Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/4de598-6b03-4bef-ab14-33894913dcb7/1/_ZVPxl3l1s7FVSgPcbRuvaP4rqk.roa
File: _ZVPxl3l1s7FVSgPcbRuvaP4rqk.roa (raw, json)
Hash identifier: 2gWUTTNe7+uFftJqy67FHtdkUf06RQGnPR8rcBH49u0=
Subject key identifier: FD:95:4F:C6:5D:E5:D6:CE:C5:55:28:0F:71:B4:6E:BD:A3:F8:AE:A9
Certificate issuer: /CN=fe779e56238b6f2ea068ede4e20aef00c904132b
Certificate serial: 0186522EA02654BB671D0A9CA147F5553BBD
Authority key identifier: FE:77:9E:56:23:8B:6F:2E:A0:68:ED:E4:E2:0A:EF:00:C9:04:13:2B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_neeViOLby6gaO3k4grvAMkEEys.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/4de598-6b03-4bef-ab14-33894913dcb7/1/_ZVPxl3l1s7FVSgPcbRuvaP4rqk.roa
Signing time: Tue 14 Feb 2023 23:07:12 +0000
ROA not before: Tue 14 Feb 2023 23:07:12 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 0
IP address blocks: 176.52.128.0/20 maxlen: 24
176.52.144.0/20 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:52:2e:a0:26:54:bb:67:1d:0a:9c:a1:47:f5:55:3b:bd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fe779e56238b6f2ea068ede4e20aef00c904132b
Validity
Not Before: Feb 14 23:07:12 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fd954fc65de5d6cec555280f71b46ebda3f8aea9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:17:5b:7b:66:50:8b:79:f5:08:80:0b:9b:61:
ff:85:d2:f4:ac:c9:76:ad:b3:95:ac:09:ab:07:a3:
ea:68:77:56:22:03:41:6d:dd:46:8d:8d:ab:0b:4a:
1f:51:2d:35:b6:18:e2:44:fa:cb:f2:30:07:55:a8:
2e:d2:c4:82:c3:d8:d7:23:46:c1:7e:8c:a6:8b:e2:
ff:b7:a7:ed:92:82:66:40:63:d3:e0:77:39:b3:93:
bc:ea:29:a8:1a:c6:03:3e:d0:79:e4:15:9c:1a:23:
da:e5:87:d4:17:b6:f8:b1:e9:d6:2a:c8:d0:d1:a5:
03:ae:e1:77:80:bc:fe:7c:6c:c4:78:8e:4c:3c:58:
25:1f:6b:a6:52:da:bf:b8:7f:c6:f0:95:83:b0:bb:
e3:7a:f1:36:38:b5:7c:85:e8:d6:ad:a9:89:bc:55:
05:de:54:48:3c:66:bd:2e:77:1b:31:ee:17:9c:67:
9f:83:77:62:db:a9:97:8b:28:56:68:c4:d7:ff:a4:
bd:a3:b1:6a:fd:89:47:64:3a:87:56:48:77:f1:2f:
fc:c7:f6:36:35:c5:33:bb:3c:e0:87:04:d0:85:22:
9b:33:58:59:65:02:b5:96:c1:b1:f3:bf:2d:73:ac:
23:65:a3:d6:b7:43:76:97:69:22:c3:91:36:83:5b:
24:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:95:4F:C6:5D:E5:D6:CE:C5:55:28:0F:71:B4:6E:BD:A3:F8:AE:A9
X509v3 Authority Key Identifier:
keyid:FE:77:9E:56:23:8B:6F:2E:A0:68:ED:E4:E2:0A:EF:00:C9:04:13:2B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_neeViOLby6gaO3k4grvAMkEEys.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/4de598-6b03-4bef-ab14-33894913dcb7/1/_ZVPxl3l1s7FVSgPcbRuvaP4rqk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/4de598-6b03-4bef-ab14-33894913dcb7/1/_neeViOLby6gaO3k4grvAMkEEys.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.52.128.0/19
Signature Algorithm: sha256WithRSAEncryption
53:4f:d8:36:3e:3f:d5:e5:a5:c8:0d:e9:85:f4:e9:e7:3f:fb:
27:ce:b5:53:27:aa:34:f7:a4:c5:5d:56:eb:35:a6:35:3f:35:
21:c3:7c:f0:fc:38:5d:42:88:bc:48:6c:bf:89:6d:51:29:05:
bc:05:1a:0b:a9:de:ad:6f:09:da:6e:d4:a1:7f:83:89:cb:30:
12:70:2b:44:ab:6c:40:8b:4e:a2:03:aa:dc:89:67:64:13:f5:
a0:b5:d3:ce:41:30:b0:fe:47:66:52:5a:5d:8d:f7:80:c1:5f:
39:aa:f9:40:27:13:93:a8:bd:22:31:d4:cc:d2:7f:83:59:e1:
42:6e:15:ea:c5:b5:5a:47:77:45:85:5f:86:ea:9f:e8:80:10:
e1:62:b6:d5:28:98:67:60:23:e6:14:3b:ad:7b:c7:de:1d:12:
40:5f:eb:e7:08:11:5e:96:48:74:90:9b:c8:65:bf:51:0b:c2:
ac:c3:cb:4f:9a:39:2d:99:90:e9:d8:4d:25:97:f2:0b:d8:89:
53:4e:e4:83:fb:fd:31:61:bb:00:c7:73:c5:2f:7e:ef:d3:3f:
3d:ef:d1:b1:46:97:b1:24:a9:36:6b:64:68:f0:f5:c2:89:71:
29:7e:63:30:03:49:d0:86:ce:1b:d7:69:55:62:64:62:6b:d4:
e4:7c:58:dc
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYZSLqAmVLtnHQqcoUf1VTu9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZlNzc5ZTU2MjM4YjZmMmVhMDY4ZWRlNGUyMGFlZjAwYzkw
NDEzMmIwHhcNMjMwMjE0MjMwNzEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZDk1NGZjNjVkZTVkNmNlYzU1NTI4MGY3MWI0NmViZGEzZjhhZWE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAphdbe2ZQi3n1CIALm2H/hdL0rMl2
rbOVrAmrB6PqaHdWIgNBbd1GjY2rC0ofUS01thjiRPrL8jAHVagu0sSCw9jXI0bB
foymi+L/t6ftkoJmQGPT4Hc5s5O86imoGsYDPtB55BWcGiPa5YfUF7b4senWKsjQ
0aUDruF3gLz+fGzEeI5MPFglH2umUtq/uH/G8JWDsLvjevE2OLV8hejWramJvFUF
3lRIPGa9LncbMe4XnGefg3di26mXiyhWaMTX/6S9o7Fq/YlHZDqHVkh38S/8x/Y2
NcUzuzzghwTQhSKbM1hZZQK1lsGx878tc6wjZaPWt0N2l2kiw5E2g1skJQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFP2VT8Zd5dbOxVUoD3G0br2j+K6pMB8GA1UdIwQY
MBaAFP53nlYji28uoGjt5OIK7wDJBBMrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX25lZVZpT0xieTZnYU8zazRncnZBTWtFRXlzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS80ZGU1OTgtNmIwMy00YmVmLWFiMTQt
MzM4OTQ5MTNkY2I3LzEvX1pWUHhsM2wxczdGVlNnUGNiUnV2YVA0cnFrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS80ZGU1OTgtNmIwMy00YmVmLWFiMTQtMzM4OTQ5MTNkY2I3
LzEvX25lZVZpT0xieTZnYU8zazRncnZBTWtFRXlzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQFsDSAMA0G
CSqGSIb3DQEBCwUAA4IBAQBTT9g2Pj/V5aXIDemF9OnnP/snzrVTJ6o096TFXVbr
NaY1PzUhw3zw/DhdQoi8SGy/iW1RKQW8BRoLqd6tbwnabtShf4OJyzAScCtEq2xA
i06iA6rciWdkE/WgtdPOQTCw/kdmUlpdjfeAwV85qvlAJxOTqL0iMdTM0n+DWeFC
bhXqxbVaR3dFhV+G6p/ogBDhYrbVKJhnYCPmFDute8feHRJAX+vnCBFelkh0kJvI
Zb9RC8Ksw8tPmjktmZDp2E0ll/IL2IlTTuSD+/0xYbsAx3PFL37v0z8979GxRpex
JKk2a2Ro8PXCiXEpfmMwA0nQhs4b12lVYmRia9TkfFjc
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:39:05 2024 by rpki-client on console-ams.rpki-client.org