Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/4de598-6b03-4bef-ab14-33894913dcb7/1/gatLgAnVJMiKolvHisCMeN4qTtc.roa
File: gatLgAnVJMiKolvHisCMeN4qTtc.roa (raw, json)
Hash identifier: 2Yp35QGskbOcOUtxz8oGp3YBxlfmbNCUe9KSAdH7//M=
Subject key identifier: 81:AB:4B:80:09:D5:24:C8:8A:A2:5B:C7:8A:C0:8C:78:DE:2A:4E:D7
Certificate issuer: /CN=fe779e56238b6f2ea068ede4e20aef00c904132b
Certificate serial: 01846418E50A1A1705192AD4DDB16639E339
Authority key identifier: FE:77:9E:56:23:8B:6F:2E:A0:68:ED:E4:E2:0A:EF:00:C9:04:13:2B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_neeViOLby6gaO3k4grvAMkEEys.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/4de598-6b03-4bef-ab14-33894913dcb7/1/gatLgAnVJMiKolvHisCMeN4qTtc.roa
Signing time: Fri 11 Nov 2022 00:31:03 +0000
ROA not before: Fri 11 Nov 2022 00:31:03 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 0
IP address blocks: 176.52.128.0/22 maxlen: 24
176.52.132.0/22 maxlen: 24
176.52.136.0/22 maxlen: 22
176.52.144.0/22 maxlen: 24
176.52.140.0/22 maxlen: 22
176.52.152.0/22 maxlen: 22
176.52.148.0/22 maxlen: 24
176.52.156.0/22 maxlen: 22
92.53.172.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:64:18:e5:0a:1a:17:05:19:2a:d4:dd:b1:66:39:e3:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fe779e56238b6f2ea068ede4e20aef00c904132b
Validity
Not Before: Nov 11 00:31:03 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=81ab4b8009d524c88aa25bc78ac08c78de2a4ed7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:55:61:96:73:f2:48:bd:c8:86:fe:e3:89:19:
e4:38:e5:1e:e9:5f:d2:2f:c5:b1:21:d7:3e:94:9b:
46:88:29:4c:d3:f5:44:ae:b2:20:61:32:0e:a4:ac:
5e:78:86:1c:3f:b1:33:34:7c:b7:cb:45:20:7a:e1:
4a:77:85:37:a9:2f:15:51:33:03:59:b4:50:a0:df:
03:f2:e2:69:8b:21:be:b7:79:6e:4e:fd:77:10:f9:
af:da:96:72:d3:79:fe:0d:c4:04:eb:52:12:d5:d2:
7c:ce:6a:d4:1c:12:26:f7:c5:68:94:8e:b1:f3:a4:
45:94:1c:f3:01:6f:a8:2c:96:06:fd:cd:16:66:ae:
16:be:03:6c:1b:ab:5a:e3:ab:56:51:79:de:66:79:
ee:66:3e:b5:59:bd:3b:24:e4:e2:76:5f:83:12:e3:
57:14:85:a3:10:08:c2:5c:67:b3:f0:0e:cb:c8:dd:
43:f1:79:0b:ac:db:c1:c2:cf:70:72:27:c5:7f:55:
a1:54:bd:0a:1e:0e:22:4b:47:07:3b:73:c3:d9:67:
ed:3c:3f:54:4a:0c:ea:b7:eb:ba:13:20:fc:03:93:
20:8f:69:e0:78:9d:79:17:9c:3c:e2:43:70:bc:9f:
ea:cd:84:9d:e5:4c:f0:39:71:68:7b:74:40:6c:db:
61:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:AB:4B:80:09:D5:24:C8:8A:A2:5B:C7:8A:C0:8C:78:DE:2A:4E:D7
X509v3 Authority Key Identifier:
keyid:FE:77:9E:56:23:8B:6F:2E:A0:68:ED:E4:E2:0A:EF:00:C9:04:13:2B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_neeViOLby6gaO3k4grvAMkEEys.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/4de598-6b03-4bef-ab14-33894913dcb7/1/gatLgAnVJMiKolvHisCMeN4qTtc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/4de598-6b03-4bef-ab14-33894913dcb7/1/_neeViOLby6gaO3k4grvAMkEEys.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
92.53.172.0/22
176.52.128.0/19
Signature Algorithm: sha256WithRSAEncryption
94:43:71:6e:a6:d9:8e:d5:d3:cd:2c:cf:1f:7d:c7:af:ad:6d:
ff:ff:91:e6:6c:0f:df:4a:b9:5c:3a:ed:b8:a5:d2:92:93:e2:
45:a9:80:2b:37:b9:31:0b:be:5d:59:79:53:d3:33:4d:a8:db:
31:8f:cd:d0:3f:22:52:5b:69:49:cc:6c:76:c3:54:65:95:02:
6e:c5:91:27:70:a3:14:90:56:bd:e7:63:b4:fa:0c:8b:2f:f7:
1d:9c:c6:8c:93:65:ef:5c:96:46:34:4a:fd:db:76:0c:c7:10:
4a:5c:fa:ff:59:e2:ef:a4:b7:a2:52:12:70:58:8a:2c:11:88:
b0:c2:13:15:81:a7:91:64:8e:0a:82:fd:2e:09:74:2f:e1:b2:
4a:c8:fa:92:5d:c0:bb:c4:76:7b:1f:37:ed:32:c4:28:f8:70:
29:a9:69:f0:e8:4b:b4:6d:d0:be:fa:c9:68:3d:0a:fa:87:c6:
f6:91:44:dc:72:e2:9b:9f:d6:03:ef:1f:11:1a:87:c0:b5:6d:
3f:b6:39:6c:b3:c2:8f:45:5b:89:67:35:c6:d3:3c:13:6a:df:
9e:af:c0:16:e4:46:db:cf:34:68:ec:36:56:4b:30:6a:8a:3e:
6f:1e:65:d2:24:0e:cd:22:5b:11:46:11:24:ad:e4:77:00:51:
8e:68:5c:bb
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYRkGOUKGhcFGSrU3bFmOeM5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZlNzc5ZTU2MjM4YjZmMmVhMDY4ZWRlNGUyMGFlZjAwYzkw
NDEzMmIwHhcNMjIxMTExMDAzMTAzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MWFiNGI4MDA5ZDUyNGM4OGFhMjViYzc4YWMwOGM3OGRlMmE0ZWQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlVVhlnPySL3Ihv7jiRnkOOUe6V/S
L8WxIdc+lJtGiClM0/VErrIgYTIOpKxeeIYcP7EzNHy3y0UgeuFKd4U3qS8VUTMD
WbRQoN8D8uJpiyG+t3luTv13EPmv2pZy03n+DcQE61IS1dJ8zmrUHBIm98VolI6x
86RFlBzzAW+oLJYG/c0WZq4WvgNsG6ta46tWUXneZnnuZj61Wb07JOTidl+DEuNX
FIWjEAjCXGez8A7LyN1D8XkLrNvBws9wcifFf1WhVL0KHg4iS0cHO3PD2WftPD9U
Sgzqt+u6EyD8A5Mgj2ngeJ15F5w84kNwvJ/qzYSd5UzwOXFoe3RAbNthYwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFIGrS4AJ1STIiqJbx4rAjHjeKk7XMB8GA1UdIwQY
MBaAFP53nlYji28uoGjt5OIK7wDJBBMrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX25lZVZpT0xieTZnYU8zazRncnZBTWtFRXlzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS80ZGU1OTgtNmIwMy00YmVmLWFiMTQt
MzM4OTQ5MTNkY2I3LzEvZ2F0TGdBblZKTWlLb2x2SGlzQ01lTjRxVHRjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS80ZGU1OTgtNmIwMy00YmVmLWFiMTQtMzM4OTQ5MTNkY2I3
LzEvX25lZVZpT0xieTZnYU8zazRncnZBTWtFRXlzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCXDWsAwQF
sDSAMA0GCSqGSIb3DQEBCwUAA4IBAQCUQ3FuptmO1dPNLM8ffcevrW3//5HmbA/f
SrlcOu24pdKSk+JFqYArN7kxC75dWXlT0zNNqNsxj83QPyJSW2lJzGx2w1RllQJu
xZEncKMUkFa952O0+gyLL/cdnMaMk2XvXJZGNEr923YMxxBKXPr/WeLvpLeiUhJw
WIosEYiwwhMVgaeRZI4Kgv0uCXQv4bJKyPqSXcC7xHZ7HzftMsQo+HApqWnw6Eu0
bdC++sloPQr6h8b2kUTccuKbn9YD7x8RGofAtW0/tjlss8KPRVuJZzXG0zwTat+e
r8AW5EbbzzRo7DZWSzBqij5vHmXSJA7NIlsRRhEkreR3AFGOaFy7
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:39:05 2024 by rpki-client on console-ams.rpki-client.org