Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/4de598-6b03-4bef-ab14-33894913dcb7/1/uZTfp0_zw3ZM5QwrjHi8iquUL8s.roa
File: uZTfp0_zw3ZM5QwrjHi8iquUL8s.roa (raw, json)
Hash identifier: 4zr1Jebn/QXRHRgMLOglY3My7p2V6AkMZAWLPH7jzG0=
Subject key identifier: B9:94:DF:A7:4F:F3:C3:76:4C:E5:0C:2B:8C:78:BC:8A:AB:94:2F:CB
Certificate issuer: /CN=fe779e56238b6f2ea068ede4e20aef00c904132b
Certificate serial: 03FC685E
Authority key identifier: FE:77:9E:56:23:8B:6F:2E:A0:68:ED:E4:E2:0A:EF:00:C9:04:13:2B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_neeViOLby6gaO3k4grvAMkEEys.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/4de598-6b03-4bef-ab14-33894913dcb7/1/uZTfp0_zw3ZM5QwrjHi8iquUL8s.roa
Signing time: Fri 04 Feb 2022 20:00:14 +0000
ROA not before: Fri 04 Feb 2022 20:00:14 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 0
IP address blocks: 176.52.152.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 66873438 (0x3fc685e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fe779e56238b6f2ea068ede4e20aef00c904132b
Validity
Not Before: Feb 4 20:00:14 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b994dfa74ff3c3764ce50c2b8c78bc8aab942fcb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:aa:ba:89:78:2b:56:48:95:4c:74:55:2a:52:
a6:8b:a0:7e:20:b1:da:20:e9:cf:29:c0:62:5a:b1:
4c:56:1f:ae:82:42:fe:a4:3e:a1:5d:ce:6a:e4:11:
11:60:36:a6:c1:b8:46:4b:e1:77:74:8f:c1:0e:33:
d8:a8:9f:16:74:a9:b6:26:2f:63:7a:3d:2e:66:f6:
94:95:f4:b5:7b:6c:19:35:7e:02:7d:72:a3:c3:c0:
e0:ff:dd:51:9d:94:8a:34:e3:54:31:a3:ea:1e:db:
c2:63:9f:d9:b4:e8:6f:b6:20:b7:fa:62:65:be:9f:
66:c7:fc:ce:9a:f1:d1:b6:74:29:99:2f:5d:14:3b:
9c:78:ac:f2:a2:90:b0:33:68:fa:9e:7f:9c:37:20:
e7:82:20:d3:91:d3:d6:aa:89:e8:ee:f5:17:9c:63:
91:3b:dc:ed:05:e0:d4:8a:5b:dc:5c:7d:e0:24:29:
2e:d6:de:91:06:e8:6c:90:9c:b4:e0:07:bc:d4:7a:
72:62:a5:cd:78:97:84:8c:4a:6a:26:a2:4f:fb:21:
2a:d4:3d:88:70:00:f0:0b:24:ab:76:9e:22:c8:c8:
3d:ea:04:47:9a:a6:2c:14:5e:59:78:29:cf:1c:de:
5c:79:91:c7:e2:84:df:09:13:f0:45:86:f9:b8:87:
4d:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:94:DF:A7:4F:F3:C3:76:4C:E5:0C:2B:8C:78:BC:8A:AB:94:2F:CB
X509v3 Authority Key Identifier:
keyid:FE:77:9E:56:23:8B:6F:2E:A0:68:ED:E4:E2:0A:EF:00:C9:04:13:2B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_neeViOLby6gaO3k4grvAMkEEys.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/4de598-6b03-4bef-ab14-33894913dcb7/1/uZTfp0_zw3ZM5QwrjHi8iquUL8s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/4de598-6b03-4bef-ab14-33894913dcb7/1/_neeViOLby6gaO3k4grvAMkEEys.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.52.152.0/22
Signature Algorithm: sha256WithRSAEncryption
21:da:71:54:f1:58:63:1b:bd:c2:7c:41:55:74:4e:e1:11:5c:
62:6f:9c:c3:68:3d:93:2d:01:6a:26:c3:47:a6:1c:99:00:8c:
eb:f3:69:0a:59:80:68:72:57:fd:6d:33:b7:f2:9e:3b:d2:87:
9e:c1:31:05:e8:30:d2:05:2a:ba:a7:c8:5b:41:4d:ee:cf:d5:
67:b3:3b:29:13:80:f5:81:d7:25:e1:34:03:94:4d:55:de:35:
e1:07:77:8d:38:71:59:19:e6:74:e8:f3:18:7e:1a:08:46:14:
83:e0:a9:8a:58:bb:aa:93:33:a5:5d:51:48:85:7d:8a:16:49:
dc:cd:4a:7d:45:84:e8:07:04:0a:1e:91:8a:36:34:66:cb:61:
7d:63:72:f1:e6:6e:3a:90:da:de:db:f2:4d:ef:73:63:15:50:
65:43:80:33:5a:e6:1d:b3:bf:0a:22:f6:35:33:0a:13:16:77:
cf:7f:59:de:aa:65:5d:ca:cd:9e:1e:80:73:d3:18:5e:38:3f:
e5:b7:d4:43:15:9c:63:d0:e4:f0:e8:b6:07:7e:4c:78:d3:2a:
a3:40:76:a5:e7:9c:54:f3:5a:ca:84:74:e5:d6:5b:87:c1:e8:
90:06:8f:90:25:d9:43:ea:aa:5f:94:6e:ee:e8:ce:2c:a2:5e:
ce:23:f3:4e
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEA/xoXjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
ZTc3OWU1NjIzOGI2ZjJlYTA2OGVkZTRlMjBhZWYwMGM5MDQxMzJiMB4XDTIyMDIw
NDIwMDAxNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYjk5NGRmYTc0ZmYz
YzM3NjRjZTUwYzJiOGM3OGJjOGFhYjk0MmZjYjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKyquol4K1ZIlUx0VSpSpougfiCx2iDpzynAYlqxTFYfroJC
/qQ+oV3OauQREWA2psG4Rkvhd3SPwQ4z2KifFnSptiYvY3o9Lmb2lJX0tXtsGTV+
An1yo8PA4P/dUZ2UijTjVDGj6h7bwmOf2bTob7Ygt/piZb6fZsf8zprx0bZ0KZkv
XRQ7nHis8qKQsDNo+p5/nDcg54Ig05HT1qqJ6O71F5xjkTvc7QXg1Ipb3Fx94CQp
LtbekQbobJCctOAHvNR6cmKlzXiXhIxKaiaiT/shKtQ9iHAA8Askq3aeIsjIPeoE
R5qmLBReWXgpzxzeXHmRx+KE3wkT8EWG+biHTVsCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBS5lN+nT/PDdkzlDCuMeLyKq5QvyzAfBgNVHSMEGDAWgBT+d55WI4tvLqBo
7eTiCu8AyQQTKzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L19uZWVWaU9MYnk2Z2FPM2s0Z3J2QU1rRUV5cy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjEvNGRlNTk4LTZiMDMtNGJlZi1hYjE0LTMzODk0OTEzZGNiNy8x
L3VaVGZwMF96dzNaTTVRd3JqSGk4aXF1VUw4cy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjEv
NGRlNTk4LTZiMDMtNGJlZi1hYjE0LTMzODk0OTEzZGNiNy8xL19uZWVWaU9MYnk2
Z2FPM2s0Z3J2QU1rRUV5cy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArA0mDANBgkqhkiG9w0BAQsFAAOC
AQEAIdpxVPFYYxu9wnxBVXRO4RFcYm+cw2g9ky0BaibDR6YcmQCM6/NpClmAaHJX
/W0zt/KeO9KHnsExBegw0gUquqfIW0FN7s/VZ7M7KROA9YHXJeE0A5RNVd414Qd3
jThxWRnmdOjzGH4aCEYUg+Cpili7qpMzpV1RSIV9ihZJ3M1KfUWE6AcECh6RijY0
ZsthfWNy8eZuOpDa3tvyTe9zYxVQZUOAM1rmHbO/CiL2NTMKExZ3z39Z3qplXcrN
nh6Ac9MYXjg/5bfUQxWcY9Dk8Oi2B35MeNMqo0B2peecVPNayoR05dZbh8HokAaP
kCXZQ+qqX5Ru7ujOLKJeziPzTg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:39:05 2024 by rpki-client on console-ams.rpki-client.org