Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/4de598-6b03-4bef-ab14-33894913dcb7/1/WACkW8X48I3_D6Ookel5O2Ecys4.roa
File: WACkW8X48I3_D6Ookel5O2Ecys4.roa (raw, json)
Hash identifier: qVohIQlHxwBdIIDxh+lPr2rZ83vNPBBQckvWbhhohPQ=
Subject key identifier: 58:00:A4:5B:C5:F8:F0:8D:FF:0F:A3:A8:91:E9:79:3B:61:1C:CA:CE
Certificate issuer: /CN=fe779e56238b6f2ea068ede4e20aef00c904132b
Certificate serial: 0182065ACCC17629AC00AA5BCE10A1152ECF
Authority key identifier: FE:77:9E:56:23:8B:6F:2E:A0:68:ED:E4:E2:0A:EF:00:C9:04:13:2B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_neeViOLby6gaO3k4grvAMkEEys.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/4de598-6b03-4bef-ab14-33894913dcb7/1/WACkW8X48I3_D6Ookel5O2Ecys4.roa
Signing time: Sat 16 Jul 2022 09:33:10 +0000
ROA not before: Sat 16 Jul 2022 09:33:10 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 205220
IP address blocks: 176.52.152.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:06:5a:cc:c1:76:29:ac:00:aa:5b:ce:10:a1:15:2e:cf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fe779e56238b6f2ea068ede4e20aef00c904132b
Validity
Not Before: Jul 16 09:33:10 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5800a45bc5f8f08dff0fa3a891e9793b611ccace
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:45:c6:e4:5b:41:2d:a9:f4:7b:d7:91:a7:2b:
d5:9a:fe:fe:88:38:16:5b:96:6e:02:88:e9:a5:6d:
61:b8:4c:27:55:19:72:60:da:46:79:1a:89:c8:6b:
cf:b8:34:e4:65:64:86:cd:2e:08:77:70:b6:00:7e:
2e:5a:7e:16:a3:b8:23:f9:a6:7c:0b:77:ec:22:3f:
20:1d:a9:6f:f2:02:af:52:ab:11:1b:8c:89:94:c8:
a7:cc:4d:46:27:c7:f0:7a:64:80:be:a7:56:49:9f:
dc:ad:24:f7:86:af:42:27:97:c3:7c:2a:1a:28:52:
a0:99:2a:b9:cf:ab:dd:c3:1e:5c:f8:d5:c5:02:5a:
af:3e:74:20:39:bb:5b:a9:ff:5b:6c:39:3c:b4:b8:
e3:03:5f:09:5c:cc:84:1a:b8:d4:67:39:03:c8:fb:
5a:52:71:9e:91:e9:9e:a7:66:67:f1:51:79:aa:e7:
53:ce:54:ba:b2:7a:c1:7f:03:b3:ce:f2:98:1a:37:
fa:71:6e:cb:7d:f3:e1:49:a7:8c:b7:8c:06:39:9e:
63:5a:af:98:48:03:c6:00:b6:ce:36:16:e1:7f:8e:
ae:10:2d:91:dc:aa:92:63:8e:21:6c:10:8a:10:4f:
71:a8:be:8e:7a:b7:85:7c:8f:b5:01:4c:da:f5:89:
df:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:00:A4:5B:C5:F8:F0:8D:FF:0F:A3:A8:91:E9:79:3B:61:1C:CA:CE
X509v3 Authority Key Identifier:
keyid:FE:77:9E:56:23:8B:6F:2E:A0:68:ED:E4:E2:0A:EF:00:C9:04:13:2B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_neeViOLby6gaO3k4grvAMkEEys.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/4de598-6b03-4bef-ab14-33894913dcb7/1/WACkW8X48I3_D6Ookel5O2Ecys4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/4de598-6b03-4bef-ab14-33894913dcb7/1/_neeViOLby6gaO3k4grvAMkEEys.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.52.152.0/22
Signature Algorithm: sha256WithRSAEncryption
18:fa:c9:1a:c3:67:1d:cd:06:ff:60:ed:43:2a:f0:16:d7:4d:
58:12:6c:03:6f:a7:59:1a:92:7e:75:a7:c3:29:5e:2c:94:d9:
12:13:48:28:aa:cc:6e:c7:ae:e7:bf:b1:d4:78:6c:8f:f6:6a:
87:e7:52:1b:ac:fe:29:a9:77:d0:92:46:7b:85:3e:26:61:95:
23:7b:22:94:70:0a:ec:9b:4e:a6:8d:c5:2e:0c:06:43:15:90:
6c:5a:24:1a:f6:5d:b8:6e:ae:38:09:8c:92:e9:55:b1:b5:6a:
cf:65:a3:65:1d:e9:93:6e:bc:ec:09:51:ab:c6:77:1a:3f:3a:
d7:4e:7d:64:79:72:0f:51:f7:85:d8:54:27:e8:96:65:e7:bc:
5a:06:3c:cc:fb:e8:b4:30:8e:9b:9a:69:50:9b:ae:26:30:fe:
0d:8a:51:1e:e7:4a:14:4a:3d:54:9c:c5:e9:df:26:cd:40:e7:
33:be:5e:c6:95:e0:cb:d5:bb:60:fe:3f:d4:3d:91:66:f0:10:
42:94:07:00:97:dd:df:8b:0d:65:65:39:73:13:33:f0:8e:5f:
ab:66:c3:b7:86:d2:c4:df:25:60:31:89:3f:06:00:e9:b7:0f:
6a:ee:d2:4f:fd:0f:29:ab:1d:29:87:42:0d:f7:1f:6c:8b:45:
ed:a8:48:aa
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYIGWszBdimsAKpbzhChFS7PMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZlNzc5ZTU2MjM4YjZmMmVhMDY4ZWRlNGUyMGFlZjAwYzkw
NDEzMmIwHhcNMjIwNzE2MDkzMzEwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ODAwYTQ1YmM1ZjhmMDhkZmYwZmEzYTg5MWU5NzkzYjYxMWNjYWNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2EXG5FtBLan0e9eRpyvVmv7+iDgW
W5ZuAojppW1huEwnVRlyYNpGeRqJyGvPuDTkZWSGzS4Id3C2AH4uWn4Wo7gj+aZ8
C3fsIj8gHalv8gKvUqsRG4yJlMinzE1GJ8fwemSAvqdWSZ/crST3hq9CJ5fDfCoa
KFKgmSq5z6vdwx5c+NXFAlqvPnQgObtbqf9bbDk8tLjjA18JXMyEGrjUZzkDyPta
UnGekemep2Zn8VF5qudTzlS6snrBfwOzzvKYGjf6cW7LffPhSaeMt4wGOZ5jWq+Y
SAPGALbONhbhf46uEC2R3KqSY44hbBCKEE9xqL6OereFfI+1AUza9YnfNwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFgApFvF+PCN/w+jqJHpeTthHMrOMB8GA1UdIwQY
MBaAFP53nlYji28uoGjt5OIK7wDJBBMrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX25lZVZpT0xieTZnYU8zazRncnZBTWtFRXlzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS80ZGU1OTgtNmIwMy00YmVmLWFiMTQt
MzM4OTQ5MTNkY2I3LzEvV0FDa1c4WDQ4STNfRDZPb2tlbDVPMkVjeXM0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS80ZGU1OTgtNmIwMy00YmVmLWFiMTQtMzM4OTQ5MTNkY2I3
LzEvX25lZVZpT0xieTZnYU8zazRncnZBTWtFRXlzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCsDSYMA0G
CSqGSIb3DQEBCwUAA4IBAQAY+skaw2cdzQb/YO1DKvAW101YEmwDb6dZGpJ+dafD
KV4slNkSE0goqsxux67nv7HUeGyP9mqH51IbrP4pqXfQkkZ7hT4mYZUjeyKUcArs
m06mjcUuDAZDFZBsWiQa9l24bq44CYyS6VWxtWrPZaNlHemTbrzsCVGrxncaPzrX
Tn1keXIPUfeF2FQn6JZl57xaBjzM++i0MI6bmmlQm64mMP4NilEe50oUSj1UnMXp
3ybNQOczvl7GleDL1btg/j/UPZFm8BBClAcAl93fiw1lZTlzEzPwjl+rZsO3htLE
3yVgMYk/BgDptw9q7tJP/Q8pqx0ph0IN9x9si0XtqEiq
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:50:13 2024 by rpki-client on console-fra.rpki-client.org