Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/4de598-6b03-4bef-ab14-33894913dcb7/1/rDYJHXpPhTioMPhHO02ItlPlK9w.roa
File: rDYJHXpPhTioMPhHO02ItlPlK9w.roa (raw, json)
Hash identifier: O/lZP/HWoDoP+z/+aNcUSXLYoM6nD2kSW3NwmJwEghs=
Subject key identifier: AC:36:09:1D:7A:4F:85:38:A8:30:F8:47:3B:4D:88:B6:53:E5:2B:DC
Certificate issuer: /CN=fe779e56238b6f2ea068ede4e20aef00c904132b
Certificate serial: 04DE654E
Authority key identifier: FE:77:9E:56:23:8B:6F:2E:A0:68:ED:E4:E2:0A:EF:00:C9:04:13:2B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_neeViOLby6gaO3k4grvAMkEEys.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/4de598-6b03-4bef-ab14-33894913dcb7/1/rDYJHXpPhTioMPhHO02ItlPlK9w.roa
Signing time: Wed 04 May 2022 14:06:38 +0000
ROA not before: Wed 04 May 2022 14:06:38 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 207461
IP address blocks: 176.52.156.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 81683790 (0x4de654e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fe779e56238b6f2ea068ede4e20aef00c904132b
Validity
Not Before: May 4 14:06:38 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ac36091d7a4f8538a830f8473b4d88b653e52bdc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:fc:75:d0:03:b5:7f:05:78:ea:03:d9:23:91:
5f:11:0e:9b:b5:96:44:56:2f:a3:11:58:15:d8:b9:
21:6d:99:6b:73:72:26:ed:1b:e1:74:2a:4e:40:a8:
77:45:9b:35:a1:b3:f3:41:c3:bb:d1:9e:8d:2f:ae:
7b:a9:c9:7d:82:cf:77:27:6a:36:d2:eb:1f:8b:7a:
4a:04:20:80:16:17:27:e7:6c:a1:94:e1:1e:58:c6:
63:e0:d8:85:80:de:f2:6d:30:f1:81:25:f1:df:02:
a6:3d:42:56:b4:51:c9:77:d0:43:e4:08:79:71:8e:
c9:b8:85:dc:a0:f2:c7:77:7c:ec:05:f0:b1:99:5d:
4e:f2:b0:04:1d:c8:20:5f:24:b9:52:c0:e4:a2:74:
f0:6b:73:98:97:b7:e2:b1:10:ef:12:d7:c3:e4:3b:
07:6c:81:3a:95:29:d0:4b:b9:7e:2f:ca:ea:0b:fa:
5b:92:4f:4d:b5:dd:c3:a7:84:7d:75:eb:0f:e7:b3:
7b:e7:48:c1:d9:6a:2b:69:7a:cc:1a:40:ea:85:0a:
83:d5:70:11:8b:ae:35:ed:47:64:c1:b7:64:f0:28:
3c:b2:9e:a4:1c:c9:08:8c:46:60:c3:97:54:f7:a5:
b5:e5:bb:9c:7b:a2:c7:59:ab:8a:1e:55:36:42:c4:
69:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:36:09:1D:7A:4F:85:38:A8:30:F8:47:3B:4D:88:B6:53:E5:2B:DC
X509v3 Authority Key Identifier:
keyid:FE:77:9E:56:23:8B:6F:2E:A0:68:ED:E4:E2:0A:EF:00:C9:04:13:2B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_neeViOLby6gaO3k4grvAMkEEys.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/4de598-6b03-4bef-ab14-33894913dcb7/1/rDYJHXpPhTioMPhHO02ItlPlK9w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/4de598-6b03-4bef-ab14-33894913dcb7/1/_neeViOLby6gaO3k4grvAMkEEys.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.52.156.0/22
Signature Algorithm: sha256WithRSAEncryption
1c:b7:6c:15:a2:75:d0:cf:c6:9d:f8:c4:d7:50:e8:bb:86:0c:
49:74:34:c0:46:69:44:8e:cd:76:29:2e:13:dd:8c:5f:ca:1b:
af:a3:82:7e:4f:98:64:8b:13:dd:d9:ac:e1:99:5c:6b:d7:77:
41:fe:ba:6c:7d:5f:58:8e:4d:3d:0a:20:0b:a3:db:7b:3e:d9:
c6:73:c2:2f:e1:97:3b:b2:03:84:a9:db:99:7e:74:9b:10:8e:
31:de:74:38:b8:d7:95:90:2d:37:59:5a:f8:bc:5e:12:1c:15:
0f:5c:10:b4:24:72:04:5e:8a:ff:db:a6:bb:5b:72:e7:4d:d3:
e2:00:69:ac:cd:e2:da:30:a5:79:3e:38:8f:07:93:2c:9c:bc:
6d:54:ac:f7:d8:25:93:68:3e:31:af:3f:e4:63:2a:5a:30:43:
e0:44:ed:26:d5:7c:77:ed:93:d2:09:07:12:4f:94:78:4d:3e:
80:63:c1:bb:7e:14:75:4e:8b:fe:e6:61:91:11:70:0a:7b:2f:
56:8e:75:c8:8d:b3:5a:91:2c:94:85:e6:18:c3:0e:a7:58:7e:
1e:68:f5:0d:5c:ea:b7:8c:0a:81:b0:85:e9:2c:d7:88:89:f5:
1a:09:6c:7e:7f:f3:6b:a7:6d:e7:f6:e5:0e:82:c5:05:df:83:
89:99:f3:85
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBN5lTjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
ZTc3OWU1NjIzOGI2ZjJlYTA2OGVkZTRlMjBhZWYwMGM5MDQxMzJiMB4XDTIyMDUw
NDE0MDYzOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYWMzNjA5MWQ3YTRm
ODUzOGE4MzBmODQ3M2I0ZDg4YjY1M2U1MmJkYzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAL/8ddADtX8FeOoD2SORXxEOm7WWRFYvoxFYFdi5IW2Za3Ny
Ju0b4XQqTkCod0WbNaGz80HDu9GejS+ue6nJfYLPdydqNtLrH4t6SgQggBYXJ+ds
oZThHljGY+DYhYDe8m0w8YEl8d8Cpj1CVrRRyXfQQ+QIeXGOybiF3KDyx3d87AXw
sZldTvKwBB3IIF8kuVLA5KJ08GtzmJe34rEQ7xLXw+Q7B2yBOpUp0Eu5fi/K6gv6
W5JPTbXdw6eEfXXrD+eze+dIwdlqK2l6zBpA6oUKg9VwEYuuNe1HZMG3ZPAoPLKe
pBzJCIxGYMOXVPelteW7nHuix1mrih5VNkLEaR8CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSsNgkdek+FOKgw+Ec7TYi2U+Ur3DAfBgNVHSMEGDAWgBT+d55WI4tvLqBo
7eTiCu8AyQQTKzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L19uZWVWaU9MYnk2Z2FPM2s0Z3J2QU1rRUV5cy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjEvNGRlNTk4LTZiMDMtNGJlZi1hYjE0LTMzODk0OTEzZGNiNy8x
L3JEWUpIWHBQaFRpb01QaEhPMDJJdGxQbEs5dy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjEv
NGRlNTk4LTZiMDMtNGJlZi1hYjE0LTMzODk0OTEzZGNiNy8xL19uZWVWaU9MYnk2
Z2FPM2s0Z3J2QU1rRUV5cy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArA0nDANBgkqhkiG9w0BAQsFAAOC
AQEAHLdsFaJ10M/GnfjE11Dou4YMSXQ0wEZpRI7NdikuE92MX8obr6OCfk+YZIsT
3dms4Zlca9d3Qf66bH1fWI5NPQogC6Pbez7ZxnPCL+GXO7IDhKnbmX50mxCOMd50
OLjXlZAtN1la+LxeEhwVD1wQtCRyBF6K/9umu1ty503T4gBprM3i2jCleT44jweT
LJy8bVSs99glk2g+Ma8/5GMqWjBD4ETtJtV8d+2T0gkHEk+UeE0+gGPBu34UdU6L
/uZhkRFwCnsvVo51yI2zWpEslIXmGMMOp1h+Hmj1DVzqt4wKgbCF6SzXiIn1Ggls
fn/za6dt5/blDoLFBd+DiZnzhQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:39:05 2024 by rpki-client on console-ams.rpki-client.org