:39:90:f0:4f:d1:e9:43:76:d8:66:
44:bd:50:f8:c1:34:8c:b7:da:71:0d:cb:25:7c:a3:
f0:28:2e:00:af:05:18:7c:03:24:b4:7d:62:27:97:
ab:53:34:22:59:64:d5:d9:d2:b9:30:d6:2d:66:ba:
26:f0:40:88:a0:6c:45:c4:bd:f1:11:ff:3d:8c:1c:
42:b4:a2:fd:b8:c6:90:e5:bc:8e:d4:39:ef:05:10:
98:74:88:0c:55:ad:1d:e1:f1:d0:dd:c6:6e:ce:de:
52:ca:05:ff:a0:18:1c:52:f1:e7:bb:a2:ff:9f:11:
94:54:36:8d:3d:95:b8:d2:0e:f4:ab:ee:d8:81:26:
65:8a:73:8f:45:a1:0a:7a:bf:09:80:d1:57:8e:77:
75:f6:e4:c5:24:7b:db:50:62:fa:2d:86:3d:ee:a8:
df:c7:73:31:b9:12:ac:7e:68:6c:2f:4b:76:7c:0d:
f4:e8:aa:42:56:ef:92:da:00:8f:38:d0:fc:dd:94:
ce:49:fb:83:a6:f1:73:a8:97:29:7c:c0:8a:f8:bd:
01:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:70:7C:87:AC:CD:CD:28:54:32:46:2B:4E:B7:A1:CE:AA:37:37:0E
X509v3 Authority Key Identifier:
keyid:FE:77:9E:56:23:8B:6F:2E:A0:68:ED:E4:E2:0A:EF:00:C9:04:13:2B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_neeViOLby6gaO3k4grvAMkEEys.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/4de598-6b03-4bef-ab14-33894913dcb7/1/VHB8h6zNzShUMkYrTrehzqo3Nw4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/4de598-6b03-4bef-ab14-33894913dcb7/1/_neeViOLby6gaO3k4grvAMkEEys.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
92.53.160.0/22
92.53.168.0-92.53.179.255
92.53.184.0/22
176.52.128.0/21
176.52.140.0-176.52.155.255
Signature Algorithm: sha256WithRSAEncryption
5e:30:e9:ce:1f:46:4a:35:c2:ad:96:0c:0b:69:7a:cc:38:c8:
b4:d3:78:f2:6b:9f:99:f7:e4:bf:8a:5f:22:c7:78:ca:51:41:
ee:d9:d7:57:c7:d5:50:50:53:96:5c:ad:86:25:a7:ad:5a:4c:
b4:22:41:a5:15:ee:8d:89:60:41:ef:a4:fd:69:48:9c:50:18:
f6:53:13:c9:0c:9e:68:52:72:8d:8e:28:ad:76:cd:cc:c8:14:
9a:c1:f2:8c:82:ed:46:11:55:b9:7f:9e:37:5d:c5:26:0b:3b:
81:10:0f:02:9c:cd:47:06:08:93:17:c8:f7:75:ca:09:e2:60:
02:4d:fc:14:2a:79:64:13:c7:f9:32:fe:d2:fb:13:53:53:36:
39:22:70:44:03:04:b9:8b:d8:83:fd:63:a0:c6:7a:4d:cb:9f:
43:df:d3:5b:c7:59:23:b9:31:23:a9:3a:bf:5d:97:a2:06:50:
b3:6d:f4:59:27:65:15:b7:99:2c:5e:1e:8e:e0:fa:2c:a5:08:
f5:e5:29:76:0c:f0:3f:35:87:e4:7e:5f:83:92:4f:12:06:b7:
6f:97:c1:75:38:ea:79:ff:f6:1d:c3:2f:ea:a1:ba:bf:29:74:
85:91:91:fc:f8:da:66:9f:4c:f9:ae:2e:31:fd:9a:31:61:9c:
9d:7e:f6:50
-----BEGIN CERTIFICATE-----
MIIFJTCCBA2gAwIBAgISAYPky17NfSX+rkeptTZjRfOZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZlNzc5ZTU2MjM4YjZmMmVhMDY4ZWRlNGUyMGFlZjAwYzkw
NDEzMmIwHhcNMjIxMDE3MDcxNDM2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NDcwN2M4N2FjY2RjZDI4NTQzMjQ2MmI0ZWI3YTFjZWFhMzczNzBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxMn14QTcgPm5UDaot4VziPjGNJHa
h0dyfHeeadDlKAdHd0PU0bqP1WWzn11/1epR9TmQ8E/R6UN22GZEvVD4wTSMt9px
DcslfKPwKC4ArwUYfAMktH1iJ5erUzQiWWTV2dK5MNYtZrom8ECIoGxFxL3xEf89
jBxCtKL9uMaQ5byO1DnvBRCYdIgMVa0d4fHQ3cZuzt5SygX/oBgcUvHnu6L/nxGU
VDaNPZW40g70q+7YgSZlinOPRaEKer8JgNFXjnd19uTFJHvbUGL6LYY97qjfx3Mx
uRKsfmhsL0t2fA306KpCVu+S2gCPOND83ZTOSfuDpvFzqJcpfMCK+L0B8wIDAQAB
o4ICMTCCAi0wHQYDVR0OBBYEFFRwfIeszc0oVDJGK063oc6qNzcOMB8GA1UdIwQY
MBaAFP53nlYji28uoGjt5OIK7wDJBBMrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX25lZVZpT0xieTZnYU8zazRncnZBTWtFRXlzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS80ZGU1OTgtNmIwMy00YmVmLWFiMTQt
MzM4OTQ5MTNkY2I3LzEvVkhCOGg2ek56U2hVTWtZclRyZWh6cW8zTnc0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS80ZGU1OTgtNmIwMy00YmVmLWFiMTQtMzM4OTQ5MTNkY2I3
LzEvX25lZVZpT0xieTZnYU8zazRncnZBTWtFRXlzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEcGCCsGAQUFBwEHAQH/BDgwNjA0BAIAATAuAwQCXDWgMAwD
BANcNagDBAJcNbADBAJcNbgDBAOwNIAwDAMEArA0jAMEArA0mDANBgkqhkiG9w0B
AQsFAAOCAQEAXjDpzh9GSjXCrZYMC2l6zDjItNN48mufmffkv4pfIsd4ylFB7tnX
V8fVUFBTllythiWnrVpMtCJBpRXujYlgQe+k/WlInFAY9lMTyQyeaFJyjY4orXbN
zMgUmsHyjILtRhFVuX+eN13FJgs7gRAPApzNRwYIkxfI93XKCeJgAk38FCp5ZBPH
+TL+0vsTU1M2OSJwRAMEuYvYg/1joMZ6TcufQ9/TW8dZI7kxI6k6v12XogZQs230
WSdlFbeZLF4ejuD6LKUI9eUpdgzwPzWH5H5fg5JPEga3b5fBdTjqef/2HcMv6qG6
vyl0hZGR/PjaZp9M+a4uMf2aMWGcnX72UA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:39:05 2024 by rpki-client on console-ams.rpki-client.org