Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/4de598-6b03-4bef-ab14-33894913dcb7/1/YkluWZy3LN7Y9DzBPE3cml-Lziw.roa
File: YkluWZy3LN7Y9DzBPE3cml-Lziw.roa (raw, json)
Hash identifier: SKTor4by6V/lMn82NsJlyrlrhr0lNyaXnYnx7h2Uci4=
Subject key identifier: 62:49:6E:59:9C:B7:2C:DE:D8:F4:3C:C1:3C:4D:DC:9A:5F:8B:CE:2C
Certificate issuer: /CN=fe779e56238b6f2ea068ede4e20aef00c904132b
Certificate serial: 039881B6
Authority key identifier: FE:77:9E:56:23:8B:6F:2E:A0:68:ED:E4:E2:0A:EF:00:C9:04:13:2B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_neeViOLby6gaO3k4grvAMkEEys.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/4de598-6b03-4bef-ab14-33894913dcb7/1/YkluWZy3LN7Y9DzBPE3cml-Lziw.roa
Signing time: Sat 01 Jan 2022 11:01:29 +0000
ROA not before: Sat 01 Jan 2022 11:01:29 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 211113
IP address blocks: 176.52.132.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 60326326 (0x39881b6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fe779e56238b6f2ea068ede4e20aef00c904132b
Validity
Not Before: Jan 1 11:01:29 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=62496e599cb72cded8f43cc13c4ddc9a5f8bce2c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:00:42:6c:1c:51:5f:3d:dc:d8:69:08:17:0b:
25:08:a2:f6:83:48:35:64:29:69:cd:79:eb:9a:fa:
09:33:1d:b9:d3:92:af:71:01:8c:8c:80:f9:eb:c2:
b6:14:13:9e:34:06:68:fe:de:82:7b:c6:fd:83:08:
24:80:e7:81:70:b0:07:cf:07:ff:7c:e7:d2:44:72:
6c:47:4d:97:d0:de:fa:ad:74:3f:a4:40:00:e3:64:
5b:ee:89:90:48:04:5a:b1:4b:a0:b9:68:ef:5e:e5:
c9:35:b6:17:59:9b:cd:24:1a:05:41:5b:1f:02:fb:
cd:f2:f7:0f:e8:2b:b4:e7:40:57:f4:bf:35:cc:ae:
9d:76:30:08:68:2c:46:9c:ae:e0:fe:d9:cd:79:b8:
40:6e:5a:e4:05:b3:24:ae:17:fc:c2:3a:bd:32:a8:
62:5e:df:f5:59:50:2f:d5:b1:af:40:5b:80:75:e5:
cb:ed:8c:82:79:2c:04:71:6b:fb:b3:15:e2:de:bd:
c1:06:bb:a5:7a:b8:34:60:1e:ab:3a:1f:fc:cb:3e:
28:69:63:b5:65:a2:62:01:45:c0:26:02:e2:c9:42:
f5:9d:a8:1d:37:28:65:89:b0:2b:4c:47:c8:6f:ca:
c8:83:42:40:b4:de:d6:ff:86:2c:ec:fd:f5:4b:fa:
56:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:49:6E:59:9C:B7:2C:DE:D8:F4:3C:C1:3C:4D:DC:9A:5F:8B:CE:2C
X509v3 Authority Key Identifier:
keyid:FE:77:9E:56:23:8B:6F:2E:A0:68:ED:E4:E2:0A:EF:00:C9:04:13:2B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_neeViOLby6gaO3k4grvAMkEEys.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/4de598-6b03-4bef-ab14-33894913dcb7/1/YkluWZy3LN7Y9DzBPE3cml-Lziw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/4de598-6b03-4bef-ab14-33894913dcb7/1/_neeViOLby6gaO3k4grvAMkEEys.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.52.132.0/22
Signature Algorithm: sha256WithRSAEncryption
44:84:7d:ce:a2:1b:ea:48:fa:fb:4b:82:86:eb:a5:83:f2:4e:
f1:d9:30:a0:4d:83:74:b2:17:76:88:0f:83:22:64:19:40:24:
d8:39:13:a1:52:50:08:09:ff:13:77:69:dd:41:12:af:ff:88:
30:95:b4:d7:7c:91:ce:6b:f4:81:70:5d:db:bf:0c:05:55:fe:
5a:52:38:c4:76:70:55:6d:10:76:4d:5c:a7:ba:35:c6:c6:ce:
bd:9c:04:54:55:0e:ac:80:cc:0b:f0:4e:4b:44:e3:b8:32:8a:
c1:af:0f:60:d5:6a:d5:0e:1c:16:4a:79:a0:07:f9:3d:a3:47:
2e:ef:75:c8:bc:0b:b2:ba:a2:a2:6f:42:7d:a6:c3:5d:dc:b6:
27:c4:de:74:79:1d:4b:72:4a:1b:a5:97:02:36:54:31:20:af:
05:65:d2:bc:33:9e:43:53:13:c0:c3:36:e3:55:03:c8:d6:dc:
ad:4b:b5:03:d2:c7:60:f6:a3:25:43:fa:2a:f9:85:45:fb:cb:
b8:5d:1a:ef:c3:d2:3a:b5:3e:8d:f5:25:51:1f:c4:e0:d8:01:
46:bb:d6:b8:c7:a2:cc:91:13:63:f0:e8:ca:7e:04:b0:24:38:
aa:97:32:a1:79:ff:58:fa:35:c6:b8:cd:ee:72:74:79:3c:f7:
e9:88:44:94
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEA5iBtjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
ZTc3OWU1NjIzOGI2ZjJlYTA2OGVkZTRlMjBhZWYwMGM5MDQxMzJiMB4XDTIyMDEw
MTExMDEyOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNjI0OTZlNTk5Y2I3
MmNkZWQ4ZjQzY2MxM2M0ZGRjOWE1ZjhiY2UyYzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANgAQmwcUV893NhpCBcLJQii9oNINWQpac1565r6CTMdudOS
r3EBjIyA+evCthQTnjQGaP7egnvG/YMIJIDngXCwB88H/3zn0kRybEdNl9De+q10
P6RAAONkW+6JkEgEWrFLoLlo717lyTW2F1mbzSQaBUFbHwL7zfL3D+grtOdAV/S/
NcyunXYwCGgsRpyu4P7ZzXm4QG5a5AWzJK4X/MI6vTKoYl7f9VlQL9Wxr0BbgHXl
y+2MgnksBHFr+7MV4t69wQa7pXq4NGAeqzof/Ms+KGljtWWiYgFFwCYC4slC9Z2o
HTcoZYmwK0xHyG/KyINCQLTe1v+GLOz99Uv6VtECAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRiSW5ZnLcs3tj0PME8TdyaX4vOLDAfBgNVHSMEGDAWgBT+d55WI4tvLqBo
7eTiCu8AyQQTKzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L19uZWVWaU9MYnk2Z2FPM2s0Z3J2QU1rRUV5cy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjEvNGRlNTk4LTZiMDMtNGJlZi1hYjE0LTMzODk0OTEzZGNiNy8x
L1lrbHVXWnkzTE43WTlEekJQRTNjbWwtTHppdy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjEv
NGRlNTk4LTZiMDMtNGJlZi1hYjE0LTMzODk0OTEzZGNiNy8xL19uZWVWaU9MYnk2
Z2FPM2s0Z3J2QU1rRUV5cy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArA0hDANBgkqhkiG9w0BAQsFAAOC
AQEARIR9zqIb6kj6+0uChuulg/JO8dkwoE2DdLIXdogPgyJkGUAk2DkToVJQCAn/
E3dp3UESr/+IMJW013yRzmv0gXBd278MBVX+WlI4xHZwVW0Qdk1cp7o1xsbOvZwE
VFUOrIDMC/BOS0TjuDKKwa8PYNVq1Q4cFkp5oAf5PaNHLu91yLwLsrqiom9CfabD
Xdy2J8TedHkdS3JKG6WXAjZUMSCvBWXSvDOeQ1MTwMM241UDyNbcrUu1A9LHYPaj
JUP6KvmFRfvLuF0a78PSOrU+jfUlUR/E4NgBRrvWuMeizJETY/Doyn4EsCQ4qpcy
oXn/WPo1xrjN7nJ0eTz36YhElA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:39:05 2024 by rpki-client on console-ams.rpki-client.org