Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/4de598-6b03-4bef-ab14-33894913dcb7/1/e6F3ornOFyXiAGnCiNmRNC9KdEk.roa
File: e6F3ornOFyXiAGnCiNmRNC9KdEk.roa (raw, json)
Hash identifier: aow3+HgDQbQwYYxcT/+uZGHBu5CdCtVyAfRwFWnpi7w=
Subject key identifier: 7B:A1:77:A2:B9:CE:17:25:E2:00:69:C2:88:D9:91:34:2F:4A:74:49
Certificate issuer: /CN=fe779e56238b6f2ea068ede4e20aef00c904132b
Certificate serial: 04F084DC
Authority key identifier: FE:77:9E:56:23:8B:6F:2E:A0:68:ED:E4:E2:0A:EF:00:C9:04:13:2B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_neeViOLby6gaO3k4grvAMkEEys.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/4de598-6b03-4bef-ab14-33894913dcb7/1/e6F3ornOFyXiAGnCiNmRNC9KdEk.roa
Signing time: Thu 12 May 2022 05:59:02 +0000
ROA not before: Thu 12 May 2022 05:59:02 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 0
IP address blocks: 176.52.136.0/22 maxlen: 24
176.52.152.0/22 maxlen: 24
176.52.148.0/22 maxlen: 22
176.52.156.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 82871516 (0x4f084dc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fe779e56238b6f2ea068ede4e20aef00c904132b
Validity
Not Before: May 12 05:59:02 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=7ba177a2b9ce1725e20069c288d991342f4a7449
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:f4:44:17:cd:03:d5:47:30:f8:80:e5:c9:0b:
40:7f:ea:1c:46:5b:5a:a3:6c:5b:b9:44:80:ba:88:
f8:f3:06:cb:cc:7f:ae:8c:52:cc:01:67:4e:0a:e8:
98:2a:16:39:1f:e6:f6:29:34:72:85:bd:73:5e:ad:
f7:a7:2c:e5:dd:4f:79:18:f2:a1:ba:24:46:3b:42:
83:00:93:18:25:52:c9:c5:8a:48:61:3d:88:c0:a9:
0a:01:ca:be:34:5a:ba:d6:60:c1:07:cb:b0:ab:cd:
2c:8a:dc:77:b2:e0:13:16:ff:59:c0:da:cb:8a:61:
8b:ff:eb:d7:19:f5:fc:da:04:13:03:31:25:03:93:
93:91:73:ad:96:a6:99:4d:24:8e:c4:8c:51:ae:ae:
5c:7f:10:8b:66:45:4b:31:06:86:8b:9b:8d:be:6e:
83:12:74:44:f5:fd:36:f0:34:7f:56:9c:10:29:9c:
99:3e:c0:3b:99:71:6e:a7:d3:f0:f2:01:38:6d:21:
46:2b:c1:98:a6:07:0d:f9:11:73:b5:20:a1:e1:b0:
6c:47:96:46:19:62:ab:9d:13:04:dd:e8:8a:d4:9c:
73:78:d6:b8:0a:d8:60:49:31:ab:d1:84:71:79:8f:
52:cd:b9:5b:c7:d0:5d:bf:c2:cb:42:b2:27:e9:5c:
0f:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7B:A1:77:A2:B9:CE:17:25:E2:00:69:C2:88:D9:91:34:2F:4A:74:49
X509v3 Authority Key Identifier:
keyid:FE:77:9E:56:23:8B:6F:2E:A0:68:ED:E4:E2:0A:EF:00:C9:04:13:2B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_neeViOLby6gaO3k4grvAMkEEys.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/4de598-6b03-4bef-ab14-33894913dcb7/1/e6F3ornOFyXiAGnCiNmRNC9KdEk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/4de598-6b03-4bef-ab14-33894913dcb7/1/_neeViOLby6gaO3k4grvAMkEEys.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.52.136.0/22
176.52.148.0-176.52.159.255
Signature Algorithm: sha256WithRSAEncryption
47:ac:53:0d:0e:a6:52:34:60:23:3e:56:9e:87:69:8f:a8:96:
43:c1:de:09:01:87:2c:15:96:b9:a4:a5:79:67:ae:89:54:87:
b5:0d:b1:41:08:84:86:98:c6:58:eb:77:4e:78:21:6a:93:89:
29:a3:59:06:35:3c:8b:cf:99:ce:fe:41:76:e8:de:b7:b4:8e:
16:6b:d6:cb:66:4d:8d:4b:34:ea:e2:a3:63:89:45:7b:f1:0f:
f6:7f:03:bf:d4:41:92:9b:f3:44:15:67:63:c1:44:e6:12:22:
d5:e6:9b:c7:38:1f:d1:ea:ee:b1:cb:7b:2e:4e:12:25:f3:6e:
0b:ce:73:2c:e7:90:c4:3d:92:fc:e3:0a:d3:93:93:71:d9:f8:
ef:9a:e7:fd:ea:5e:ef:5b:8d:c9:31:44:a1:a5:6a:54:1b:9f:
5c:73:9f:3b:24:b2:9b:6d:b8:01:74:f3:3e:2c:e3:ed:f2:d1:
ec:12:13:6d:05:65:7f:1d:42:c8:6d:21:c7:1c:98:ad:db:f7:
a7:20:28:d2:2b:77:51:e6:bf:05:c1:91:5b:36:dd:e1:e8:ee:
13:86:0c:13:a9:04:8b:b0:75:c7:b1:1c:da:42:1c:34:ad:73:
8c:0f:44:5e:29:ae:9d:80:8e:f8:7e:8b:9d:bf:1a:32:a6:d0:
1f:b3:60:1a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgIEBPCE3DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
ZTc3OWU1NjIzOGI2ZjJlYTA2OGVkZTRlMjBhZWYwMGM5MDQxMzJiMB4XDTIyMDUx
MjA1NTkwMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoN2JhMTc3YTJiOWNl
MTcyNWUyMDA2OWMyODhkOTkxMzQyZjRhNzQ0OTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJz0RBfNA9VHMPiA5ckLQH/qHEZbWqNsW7lEgLqI+PMGy8x/
roxSzAFnTgromCoWOR/m9ik0coW9c16t96cs5d1PeRjyobokRjtCgwCTGCVSycWK
SGE9iMCpCgHKvjRautZgwQfLsKvNLIrcd7LgExb/WcDay4phi//r1xn1/NoEEwMx
JQOTk5FzrZammU0kjsSMUa6uXH8Qi2ZFSzEGhoubjb5ugxJ0RPX9NvA0f1acECmc
mT7AO5lxbqfT8PIBOG0hRivBmKYHDfkRc7UgoeGwbEeWRhliq50TBN3oitScc3jW
uArYYEkxq9GEcXmPUs25W8fQXb/Cy0KyJ+lcD08CAwEAAaOCAhcwggITMB0GA1Ud
DgQWBBR7oXeiuc4XJeIAacKI2ZE0L0p0STAfBgNVHSMEGDAWgBT+d55WI4tvLqBo
7eTiCu8AyQQTKzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L19uZWVWaU9MYnk2Z2FPM2s0Z3J2QU1rRUV5cy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjEvNGRlNTk4LTZiMDMtNGJlZi1hYjE0LTMzODk0OTEzZGNiNy8x
L2U2RjNvcm5PRnlYaUFHbkNpTm1STkM5S2RFay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjEv
NGRlNTk4LTZiMDMtNGJlZi1hYjE0LTMzODk0OTEzZGNiNy8xL19uZWVWaU9MYnk2
Z2FPM2s0Z3J2QU1rRUV5cy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAt
BggrBgEFBQcBBwEB/wQeMBwwGgQCAAEwFAMEArA0iDAMAwQCsDSUAwQFsDSAMA0G
CSqGSIb3DQEBCwUAA4IBAQBHrFMNDqZSNGAjPlaeh2mPqJZDwd4JAYcsFZa5pKV5
Z66JVIe1DbFBCISGmMZY63dOeCFqk4kpo1kGNTyLz5nO/kF26N63tI4Wa9bLZk2N
SzTq4qNjiUV78Q/2fwO/1EGSm/NEFWdjwUTmEiLV5pvHOB/R6u6xy3suThIl824L
znMs55DEPZL84wrTk5Nx2fjvmuf96l7vW43JMUShpWpUG59cc587JLKbbbgBdPM+
LOPt8tHsEhNtBWV/HULIbSHHHJit2/enICjSK3dR5r8FwZFbNt3h6O4ThgwTqQSL
sHXHsRzaQhw0rXOMD0ReKa6dgI74foudvxoyptAfs2Aa
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:39:05 2024 by rpki-client on console-ams.rpki-client.org