Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/4de598-6b03-4bef-ab14-33894913dcb7/1/lqnXIj3O__naU3PLnZN-c9Yzxec.roa
File: lqnXIj3O__naU3PLnZN-c9Yzxec.roa (raw, json)
Hash identifier: rRebMkbvz7zT2BF7AoWiqNqYrhNjicxxVXA3vGY9J/Q=
Subject key identifier: 96:A9:D7:22:3D:CE:FF:F9:DA:53:73:CB:9D:93:7E:73:D6:33:C5:E7
Certificate issuer: /CN=fe779e56238b6f2ea068ede4e20aef00c904132b
Certificate serial: 03D8F1B5
Authority key identifier: FE:77:9E:56:23:8B:6F:2E:A0:68:ED:E4:E2:0A:EF:00:C9:04:13:2B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_neeViOLby6gaO3k4grvAMkEEys.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/4de598-6b03-4bef-ab14-33894913dcb7/1/lqnXIj3O__naU3PLnZN-c9Yzxec.roa
Signing time: Wed 19 Jan 2022 13:33:53 +0000
ROA not before: Wed 19 Jan 2022 13:33:53 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 0
IP address blocks: 176.52.152.0/22 maxlen: 24
176.52.152.0/24 maxlen: 24
176.52.155.0/24 maxlen: 24
176.52.154.0/24 maxlen: 24
176.52.153.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 64549301 (0x3d8f1b5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fe779e56238b6f2ea068ede4e20aef00c904132b
Validity
Not Before: Jan 19 13:33:53 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=96a9d7223dcefff9da5373cb9d937e73d633c5e7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:46:67:95:8c:f0:bc:b5:89:76:0d:7d:2b:8a:
95:d9:92:db:b3:64:57:54:14:a2:e3:68:5e:d6:a5:
79:42:ca:ca:9e:5e:ce:ec:ea:81:b5:56:c8:2c:cf:
67:94:ce:13:70:26:6c:25:e5:7a:d9:b4:6e:c0:8b:
89:dd:13:01:79:ce:20:87:d7:4d:57:68:2b:5a:15:
6c:e6:10:1f:60:1f:f6:06:22:8e:3d:14:65:25:c5:
54:b0:4d:fd:fe:2a:c3:67:f8:a2:59:db:b6:33:44:
1e:2e:a6:4d:2c:d4:9f:47:71:79:d7:b4:00:1b:bd:
3a:1c:3e:c7:ef:9e:fb:ef:a8:e6:06:96:52:e0:1f:
01:0f:f0:ad:9c:46:a8:59:f3:dc:1a:14:ac:bf:02:
56:b1:2d:fd:da:90:13:05:d3:7a:0c:4b:8f:f5:34:
4c:b8:f9:fc:15:59:6a:71:87:4f:ca:6d:be:42:41:
aa:81:30:97:53:6c:72:b4:b7:75:71:e8:6d:58:52:
c3:19:13:ff:ad:0d:07:53:2d:36:0c:89:8b:4a:57:
e9:7f:f4:7f:c9:66:61:a2:86:09:c9:db:ec:8b:fa:
9a:53:77:47:ef:e3:96:d9:c9:6c:d0:ea:7a:83:97:
9d:e2:7a:9d:66:4e:88:91:40:ff:51:98:1b:d2:1b:
6e:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:A9:D7:22:3D:CE:FF:F9:DA:53:73:CB:9D:93:7E:73:D6:33:C5:E7
X509v3 Authority Key Identifier:
keyid:FE:77:9E:56:23:8B:6F:2E:A0:68:ED:E4:E2:0A:EF:00:C9:04:13:2B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_neeViOLby6gaO3k4grvAMkEEys.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/4de598-6b03-4bef-ab14-33894913dcb7/1/lqnXIj3O__naU3PLnZN-c9Yzxec.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/4de598-6b03-4bef-ab14-33894913dcb7/1/_neeViOLby6gaO3k4grvAMkEEys.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.52.152.0/22
Signature Algorithm: sha256WithRSAEncryption
18:78:47:33:89:65:1a:30:5b:c2:0d:a7:45:74:97:a4:ec:eb:
0f:b3:06:ce:d2:66:f7:2c:a9:b1:f4:40:ec:0d:b6:a1:1b:b0:
e7:90:53:67:c6:11:00:fa:9d:4f:0d:63:8a:13:c9:4d:bb:a2:
26:bf:e6:22:50:eb:cf:bc:e0:7d:d5:8c:5f:3a:95:d9:05:46:
1b:ae:d4:37:be:44:60:34:1f:d9:83:9e:41:b7:9c:b0:4d:d9:
d8:55:aa:c9:f6:6b:39:d4:c0:a7:05:cb:48:85:15:32:a8:92:
c5:99:54:96:15:91:37:78:0a:bd:61:d1:d4:b6:d7:ed:e2:16:
c5:c7:42:a0:2b:30:0f:04:01:3d:05:ad:c4:71:c4:da:50:91:
7d:02:0b:b6:91:bf:8f:23:63:a4:e9:9b:43:c1:7c:52:e8:46:
97:b3:42:10:71:ba:a0:6c:6a:86:20:e9:d1:f7:33:19:ce:81:
2e:8a:a5:4b:c5:d4:8c:c8:d9:b4:af:c1:8d:01:2a:b3:ea:96:
13:1e:64:6a:9c:82:f6:1d:2f:48:95:d9:25:7b:cf:5f:00:f7:
08:8c:e2:99:2f:bd:82:75:f3:c9:4b:54:4f:ab:7c:f4:e0:31:
ca:c8:bf:73:f9:fb:0b:0b:d3:e7:dd:47:87:c9:32:bb:d9:db:
d3:79:b4:53
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEA9jxtTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
ZTc3OWU1NjIzOGI2ZjJlYTA2OGVkZTRlMjBhZWYwMGM5MDQxMzJiMB4XDTIyMDEx
OTEzMzM1M1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOTZhOWQ3MjIzZGNl
ZmZmOWRhNTM3M2NiOWQ5MzdlNzNkNjMzYzVlNzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKVGZ5WM8Ly1iXYNfSuKldmS27NkV1QUouNoXtaleULKyp5e
zuzqgbVWyCzPZ5TOE3AmbCXletm0bsCLid0TAXnOIIfXTVdoK1oVbOYQH2Af9gYi
jj0UZSXFVLBN/f4qw2f4olnbtjNEHi6mTSzUn0dxede0ABu9Ohw+x++e+++o5gaW
UuAfAQ/wrZxGqFnz3BoUrL8CVrEt/dqQEwXTegxLj/U0TLj5/BVZanGHT8ptvkJB
qoEwl1NscrS3dXHobVhSwxkT/60NB1MtNgyJi0pX6X/0f8lmYaKGCcnb7Iv6mlN3
R+/jltnJbNDqeoOXneJ6nWZOiJFA/1GYG9IbbosCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSWqdciPc7/+dpTc8udk35z1jPF5zAfBgNVHSMEGDAWgBT+d55WI4tvLqBo
7eTiCu8AyQQTKzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L19uZWVWaU9MYnk2Z2FPM2s0Z3J2QU1rRUV5cy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjEvNGRlNTk4LTZiMDMtNGJlZi1hYjE0LTMzODk0OTEzZGNiNy8x
L2xxblhJajNPX19uYVUzUExuWk4tYzlZenhlYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjEv
NGRlNTk4LTZiMDMtNGJlZi1hYjE0LTMzODk0OTEzZGNiNy8xL19uZWVWaU9MYnk2
Z2FPM2s0Z3J2QU1rRUV5cy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArA0mDANBgkqhkiG9w0BAQsFAAOC
AQEAGHhHM4llGjBbwg2nRXSXpOzrD7MGztJm9yypsfRA7A22oRuw55BTZ8YRAPqd
Tw1jihPJTbuiJr/mIlDrz7zgfdWMXzqV2QVGG67UN75EYDQf2YOeQbecsE3Z2FWq
yfZrOdTApwXLSIUVMqiSxZlUlhWRN3gKvWHR1LbX7eIWxcdCoCswDwQBPQWtxHHE
2lCRfQILtpG/jyNjpOmbQ8F8UuhGl7NCEHG6oGxqhiDp0fczGc6BLoqlS8XUjMjZ
tK/BjQEqs+qWEx5kapyC9h0vSJXZJXvPXwD3CIzimS+9gnXzyUtUT6t89OAxysi/
c/n7CwvT591Hh8kyu9nb03m0Uw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:39:05 2024 by rpki-client on console-ams.rpki-client.org