Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/4de598-6b03-4bef-ab14-33894913dcb7/1/r64UiWLMJKqJaeX3yM7TbYPdALg.roa
File: r64UiWLMJKqJaeX3yM7TbYPdALg.roa (raw, json)
Hash identifier: 95iizjBLNJriHFt9pjXnPuHtHwFvb50tLy6w22P3hvQ=
Subject key identifier: AF:AE:14:89:62:CC:24:AA:89:69:E5:F7:C8:CE:D3:6D:83:DD:00:B8
Certificate issuer: /CN=fe779e56238b6f2ea068ede4e20aef00c904132b
Certificate serial: 04578201
Authority key identifier: FE:77:9E:56:23:8B:6F:2E:A0:68:ED:E4:E2:0A:EF:00:C9:04:13:2B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_neeViOLby6gaO3k4grvAMkEEys.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/4de598-6b03-4bef-ab14-33894913dcb7/1/r64UiWLMJKqJaeX3yM7TbYPdALg.roa
Signing time: Mon 14 Mar 2022 09:51:10 +0000
ROA not before: Mon 14 Mar 2022 09:51:10 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 1299
IP address blocks: 176.52.140.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 72843777 (0x4578201)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fe779e56238b6f2ea068ede4e20aef00c904132b
Validity
Not Before: Mar 14 09:51:10 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=afae148962cc24aa8969e5f7c8ced36d83dd00b8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:d6:9d:fe:1a:8e:c7:0a:0f:cb:62:22:89:61:
37:b6:87:08:13:b1:fc:67:4e:27:b2:1b:ba:d8:05:
9d:0a:bd:9c:32:d8:67:29:9a:a7:4e:97:73:5e:1f:
ad:98:ab:b6:e5:ab:72:b8:52:23:aa:9d:b2:65:9e:
e5:bf:8a:44:74:69:81:b2:97:42:27:8a:97:ca:6e:
fe:64:23:b5:24:d6:35:de:ad:73:35:fb:2f:de:31:
29:e5:71:a6:0b:27:f7:ae:09:a2:5a:9b:79:a8:df:
71:dc:7a:bb:00:fa:0d:ed:44:ee:d9:8f:1b:29:ad:
54:20:ee:2f:4d:16:c0:0b:08:6a:f1:c5:cd:1f:2a:
d1:46:14:69:bd:71:04:f8:7d:54:fc:76:89:6d:80:
a4:87:d1:de:19:4f:eb:7e:0c:da:22:72:2c:4b:0d:
7a:85:6e:04:49:46:2e:89:53:2e:d6:77:e7:80:56:
97:46:0b:62:0a:f4:ba:b1:3c:e9:c4:00:f9:42:f2:
e5:6d:c0:26:99:6c:4f:8c:47:00:8d:9e:b2:59:c6:
f1:ca:f4:6b:4f:ff:27:39:7e:26:9a:ee:29:af:b8:
35:28:95:84:28:ba:61:5f:80:62:66:61:ff:8d:50:
78:c9:3b:f7:36:89:e9:52:8a:b5:0e:f3:03:8d:65:
fb:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:AE:14:89:62:CC:24:AA:89:69:E5:F7:C8:CE:D3:6D:83:DD:00:B8
X509v3 Authority Key Identifier:
keyid:FE:77:9E:56:23:8B:6F:2E:A0:68:ED:E4:E2:0A:EF:00:C9:04:13:2B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_neeViOLby6gaO3k4grvAMkEEys.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/4de598-6b03-4bef-ab14-33894913dcb7/1/r64UiWLMJKqJaeX3yM7TbYPdALg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/4de598-6b03-4bef-ab14-33894913dcb7/1/_neeViOLby6gaO3k4grvAMkEEys.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.52.140.0/22
Signature Algorithm: sha256WithRSAEncryption
07:2a:8c:db:18:59:43:25:0c:83:57:42:3c:12:2d:09:39:aa:
2e:0d:f1:b0:ea:81:ce:ff:4f:13:c1:97:f6:c0:2d:bd:de:83:
05:df:2f:8c:ba:ee:53:7f:12:84:0f:d3:0d:b8:50:5f:d7:39:
8b:b2:75:b6:5b:55:07:f7:da:1b:f8:3e:38:ae:3d:60:08:64:
ff:26:d4:52:df:d3:ee:34:44:6f:2c:c7:a3:e8:8f:39:e8:96:
3e:b3:af:ba:bb:8f:21:5c:15:f3:c4:07:71:c8:d5:b1:78:2e:
b9:fe:c6:3c:47:c7:91:38:3e:3d:9d:a4:42:60:49:de:0e:48:
99:45:96:1e:88:c8:d3:eb:07:39:25:af:0a:43:a5:98:2f:28:
81:e2:67:03:63:29:6a:cc:26:95:42:bf:fe:f9:da:60:d9:25:
56:2e:c8:15:9f:f0:5e:f5:a0:1b:33:ff:c9:49:fb:70:6c:da:
6b:56:88:66:d1:da:44:a0:45:a9:60:f3:f0:ab:b8:77:8d:7e:
b4:dd:d7:94:5d:15:46:48:88:da:2e:fa:8f:16:a7:5a:c0:f4:
40:a6:59:27:0a:51:96:58:af:e2:f0:c6:d5:32:c1:c0:38:c7:
d0:01:1d:01:e4:3c:9a:f0:c1:67:15:07:95:67:88:25:31:b9:
ea:1f:62:dc
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBFeCATANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
ZTc3OWU1NjIzOGI2ZjJlYTA2OGVkZTRlMjBhZWYwMGM5MDQxMzJiMB4XDTIyMDMx
NDA5NTExMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYWZhZTE0ODk2MmNj
MjRhYTg5NjllNWY3YzhjZWQzNmQ4M2RkMDBiODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALLWnf4ajscKD8tiIolhN7aHCBOx/GdOJ7IbutgFnQq9nDLY
Zymap06Xc14frZirtuWrcrhSI6qdsmWe5b+KRHRpgbKXQieKl8pu/mQjtSTWNd6t
czX7L94xKeVxpgsn964Jolqbeajfcdx6uwD6De1E7tmPGymtVCDuL00WwAsIavHF
zR8q0UYUab1xBPh9VPx2iW2ApIfR3hlP634M2iJyLEsNeoVuBElGLolTLtZ354BW
l0YLYgr0urE86cQA+ULy5W3AJplsT4xHAI2eslnG8cr0a0//Jzl+JpruKa+4NSiV
hCi6YV+AYmZh/41QeMk79zaJ6VKKtQ7zA41l+10CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSvrhSJYswkqolp5ffIztNtg90AuDAfBgNVHSMEGDAWgBT+d55WI4tvLqBo
7eTiCu8AyQQTKzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L19uZWVWaU9MYnk2Z2FPM2s0Z3J2QU1rRUV5cy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjEvNGRlNTk4LTZiMDMtNGJlZi1hYjE0LTMzODk0OTEzZGNiNy8x
L3I2NFVpV0xNSktxSmFlWDN5TTdUYllQZEFMZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjEv
NGRlNTk4LTZiMDMtNGJlZi1hYjE0LTMzODk0OTEzZGNiNy8xL19uZWVWaU9MYnk2
Z2FPM2s0Z3J2QU1rRUV5cy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArA0jDANBgkqhkiG9w0BAQsFAAOC
AQEAByqM2xhZQyUMg1dCPBItCTmqLg3xsOqBzv9PE8GX9sAtvd6DBd8vjLruU38S
hA/TDbhQX9c5i7J1tltVB/faG/g+OK49YAhk/ybUUt/T7jREbyzHo+iPOeiWPrOv
uruPIVwV88QHccjVsXguuf7GPEfHkTg+PZ2kQmBJ3g5ImUWWHojI0+sHOSWvCkOl
mC8ogeJnA2MpaswmlUK//vnaYNklVi7IFZ/wXvWgGzP/yUn7cGzaa1aIZtHaRKBF
qWDz8Ku4d41+tN3XlF0VRkiI2i76jxanWsD0QKZZJwpRlliv4vDG1TLBwDjH0AEd
AeQ8mvDBZxUHlWeIJTG56h9i3A==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:39:05 2024 by rpki-client on console-ams.rpki-client.org