Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/4de598-6b03-4bef-ab14-33894913dcb7/1/Wms-UeIOpg4Ua-x4hKdnoqUK0oo.roa
File: Wms-UeIOpg4Ua-x4hKdnoqUK0oo.roa (raw, json)
Hash identifier: eQkdEdd/nEZOvKNGQ4/hVdmWJeEwcwnt5ei1GIN4C7w=
Subject key identifier: 5A:6B:3E:51:E2:0E:A6:0E:14:6B:EC:78:84:A7:67:A2:A5:0A:D2:8A
Certificate issuer: /CN=fe779e56238b6f2ea068ede4e20aef00c904132b
Certificate serial: 0578DB08
Authority key identifier: FE:77:9E:56:23:8B:6F:2E:A0:68:ED:E4:E2:0A:EF:00:C9:04:13:2B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_neeViOLby6gaO3k4grvAMkEEys.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/4de598-6b03-4bef-ab14-33894913dcb7/1/Wms-UeIOpg4Ua-x4hKdnoqUK0oo.roa
Signing time: Sun 03 Jul 2022 14:26:26 +0000
ROA not before: Sun 03 Jul 2022 14:26:26 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 1239
IP address blocks: 176.52.144.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 91806472 (0x578db08)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fe779e56238b6f2ea068ede4e20aef00c904132b
Validity
Not Before: Jul 3 14:26:26 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5a6b3e51e20ea60e146bec7884a767a2a50ad28a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:c8:18:9c:17:c1:95:3b:c3:2a:79:f5:37:29:
fe:85:64:25:06:fe:99:61:12:05:51:d9:7c:4d:b6:
60:94:63:85:bb:4a:9d:f6:af:2d:74:b8:f2:5e:4f:
ed:03:23:8c:5e:2a:4a:e8:0b:db:f1:43:18:d3:fc:
5a:d9:dc:38:d6:4f:f6:50:79:10:7f:86:8b:9c:18:
f2:96:1a:2d:d8:12:43:ef:7d:16:85:a2:5c:af:46:
c0:70:25:ad:a0:e5:21:ca:bd:23:e5:4b:7a:30:50:
25:69:19:44:f7:d8:9a:20:3b:b7:77:71:72:7d:cb:
29:c8:ee:6a:56:bc:2c:85:63:33:98:42:40:a9:b2:
87:f9:2d:0d:86:2d:01:dc:d1:c1:0f:d3:b3:60:a7:
ec:98:6a:51:bf:44:86:71:d4:dc:36:e3:e5:21:99:
36:89:48:79:88:c5:9c:bf:25:f6:2a:48:17:00:c6:
32:be:e9:43:89:67:e2:c9:32:5e:c8:ce:34:84:ff:
bc:cc:b8:f8:0c:74:cb:c8:3e:23:97:33:cd:80:b2:
be:46:67:61:48:ae:54:a0:94:95:d2:8f:67:00:99:
a4:9d:59:ce:97:9e:0c:21:ad:26:54:b9:9d:16:8d:
cd:27:83:7f:ed:9b:86:9f:c7:81:1b:c8:20:f3:31:
a2:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:6B:3E:51:E2:0E:A6:0E:14:6B:EC:78:84:A7:67:A2:A5:0A:D2:8A
X509v3 Authority Key Identifier:
keyid:FE:77:9E:56:23:8B:6F:2E:A0:68:ED:E4:E2:0A:EF:00:C9:04:13:2B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_neeViOLby6gaO3k4grvAMkEEys.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/4de598-6b03-4bef-ab14-33894913dcb7/1/Wms-UeIOpg4Ua-x4hKdnoqUK0oo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/4de598-6b03-4bef-ab14-33894913dcb7/1/_neeViOLby6gaO3k4grvAMkEEys.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.52.144.0/22
Signature Algorithm: sha256WithRSAEncryption
8c:19:76:03:9f:a0:81:29:5b:3e:55:c1:f0:48:e1:60:dd:f5:
9c:22:71:7a:f9:6b:70:4b:d8:7d:b5:e7:7a:e1:db:08:44:04:
3e:94:e7:e9:0a:59:f9:b5:42:22:59:b8:9b:d0:52:4b:a8:b7:
21:46:1a:75:d5:23:d6:a1:b0:2f:73:03:18:79:c4:f5:a0:ec:
2b:dc:b9:34:9f:0a:c4:31:65:79:85:68:4a:40:a4:91:2d:9f:
fd:0e:18:2d:ad:dc:09:aa:7e:85:69:b2:50:47:1e:f1:69:2b:
79:11:bb:bd:da:19:ce:ea:4a:ff:87:09:37:36:47:d8:5d:9f:
aa:44:35:ac:af:ab:39:20:2f:52:69:14:1e:a7:46:8b:de:82:
3a:32:1b:d2:8a:25:5b:5f:23:d5:5f:2a:0e:42:e8:48:d3:04:
1d:8c:a0:de:44:e7:cd:82:62:f8:6f:c2:c0:51:5e:0f:7d:c5:
bf:16:9d:9e:d2:69:ce:70:4d:5c:90:c6:36:0b:a9:69:72:6b:
ec:1b:04:19:0e:1a:dd:24:6b:1c:8a:e3:19:28:b6:1d:dd:eb:
bd:41:97:d7:85:87:29:de:7a:fe:de:c2:da:2c:3b:ce:95:b3:
80:cb:bc:95:5a:f8:24:27:1d:12:16:f4:8b:ee:8d:97:fc:c5:
14:65:ca:e0
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBXjbCDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
ZTc3OWU1NjIzOGI2ZjJlYTA2OGVkZTRlMjBhZWYwMGM5MDQxMzJiMB4XDTIyMDcw
MzE0MjYyNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNWE2YjNlNTFlMjBl
YTYwZTE0NmJlYzc4ODRhNzY3YTJhNTBhZDI4YTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJHIGJwXwZU7wyp59Tcp/oVkJQb+mWESBVHZfE22YJRjhbtK
nfavLXS48l5P7QMjjF4qSugL2/FDGNP8WtncONZP9lB5EH+Gi5wY8pYaLdgSQ+99
FoWiXK9GwHAlraDlIcq9I+VLejBQJWkZRPfYmiA7t3dxcn3LKcjuala8LIVjM5hC
QKmyh/ktDYYtAdzRwQ/Ts2Cn7JhqUb9EhnHU3Dbj5SGZNolIeYjFnL8l9ipIFwDG
Mr7pQ4ln4skyXsjONIT/vMy4+Ax0y8g+I5czzYCyvkZnYUiuVKCUldKPZwCZpJ1Z
zpeeDCGtJlS5nRaNzSeDf+2bhp/HgRvIIPMxogECAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRaaz5R4g6mDhRr7HiEp2eipQrSijAfBgNVHSMEGDAWgBT+d55WI4tvLqBo
7eTiCu8AyQQTKzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L19uZWVWaU9MYnk2Z2FPM2s0Z3J2QU1rRUV5cy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjEvNGRlNTk4LTZiMDMtNGJlZi1hYjE0LTMzODk0OTEzZGNiNy8x
L1dtcy1VZUlPcGc0VWEteDRoS2Rub3FVSzBvby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjEv
NGRlNTk4LTZiMDMtNGJlZi1hYjE0LTMzODk0OTEzZGNiNy8xL19uZWVWaU9MYnk2
Z2FPM2s0Z3J2QU1rRUV5cy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArA0kDANBgkqhkiG9w0BAQsFAAOC
AQEAjBl2A5+ggSlbPlXB8EjhYN31nCJxevlrcEvYfbXneuHbCEQEPpTn6QpZ+bVC
Ilm4m9BSS6i3IUYaddUj1qGwL3MDGHnE9aDsK9y5NJ8KxDFleYVoSkCkkS2f/Q4Y
La3cCap+hWmyUEce8WkreRG7vdoZzupK/4cJNzZH2F2fqkQ1rK+rOSAvUmkUHqdG
i96COjIb0oolW18j1V8qDkLoSNMEHYyg3kTnzYJi+G/CwFFeD33FvxadntJpznBN
XJDGNgupaXJr7BsEGQ4a3SRrHIrjGSi2Hd3rvUGX14WHKd56/t7C2iw7zpWzgMu8
lVr4JCcdEhb0i+6Nl/zFFGXK4A==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:17 2023 by rpki-client on console-ams.rpki-client.org