Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/207b40-5fff-4f43-8b82-103b9f327924/1/a56R_9RTmMQijvX9kAXFXdjldxg.roa
File: a56R_9RTmMQijvX9kAXFXdjldxg.roa (raw, json)
Hash identifier: i6uJOhNBcfVibpoqUaUOHSeVZR/CT+/3WISvQLIDp1U=
Subject key identifier: 6B:9E:91:FF:D4:53:98:C4:22:8E:F5:FD:90:05:C5:5D:D8:E5:77:18
Certificate issuer: /CN=0e1fb63628fe3a11065189bdcf1357fbfc06dade
Certificate serial: 018CC86FF1FE52207ECB2510D6608DA7FAE4
Authority key identifier: 0E:1F:B6:36:28:FE:3A:11:06:51:89:BD:CF:13:57:FB:FC:06:DA:DE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Dh-2Nij-OhEGUYm9zxNX-_wG2t4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2f/207b40-5fff-4f43-8b82-103b9f327924/1/a56R_9RTmMQijvX9kAXFXdjldxg.roa
Signing time: Tue 02 Jan 2024 04:30:28 +0000
ROA not before: Tue 02 Jan 2024 04:30:28 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 204776
IP address blocks: 77.83.58.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:6f:f1:fe:52:20:7e:cb:25:10:d6:60:8d:a7:fa:e4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0e1fb63628fe3a11065189bdcf1357fbfc06dade
Validity
Not Before: Jan 2 04:30:28 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6b9e91ffd45398c4228ef5fd9005c55dd8e57718
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:f1:64:e4:e0:11:89:80:67:93:30:d6:18:b7:
ac:12:a5:15:33:52:21:5c:82:da:c0:52:94:82:9c:
a8:01:b6:42:5c:0d:99:93:5a:c1:7d:a6:73:30:98:
1e:bf:2b:f1:ba:ed:46:51:84:0a:f6:92:c6:7d:48:
ed:28:a4:50:da:53:48:00:5d:b8:20:26:9b:de:4d:
81:6b:24:2b:f2:8f:9b:17:7a:5b:df:c6:f6:d2:fb:
fc:aa:e7:7b:1f:cf:f9:17:57:3f:c5:62:8b:c8:78:
e7:68:6e:f7:41:40:de:ec:dc:8e:48:d1:13:85:dd:
29:1b:27:61:bf:a8:67:51:6c:41:88:5d:fc:66:8e:
64:a3:17:3b:b7:d5:c7:d1:12:ce:b3:55:a4:91:cb:
d4:63:bb:e9:b6:fa:46:b8:cb:19:34:d6:7c:c6:0e:
40:2e:06:5f:b6:2f:01:25:5f:5d:a2:9f:45:51:ba:
b4:7e:fc:fe:71:a7:1d:aa:f7:48:84:9d:66:9e:44:
15:e5:22:78:0d:a6:f1:79:69:fd:97:ec:5d:a9:b7:
97:fb:dc:40:6a:4a:36:1e:b7:19:49:d9:d5:f3:22:
4a:f4:d6:d9:a3:af:de:e2:d5:21:c9:19:43:3e:32:
a9:64:6a:a8:fe:fe:97:0f:8c:61:e3:2e:79:db:06:
7e:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:9E:91:FF:D4:53:98:C4:22:8E:F5:FD:90:05:C5:5D:D8:E5:77:18
X509v3 Authority Key Identifier:
keyid:0E:1F:B6:36:28:FE:3A:11:06:51:89:BD:CF:13:57:FB:FC:06:DA:DE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Dh-2Nij-OhEGUYm9zxNX-_wG2t4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/207b40-5fff-4f43-8b82-103b9f327924/1/a56R_9RTmMQijvX9kAXFXdjldxg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/207b40-5fff-4f43-8b82-103b9f327924/1/Dh-2Nij-OhEGUYm9zxNX-_wG2t4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.83.58.0/24
Signature Algorithm: sha256WithRSAEncryption
67:a2:15:99:58:da:35:db:1d:d9:f7:26:d7:9d:71:95:ef:f8:
d8:f7:bd:bc:15:35:37:64:01:88:20:88:c3:65:ad:39:eb:c7:
3d:4f:18:7e:a5:b6:4d:17:56:00:97:41:e3:ba:62:3b:23:e2:
80:54:17:5c:cb:84:b8:21:c8:f8:68:b0:58:3c:da:d0:65:0a:
d7:06:c5:43:9d:68:0f:2e:06:cc:e2:fa:9a:2f:b3:e7:c6:da:
6d:0a:75:fb:c9:84:60:52:bd:03:da:02:bb:5d:bd:98:da:cd:
4b:01:2b:6e:bd:5c:d3:db:43:06:11:93:3c:9d:79:62:b6:f1:
87:60:47:cd:ea:97:60:6f:20:83:09:17:b1:a1:95:07:82:02:
67:b0:26:d2:f6:ea:77:c1:19:a7:e9:c1:02:a7:4f:e0:32:fa:
dd:12:22:37:85:a8:93:12:12:b6:c0:42:27:f6:42:ea:0e:e9:
b6:ca:fb:e1:f2:39:72:b7:26:05:8a:dd:90:d4:34:95:ea:a2:
dc:ee:f6:f6:29:14:7b:16:1a:7e:2d:98:2b:eb:18:7a:c6:e8:
18:dc:e7:16:fd:ed:76:da:22:03:1b:80:67:f9:2d:ae:ff:db:
fc:cc:48:ee:57:51:7d:46:74:00:e1:ed:0b:2f:3c:a4:2a:54:
04:1d:b9:21
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzIb/H+UiB+yyUQ1mCNp/rkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBlMWZiNjM2MjhmZTNhMTEwNjUxODliZGNmMTM1N2ZiZmMw
NmRhZGUwHhcNMjQwMTAyMDQzMDI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YjllOTFmZmQ0NTM5OGM0MjI4ZWY1ZmQ5MDA1YzU1ZGQ4ZTU3NzE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvPFk5OARiYBnkzDWGLesEqUVM1Ih
XILawFKUgpyoAbZCXA2Zk1rBfaZzMJgevyvxuu1GUYQK9pLGfUjtKKRQ2lNIAF24
ICab3k2BayQr8o+bF3pb38b20vv8qud7H8/5F1c/xWKLyHjnaG73QUDe7NyOSNET
hd0pGydhv6hnUWxBiF38Zo5koxc7t9XH0RLOs1WkkcvUY7vptvpGuMsZNNZ8xg5A
LgZfti8BJV9dop9FUbq0fvz+cacdqvdIhJ1mnkQV5SJ4DabxeWn9l+xdqbeX+9xA
ako2HrcZSdnV8yJK9NbZo6/e4tUhyRlDPjKpZGqo/v6XD4xh4y552wZ+gQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGuekf/UU5jEIo71/ZAFxV3Y5XcYMB8GA1UdIwQY
MBaAFA4ftjYo/joRBlGJvc8TV/v8BtreMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRGgtMk5pai1PaEVHVVltOXp4TlgtX3dHMnQ0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi8yMDdiNDAtNWZmZi00ZjQzLThiODIt
MTAzYjlmMzI3OTI0LzEvYTU2Ul85UlRtTVFpanZYOWtBWEZYZGpsZHhnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZi8yMDdiNDAtNWZmZi00ZjQzLThiODItMTAzYjlmMzI3OTI0
LzEvRGgtMk5pai1PaEVHVVltOXp4TlgtX3dHMnQ0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQATVM6MA0G
CSqGSIb3DQEBCwUAA4IBAQBnohWZWNo12x3Z9ybXnXGV7/jY9728FTU3ZAGIIIjD
Za0568c9Txh+pbZNF1YAl0HjumI7I+KAVBdcy4S4Icj4aLBYPNrQZQrXBsVDnWgP
LgbM4vqaL7PnxtptCnX7yYRgUr0D2gK7Xb2Y2s1LAStuvVzT20MGEZM8nXlitvGH
YEfN6pdgbyCDCRexoZUHggJnsCbS9up3wRmn6cECp0/gMvrdEiI3haiTEhK2wEIn
9kLqDum2yvvh8jlytyYFit2Q1DSV6qLc7vb2KRR7Fhp+LZgr6xh6xugY3OcW/e12
2iIDG4Bn+S2u/9v8zEjuV1F9RnQA4e0LLzykKlQEHbkh
-----END CERTIFICATE-----
Generated at Wed Oct 30 12:04:28 2024 by rpki-client on console-fra.rpki-client.org