Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/2m7ne0V9u0vVbkPfSqj8dsywwAw.roa
File: 2m7ne0V9u0vVbkPfSqj8dsywwAw.roa (raw, json)
Hash identifier: HWgXT9XVRvlQ9x1rmZXwQ3PbRup+RJ6S2SuLGX/DRo0=
Subject key identifier: DA:6E:E7:7B:45:7D:BB:4B:D5:6E:43:DF:4A:A8:FC:76:CC:B0:C0:0C
Certificate issuer: /CN=05b1d13c2e26e12786246a5ec4c5bea69864b20f
Certificate serial: 018972C0391511FEF7B695B8720C2415BEF1
Authority key identifier: 05:B1:D1:3C:2E:26:E1:27:86:24:6A:5E:C4:C5:BE:A6:98:64:B2:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BbHRPC4m4SeGJGpexMW-pphksg8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/2m7ne0V9u0vVbkPfSqj8dsywwAw.roa
Signing time: Thu 20 Jul 2023 10:02:27 +0000
ROA not before: Thu 20 Jul 2023 10:02:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 51898
IP address blocks: 77.220.204.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:72:c0:39:15:11:fe:f7:b6:95:b8:72:0c:24:15:be:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=05b1d13c2e26e12786246a5ec4c5bea69864b20f
Validity
Not Before: Jul 20 10:02:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=da6ee77b457dbb4bd56e43df4aa8fc76ccb0c00c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:64:4b:1a:96:b6:9f:5e:9c:3a:c4:4f:30:47:
22:2f:69:85:bf:85:4a:dc:be:53:0e:9b:0b:75:e6:
07:03:06:af:ff:44:d5:66:51:2a:c6:8e:42:90:16:
31:43:01:3a:d1:26:65:07:d9:32:4a:b2:9a:3b:a0:
ca:f3:0d:94:87:24:13:0f:d4:62:3c:0c:b1:6b:a6:
54:6f:02:e7:d8:15:3f:c7:9d:2e:68:ec:ff:ae:35:
68:f1:ff:1f:c2:1a:58:12:f3:14:1e:d8:ae:91:c6:
03:4a:3e:24:6f:98:bf:ba:ef:42:f3:9f:2c:41:2a:
fa:d8:e9:c2:d5:f1:0f:b8:2e:8a:e1:89:d6:c6:10:
b8:94:a8:73:80:6d:23:86:28:2e:f5:65:bb:95:6e:
5a:2a:ab:3f:df:8a:5f:c5:1c:a0:83:3c:0f:f0:cf:
3e:aa:b2:70:05:b6:17:77:88:40:13:4c:74:f3:40:
24:5d:a5:d0:7d:3e:ab:17:6f:23:46:2a:c4:27:e8:
2e:bd:3a:88:18:f9:c9:b2:a0:82:00:bb:46:60:c8:
c6:37:ab:01:b7:e4:45:0b:48:ef:b3:31:32:13:ce:
c8:55:2b:75:c1:71:c6:99:a3:b5:c8:a1:ff:ba:58:
86:c6:f5:e8:e9:8b:cd:78:78:4b:d3:08:64:7a:09:
13:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:6E:E7:7B:45:7D:BB:4B:D5:6E:43:DF:4A:A8:FC:76:CC:B0:C0:0C
X509v3 Authority Key Identifier:
keyid:05:B1:D1:3C:2E:26:E1:27:86:24:6A:5E:C4:C5:BE:A6:98:64:B2:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BbHRPC4m4SeGJGpexMW-pphksg8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/2m7ne0V9u0vVbkPfSqj8dsywwAw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/BbHRPC4m4SeGJGpexMW-pphksg8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.220.204.0/24
Signature Algorithm: sha256WithRSAEncryption
4d:e6:ff:98:51:18:16:b1:87:7e:2e:a7:1e:c7:60:08:86:e9:
8e:9a:99:17:e8:8e:eb:19:a1:2a:40:75:43:78:0c:01:15:e8:
3a:cf:ef:c6:4e:03:f3:3c:05:5c:9d:01:a1:a4:e2:84:53:1b:
ff:62:c6:f1:1b:20:f3:bd:8e:32:ad:52:44:a3:b5:17:96:7b:
5f:36:23:ae:22:3f:e2:02:8a:55:5f:57:af:27:b7:4e:95:37:
b3:f0:5f:46:f1:31:19:7d:f0:44:60:f7:be:19:0e:6b:12:64:
09:49:4e:1c:78:a7:f6:4d:99:8c:a7:27:20:74:4b:b6:6b:33:
c7:05:55:ff:10:dd:65:eb:a3:4d:1f:3a:26:9a:18:38:56:07:
df:7c:81:b6:97:42:ce:b0:dc:18:f3:d2:2d:60:37:dc:86:f5:
84:c1:7e:9f:15:ac:88:b2:39:05:df:81:09:d9:aa:e5:c3:76:
71:86:18:03:8f:c0:9d:0b:e2:9e:42:73:a0:87:73:62:29:ac:
35:35:df:f1:3a:ea:8c:dc:28:e4:82:38:d6:7f:b7:63:03:89:
63:c6:10:e4:a7:b5:a5:de:ab:99:fd:5a:23:cb:42:79:d7:17:
98:59:4a:86:81:83:16:dc:ca:8f:8d:be:f0:28:ce:8b:cb:d1:
a1:35:24:21
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYlywDkVEf73tpW4cgwkFb7xMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1YjFkMTNjMmUyNmUxMjc4NjI0NmE1ZWM0YzViZWE2OTg2
NGIyMGYwHhcNMjMwNzIwMTAwMjI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYTZlZTc3YjQ1N2RiYjRiZDU2ZTQzZGY0YWE4ZmM3NmNjYjBjMDBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk2RLGpa2n16cOsRPMEciL2mFv4VK
3L5TDpsLdeYHAwav/0TVZlEqxo5CkBYxQwE60SZlB9kySrKaO6DK8w2UhyQTD9Ri
PAyxa6ZUbwLn2BU/x50uaOz/rjVo8f8fwhpYEvMUHtiukcYDSj4kb5i/uu9C858s
QSr62OnC1fEPuC6K4YnWxhC4lKhzgG0jhigu9WW7lW5aKqs/34pfxRyggzwP8M8+
qrJwBbYXd4hAE0x080AkXaXQfT6rF28jRirEJ+guvTqIGPnJsqCCALtGYMjGN6sB
t+RFC0jvszEyE87IVSt1wXHGmaO1yKH/uliGxvXo6YvNeHhL0whkegkTAwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNpu53tFfbtL1W5D30qo/HbMsMAMMB8GA1UdIwQY
MBaAFAWx0TwuJuEnhiRqXsTFvqaYZLIPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQmJIUlBDNG00U2VHSkdwZXhNVy1wcGhrc2c4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC9jNjEwOTItNzM0YS00ZWVmLTlkNjct
NDkwNTI0M2JjODI4LzEvMm03bmUwVjl1MHZWYmtQZlNxajhkc3l3d0F3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOC9jNjEwOTItNzM0YS00ZWVmLTlkNjctNDkwNTI0M2JjODI4
LzEvQmJIUlBDNG00U2VHSkdwZXhNVy1wcGhrc2c4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQATdzMMA0G
CSqGSIb3DQEBCwUAA4IBAQBN5v+YURgWsYd+Lqcex2AIhumOmpkX6I7rGaEqQHVD
eAwBFeg6z+/GTgPzPAVcnQGhpOKEUxv/YsbxGyDzvY4yrVJEo7UXlntfNiOuIj/i
AopVX1evJ7dOlTez8F9G8TEZffBEYPe+GQ5rEmQJSU4ceKf2TZmMpycgdEu2azPH
BVX/EN1l66NNHzommhg4VgfffIG2l0LOsNwY89ItYDfchvWEwX6fFayIsjkF34EJ
2arlw3ZxhhgDj8CdC+KeQnOgh3NiKaw1Nd/xOuqM3CjkgjjWf7djA4ljxhDkp7Wl
3quZ/Vojy0J51xeYWUqGgYMW3MqPjb7wKM6Ly9GhNSQh
-----END CERTIFICATE-----
Generated at Fri Jul 28 13:37:21 2023 by rpki-client on console-fra.rpki-client.org