Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/4de598-6b03-4bef-ab14-33894913dcb7/1/gg9L2rILmuCqAeJiR6rs1Db-BPs.roa
File: gg9L2rILmuCqAeJiR6rs1Db-BPs.roa (raw, json)
Hash identifier: G9T/ci8RJUC7opZmiVd2c7D6MiZj7N8+ShW5NJQmS50=
Subject key identifier: 82:0F:4B:DA:B2:0B:9A:E0:AA:01:E2:62:47:AA:EC:D4:36:FE:04:FB
Certificate issuer: /CN=fe779e56238b6f2ea068ede4e20aef00c904132b
Certificate serial: 0185EF801B2F72B48E178465DADA74285469
Authority key identifier: FE:77:9E:56:23:8B:6F:2E:A0:68:ED:E4:E2:0A:EF:00:C9:04:13:2B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_neeViOLby6gaO3k4grvAMkEEys.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/4de598-6b03-4bef-ab14-33894913dcb7/1/gg9L2rILmuCqAeJiR6rs1Db-BPs.roa
Signing time: Thu 26 Jan 2023 19:13:48 +0000
ROA not before: Thu 26 Jan 2023 19:13:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 0
IP address blocks: 92.53.180.0/22 maxlen: 24
176.52.128.0/20 maxlen: 24
176.52.144.0/20 maxlen: 24
92.53.172.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:ef:80:1b:2f:72:b4:8e:17:84:65:da:da:74:28:54:69
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fe779e56238b6f2ea068ede4e20aef00c904132b
Validity
Not Before: Jan 26 19:13:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=820f4bdab20b9ae0aa01e26247aaecd436fe04fb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:e0:1b:98:e7:54:09:5e:b9:0b:57:0f:80:33:
02:b6:a9:05:20:91:ea:2d:5b:06:6e:5b:9b:cd:7d:
d9:c3:54:d0:37:56:91:85:0e:09:54:ae:20:e3:0c:
b0:40:63:d5:c2:d6:ea:8e:f2:4e:84:98:db:84:9c:
87:57:b9:7e:e5:ac:a4:36:ee:d3:a5:48:0c:6f:48:
31:57:24:06:0e:8a:68:7c:09:4d:b1:08:dc:ab:2a:
9a:b6:b5:ed:8b:88:61:74:98:d3:da:20:50:45:3f:
62:2f:1b:d4:6d:98:7c:c3:b3:00:b7:ae:0e:df:c8:
51:71:0c:4a:6e:4a:1a:37:57:85:b9:2b:ae:47:9d:
1a:8e:8a:46:69:1a:40:0b:d4:42:78:47:e2:f7:25:
a4:ab:f0:31:3c:bb:df:43:69:eb:4a:04:4c:86:0a:
0a:98:51:32:eb:96:8f:ac:e2:3d:9a:fe:97:ec:e6:
c2:f7:a7:5c:87:54:84:48:a0:f5:e2:ae:7c:c8:9b:
9e:e8:f5:82:25:4c:39:40:5c:32:35:4b:25:e9:eb:
09:18:9b:78:fa:96:dc:43:bf:96:09:35:5e:e1:0c:
9e:43:c7:71:67:04:7f:90:b3:03:71:ae:f1:6e:85:
84:98:2d:3b:37:6c:40:41:41:48:14:0c:ed:8a:34:
0d:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:0F:4B:DA:B2:0B:9A:E0:AA:01:E2:62:47:AA:EC:D4:36:FE:04:FB
X509v3 Authority Key Identifier:
keyid:FE:77:9E:56:23:8B:6F:2E:A0:68:ED:E4:E2:0A:EF:00:C9:04:13:2B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_neeViOLby6gaO3k4grvAMkEEys.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/4de598-6b03-4bef-ab14-33894913dcb7/1/gg9L2rILmuCqAeJiR6rs1Db-BPs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/4de598-6b03-4bef-ab14-33894913dcb7/1/_neeViOLby6gaO3k4grvAMkEEys.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
92.53.172.0/22
92.53.180.0/22
176.52.128.0/19
Signature Algorithm: sha256WithRSAEncryption
a3:43:60:1b:c7:d4:0d:60:29:94:d9:cf:83:b3:10:46:c6:1d:
e3:43:0a:b1:ff:5c:72:fc:eb:51:49:31:81:a7:32:bd:4e:df:
15:37:f2:5c:83:aa:be:81:a2:93:b9:18:4d:34:39:f6:4b:63:
62:71:03:1a:17:07:5f:c4:45:53:28:e1:04:a0:1c:69:7d:84:
61:fa:5b:43:df:57:1b:88:b7:55:1c:38:c5:ad:ba:b0:51:a6:
a3:11:6e:bb:af:32:74:68:16:b6:1c:c4:c1:ee:5c:9d:a9:0f:
79:1b:08:a0:60:b4:7f:a0:9c:b2:b3:d2:50:71:e6:bf:34:18:
11:37:4e:2b:6d:be:68:61:00:06:68:63:32:46:76:c7:97:b4:
d2:c7:41:e6:40:5f:33:ff:47:fe:58:7c:ba:80:74:cd:5f:d9:
c0:fb:dd:5e:69:6e:d9:34:bf:b2:22:1f:37:62:33:47:c8:2c:
e2:7f:da:92:ac:50:e1:f6:21:24:a6:2f:72:4a:bd:49:35:7c:
07:cf:1d:df:d6:8c:73:9e:7b:ca:1c:88:66:23:a4:78:ed:9e:
13:09:f2:48:eb:4a:b4:d7:b8:a3:a7:87:39:d0:b6:f3:f9:d7:
f0:9a:9a:35:27:c5:ec:09:3e:a5:e7:ae:bf:76:0d:65:0a:e1:
cd:fe:f3:13
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYXvgBsvcrSOF4Rl2tp0KFRpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZlNzc5ZTU2MjM4YjZmMmVhMDY4ZWRlNGUyMGFlZjAwYzkw
NDEzMmIwHhcNMjMwMTI2MTkxMzQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MjBmNGJkYWIyMGI5YWUwYWEwMWUyNjI0N2FhZWNkNDM2ZmUwNGZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnuAbmOdUCV65C1cPgDMCtqkFIJHq
LVsGblubzX3Zw1TQN1aRhQ4JVK4g4wywQGPVwtbqjvJOhJjbhJyHV7l+5aykNu7T
pUgMb0gxVyQGDopofAlNsQjcqyqatrXti4hhdJjT2iBQRT9iLxvUbZh8w7MAt64O
38hRcQxKbkoaN1eFuSuuR50ajopGaRpAC9RCeEfi9yWkq/AxPLvfQ2nrSgRMhgoK
mFEy65aPrOI9mv6X7ObC96dch1SESKD14q58yJue6PWCJUw5QFwyNUsl6esJGJt4
+pbcQ7+WCTVe4QyeQ8dxZwR/kLMDca7xboWEmC07N2xAQUFIFAztijQNJQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFIIPS9qyC5rgqgHiYkeq7NQ2/gT7MB8GA1UdIwQY
MBaAFP53nlYji28uoGjt5OIK7wDJBBMrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX25lZVZpT0xieTZnYU8zazRncnZBTWtFRXlzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS80ZGU1OTgtNmIwMy00YmVmLWFiMTQt
MzM4OTQ5MTNkY2I3LzEvZ2c5TDJySUxtdUNxQWVKaVI2cnMxRGItQlBzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS80ZGU1OTgtNmIwMy00YmVmLWFiMTQtMzM4OTQ5MTNkY2I3
LzEvX25lZVZpT0xieTZnYU8zazRncnZBTWtFRXlzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCXDWsAwQC
XDW0AwQFsDSAMA0GCSqGSIb3DQEBCwUAA4IBAQCjQ2Abx9QNYCmU2c+DsxBGxh3j
Qwqx/1xy/OtRSTGBpzK9Tt8VN/Jcg6q+gaKTuRhNNDn2S2NicQMaFwdfxEVTKOEE
oBxpfYRh+ltD31cbiLdVHDjFrbqwUaajEW67rzJ0aBa2HMTB7lydqQ95GwigYLR/
oJyys9JQcea/NBgRN04rbb5oYQAGaGMyRnbHl7TSx0HmQF8z/0f+WHy6gHTNX9nA
+91eaW7ZNL+yIh83YjNHyCzif9qSrFDh9iEkpi9ySr1JNXwHzx3f1oxznnvKHIhm
I6R47Z4TCfJI60q017ijp4c50Lbz+dfwmpo1J8XsCT6l566/dg1lCuHN/vMT
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:39:05 2024 by rpki-client on console-ams.rpki-client.org