Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/1ea2b0-6b9a-44d7-a2e5-2206cc2e691c/1/UDxeo22Y3OxEZbv8w8Q3S6d6Miw.roa
File: UDxeo22Y3OxEZbv8w8Q3S6d6Miw.roa (raw, json)
Hash identifier: qT0KSW3n/9md1I/dgExLt+8z/qvcZszlSlJUNeIf4ow=
Subject key identifier: 50:3C:5E:A3:6D:98:DC:EC:44:65:BB:FC:C3:C4:37:4B:A7:7A:32:2C
Certificate issuer: /CN=81cca9f15e1921953a628c8ad2ac4be977b6c303
Certificate serial: 019423D71D39002703A53088EC0190DF8B4A
Authority key identifier: 81:CC:A9:F1:5E:19:21:95:3A:62:8C:8A:D2:AC:4B:E9:77:B6:C3:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gcyp8V4ZIZU6YoyK0qxL6Xe2wwM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/24/1ea2b0-6b9a-44d7-a2e5-2206cc2e691c/1/UDxeo22Y3OxEZbv8w8Q3S6d6Miw.roa
Signing time: Wed 01 Jan 2025 21:48:07 +0000
ROA not before: Wed 01 Jan 2025 21:48:07 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 12660
IP address blocks: 77.237.77.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d7:1d:39:00:27:03:a5:30:88:ec:01:90:df:8b:4a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=81cca9f15e1921953a628c8ad2ac4be977b6c303
Validity
Not Before: Jan 1 21:48:07 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=503c5ea36d98dcec4465bbfcc3c4374ba77a322c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:26:8a:5c:96:f2:aa:8a:cd:fd:0a:75:a0:d3:
23:48:44:fb:55:96:63:e2:19:7c:b5:a9:8c:b6:46:
09:44:94:92:9f:ee:99:89:cf:4b:64:5b:73:30:b9:
75:e0:55:50:af:09:8e:55:f3:95:6f:0e:43:69:dc:
c6:be:20:6b:fd:6c:d0:4c:81:0e:38:52:5f:e8:f9:
59:13:16:ba:2e:18:f5:7c:6a:83:62:26:cb:1a:03:
b1:ff:76:06:e1:4c:09:36:42:bf:78:ec:d2:c4:34:
e1:61:8d:5d:d2:31:ed:5b:2a:79:17:f8:c3:05:fc:
28:73:49:53:f4:85:06:58:4d:3c:c4:c8:1a:b6:1c:
d3:ea:26:94:fe:cc:4f:62:ca:12:58:d8:06:5c:dd:
a6:ec:06:1d:20:76:8c:41:71:a9:6b:bd:82:57:f0:
15:83:bf:a2:cc:04:5a:07:f5:cb:02:4d:7f:5e:77:
ea:72:ce:4b:31:e8:fc:01:bc:25:1e:70:f5:c1:5a:
b3:c9:c0:6f:32:88:33:a8:5c:e5:f9:56:20:c4:16:
ca:77:03:e1:16:c2:81:e8:bb:91:d5:9a:6f:6e:c2:
34:6c:7a:6e:42:9b:15:29:6c:53:3d:72:b3:7e:1f:
a7:58:53:f8:7e:10:f2:9b:5c:46:4a:58:cc:56:60:
a9:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:3C:5E:A3:6D:98:DC:EC:44:65:BB:FC:C3:C4:37:4B:A7:7A:32:2C
X509v3 Authority Key Identifier:
keyid:81:CC:A9:F1:5E:19:21:95:3A:62:8C:8A:D2:AC:4B:E9:77:B6:C3:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gcyp8V4ZIZU6YoyK0qxL6Xe2wwM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/1ea2b0-6b9a-44d7-a2e5-2206cc2e691c/1/UDxeo22Y3OxEZbv8w8Q3S6d6Miw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/24/1ea2b0-6b9a-44d7-a2e5-2206cc2e691c/1/gcyp8V4ZIZU6YoyK0qxL6Xe2wwM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.237.77.0/24
Signature Algorithm: sha256WithRSAEncryption
8c:8b:f6:9c:89:83:de:51:ff:03:9d:87:1a:47:c6:17:38:92:
cb:ea:74:79:bb:8a:91:7a:55:e1:33:4b:22:d9:fe:71:be:cf:
54:33:c0:c0:76:6f:40:3b:c0:db:51:e7:37:8a:36:72:29:3e:
66:73:2b:d3:02:4b:a1:3a:4e:f5:67:5b:14:40:1d:5f:cb:4d:
d6:30:9d:11:be:dc:6b:5e:f5:07:fa:8a:c3:fc:8a:a6:ba:a9:
f7:65:7b:53:75:4c:cc:cc:72:f8:e4:42:26:3f:8b:66:16:e0:
2f:d6:8c:29:49:d7:d5:aa:ea:71:58:67:3a:65:67:51:d8:45:
a6:fe:40:db:fe:f6:e4:45:06:99:03:d8:0e:68:89:55:35:db:
47:5b:1f:74:b4:4e:ab:c3:62:e0:9b:5f:62:d0:60:41:5c:8e:
7e:c6:01:0c:4e:f5:8e:d9:8c:6b:6d:a6:86:56:a5:1a:09:e3:
52:fc:51:77:2b:ab:7d:d4:1b:ee:01:9c:4a:dd:ae:77:ce:60:
49:a8:dc:22:d0:2e:e1:5d:da:35:65:fe:5a:47:25:f4:c1:19:
ad:e7:9e:98:df:bc:7e:26:56:be:dd:7e:b9:fd:7c:43:ab:1c:
53:4e:5f:f1:04:a5:d9:e4:0e:1b:d2:e4:44:93:80:59:58:88:
c8:7e:51:19
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQj1x05ACcDpTCI7AGQ34tKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgxY2NhOWYxNWUxOTIxOTUzYTYyOGM4YWQyYWM0YmU5Nzdi
NmMzMDMwHhcNMjUwMTAxMjE0ODA3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MDNjNWVhMzZkOThkY2VjNDQ2NWJiZmNjM2M0Mzc0YmE3N2EzMjJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAziaKXJbyqorN/Qp1oNMjSET7VZZj
4hl8tamMtkYJRJSSn+6Zic9LZFtzMLl14FVQrwmOVfOVbw5DadzGviBr/WzQTIEO
OFJf6PlZExa6Lhj1fGqDYibLGgOx/3YG4UwJNkK/eOzSxDThYY1d0jHtWyp5F/jD
Bfwoc0lT9IUGWE08xMgathzT6iaU/sxPYsoSWNgGXN2m7AYdIHaMQXGpa72CV/AV
g7+izARaB/XLAk1/Xnfqcs5LMej8AbwlHnD1wVqzycBvMogzqFzl+VYgxBbKdwPh
FsKB6LuR1ZpvbsI0bHpuQpsVKWxTPXKzfh+nWFP4fhDym1xGSljMVmCpyQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFA8XqNtmNzsRGW7/MPEN0unejIsMB8GA1UdIwQY
MBaAFIHMqfFeGSGVOmKMitKsS+l3tsMDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ2N5cDhWNFpJWlU2WW95SzBxeEw2WGUyd3dNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC8xZWEyYjAtNmI5YS00NGQ3LWEyZTUt
MjIwNmNjMmU2OTFjLzEvVUR4ZW8yMlkzT3hFWmJ2OHc4UTNTNmQ2TWl3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNC8xZWEyYjAtNmI5YS00NGQ3LWEyZTUtMjIwNmNjMmU2OTFj
LzEvZ2N5cDhWNFpJWlU2WW95SzBxeEw2WGUyd3dNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQATe1NMA0G
CSqGSIb3DQEBCwUAA4IBAQCMi/aciYPeUf8DnYcaR8YXOJLL6nR5u4qRelXhM0si
2f5xvs9UM8DAdm9AO8DbUec3ijZyKT5mcyvTAkuhOk71Z1sUQB1fy03WMJ0Rvtxr
XvUH+orD/Iqmuqn3ZXtTdUzMzHL45EImP4tmFuAv1owpSdfVqupxWGc6ZWdR2EWm
/kDb/vbkRQaZA9gOaIlVNdtHWx90tE6rw2Lgm19i0GBBXI5+xgEMTvWO2YxrbaaG
VqUaCeNS/FF3K6t91BvuAZxK3a53zmBJqNwi0C7hXdo1Zf5aRyX0wRmt556Y37x+
Jla+3X65/XxDqxxTTl/xBKXZ5A4b0uREk4BZWIjIflEZ
-----END CERTIFICATE-----
Generated at Sun Apr 20 04:12:13 2025 by rpki-client