Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/4de598-6b03-4bef-ab14-33894913dcb7/1/n-ixMw073glFAKgWC_ENtibGLig.roa
File: n-ixMw073glFAKgWC_ENtibGLig.roa (raw, json)
Hash identifier: AJNRMQZOTzOkU46k86pR4In0kiJQxWSkjsMgGMQtcSA=
Subject key identifier: 9F:E8:B1:33:0D:3B:DE:09:45:00:A8:16:0B:F1:0D:B6:26:C6:2E:28
Certificate issuer: /CN=fe779e56238b6f2ea068ede4e20aef00c904132b
Certificate serial: 052546DB
Authority key identifier: FE:77:9E:56:23:8B:6F:2E:A0:68:ED:E4:E2:0A:EF:00:C9:04:13:2B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_neeViOLby6gaO3k4grvAMkEEys.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/4de598-6b03-4bef-ab14-33894913dcb7/1/n-ixMw073glFAKgWC_ENtibGLig.roa
Signing time: Mon 30 May 2022 10:16:13 +0000
ROA not before: Mon 30 May 2022 10:16:13 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 0
IP address blocks: 176.52.136.0/22 maxlen: 24
176.52.152.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 86329051 (0x52546db)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fe779e56238b6f2ea068ede4e20aef00c904132b
Validity
Not Before: May 30 10:16:13 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9fe8b1330d3bde094500a8160bf10db626c62e28
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:cb:17:af:10:64:45:73:00:ee:83:a1:cf:7e:
f2:f4:17:2a:81:76:8a:7a:1b:05:5c:fe:2d:c4:98:
b0:1b:4c:cf:84:80:69:be:4f:84:71:0d:03:e2:51:
3e:5e:80:e3:af:70:b9:94:bb:9b:bc:5b:c4:3c:c8:
a2:a0:cb:d4:3a:03:73:bc:9f:f6:3c:84:d7:70:6d:
46:17:3a:65:f9:31:46:f3:05:c9:c1:aa:df:b6:2a:
76:7b:28:73:0c:c3:b7:c7:99:90:42:4a:5b:94:b9:
cd:5a:de:cf:19:9f:cd:8e:d2:e6:81:a8:2c:9e:52:
39:70:97:22:dc:58:0f:b2:42:12:c7:b0:70:d6:65:
31:da:e6:61:f6:57:6e:11:5a:c5:d4:3f:f1:d2:b6:
50:d3:7a:79:a1:76:b6:19:fe:20:31:0e:94:18:24:
16:10:13:c2:5f:8e:3d:32:89:d6:80:df:47:4d:1f:
22:77:4d:d8:b9:54:c3:99:45:ca:18:46:8d:91:d2:
9a:95:40:f1:df:8e:84:1d:ca:c9:fd:52:1d:42:2b:
b3:69:c6:42:80:96:ea:85:66:cd:ad:02:bc:26:23:
f0:ed:d8:43:47:f9:52:88:1f:58:6d:80:d2:94:46:
2f:67:1f:38:2f:cd:a3:4b:99:05:30:af:92:82:9a:
47:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:E8:B1:33:0D:3B:DE:09:45:00:A8:16:0B:F1:0D:B6:26:C6:2E:28
X509v3 Authority Key Identifier:
keyid:FE:77:9E:56:23:8B:6F:2E:A0:68:ED:E4:E2:0A:EF:00:C9:04:13:2B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_neeViOLby6gaO3k4grvAMkEEys.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/4de598-6b03-4bef-ab14-33894913dcb7/1/n-ixMw073glFAKgWC_ENtibGLig.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/4de598-6b03-4bef-ab14-33894913dcb7/1/_neeViOLby6gaO3k4grvAMkEEys.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.52.136.0/22
176.52.152.0/22
Signature Algorithm: sha256WithRSAEncryption
28:04:6f:dd:f2:52:cb:5e:ba:1e:82:35:e2:e8:7c:a6:55:00:
fd:e4:9c:c9:fd:4e:f2:c2:86:b5:e6:7e:66:8c:81:ce:04:6f:
7f:33:06:b2:48:7e:0a:54:f2:80:cc:20:6c:bc:96:8d:5b:f8:
64:91:a9:56:df:1a:12:fa:85:c0:87:a3:6c:9a:cc:41:1e:c7:
7b:45:22:ae:62:f4:e2:88:e1:11:ba:ea:ed:0f:e1:0d:9a:b5:
86:f0:40:71:68:01:8d:c0:90:23:da:52:70:0e:b6:99:72:94:
bb:67:1d:68:d4:06:9c:a9:dc:ac:ca:da:1b:f0:34:02:50:39:
c6:fa:ac:30:f0:86:cf:b7:41:80:08:3e:23:61:0a:76:bc:a6:
ad:9b:85:82:bb:a1:f7:f0:c6:79:2f:03:44:08:09:df:2c:25:
29:19:26:72:24:01:69:19:04:fc:a5:a9:7c:71:60:ef:54:5b:
df:68:f1:0e:6b:04:ec:11:4a:98:2e:c8:69:f5:ce:3e:e6:e2:
92:34:ab:30:b3:d9:5d:81:ff:a2:21:9b:ce:ec:c5:d8:61:b4:
50:1e:d5:f6:bd:14:38:01:a2:d5:36:3c:8b:b9:56:4d:ff:81:
04:67:86:f2:51:0b:fa:30:47:e3:d7:8c:a3:46:c4:33:1a:f1:
70:2c:01:dd
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEBSVG2zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
ZTc3OWU1NjIzOGI2ZjJlYTA2OGVkZTRlMjBhZWYwMGM5MDQxMzJiMB4XDTIyMDUz
MDEwMTYxM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOWZlOGIxMzMwZDNi
ZGUwOTQ1MDBhODE2MGJmMTBkYjYyNmM2MmUyODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALHLF68QZEVzAO6Doc9+8vQXKoF2inobBVz+LcSYsBtMz4SA
ab5PhHENA+JRPl6A469wuZS7m7xbxDzIoqDL1DoDc7yf9jyE13BtRhc6ZfkxRvMF
ycGq37YqdnsocwzDt8eZkEJKW5S5zVrezxmfzY7S5oGoLJ5SOXCXItxYD7JCEsew
cNZlMdrmYfZXbhFaxdQ/8dK2UNN6eaF2thn+IDEOlBgkFhATwl+OPTKJ1oDfR00f
IndN2LlUw5lFyhhGjZHSmpVA8d+OhB3Kyf1SHUIrs2nGQoCW6oVmza0CvCYj8O3Y
Q0f5UogfWG2A0pRGL2cfOC/No0uZBTCvkoKaRyUCAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBSf6LEzDTveCUUAqBYL8Q22JsYuKDAfBgNVHSMEGDAWgBT+d55WI4tvLqBo
7eTiCu8AyQQTKzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L19uZWVWaU9MYnk2Z2FPM2s0Z3J2QU1rRUV5cy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjEvNGRlNTk4LTZiMDMtNGJlZi1hYjE0LTMzODk0OTEzZGNiNy8x
L24taXhNdzA3M2dsRkFLZ1dDX0VOdGliR0xpZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjEv
NGRlNTk4LTZiMDMtNGJlZi1hYjE0LTMzODk0OTEzZGNiNy8xL19uZWVWaU9MYnk2
Z2FPM2s0Z3J2QU1rRUV5cy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEArA0iAMEArA0mDANBgkqhkiG9w0B
AQsFAAOCAQEAKARv3fJSy166HoI14uh8plUA/eScyf1O8sKGteZ+ZoyBzgRvfzMG
skh+ClTygMwgbLyWjVv4ZJGpVt8aEvqFwIejbJrMQR7He0UirmL04ojhEbrq7Q/h
DZq1hvBAcWgBjcCQI9pScA62mXKUu2cdaNQGnKncrMraG/A0AlA5xvqsMPCGz7dB
gAg+I2EKdrymrZuFgruh9/DGeS8DRAgJ3ywlKRkmciQBaRkE/KWpfHFg71Rb32jx
DmsE7BFKmC7IafXOPubikjSrMLPZXYH/oiGbzuzF2GG0UB7V9r0UOAGi1TY8i7lW
Tf+BBGeG8lEL+jBH49eMo0bEMxrxcCwB3Q==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:39:05 2024 by rpki-client on console-ams.rpki-client.org