Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/4de598-6b03-4bef-ab14-33894913dcb7/1/n8tXbv_rWSEn2gV4jQFsjAYk7JI.roa
File: n8tXbv_rWSEn2gV4jQFsjAYk7JI.roa (raw, json)
Hash identifier: f5uDelNJvlbf+lGSDB9Co24nuy8GB5k23jchjI203EQ=
Subject key identifier: 9F:CB:57:6E:FF:EB:59:21:27:DA:05:78:8D:01:6C:8C:06:24:EC:92
Certificate issuer: /CN=fe779e56238b6f2ea068ede4e20aef00c904132b
Certificate serial: 0182C05C60A18CE0CB45008FEF38DD7C4BE4
Authority key identifier: FE:77:9E:56:23:8B:6F:2E:A0:68:ED:E4:E2:0A:EF:00:C9:04:13:2B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_neeViOLby6gaO3k4grvAMkEEys.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/4de598-6b03-4bef-ab14-33894913dcb7/1/n8tXbv_rWSEn2gV4jQFsjAYk7JI.roa
Signing time: Sun 21 Aug 2022 12:24:15 +0000
ROA not before: Sun 21 Aug 2022 12:24:15 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 0
IP address blocks: 176.52.128.0/22 maxlen: 24
176.52.140.0/22 maxlen: 22
176.52.148.0/22 maxlen: 22
92.53.160.0/22 maxlen: 24
92.53.164.0/22 maxlen: 24
92.53.172.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:c0:5c:60:a1:8c:e0:cb:45:00:8f:ef:38:dd:7c:4b:e4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fe779e56238b6f2ea068ede4e20aef00c904132b
Validity
Not Before: Aug 21 12:24:15 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9fcb576effeb592127da05788d016c8c0624ec92
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:c4:ff:c6:05:1d:b2:37:c2:fd:62:f6:e1:02:
b7:73:ee:02:7b:ba:45:5a:bd:b2:d2:1a:a0:ab:70:
64:7e:1a:ea:75:b0:e0:0e:11:f8:0e:9e:ab:5c:9d:
eb:cd:a6:8c:57:36:3e:ed:f9:5a:db:74:96:d0:53:
86:f3:58:c6:27:33:42:ed:a1:f5:76:e8:c0:91:61:
5c:ae:77:c9:98:bc:e4:60:30:24:87:3b:63:e3:cd:
e7:39:90:f2:c6:fc:af:a9:08:e9:64:3f:76:0b:b9:
99:c6:75:36:b9:f4:17:76:71:47:af:49:c7:e1:ee:
b1:b1:61:6b:d5:fb:ea:e0:6c:a6:8e:8b:cf:4d:17:
0e:0a:9c:db:9c:b9:a7:5c:aa:e6:39:3b:06:44:4f:
79:00:96:b7:ae:53:21:81:c2:6c:f5:29:31:42:7d:
d0:50:e4:e6:30:c9:67:72:fd:b5:15:e2:fa:30:29:
81:9f:72:69:28:fe:79:7c:ed:07:63:2d:fe:66:b8:
12:0a:0f:00:06:2c:54:54:81:6e:72:b0:32:0d:51:
5f:4a:6f:3e:bc:83:86:19:80:08:3b:e3:05:01:5b:
45:07:08:75:9e:29:d6:6d:72:7e:26:00:b1:54:40:
f6:e0:4f:32:f7:a9:39:31:ef:52:36:2b:08:2d:9e:
4e:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:CB:57:6E:FF:EB:59:21:27:DA:05:78:8D:01:6C:8C:06:24:EC:92
X509v3 Authority Key Identifier:
keyid:FE:77:9E:56:23:8B:6F:2E:A0:68:ED:E4:E2:0A:EF:00:C9:04:13:2B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_neeViOLby6gaO3k4grvAMkEEys.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/4de598-6b03-4bef-ab14-33894913dcb7/1/n8tXbv_rWSEn2gV4jQFsjAYk7JI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/4de598-6b03-4bef-ab14-33894913dcb7/1/_neeViOLby6gaO3k4grvAMkEEys.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
92.53.160.0/21
92.53.172.0/22
176.52.128.0/22
176.52.140.0/22
176.52.148.0/22
Signature Algorithm: sha256WithRSAEncryption
4c:01:eb:19:3f:0d:a9:73:a1:a1:75:e8:aa:75:5d:1f:ef:b1:
a9:3f:33:d4:a3:95:32:96:f3:fd:84:3b:a0:7a:79:a4:1d:1f:
2f:52:02:76:a6:a4:50:ea:77:40:c3:eb:79:e5:65:ec:79:49:
3a:8e:fd:26:9e:ad:99:bc:05:63:2b:00:54:1a:60:33:fb:16:
b9:ea:01:4c:81:82:25:c6:83:2d:80:24:40:5f:98:d2:17:40:
c5:03:57:d2:c3:fe:f1:b7:f1:e8:2c:9d:71:dc:5a:9c:b4:77:
22:f6:4f:21:1c:74:7b:6e:db:eb:c5:1f:9e:11:76:0c:19:70:
59:4d:7f:1e:06:ce:16:a4:dc:bd:0d:a3:8d:ba:7d:29:7f:f9:
ec:08:05:7b:58:02:36:23:da:72:5c:d1:57:61:5a:e3:63:27:
00:ae:3f:f7:b7:c1:b0:24:45:5f:44:a6:c4:a4:b8:28:ac:c4:
e3:08:2d:d3:06:06:09:ea:ce:c8:a3:fd:54:f6:fa:c1:0f:06:
cb:ac:b3:44:9b:83:87:16:2f:78:fd:0e:0b:06:39:59:22:6c:
43:35:4d:7a:ed:36:72:82:b5:52:6e:b0:1d:50:b6:a1:19:0c:
36:ab:a7:3e:21:e8:1d:1e:81:63:dd:dd:56:5e:72:e1:29:06:
11:d7:49:d2
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYLAXGChjODLRQCP7zjdfEvkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZlNzc5ZTU2MjM4YjZmMmVhMDY4ZWRlNGUyMGFlZjAwYzkw
NDEzMmIwHhcNMjIwODIxMTIyNDE1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZmNiNTc2ZWZmZWI1OTIxMjdkYTA1Nzg4ZDAxNmM4YzA2MjRlYzkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj8T/xgUdsjfC/WL24QK3c+4Ce7pF
Wr2y0hqgq3BkfhrqdbDgDhH4Dp6rXJ3rzaaMVzY+7fla23SW0FOG81jGJzNC7aH1
dujAkWFcrnfJmLzkYDAkhztj483nOZDyxvyvqQjpZD92C7mZxnU2ufQXdnFHr0nH
4e6xsWFr1fvq4GymjovPTRcOCpzbnLmnXKrmOTsGRE95AJa3rlMhgcJs9SkxQn3Q
UOTmMMlncv21FeL6MCmBn3JpKP55fO0HYy3+ZrgSCg8ABixUVIFucrAyDVFfSm8+
vIOGGYAIO+MFAVtFBwh1ninWbXJ+JgCxVED24E8y96k5Me9SNisILZ5OHwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFJ/LV27/61khJ9oFeI0BbIwGJOySMB8GA1UdIwQY
MBaAFP53nlYji28uoGjt5OIK7wDJBBMrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX25lZVZpT0xieTZnYU8zazRncnZBTWtFRXlzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS80ZGU1OTgtNmIwMy00YmVmLWFiMTQt
MzM4OTQ5MTNkY2I3LzEvbjh0WGJ2X3JXU0VuMmdWNGpRRnNqQVlrN0pJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS80ZGU1OTgtNmIwMy00YmVmLWFiMTQtMzM4OTQ5MTNkY2I3
LzEvX25lZVZpT0xieTZnYU8zazRncnZBTWtFRXlzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQDXDWgAwQC
XDWsAwQCsDSAAwQCsDSMAwQCsDSUMA0GCSqGSIb3DQEBCwUAA4IBAQBMAesZPw2p
c6GhdeiqdV0f77GpPzPUo5UylvP9hDugenmkHR8vUgJ2pqRQ6ndAw+t55WXseUk6
jv0mnq2ZvAVjKwBUGmAz+xa56gFMgYIlxoMtgCRAX5jSF0DFA1fSw/7xt/HoLJ1x
3FqctHci9k8hHHR7btvrxR+eEXYMGXBZTX8eBs4WpNy9DaONun0pf/nsCAV7WAI2
I9pyXNFXYVrjYycArj/3t8GwJEVfRKbEpLgorMTjCC3TBgYJ6s7Io/1U9vrBDwbL
rLNEm4OHFi94/Q4LBjlZImxDNU167TZygrVSbrAdULahGQw2q6c+IegdHoFj3d1W
XnLhKQYR10nS
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:50:13 2024 by rpki-client on console-fra.rpki-client.org