Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/ebacbd-8190-4e5a-a03a-cd439492b7ae/1/TFW9zSi0CJxiShv7gYsNvWeS6gE.roa
File: TFW9zSi0CJxiShv7gYsNvWeS6gE.roa (raw, json)
Hash identifier: yMW6Vf+/UgmVCP4umd5FIOeGUYzz1BXsJIjW414tmLc=
Subject key identifier: 4C:55:BD:CD:28:B4:08:9C:62:4A:1B:FB:81:8B:0D:BD:67:92:EA:01
Certificate issuer: /CN=6811e125cb357076f2fa3138c93e9a2681b17893
Certificate serial: 1281FBCD
Authority key identifier: 68:11:E1:25:CB:35:70:76:F2:FA:31:38:C9:3E:9A:26:81:B1:78:93
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aBHhJcs1cHby-jE4yT6aJoGxeJM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/11/ebacbd-8190-4e5a-a03a-cd439492b7ae/1/TFW9zSi0CJxiShv7gYsNvWeS6gE.roa
Signing time: Sat 01 Jan 2022 03:52:23 +0000
ROA not before: Sat 01 Jan 2022 03:52:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 15570
IP address blocks: 77.242.200.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 310508493 (0x1281fbcd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6811e125cb357076f2fa3138c93e9a2681b17893
Validity
Not Before: Jan 1 03:52:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=4c55bdcd28b4089c624a1bfb818b0dbd6792ea01
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f3:aa:6e:8d:35:8c:4b:23:8c:d2:9e:7a:6a:9f:
2a:5e:81:11:1f:b7:cf:ad:69:69:a1:6c:84:2c:e8:
3a:28:a4:5f:80:c0:41:13:35:6b:fb:59:dc:49:48:
20:88:08:f3:6f:17:68:1f:0a:c8:cd:a8:27:83:52:
79:47:dc:a4:ff:c1:7f:81:a5:20:02:c9:c5:9a:11:
dc:73:f7:be:12:32:cf:c9:fc:0d:23:50:b9:13:7e:
af:72:ad:27:f9:13:1e:06:ef:74:82:de:2d:d7:b1:
ae:ff:84:7c:49:b7:b6:49:08:b5:e2:fb:ab:20:26:
f2:bf:ee:21:70:7d:9b:d8:02:3e:86:7d:f8:02:34:
0d:89:b4:df:04:c1:62:81:00:1a:51:58:3e:72:c2:
95:e0:38:09:78:2c:26:a2:0a:19:30:71:b9:53:b2:
c8:6b:1a:00:06:15:16:7a:9b:f8:04:a3:b7:e9:f1:
76:d8:9b:8d:99:4f:d5:02:a7:b1:df:f8:1b:49:1a:
5d:d5:b3:cd:15:e2:cd:5c:98:c5:ec:3b:ee:85:94:
9d:6e:a4:43:06:07:49:10:ec:a0:21:3a:dc:d7:4b:
7d:34:57:9b:e3:58:75:b4:66:7e:b1:58:a0:4c:57:
62:ac:79:8f:3c:96:1e:dc:bc:20:21:23:8e:0d:d8:
ca:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:55:BD:CD:28:B4:08:9C:62:4A:1B:FB:81:8B:0D:BD:67:92:EA:01
X509v3 Authority Key Identifier:
keyid:68:11:E1:25:CB:35:70:76:F2:FA:31:38:C9:3E:9A:26:81:B1:78:93
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aBHhJcs1cHby-jE4yT6aJoGxeJM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/ebacbd-8190-4e5a-a03a-cd439492b7ae/1/TFW9zSi0CJxiShv7gYsNvWeS6gE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/11/ebacbd-8190-4e5a-a03a-cd439492b7ae/1/aBHhJcs1cHby-jE4yT6aJoGxeJM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.242.200.0/24
Signature Algorithm: sha256WithRSAEncryption
ac:15:fd:d1:a4:3a:b4:ca:27:4b:6c:5a:b1:32:65:06:ee:c5:
31:c2:a0:2c:74:32:8a:68:c1:f0:bd:dc:ad:08:c7:99:39:31:
e4:a5:35:ed:2a:1c:32:a0:94:2c:3f:a3:e8:d9:b7:03:80:02:
1a:02:cf:bf:6f:e4:25:18:1e:00:77:a4:43:87:6d:b8:8a:de:
24:29:18:95:12:b1:c5:38:a6:2d:a1:b3:e3:97:ec:ba:3b:cf:
a2:3f:87:9a:b4:54:df:db:d1:6a:ae:9a:d3:e3:fb:2e:54:17:
26:24:60:99:bc:fb:7a:8c:7c:79:71:1f:5e:67:ef:e7:04:b2:
70:46:eb:c1:b8:6c:a4:cb:8b:d8:69:a0:9b:75:48:48:fc:d3:
7c:f8:b9:dd:e0:12:e9:2b:4a:b3:3b:50:30:2d:af:3f:9c:d4:
29:2e:bb:58:75:2f:33:18:48:61:41:01:06:b8:ac:47:15:7b:
b7:35:32:f3:3e:7a:1e:f5:65:b6:53:6a:39:f1:ce:00:6c:37:
df:ac:3c:7a:c4:e3:e1:5e:07:40:0c:57:90:52:9f:62:f0:f6:
6c:7a:75:1f:96:df:6e:33:c6:01:02:61:1e:f1:6f:02:f7:72:
f7:91:bc:8c:bf:4a:4a:0b:0f:8e:f6:8d:89:0b:04:ac:a8:b5:
0a:e9:2c:a2
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEEoH7zTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
ODExZTEyNWNiMzU3MDc2ZjJmYTMxMzhjOTNlOWEyNjgxYjE3ODkzMB4XDTIyMDEw
MTAzNTIyM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNGM1NWJkY2QyOGI0
MDg5YzYyNGExYmZiODE4YjBkYmQ2NzkyZWEwMTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAPOqbo01jEsjjNKeemqfKl6BER+3z61paaFshCzoOiikX4DA
QRM1a/tZ3ElIIIgI828XaB8KyM2oJ4NSeUfcpP/Bf4GlIALJxZoR3HP3vhIyz8n8
DSNQuRN+r3KtJ/kTHgbvdILeLdexrv+EfEm3tkkIteL7qyAm8r/uIXB9m9gCPoZ9
+AI0DYm03wTBYoEAGlFYPnLCleA4CXgsJqIKGTBxuVOyyGsaAAYVFnqb+ASjt+nx
dtibjZlP1QKnsd/4G0kaXdWzzRXizVyYxew77oWUnW6kQwYHSRDsoCE63NdLfTRX
m+NYdbRmfrFYoExXYqx5jzyWHty8ICEjjg3YynkCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRMVb3NKLQInGJKG/uBiw29Z5LqATAfBgNVHSMEGDAWgBRoEeElyzVwdvL6
MTjJPpomgbF4kzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2FCSGhKY3MxY0hieS1qRTR5VDZhSm9HeGVKTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMTEvZWJhY2JkLTgxOTAtNGU1YS1hMDNhLWNkNDM5NDkyYjdhZS8x
L1RGVzl6U2kwQ0p4aVNodjdnWXNOdldlUzZnRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTEv
ZWJhY2JkLTgxOTAtNGU1YS1hMDNhLWNkNDM5NDkyYjdhZS8xL2FCSGhKY3MxY0hi
eS1qRTR5VDZhSm9HeGVKTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAE3yyDANBgkqhkiG9w0BAQsFAAOC
AQEArBX90aQ6tMonS2xasTJlBu7FMcKgLHQyimjB8L3crQjHmTkx5KU17SocMqCU
LD+j6Nm3A4ACGgLPv2/kJRgeAHekQ4dtuIreJCkYlRKxxTimLaGz45fsujvPoj+H
mrRU39vRaq6a0+P7LlQXJiRgmbz7eox8eXEfXmfv5wSycEbrwbhspMuL2Gmgm3VI
SPzTfPi53eAS6StKsztQMC2vP5zUKS67WHUvMxhIYUEBBrisRxV7tzUy8z56HvVl
tlNqOfHOAGw336w8esTj4V4HQAxXkFKfYvD2bHp1H5bfbjPGAQJhHvFvAvdy95G8
jL9KSgsPjvaNiQsErKi1Cuksog==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:54:08 2024 by rpki-client on console-ams.rpki-client.org