Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/4de598-6b03-4bef-ab14-33894913dcb7/1/zB8mhwYudtOQRq3utW9411acgRI.roa
File: zB8mhwYudtOQRq3utW9411acgRI.roa (raw, json)
Hash identifier: SdYPhEXuiNeYDpTjD9pNbg5E4Rj2l3klzvUhkVLoPEk=
Subject key identifier: CC:1F:26:87:06:2E:76:D3:90:46:AD:EE:B5:6F:78:D7:56:9C:81:12
Certificate issuer: /CN=fe779e56238b6f2ea068ede4e20aef00c904132b
Certificate serial: 0519D150
Authority key identifier: FE:77:9E:56:23:8B:6F:2E:A0:68:ED:E4:E2:0A:EF:00:C9:04:13:2B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_neeViOLby6gaO3k4grvAMkEEys.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/4de598-6b03-4bef-ab14-33894913dcb7/1/zB8mhwYudtOQRq3utW9411acgRI.roa
Signing time: Fri 27 May 2022 07:20:13 +0000
ROA not before: Fri 27 May 2022 07:20:13 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 61317
IP address blocks: 176.52.132.0/22 maxlen: 22
176.52.128.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 85578064 (0x519d150)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fe779e56238b6f2ea068ede4e20aef00c904132b
Validity
Not Before: May 27 07:20:13 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=cc1f2687062e76d39046adeeb56f78d7569c8112
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:13:af:d7:5a:e3:b9:58:d5:06:80:bf:43:a3:
5d:d8:df:d1:d6:34:e5:96:1f:86:73:cd:6b:1c:f6:
b5:f8:18:75:67:1e:5d:e8:1c:3b:c0:ee:6d:b4:1a:
be:29:20:60:5c:4a:b3:c8:42:b9:e7:d2:c6:79:c9:
bf:63:49:f3:cc:af:bc:ca:0a:06:2a:77:54:5f:fd:
3d:16:0c:c6:b1:4b:75:98:be:bf:8b:ca:36:bb:1c:
1c:e0:31:65:a4:f0:f9:a0:4c:90:2a:3e:0a:d0:f5:
c8:cb:16:70:98:d6:19:b6:0c:9d:08:38:4f:c6:c1:
08:72:0e:3a:09:b0:f2:84:43:3f:4b:c9:b3:19:c8:
cd:9f:5f:d7:b0:e0:0c:e7:16:10:e3:04:fd:97:43:
6b:cf:73:f1:14:00:ac:d2:c1:d9:7f:bd:e2:f5:2d:
58:b9:59:08:ed:03:4e:e1:fc:5e:be:80:fc:f8:f2:
86:c1:fc:57:c0:3c:7b:21:0f:4b:c8:f2:b6:00:30:
20:1b:46:2b:9b:43:76:2a:ac:82:13:8e:38:9d:e1:
5d:33:66:a0:d1:a5:f5:b1:49:2b:9e:da:77:51:8e:
14:f4:4a:3f:d0:8c:c5:36:33:6a:cd:d7:16:cf:40:
af:bc:81:90:bc:7f:70:34:ba:a6:3e:08:03:21:b9:
64:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:1F:26:87:06:2E:76:D3:90:46:AD:EE:B5:6F:78:D7:56:9C:81:12
X509v3 Authority Key Identifier:
keyid:FE:77:9E:56:23:8B:6F:2E:A0:68:ED:E4:E2:0A:EF:00:C9:04:13:2B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_neeViOLby6gaO3k4grvAMkEEys.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/4de598-6b03-4bef-ab14-33894913dcb7/1/zB8mhwYudtOQRq3utW9411acgRI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/4de598-6b03-4bef-ab14-33894913dcb7/1/_neeViOLby6gaO3k4grvAMkEEys.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.52.128.0/21
Signature Algorithm: sha256WithRSAEncryption
4a:38:b1:78:1c:53:bc:b2:26:c4:0f:56:44:3b:d3:25:f4:c3:
f9:30:50:f3:78:ba:20:b8:5f:91:d2:85:6f:a1:15:ea:75:10:
c2:3d:6b:0f:6f:61:57:30:f0:3f:c7:a5:e2:e9:dd:87:a3:41:
76:b9:26:06:21:9b:c5:79:23:98:90:f9:58:b2:07:cf:c0:83:
b4:69:65:24:8c:5e:14:77:de:e2:f9:6b:11:4b:04:b1:48:ec:
de:f7:d9:ba:bc:20:96:2f:2a:0a:6d:63:cf:bf:af:32:51:9e:
c6:b4:bb:3c:26:37:23:46:e3:e1:af:46:62:f1:9f:bd:66:33:
fb:a7:a6:8e:54:be:22:44:ba:6b:36:a8:25:08:5b:22:bc:6b:
12:ef:4d:12:e1:15:9f:b7:45:4b:a3:73:c0:d9:41:2c:a8:25:
a1:da:73:86:73:8e:7b:ff:10:c9:d3:2e:21:ac:c8:2d:44:21:
53:6f:cd:4a:3b:32:2a:50:e1:72:52:bb:37:f4:0c:ae:b5:5d:
5a:a2:60:68:5f:3a:3f:6b:56:e1:ca:ef:f5:e8:8c:b8:db:e6:
b6:b2:69:69:6b:fd:de:17:e0:16:55:b1:91:72:e9:9e:65:ad:
07:ea:e0:36:12:ee:c0:49:e3:7f:d4:8b:04:99:c1:53:40:a2:
73:ad:5c:69
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBRnRUDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
ZTc3OWU1NjIzOGI2ZjJlYTA2OGVkZTRlMjBhZWYwMGM5MDQxMzJiMB4XDTIyMDUy
NzA3MjAxM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoY2MxZjI2ODcwNjJl
NzZkMzkwNDZhZGVlYjU2Zjc4ZDc1NjljODExMjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJ8Tr9da47lY1QaAv0OjXdjf0dY05ZYfhnPNaxz2tfgYdWce
XegcO8DubbQavikgYFxKs8hCuefSxnnJv2NJ88yvvMoKBip3VF/9PRYMxrFLdZi+
v4vKNrscHOAxZaTw+aBMkCo+CtD1yMsWcJjWGbYMnQg4T8bBCHIOOgmw8oRDP0vJ
sxnIzZ9f17DgDOcWEOME/ZdDa89z8RQArNLB2X+94vUtWLlZCO0DTuH8Xr6A/Pjy
hsH8V8A8eyEPS8jytgAwIBtGK5tDdiqsghOOOJ3hXTNmoNGl9bFJK57ad1GOFPRK
P9CMxTYzas3XFs9Ar7yBkLx/cDS6pj4IAyG5ZHECAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTMHyaHBi5205BGre61b3jXVpyBEjAfBgNVHSMEGDAWgBT+d55WI4tvLqBo
7eTiCu8AyQQTKzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L19uZWVWaU9MYnk2Z2FPM2s0Z3J2QU1rRUV5cy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjEvNGRlNTk4LTZiMDMtNGJlZi1hYjE0LTMzODk0OTEzZGNiNy8x
L3pCOG1od1l1ZHRPUVJxM3V0Vzk0MTFhY2dSSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjEv
NGRlNTk4LTZiMDMtNGJlZi1hYjE0LTMzODk0OTEzZGNiNy8xL19uZWVWaU9MYnk2
Z2FPM2s0Z3J2QU1rRUV5cy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEA7A0gDANBgkqhkiG9w0BAQsFAAOC
AQEASjixeBxTvLImxA9WRDvTJfTD+TBQ83i6ILhfkdKFb6EV6nUQwj1rD29hVzDw
P8el4undh6NBdrkmBiGbxXkjmJD5WLIHz8CDtGllJIxeFHfe4vlrEUsEsUjs3vfZ
urwgli8qCm1jz7+vMlGexrS7PCY3I0bj4a9GYvGfvWYz+6emjlS+IkS6azaoJQhb
IrxrEu9NEuEVn7dFS6NzwNlBLKglodpzhnOOe/8QydMuIazILUQhU2/NSjsyKlDh
clK7N/QMrrVdWqJgaF86P2tW4crv9eiMuNvmtrJpaWv93hfgFlWxkXLpnmWtB+rg
NhLuwEnjf9SLBJnBU0Cic61caQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:39:05 2024 by rpki-client on console-ams.rpki-client.org