Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/44/20974d-6403-4107-a75b-13fb7a5130ca/1/26gER41nrBcmcPwTQZKJ3y2PqNw.roa
File: 26gER41nrBcmcPwTQZKJ3y2PqNw.roa (raw, json)
Hash identifier: X0z+67fOGKiwmRSnhXccPwmflgatuCozxleVVE0IbJA=
Subject key identifier: DB:A8:04:47:8D:67:AC:17:26:70:FC:13:41:92:89:DF:2D:8F:A8:DC
Certificate issuer: /CN=b4ec6c0a5ebec5817d91b91e79a6bc6132eb9d2c
Certificate serial: 16F3E309
Authority key identifier: B4:EC:6C:0A:5E:BE:C5:81:7D:91:B9:1E:79:A6:BC:61:32:EB:9D:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tOxsCl6-xYF9kbkeeaa8YTLrnSw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/44/20974d-6403-4107-a75b-13fb7a5130ca/1/26gER41nrBcmcPwTQZKJ3y2PqNw.roa
Signing time: Sat 01 Jan 2022 14:55:44 +0000
ROA not before: Sat 01 Jan 2022 14:55:44 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 15924
IP address blocks: 185.77.0.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 385082121 (0x16f3e309)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4ec6c0a5ebec5817d91b91e79a6bc6132eb9d2c
Validity
Not Before: Jan 1 14:55:44 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=dba804478d67ac172670fc13419289df2d8fa8dc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:41:1e:ca:a7:a8:ab:62:90:d0:02:aa:76:7a:
fb:ad:c8:a4:9d:83:b9:1b:45:73:b9:a9:d6:61:46:
5b:2d:0c:de:79:a1:60:08:7f:44:7a:ce:76:37:3c:
81:ae:bb:58:d0:86:af:e0:40:b5:da:cb:ab:e7:e5:
99:1e:90:d6:67:a4:65:1a:84:ee:32:be:6d:d4:b7:
e3:e3:23:c3:21:c2:ec:dd:7a:7f:83:2e:db:5a:66:
e9:79:bc:19:8e:03:97:cf:3d:91:87:87:ad:28:ab:
48:11:8c:d1:35:41:20:9b:c5:4e:1c:fa:c4:f4:f6:
7c:07:0e:f8:32:44:89:b0:f6:a6:4d:64:c3:b5:33:
4a:58:82:bf:f9:80:95:50:57:38:af:d8:58:45:87:
ee:21:61:eb:c3:bf:0c:d1:1d:d3:f1:e3:b1:41:1b:
83:78:39:43:36:8a:2b:e7:29:be:b6:6f:d8:04:11:
9e:a1:63:b6:47:d4:11:99:5c:80:4e:1d:e2:33:be:
2d:c6:cb:20:cc:05:d1:2d:e6:33:23:4f:7d:ed:07:
4b:48:bb:19:5e:f5:73:bd:92:c2:64:97:7c:9d:f2:
9f:8e:bc:7c:7b:23:4b:30:99:7b:c4:05:1a:a7:e9:
44:48:fb:d3:88:16:01:40:f1:27:71:2b:34:06:2d:
2c:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:A8:04:47:8D:67:AC:17:26:70:FC:13:41:92:89:DF:2D:8F:A8:DC
X509v3 Authority Key Identifier:
keyid:B4:EC:6C:0A:5E:BE:C5:81:7D:91:B9:1E:79:A6:BC:61:32:EB:9D:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tOxsCl6-xYF9kbkeeaa8YTLrnSw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/44/20974d-6403-4107-a75b-13fb7a5130ca/1/26gER41nrBcmcPwTQZKJ3y2PqNw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/44/20974d-6403-4107-a75b-13fb7a5130ca/1/tOxsCl6-xYF9kbkeeaa8YTLrnSw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.77.0.0/24
Signature Algorithm: sha256WithRSAEncryption
5e:ee:3b:fe:a4:c0:b1:23:a1:18:91:35:c3:c5:50:a9:d6:54:
c2:1d:df:ee:6a:c4:dd:c9:53:7e:82:a6:78:83:44:f5:68:6b:
37:95:38:92:63:06:a3:cd:77:e6:8a:51:57:b8:d9:a9:98:7e:
d6:12:54:6f:c6:c8:92:15:30:b1:5c:ae:ae:32:4d:ef:c8:c0:
34:78:21:7c:f7:ac:58:23:0f:99:88:3e:32:7f:15:aa:8b:2c:
9c:af:f3:e9:07:73:88:7e:7b:5a:2e:98:39:a7:06:0c:f6:c0:
89:6d:b5:11:78:fe:9c:f5:ab:53:ea:31:84:5f:36:aa:c4:10:
cf:5a:cd:6d:de:fc:19:df:9c:08:ea:3b:8f:66:9f:5e:2e:80:
17:57:f5:a1:58:4c:2f:af:e3:29:86:a5:a0:c2:5f:9d:24:c1:
ae:cb:b7:c3:3a:4d:1a:16:13:b9:8e:0a:de:4e:96:c0:62:00:
5f:0c:c0:d6:a7:70:b2:e3:da:7f:58:a6:f1:12:dc:3a:2e:72:
5c:08:a7:20:29:5f:96:8c:94:57:2f:af:8a:49:08:6a:f4:b4:
22:8d:54:00:ba:11:9d:66:61:ba:e8:09:fc:3d:ea:04:4e:9b:
b1:99:2b:b2:64:d8:6b:2e:23:8e:eb:6a:ad:df:99:ca:bd:92:
32:98:31:87
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEFvPjCTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
NGVjNmMwYTVlYmVjNTgxN2Q5MWI5MWU3OWE2YmM2MTMyZWI5ZDJjMB4XDTIyMDEw
MTE0NTU0NFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZGJhODA0NDc4ZDY3
YWMxNzI2NzBmYzEzNDE5Mjg5ZGYyZDhmYThkYzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJZBHsqnqKtikNACqnZ6+63IpJ2DuRtFc7mp1mFGWy0M3nmh
YAh/RHrOdjc8ga67WNCGr+BAtdrLq+flmR6Q1mekZRqE7jK+bdS34+MjwyHC7N16
f4Mu21pm6Xm8GY4Dl889kYeHrSirSBGM0TVBIJvFThz6xPT2fAcO+DJEibD2pk1k
w7UzSliCv/mAlVBXOK/YWEWH7iFh68O/DNEd0/HjsUEbg3g5QzaKK+cpvrZv2AQR
nqFjtkfUEZlcgE4d4jO+LcbLIMwF0S3mMyNPfe0HS0i7GV71c72SwmSXfJ3yn468
fHsjSzCZe8QFGqfpREj704gWAUDxJ3ErNAYtLH0CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTbqARHjWesFyZw/BNBkonfLY+o3DAfBgNVHSMEGDAWgBS07GwKXr7FgX2R
uR55prxhMuudLDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3RPeHNDbDYteFlGOWtia2VlYWE4WVRMcm5Tdy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNDQvMjA5NzRkLTY0MDMtNDEwNy1hNzViLTEzZmI3YTUxMzBjYS8x
LzI2Z0VSNDFuckJjbWNQd1RRWktKM3kyUHFOdy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDQv
MjA5NzRkLTY0MDMtNDEwNy1hNzViLTEzZmI3YTUxMzBjYS8xL3RPeHNDbDYteFlG
OWtia2VlYWE4WVRMcm5Tdy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALlNADANBgkqhkiG9w0BAQsFAAOC
AQEAXu47/qTAsSOhGJE1w8VQqdZUwh3f7mrE3clTfoKmeINE9WhrN5U4kmMGo813
5opRV7jZqZh+1hJUb8bIkhUwsVyurjJN78jANHghfPesWCMPmYg+Mn8VqossnK/z
6QdziH57Wi6YOacGDPbAiW21EXj+nPWrU+oxhF82qsQQz1rNbd78Gd+cCOo7j2af
Xi6AF1f1oVhML6/jKYaloMJfnSTBrsu3wzpNGhYTuY4K3k6WwGIAXwzA1qdwsuPa
f1im8RLcOi5yXAinIClfloyUVy+vikkIavS0Io1UALoRnWZhuugJ/D3qBE6bsZkr
smTYay4jjutqrd+Zyr2SMpgxhw==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:50:56 2023 by rpki-client on console-ams.rpki-client.org