Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/b8d29c-3333-493c-9739-df56ec670de7/1/c73aCOa8v3CzcpYs-mUoKz-gzvs.roa
File: c73aCOa8v3CzcpYs-mUoKz-gzvs.roa (raw, json)
Hash identifier: I9ONMzmcNW0wKOOj+7eaWqLKhLzMQAeEo0tE00Xuebg=
Subject key identifier: 73:BD:DA:08:E6:BC:BF:70:B3:72:96:2C:FA:65:28:2B:3F:A0:CE:FB
Certificate issuer: /CN=fcbe62378bb580af4ed70bfa35abc840945d7803
Certificate serial: 072EF1
Authority key identifier: FC:BE:62:37:8B:B5:80:AF:4E:D7:0B:FA:35:AB:C8:40:94:5D:78:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_L5iN4u1gK9O1wv6NavIQJRdeAM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/b8d29c-3333-493c-9739-df56ec670de7/1/c73aCOa8v3CzcpYs-mUoKz-gzvs.roa
Signing time: Thu 24 Mar 2022 08:04:59 +0000
ROA not before: Thu 24 Mar 2022 08:04:59 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 34326
IP address blocks: 77.240.244.0/22 maxlen: 22
178.236.192.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 470769 (0x72ef1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fcbe62378bb580af4ed70bfa35abc840945d7803
Validity
Not Before: Mar 24 08:04:59 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=73bdda08e6bcbf70b372962cfa65282b3fa0cefb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:5a:11:06:f7:4e:69:90:1f:42:b5:15:6d:5f:
c6:6f:ca:50:ed:25:31:08:13:66:d7:22:68:5b:ff:
0c:45:25:2b:87:de:97:ac:09:36:cf:89:81:ed:e6:
af:8d:a6:7f:a1:66:5a:d1:22:f3:77:71:00:f2:8e:
9b:43:14:00:d0:ef:15:68:b1:9f:3a:92:58:54:50:
65:7e:a0:1e:ab:38:39:df:01:a4:a3:00:db:1e:23:
2e:64:4e:90:0d:7a:2d:0e:dd:3f:ac:c6:e2:50:44:
84:84:28:81:4f:6c:22:fd:0f:71:25:b3:ac:70:e8:
aa:36:f3:41:9b:6a:86:e5:e0:0f:f7:7e:7c:aa:d0:
27:0f:b7:cc:59:8b:96:2c:82:ff:ff:46:7b:20:76:
d4:30:ad:e9:d6:8e:0a:c2:61:e1:cf:94:6f:9d:09:
64:5d:e6:3a:4a:a7:14:5c:d7:36:ba:b6:b9:31:59:
62:c3:7e:d0:25:5e:5d:b4:ea:6e:6c:22:9a:00:c5:
f4:d1:12:94:61:14:46:c3:cc:12:ba:bd:b4:59:17:
4f:9e:53:08:9a:7d:95:9c:50:3e:57:6c:32:40:09:
ed:d8:2a:a1:e2:3d:e3:bd:4f:7f:93:d8:da:bd:a9:
cd:17:d9:f0:31:8d:d2:be:4c:63:2c:be:00:9d:ca:
12:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:BD:DA:08:E6:BC:BF:70:B3:72:96:2C:FA:65:28:2B:3F:A0:CE:FB
X509v3 Authority Key Identifier:
keyid:FC:BE:62:37:8B:B5:80:AF:4E:D7:0B:FA:35:AB:C8:40:94:5D:78:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_L5iN4u1gK9O1wv6NavIQJRdeAM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/b8d29c-3333-493c-9739-df56ec670de7/1/c73aCOa8v3CzcpYs-mUoKz-gzvs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/b8d29c-3333-493c-9739-df56ec670de7/1/_L5iN4u1gK9O1wv6NavIQJRdeAM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.240.244.0/22
178.236.192.0/22
Signature Algorithm: sha256WithRSAEncryption
8a:1f:0f:82:2c:0f:1a:3a:c6:7e:f0:22:fe:02:ce:5f:d9:e8:
74:fd:44:30:0f:a0:4c:38:a9:57:07:8b:a8:55:70:d5:c0:98:
fb:83:65:33:63:30:1a:7f:0a:66:f3:02:f8:13:d2:36:55:f1:
0e:1f:03:06:24:b1:84:46:64:be:8f:92:78:b8:3e:0a:51:d6:
04:5a:e3:d3:73:aa:c8:39:38:fa:77:6c:73:fe:b6:e5:54:8f:
09:b2:09:02:9f:b4:63:fb:dd:c4:06:84:7e:d2:9f:24:0c:1f:
75:ca:b1:e7:87:25:90:ab:dd:8e:13:99:2d:57:54:b8:c0:10:
13:21:c5:8a:31:ba:3d:aa:4b:80:3b:be:00:f5:dd:e1:06:c1:
0c:2d:58:c7:01:38:f5:47:3e:7b:70:8b:60:a4:e2:2a:6b:84:
91:c0:1e:52:30:36:74:87:dd:a2:f4:aa:4a:98:46:b5:75:f2:
df:ef:7f:3f:f3:91:4e:e4:e3:0b:26:53:47:e0:b2:76:dd:20:
73:a2:ec:2d:c8:f0:77:9e:06:11:87:da:72:5e:dd:c8:f3:4b:
e2:1e:09:d3:90:1a:a2:ec:53:35:b3:dd:a6:24:bf:f3:fa:9f:
a3:cc:57:65:64:89:49:ae:a1:1a:0b:cc:bd:ea:de:fe:f1:2c:
f5:e1:7b:5d
-----BEGIN CERTIFICATE-----
MIIE9DCCA9ygAwIBAgIDBy7xMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGZj
YmU2MjM3OGJiNTgwYWY0ZWQ3MGJmYTM1YWJjODQwOTQ1ZDc4MDMwHhcNMjIwMzI0
MDgwNDU5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyg3M2JkZGEwOGU2YmNi
ZjcwYjM3Mjk2MmNmYTY1MjgyYjNmYTBjZWZiMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAxVoRBvdOaZAfQrUVbV/Gb8pQ7SUxCBNm1yJoW/8MRSUrh96X
rAk2z4mB7eavjaZ/oWZa0SLzd3EA8o6bQxQA0O8VaLGfOpJYVFBlfqAeqzg53wGk
owDbHiMuZE6QDXotDt0/rMbiUESEhCiBT2wi/Q9xJbOscOiqNvNBm2qG5eAP9358
qtAnD7fMWYuWLIL//0Z7IHbUMK3p1o4KwmHhz5RvnQlkXeY6SqcUXNc2ura5MVli
w37QJV5dtOpubCKaAMX00RKUYRRGw8wSur20WRdPnlMImn2VnFA+V2wyQAnt2Cqh
4j3jvU9/k9javanNF9nwMY3SvkxjLL4AncoSzwIDAQABo4ICDzCCAgswHQYDVR0O
BBYEFHO92gjmvL9ws3KWLPplKCs/oM77MB8GA1UdIwQYMBaAFPy+YjeLtYCvTtcL
+jWryECUXXgDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
X0w1aU40dTFnSzlPMXd2Nk5hdklRSlJkZUFNLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9iOC9iOGQyOWMtMzMzMy00OTNjLTk3MzktZGY1NmVjNjcwZGU3LzEv
YzczYUNPYTh2M0N6Y3BZcy1tVW9Lei1nenZzLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC9i
OGQyOWMtMzMzMy00OTNjLTk3MzktZGY1NmVjNjcwZGU3LzEvX0w1aU40dTFnSzlP
MXd2Nk5hdklRSlJkZUFNLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCUG
CCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCTfD0AwQCsuzAMA0GCSqGSIb3DQEB
CwUAA4IBAQCKHw+CLA8aOsZ+8CL+As5f2eh0/UQwD6BMOKlXB4uoVXDVwJj7g2Uz
YzAafwpm8wL4E9I2VfEOHwMGJLGERmS+j5J4uD4KUdYEWuPTc6rIOTj6d2xz/rbl
VI8JsgkCn7Rj+93EBoR+0p8kDB91yrHnhyWQq92OE5ktV1S4wBATIcWKMbo9qkuA
O74A9d3hBsEMLVjHATj1Rz57cItgpOIqa4SRwB5SMDZ0h92i9KpKmEa1dfLf738/
85FO5OMLJlNH4LJ23SBzouwtyPB3ngYRh9pyXt3I80viHgnTkBqi7FM1s92mJL/z
+p+jzFdlZIlJrqEaC8y96t7+8Sz14Xtd
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:13 2024 by rpki-client on console-fra.rpki-client.org