Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/4de598-6b03-4bef-ab14-33894913dcb7/1/pnnegJVpLYzx9KL4GJ7iENTFN7M.roa
File: pnnegJVpLYzx9KL4GJ7iENTFN7M.roa (raw, json)
Hash identifier: 3kTvOHBt+095a2Dhq1JgYuIWM3+QUW5d6H+0/UvK3aY=
Subject key identifier: A6:79:DE:80:95:69:2D:8C:F1:F4:A2:F8:18:9E:E2:10:D4:C5:37:B3
Certificate issuer: /CN=fe779e56238b6f2ea068ede4e20aef00c904132b
Certificate serial: 0182C05C6183F6C3890E315962FBF46271E9
Authority key identifier: FE:77:9E:56:23:8B:6F:2E:A0:68:ED:E4:E2:0A:EF:00:C9:04:13:2B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_neeViOLby6gaO3k4grvAMkEEys.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/4de598-6b03-4bef-ab14-33894913dcb7/1/pnnegJVpLYzx9KL4GJ7iENTFN7M.roa
Signing time: Sun 21 Aug 2022 12:24:15 +0000
ROA not before: Sun 21 Aug 2022 12:24:15 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 834
IP address blocks: 176.52.136.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:c0:5c:61:83:f6:c3:89:0e:31:59:62:fb:f4:62:71:e9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fe779e56238b6f2ea068ede4e20aef00c904132b
Validity
Not Before: Aug 21 12:24:15 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a679de8095692d8cf1f4a2f8189ee210d4c537b3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:ef:40:25:06:eb:aa:08:82:b9:d1:32:af:ea:
89:54:42:51:ba:6d:3b:86:8c:1a:46:fe:6f:77:5b:
aa:3c:eb:33:2b:f8:b6:9b:14:24:9d:2c:bd:19:a2:
d0:4a:d7:9a:cc:bc:5c:6c:03:75:b7:7e:52:0b:56:
f6:40:27:91:5c:0a:7e:2f:71:ea:5e:32:15:93:a5:
ca:53:31:13:94:7c:7c:1e:63:fe:0d:9e:5c:e4:55:
a7:bb:1a:64:b6:27:9d:9c:68:6f:57:7d:9e:3a:08:
37:33:52:6b:c3:ac:e7:b4:89:45:87:9b:7a:8b:1c:
b0:01:33:ee:49:26:a5:2d:44:ff:0d:60:56:4c:de:
3b:f2:44:f9:48:69:99:c4:4e:28:e9:e7:1a:15:61:
41:f3:4d:52:5e:aa:b7:ee:92:db:0f:07:fd:31:11:
3e:6f:39:a8:42:56:d7:b6:e5:24:5a:07:57:4b:89:
d9:9e:fe:a3:be:64:2b:e4:78:7e:5a:19:a2:28:4a:
39:83:ec:98:78:15:ad:0c:4c:16:35:96:13:55:b1:
c7:53:a3:a5:3d:2c:6b:39:c3:14:47:d8:12:50:6e:
37:20:5c:92:e4:74:57:23:68:0c:0e:19:8f:64:f5:
eb:83:4e:c3:dc:b2:60:28:89:57:17:f4:22:86:f7:
06:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:79:DE:80:95:69:2D:8C:F1:F4:A2:F8:18:9E:E2:10:D4:C5:37:B3
X509v3 Authority Key Identifier:
keyid:FE:77:9E:56:23:8B:6F:2E:A0:68:ED:E4:E2:0A:EF:00:C9:04:13:2B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_neeViOLby6gaO3k4grvAMkEEys.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/4de598-6b03-4bef-ab14-33894913dcb7/1/pnnegJVpLYzx9KL4GJ7iENTFN7M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/4de598-6b03-4bef-ab14-33894913dcb7/1/_neeViOLby6gaO3k4grvAMkEEys.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.52.136.0/22
Signature Algorithm: sha256WithRSAEncryption
87:5b:07:3a:a9:74:03:98:80:a7:34:bb:f8:5b:dc:a4:ff:28:
da:73:a7:94:7a:4e:06:25:1b:4e:37:05:e0:22:9f:9c:8f:40:
f9:58:bc:fd:df:65:d0:50:32:a8:27:8d:9f:de:9c:95:74:8a:
c6:6a:3c:62:11:6f:3c:2a:de:25:7e:99:b7:d8:a2:ec:09:b5:
a9:d3:85:f6:51:d8:da:b5:7e:f3:f1:58:dd:03:2f:c3:52:60:
8b:52:b2:45:05:75:94:81:fd:3a:83:c2:6e:7f:dd:ec:bd:5b:
d4:2f:b6:d2:04:84:bc:86:96:20:65:7f:e8:30:af:5d:b2:f8:
b5:01:c3:04:70:bf:11:a7:55:c9:e8:19:f1:68:f4:eb:85:2a:
0f:5d:3e:bb:8b:8b:fe:6e:33:b0:d4:6c:60:ce:b6:ef:6a:a9:
6e:16:50:97:01:dd:e6:40:47:6f:87:64:fc:df:35:dd:87:b4:
df:c8:73:d8:6c:b7:bc:d7:77:19:b6:b7:9c:6d:6e:63:56:df:
57:af:2a:36:3f:e1:c4:8e:c6:a5:1c:d9:3e:4e:f4:7f:07:b0:
7d:77:cb:f6:b4:9c:94:4a:f9:8c:48:0c:e4:7f:95:56:86:9c:
2b:52:85:73:f5:06:63:14:97:ac:65:a0:8d:7f:df:21:55:af:
b9:7d:3a:70
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYLAXGGD9sOJDjFZYvv0YnHpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZlNzc5ZTU2MjM4YjZmMmVhMDY4ZWRlNGUyMGFlZjAwYzkw
NDEzMmIwHhcNMjIwODIxMTIyNDE1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNjc5ZGU4MDk1NjkyZDhjZjFmNGEyZjgxODllZTIxMGQ0YzUzN2IzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhe9AJQbrqgiCudEyr+qJVEJRum07
howaRv5vd1uqPOszK/i2mxQknSy9GaLQSteazLxcbAN1t35SC1b2QCeRXAp+L3Hq
XjIVk6XKUzETlHx8HmP+DZ5c5FWnuxpktiednGhvV32eOgg3M1Jrw6zntIlFh5t6
ixywATPuSSalLUT/DWBWTN478kT5SGmZxE4o6ecaFWFB801SXqq37pLbDwf9MRE+
bzmoQlbXtuUkWgdXS4nZnv6jvmQr5Hh+WhmiKEo5g+yYeBWtDEwWNZYTVbHHU6Ol
PSxrOcMUR9gSUG43IFyS5HRXI2gMDhmPZPXrg07D3LJgKIlXF/QihvcGWwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKZ53oCVaS2M8fSi+Bie4hDUxTezMB8GA1UdIwQY
MBaAFP53nlYji28uoGjt5OIK7wDJBBMrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX25lZVZpT0xieTZnYU8zazRncnZBTWtFRXlzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS80ZGU1OTgtNmIwMy00YmVmLWFiMTQt
MzM4OTQ5MTNkY2I3LzEvcG5uZWdKVnBMWXp4OUtMNEdKN2lFTlRGTjdNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS80ZGU1OTgtNmIwMy00YmVmLWFiMTQtMzM4OTQ5MTNkY2I3
LzEvX25lZVZpT0xieTZnYU8zazRncnZBTWtFRXlzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCsDSIMA0G
CSqGSIb3DQEBCwUAA4IBAQCHWwc6qXQDmICnNLv4W9yk/yjac6eUek4GJRtONwXg
Ip+cj0D5WLz932XQUDKoJ42f3pyVdIrGajxiEW88Kt4lfpm32KLsCbWp04X2Udja
tX7z8VjdAy/DUmCLUrJFBXWUgf06g8Juf93svVvUL7bSBIS8hpYgZX/oMK9dsvi1
AcMEcL8Rp1XJ6BnxaPTrhSoPXT67i4v+bjOw1GxgzrbvaqluFlCXAd3mQEdvh2T8
3zXdh7TfyHPYbLe813cZtrecbW5jVt9Xryo2P+HEjsalHNk+TvR/B7B9d8v2tJyU
SvmMSAzkf5VWhpwrUoVz9QZjFJesZaCNf98hVa+5fTpw
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:39:05 2024 by rpki-client on console-ams.rpki-client.org