Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/4de598-6b03-4bef-ab14-33894913dcb7/1/nZzN0yn3-GNoDddfQ4i4Y8TW1Qg.roa
File: nZzN0yn3-GNoDddfQ4i4Y8TW1Qg.roa (raw, json)
Hash identifier: VYi/owqIaBjPqnTA1JLXxobccN9geiOSXblmwNK1jFI=
Subject key identifier: 9D:9C:CD:D3:29:F7:F8:63:68:0D:D7:5F:43:88:B8:63:C4:D6:D5:08
Certificate issuer: /CN=fe779e56238b6f2ea068ede4e20aef00c904132b
Certificate serial: 03925841
Authority key identifier: FE:77:9E:56:23:8B:6F:2E:A0:68:ED:E4:E2:0A:EF:00:C9:04:13:2B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_neeViOLby6gaO3k4grvAMkEEys.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/4de598-6b03-4bef-ab14-33894913dcb7/1/nZzN0yn3-GNoDddfQ4i4Y8TW1Qg.roa
Signing time: Sat 01 Jan 2022 11:01:25 +0000
ROA not before: Sat 01 Jan 2022 11:01:25 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2914
IP address blocks: 176.52.136.0/22 maxlen: 24
176.52.148.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 59922497 (0x3925841)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fe779e56238b6f2ea068ede4e20aef00c904132b
Validity
Not Before: Jan 1 11:01:25 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9d9ccdd329f7f863680dd75f4388b863c4d6d508
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:e4:50:ff:52:16:c4:d5:1b:7c:10:e6:61:cc:
65:87:9a:a3:ef:c9:a4:c8:f7:99:c4:0d:5a:1e:95:
df:83:40:7b:f1:05:34:3e:4e:1c:97:49:a3:42:41:
3e:00:eb:8c:fc:8e:9d:15:0a:48:06:d6:2b:98:fc:
90:73:6d:6c:7d:51:09:1a:14:b4:b8:e5:1b:d6:fa:
4b:af:cf:f7:37:2a:28:87:af:49:3c:a3:cf:22:5e:
37:03:e4:a8:90:42:f8:de:0f:36:76:ac:c4:df:42:
bb:f9:41:c6:54:d7:99:3f:21:84:cc:2e:f1:f9:e5:
6c:9f:69:ec:3a:95:b7:f1:94:4e:9a:ac:9b:f1:5f:
b5:35:9b:c6:03:7d:c4:37:da:8d:c5:ac:85:46:5e:
83:d2:1c:d4:32:58:b9:67:46:1c:e4:1b:9f:6a:68:
ac:f5:f4:e0:50:ec:cd:d8:d6:a8:5d:eb:9c:b1:9a:
20:e5:02:f4:fb:b2:4c:c3:00:fe:00:cf:c1:c2:54:
65:ae:8a:ea:84:7f:1c:42:56:9d:31:9d:a3:a5:35:
f0:01:10:55:11:39:9b:0d:93:db:49:20:36:df:3f:
0d:47:90:14:49:79:a4:a0:ab:7c:7e:d8:a3:f5:52:
4d:4f:05:4b:22:66:e2:54:6c:11:85:a8:34:81:72:
49:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:9C:CD:D3:29:F7:F8:63:68:0D:D7:5F:43:88:B8:63:C4:D6:D5:08
X509v3 Authority Key Identifier:
keyid:FE:77:9E:56:23:8B:6F:2E:A0:68:ED:E4:E2:0A:EF:00:C9:04:13:2B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_neeViOLby6gaO3k4grvAMkEEys.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/4de598-6b03-4bef-ab14-33894913dcb7/1/nZzN0yn3-GNoDddfQ4i4Y8TW1Qg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/4de598-6b03-4bef-ab14-33894913dcb7/1/_neeViOLby6gaO3k4grvAMkEEys.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.52.136.0/22
176.52.148.0/22
Signature Algorithm: sha256WithRSAEncryption
96:91:f1:9a:6d:58:4f:dc:3a:1d:ec:c2:d6:ed:14:e3:6c:b3:
07:71:61:cc:5c:8e:66:a3:66:64:a7:01:c8:d7:e8:cf:ba:9c:
d3:b8:02:7d:59:d5:a6:22:8c:8b:0d:03:c0:90:ab:73:d3:48:
fa:83:82:6d:6e:2a:e8:95:8d:06:69:29:96:61:e7:5d:ee:76:
bf:db:96:54:4c:5f:ea:9a:6c:78:41:91:6a:bf:fd:4a:d0:10:
7b:88:75:bd:1e:a7:e1:f2:6e:a4:f0:0d:5a:2f:60:98:7f:81:
f1:c0:39:f6:0e:74:a8:dc:50:7c:0b:53:d1:28:f3:69:5b:96:
34:21:95:0a:11:69:36:d7:b5:62:d7:a9:50:00:4e:90:26:54:
35:c4:8f:dd:a9:38:b4:89:23:08:52:d2:ec:74:3b:8e:d8:74:
70:b0:a1:26:98:e5:c4:77:65:60:ce:ad:c9:1a:e1:31:3a:67:
4f:38:4a:45:83:1a:5e:33:ef:57:04:e8:ae:0a:60:23:82:65:
94:2a:fb:7c:a4:ea:54:85:d1:cf:94:73:5d:dc:a0:b0:ea:7d:
9d:46:d7:83:da:fe:1d:7b:dd:48:43:1f:b8:80:1d:de:27:e6:
36:e1:0c:ac:4c:84:fe:74:4e:d2:26:b8:e2:e2:fc:a8:c5:2a:
1c:de:0c:1b
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEA5JYQTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
ZTc3OWU1NjIzOGI2ZjJlYTA2OGVkZTRlMjBhZWYwMGM5MDQxMzJiMB4XDTIyMDEw
MTExMDEyNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOWQ5Y2NkZDMyOWY3
Zjg2MzY4MGRkNzVmNDM4OGI4NjNjNGQ2ZDUwODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANPkUP9SFsTVG3wQ5mHMZYeao+/JpMj3mcQNWh6V34NAe/EF
ND5OHJdJo0JBPgDrjPyOnRUKSAbWK5j8kHNtbH1RCRoUtLjlG9b6S6/P9zcqKIev
STyjzyJeNwPkqJBC+N4PNnasxN9Cu/lBxlTXmT8hhMwu8fnlbJ9p7DqVt/GUTpqs
m/FftTWbxgN9xDfajcWshUZeg9Ic1DJYuWdGHOQbn2porPX04FDszdjWqF3rnLGa
IOUC9PuyTMMA/gDPwcJUZa6K6oR/HEJWnTGdo6U18AEQVRE5mw2T20kgNt8/DUeQ
FEl5pKCrfH7Yo/VSTU8FSyJm4lRsEYWoNIFySQMCAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBSdnM3TKff4Y2gN119DiLhjxNbVCDAfBgNVHSMEGDAWgBT+d55WI4tvLqBo
7eTiCu8AyQQTKzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L19uZWVWaU9MYnk2Z2FPM2s0Z3J2QU1rRUV5cy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjEvNGRlNTk4LTZiMDMtNGJlZi1hYjE0LTMzODk0OTEzZGNiNy8x
L25aek4weW4zLUdOb0RkZGZRNGk0WThUVzFRZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjEv
NGRlNTk4LTZiMDMtNGJlZi1hYjE0LTMzODk0OTEzZGNiNy8xL19uZWVWaU9MYnk2
Z2FPM2s0Z3J2QU1rRUV5cy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEArA0iAMEArA0lDANBgkqhkiG9w0B
AQsFAAOCAQEAlpHxmm1YT9w6HezC1u0U42yzB3FhzFyOZqNmZKcByNfoz7qc07gC
fVnVpiKMiw0DwJCrc9NI+oOCbW4q6JWNBmkplmHnXe52v9uWVExf6ppseEGRar/9
StAQe4h1vR6n4fJupPANWi9gmH+B8cA59g50qNxQfAtT0SjzaVuWNCGVChFpNte1
YtepUABOkCZUNcSP3ak4tIkjCFLS7HQ7jth0cLChJpjlxHdlYM6tyRrhMTpnTzhK
RYMaXjPvVwTorgpgI4JllCr7fKTqVIXRz5RzXdygsOp9nUbXg9r+HXvdSEMfuIAd
3ifmNuEMrEyE/nRO0ia44uL8qMUqHN4MGw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:39:05 2024 by rpki-client on console-ams.rpki-client.org