Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/4de598-6b03-4bef-ab14-33894913dcb7/1/exyMNevqH9cetNt9rK6l0mkKOBI.roa
File: exyMNevqH9cetNt9rK6l0mkKOBI.roa (raw, json)
Hash identifier: 8D+YprAHPIJ1AHtvv7rczQEd2+vItEE4m7PO+IV4ZqQ=
Subject key identifier: 7B:1C:8C:35:EB:EA:1F:D7:1E:B4:DB:7D:AC:AE:A5:D2:69:0A:38:12
Certificate issuer: /CN=fe779e56238b6f2ea068ede4e20aef00c904132b
Certificate serial: 0577C66E
Authority key identifier: FE:77:9E:56:23:8B:6F:2E:A0:68:ED:E4:E2:0A:EF:00:C9:04:13:2B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_neeViOLby6gaO3k4grvAMkEEys.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/4de598-6b03-4bef-ab14-33894913dcb7/1/exyMNevqH9cetNt9rK6l0mkKOBI.roa
Signing time: Sun 03 Jul 2022 14:26:26 +0000
ROA not before: Sun 03 Jul 2022 14:26:26 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 0
IP address blocks: 176.52.128.0/22 maxlen: 24
176.52.136.0/22 maxlen: 24
176.52.152.0/22 maxlen: 24
92.53.160.0/22 maxlen: 24
92.53.164.0/22 maxlen: 24
92.53.172.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 91735662 (0x577c66e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fe779e56238b6f2ea068ede4e20aef00c904132b
Validity
Not Before: Jul 3 14:26:26 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=7b1c8c35ebea1fd71eb4db7dacaea5d2690a3812
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:57:ca:72:3f:b0:4e:21:a9:fc:86:4c:e9:84:
f3:8f:54:94:b9:bc:78:73:cc:b7:0f:c0:0b:39:33:
21:c9:18:22:94:78:65:03:f7:17:5b:13:e5:d7:83:
37:91:67:0f:b9:c0:42:b9:28:9b:57:34:3b:1c:e3:
eb:59:a5:43:b8:12:6e:ce:d2:fd:11:61:1a:14:4f:
07:72:93:f7:2a:07:3b:65:72:31:f8:fd:bd:60:a9:
26:30:c1:d7:3c:87:02:09:6f:15:83:a4:44:09:81:
db:76:5a:7a:98:22:89:96:68:c0:42:d5:67:33:cb:
1e:71:bd:cd:da:7d:78:95:1d:0b:3b:86:b4:ba:76:
12:6f:2f:d5:02:27:dd:46:e4:12:e9:a6:e0:4a:6c:
81:fc:57:ab:a9:cb:8d:09:a7:ca:0b:77:a9:f5:2d:
c1:81:3e:ea:be:98:83:cd:73:6c:07:c4:a9:29:48:
09:8a:22:3b:a2:dd:0a:90:8b:0a:7e:f5:1d:18:9b:
79:e2:2c:35:2c:65:4d:57:4a:1d:e4:b8:47:b6:73:
d6:17:6e:99:5c:fe:e6:29:49:db:f2:65:43:83:45:
97:bb:f8:f0:1a:ba:3c:3f:79:69:e8:a0:84:c5:2f:
e0:38:2e:24:59:e8:da:fa:fb:be:08:ba:0f:68:98:
ca:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7B:1C:8C:35:EB:EA:1F:D7:1E:B4:DB:7D:AC:AE:A5:D2:69:0A:38:12
X509v3 Authority Key Identifier:
keyid:FE:77:9E:56:23:8B:6F:2E:A0:68:ED:E4:E2:0A:EF:00:C9:04:13:2B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_neeViOLby6gaO3k4grvAMkEEys.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/4de598-6b03-4bef-ab14-33894913dcb7/1/exyMNevqH9cetNt9rK6l0mkKOBI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/4de598-6b03-4bef-ab14-33894913dcb7/1/_neeViOLby6gaO3k4grvAMkEEys.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
92.53.160.0/21
92.53.172.0/22
176.52.128.0/22
176.52.136.0/22
176.52.152.0/22
Signature Algorithm: sha256WithRSAEncryption
09:4d:67:fb:76:61:ed:bd:93:38:da:bf:fc:0c:a9:8c:fd:13:
6c:b9:ac:21:6d:be:cc:a6:ea:da:70:49:a5:d2:06:a9:0c:55:
58:70:1b:3d:ed:7f:77:58:6f:8a:24:61:a3:b4:bc:c9:67:2d:
83:05:c2:b9:30:1d:6c:0c:aa:44:74:a7:7d:ef:0a:99:d3:10:
5d:9b:c7:da:e2:22:f9:71:7b:46:d1:b5:fa:95:be:ad:98:77:
ff:d0:89:5d:e1:96:9f:5c:6a:19:97:c7:ac:d8:a1:da:c0:c0:
22:88:3b:c8:bf:63:22:a2:73:61:35:7b:7e:a6:fd:d1:dd:ff:
84:c0:b9:53:8d:44:45:b0:25:ac:b5:3c:89:52:23:94:54:d4:
6f:1e:23:e0:4c:38:a5:1f:df:73:2a:aa:a5:b1:75:05:db:74:
1d:34:17:47:36:a0:44:bd:e3:8d:f9:9e:68:72:d4:93:b6:4a:
4e:4a:c5:a7:46:37:50:72:19:0c:9b:95:da:1c:76:39:38:f1:
be:02:f2:aa:19:e5:86:8b:02:7d:ef:d8:10:4c:e5:0b:8a:28:
f0:02:84:89:45:f7:75:f4:1e:4c:a1:0b:37:bb:2e:d7:4b:54:
4a:1b:c7:f3:27:17:26:1f:7c:7a:5b:bd:98:95:e1:db:8f:4d:
02:98:a3:bc
-----BEGIN CERTIFICATE-----
MIIFBzCCA++gAwIBAgIEBXfGbjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
ZTc3OWU1NjIzOGI2ZjJlYTA2OGVkZTRlMjBhZWYwMGM5MDQxMzJiMB4XDTIyMDcw
MzE0MjYyNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoN2IxYzhjMzVlYmVh
MWZkNzFlYjRkYjdkYWNhZWE1ZDI2OTBhMzgxMjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMdXynI/sE4hqfyGTOmE849UlLm8eHPMtw/ACzkzIckYIpR4
ZQP3F1sT5deDN5FnD7nAQrkom1c0Oxzj61mlQ7gSbs7S/RFhGhRPB3KT9yoHO2Vy
Mfj9vWCpJjDB1zyHAglvFYOkRAmB23ZaepgiiZZowELVZzPLHnG9zdp9eJUdCzuG
tLp2Em8v1QIn3UbkEumm4EpsgfxXq6nLjQmnygt3qfUtwYE+6r6Yg81zbAfEqSlI
CYoiO6LdCpCLCn71HRibeeIsNSxlTVdKHeS4R7Zz1hdumVz+5ilJ2/JlQ4NFl7v4
8Bq6PD95aeighMUv4DguJFno2vr7vgi6D2iYytECAwEAAaOCAiEwggIdMB0GA1Ud
DgQWBBR7HIw16+of1x60232srqXSaQo4EjAfBgNVHSMEGDAWgBT+d55WI4tvLqBo
7eTiCu8AyQQTKzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L19uZWVWaU9MYnk2Z2FPM2s0Z3J2QU1rRUV5cy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjEvNGRlNTk4LTZiMDMtNGJlZi1hYjE0LTMzODk0OTEzZGNiNy8x
L2V4eU1OZXZxSDljZXROdDlySzZsMG1rS09CSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjEv
NGRlNTk4LTZiMDMtNGJlZi1hYjE0LTMzODk0OTEzZGNiNy8xL19uZWVWaU9MYnk2
Z2FPM2s0Z3J2QU1rRUV5cy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA3
BggrBgEFBQcBBwEB/wQoMCYwJAQCAAEwHgMEA1w1oAMEAlw1rAMEArA0gAMEArA0
iAMEArA0mDANBgkqhkiG9w0BAQsFAAOCAQEACU1n+3Zh7b2TONq//AypjP0TbLms
IW2+zKbq2nBJpdIGqQxVWHAbPe1/d1hviiRho7S8yWctgwXCuTAdbAyqRHSnfe8K
mdMQXZvH2uIi+XF7RtG1+pW+rZh3/9CJXeGWn1xqGZfHrNih2sDAIog7yL9jIqJz
YTV7fqb90d3/hMC5U41ERbAlrLU8iVIjlFTUbx4j4Ew4pR/fcyqqpbF1Bdt0HTQX
RzagRL3jjfmeaHLUk7ZKTkrFp0Y3UHIZDJuV2hx2OTjxvgLyqhnlhosCfe/YEEzl
C4oo8AKEiUX3dfQeTKELN7su10tUShvH8ycXJh98elu9mJXh249NApijvA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:39:05 2024 by rpki-client on console-ams.rpki-client.org