Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/4de598-6b03-4bef-ab14-33894913dcb7/1/XJJRQeP4Qg33MpHwKuqXRdqrQRM.roa
File: XJJRQeP4Qg33MpHwKuqXRdqrQRM.roa (raw, json)
Hash identifier: q9d81NmEVQe+eXxp6EnAiYBW9snW0xXH4gcWCT4KLY0=
Subject key identifier: 5C:92:51:41:E3:F8:42:0D:F7:32:91:F0:2A:EA:97:45:DA:AB:41:13
Certificate issuer: /CN=fe779e56238b6f2ea068ede4e20aef00c904132b
Certificate serial: 0182254253ED24CF73B21618393659E157D3
Authority key identifier: FE:77:9E:56:23:8B:6F:2E:A0:68:ED:E4:E2:0A:EF:00:C9:04:13:2B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_neeViOLby6gaO3k4grvAMkEEys.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/4de598-6b03-4bef-ab14-33894913dcb7/1/XJJRQeP4Qg33MpHwKuqXRdqrQRM.roa
Signing time: Fri 22 Jul 2022 09:34:39 +0000
ROA not before: Fri 22 Jul 2022 09:34:39 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 834
IP address blocks: 176.52.136.0/22 maxlen: 22
92.53.172.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:25:42:53:ed:24:cf:73:b2:16:18:39:36:59:e1:57:d3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fe779e56238b6f2ea068ede4e20aef00c904132b
Validity
Not Before: Jul 22 09:34:39 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5c925141e3f8420df73291f02aea9745daab4113
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:3c:c9:37:e5:90:8a:42:25:e3:55:86:97:81:
9f:bb:5e:c6:56:4b:fe:b0:b2:14:b3:33:4f:31:87:
f4:be:1c:e2:3f:ff:4a:43:14:af:df:2d:c3:f2:0d:
f8:26:f2:ce:1a:ef:89:f9:2e:14:a1:39:9e:5b:1e:
bd:ed:81:3e:62:0a:b5:46:18:41:fe:26:62:63:b6:
4c:9c:b9:02:35:2c:53:bf:48:65:d0:18:69:82:0c:
44:13:ef:6e:b3:6f:94:7e:a3:38:6a:12:af:a2:64:
b4:ec:f0:92:13:cf:86:42:88:90:3a:96:97:89:f4:
b5:2a:f3:bb:8d:34:9d:90:3d:0b:c9:96:bb:5a:db:
06:a0:d0:2c:5f:2e:f4:b2:30:64:7e:e5:3c:3b:7d:
e4:be:f7:f6:67:a7:67:80:28:9b:f4:de:1b:12:50:
6e:56:a0:71:ad:c0:cd:ea:5c:e4:d9:8f:f3:c5:54:
bd:6d:67:07:e4:14:fd:22:a4:a6:08:83:95:7e:6e:
73:5d:59:82:6e:1a:44:b7:54:90:a9:dc:9f:fc:bd:
84:6f:70:8c:36:87:2d:fc:f2:52:3f:94:1f:e8:0a:
d7:7e:ab:b8:bc:2f:83:1b:e1:e3:c5:85:f6:af:1d:
1f:93:4a:d2:90:ea:08:ac:3a:d4:46:85:fe:72:e7:
18:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:92:51:41:E3:F8:42:0D:F7:32:91:F0:2A:EA:97:45:DA:AB:41:13
X509v3 Authority Key Identifier:
keyid:FE:77:9E:56:23:8B:6F:2E:A0:68:ED:E4:E2:0A:EF:00:C9:04:13:2B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_neeViOLby6gaO3k4grvAMkEEys.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/4de598-6b03-4bef-ab14-33894913dcb7/1/XJJRQeP4Qg33MpHwKuqXRdqrQRM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/4de598-6b03-4bef-ab14-33894913dcb7/1/_neeViOLby6gaO3k4grvAMkEEys.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
92.53.172.0/22
176.52.136.0/22
Signature Algorithm: sha256WithRSAEncryption
93:b9:33:91:76:24:7d:83:c8:1f:0c:d4:e9:72:ed:91:4b:b6:
80:39:fa:83:82:36:06:f2:62:d4:05:f1:d1:21:3e:a4:74:28:
b5:b4:35:32:a3:49:90:75:a1:bb:5a:c6:c0:ff:6f:6c:90:7d:
6d:fb:16:58:a0:b9:6b:85:75:79:e0:1b:3e:63:f4:de:33:27:
c8:c1:01:bb:88:08:61:bb:b5:72:16:2e:47:72:7d:b5:fa:4b:
5b:31:f2:79:f2:08:a5:05:b8:97:bf:77:46:f6:72:08:31:e5:
50:7e:80:f3:3c:b2:05:2d:ed:ab:b1:e5:22:c7:0b:d9:25:78:
57:3e:8e:69:37:9c:3a:48:2b:0f:98:00:82:14:f1:f1:ec:c0:
2f:f8:5a:61:56:fb:91:4a:68:f6:b6:58:be:ed:79:5e:5c:6e:
f3:1d:7a:26:8d:d5:fe:f7:95:95:4e:b4:dc:59:dd:76:e4:7f:
fa:c3:3e:66:f1:57:2b:f6:fb:e6:c7:ed:e5:81:14:a6:8b:a9:
12:87:91:e5:56:a5:ef:b2:1d:05:ff:0b:00:48:db:c9:05:44:
de:c7:4f:10:90:5b:b3:89:4d:d4:78:22:ad:bd:17:c2:25:ed:
09:1e:69:04:96:21:1f:02:75:ab:e3:cb:ec:9b:d0:60:8f:2f:
b3:ae:c0:51
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYIlQlPtJM9zshYYOTZZ4VfTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZlNzc5ZTU2MjM4YjZmMmVhMDY4ZWRlNGUyMGFlZjAwYzkw
NDEzMmIwHhcNMjIwNzIyMDkzNDM5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YzkyNTE0MWUzZjg0MjBkZjczMjkxZjAyYWVhOTc0NWRhYWI0MTEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtTzJN+WQikIl41WGl4Gfu17GVkv+
sLIUszNPMYf0vhziP/9KQxSv3y3D8g34JvLOGu+J+S4UoTmeWx697YE+Ygq1RhhB
/iZiY7ZMnLkCNSxTv0hl0BhpggxEE+9us2+UfqM4ahKvomS07PCSE8+GQoiQOpaX
ifS1KvO7jTSdkD0LyZa7WtsGoNAsXy70sjBkfuU8O33kvvf2Z6dngCib9N4bElBu
VqBxrcDN6lzk2Y/zxVS9bWcH5BT9IqSmCIOVfm5zXVmCbhpEt1SQqdyf/L2Eb3CM
Noct/PJSP5Qf6ArXfqu4vC+DG+HjxYX2rx0fk0rSkOoIrDrURoX+cucYcQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFFySUUHj+EIN9zKR8Crql0Xaq0ETMB8GA1UdIwQY
MBaAFP53nlYji28uoGjt5OIK7wDJBBMrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX25lZVZpT0xieTZnYU8zazRncnZBTWtFRXlzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS80ZGU1OTgtNmIwMy00YmVmLWFiMTQt
MzM4OTQ5MTNkY2I3LzEvWEpKUlFlUDRRZzMzTXBId0t1cVhSZHFyUVJNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS80ZGU1OTgtNmIwMy00YmVmLWFiMTQtMzM4OTQ5MTNkY2I3
LzEvX25lZVZpT0xieTZnYU8zazRncnZBTWtFRXlzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCXDWsAwQC
sDSIMA0GCSqGSIb3DQEBCwUAA4IBAQCTuTORdiR9g8gfDNTpcu2RS7aAOfqDgjYG
8mLUBfHRIT6kdCi1tDUyo0mQdaG7WsbA/29skH1t+xZYoLlrhXV54Bs+Y/TeMyfI
wQG7iAhhu7VyFi5Hcn21+ktbMfJ58gilBbiXv3dG9nIIMeVQfoDzPLIFLe2rseUi
xwvZJXhXPo5pN5w6SCsPmACCFPHx7MAv+FphVvuRSmj2tli+7XleXG7zHXomjdX+
95WVTrTcWd125H/6wz5m8Vcr9vvmx+3lgRSmi6kSh5HlVqXvsh0F/wsASNvJBUTe
x08QkFuziU3UeCKtvRfCJe0JHmkEliEfAnWr48vsm9Bgjy+zrsBR
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:39:05 2024 by rpki-client on console-ams.rpki-client.org