Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/K95dZkMC1kedQJcAuv2buN3m6Ds.roa
File: K95dZkMC1kedQJcAuv2buN3m6Ds.roa (raw, json)
Hash identifier: +BLcpg+r2Wm2F71J3aVs4cu/KuwTyB1eEsBOPmPHvZY=
Subject key identifier: 2B:DE:5D:66:43:02:D6:47:9D:40:97:00:BA:FD:9B:B8:DD:E6:E8:3B
Certificate issuer: /CN=ccd76159bfd9e337523ee930f3df111d6bae7306
Certificate serial: 018CC8DE35BC2E5517A6B327B1AB3D8770AF
Authority key identifier: CC:D7:61:59:BF:D9:E3:37:52:3E:E9:30:F3:DF:11:1D:6B:AE:73:06
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zNdhWb_Z4zdSPukw898RHWuucwY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/K95dZkMC1kedQJcAuv2buN3m6Ds.roa
Signing time: Tue 02 Jan 2024 06:30:54 +0000
ROA not before: Tue 02 Jan 2024 06:30:54 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 61317
IP address blocks: 77.83.192.0/24 maxlen: 24
77.83.195.0/24 maxlen: 24
77.83.194.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:de:35:bc:2e:55:17:a6:b3:27:b1:ab:3d:87:70:af
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ccd76159bfd9e337523ee930f3df111d6bae7306
Validity
Not Before: Jan 2 06:30:54 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2bde5d664302d6479d409700bafd9bb8dde6e83b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:5c:79:c2:5c:94:e0:26:f4:4e:f9:d8:32:64:
2c:f1:66:8f:ca:db:73:5f:4f:95:72:4d:51:d6:e2:
e3:28:77:1e:7e:84:d5:5c:87:6d:e7:8b:94:7c:10:
3b:f2:90:32:b0:d7:db:e1:bc:35:e9:03:6d:2e:37:
2e:61:8c:27:a2:fc:d9:17:09:de:b1:7e:bd:75:78:
22:0a:92:45:63:c1:f4:8a:58:cb:2a:5d:7c:9f:bb:
61:ce:a2:b0:9f:db:7e:08:9b:67:23:7a:3a:80:e0:
ae:e0:a5:18:97:20:69:b2:ab:40:a7:62:f0:c2:60:
37:39:d4:5a:50:b0:1b:ec:51:cd:b5:6f:58:d6:9b:
71:de:05:71:48:17:b4:ce:e3:7b:6e:af:f8:15:4b:
83:5a:7e:1d:52:2d:e5:53:17:2d:16:48:18:9d:eb:
f7:f4:64:9b:ce:77:7b:49:ae:37:d2:26:6d:6e:d7:
c8:23:79:fc:f9:bd:9c:ad:63:7d:8a:80:63:77:3c:
a2:3e:fc:6a:0e:d6:5c:c3:4d:ea:02:39:60:da:77:
2f:57:fa:be:9a:ff:f1:72:4d:dc:39:78:4a:94:ae:
42:a1:9b:3c:1e:cb:d2:60:04:e6:e2:14:f2:c1:83:
66:01:eb:48:8b:d7:a4:29:9a:b6:53:cc:76:13:fb:
f3:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:DE:5D:66:43:02:D6:47:9D:40:97:00:BA:FD:9B:B8:DD:E6:E8:3B
X509v3 Authority Key Identifier:
keyid:CC:D7:61:59:BF:D9:E3:37:52:3E:E9:30:F3:DF:11:1D:6B:AE:73:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zNdhWb_Z4zdSPukw898RHWuucwY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/K95dZkMC1kedQJcAuv2buN3m6Ds.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/zNdhWb_Z4zdSPukw898RHWuucwY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.83.192.0/24
77.83.194.0/23
Signature Algorithm: sha256WithRSAEncryption
a6:32:80:c0:f3:fa:af:ed:d0:00:fc:e1:bf:38:cb:09:83:b4:
b4:47:65:47:f6:17:e9:3c:a0:e8:6b:af:b3:3b:ab:96:bb:ea:
06:8c:6d:27:84:77:7c:44:73:34:b8:dc:b9:c1:63:0f:a3:17:
40:24:9a:9c:0c:d8:7a:d6:6d:dd:55:bd:26:ed:ee:74:d7:1a:
3f:03:32:24:12:f8:07:4c:fb:52:7e:f4:d3:2b:bc:4d:c7:78:
06:69:44:d4:2e:e1:7b:58:1d:d0:2d:0a:0f:ac:ff:5f:09:fb:
ab:89:49:27:03:79:73:cc:a7:e7:39:09:7c:d9:09:77:33:9e:
c4:82:fb:30:f1:ae:f7:7b:3d:3a:bb:7c:c5:91:7d:a4:9b:b8:
a8:9d:8c:9f:b4:fa:18:58:74:c4:b3:bf:a6:fe:5c:8c:4f:76:
1e:10:1d:be:61:0a:6a:89:2c:5a:5d:b0:c9:a6:c4:c0:39:b9:
13:8b:19:bb:6d:f6:87:23:1f:9f:8c:6b:ec:4b:dc:fd:ee:b4:
8e:0c:ad:41:b8:30:b0:5b:a0:c5:4b:0a:df:e7:22:09:86:19:
e4:41:34:c1:bd:6a:fb:c6:cd:22:05:bf:05:bc:54:92:b4:df:
91:a2:49:46:97:4c:2d:2e:d6:ae:6c:24:43:a4:71:84:bd:69:
a4:a3:76:47
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzI3jW8LlUXprMnsas9h3CvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNjZDc2MTU5YmZkOWUzMzc1MjNlZTkzMGYzZGYxMTFkNmJh
ZTczMDYwHhcNMjQwMTAyMDYzMDU0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYmRlNWQ2NjQzMDJkNjQ3OWQ0MDk3MDBiYWZkOWJiOGRkZTZlODNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoFx5wlyU4Cb0TvnYMmQs8WaPyttz
X0+Vck1R1uLjKHcefoTVXIdt54uUfBA78pAysNfb4bw16QNtLjcuYYwnovzZFwne
sX69dXgiCpJFY8H0iljLKl18n7thzqKwn9t+CJtnI3o6gOCu4KUYlyBpsqtAp2Lw
wmA3OdRaULAb7FHNtW9Y1ptx3gVxSBe0zuN7bq/4FUuDWn4dUi3lUxctFkgYnev3
9GSbznd7Sa430iZtbtfII3n8+b2crWN9ioBjdzyiPvxqDtZcw03qAjlg2ncvV/q+
mv/xck3cOXhKlK5CoZs8HsvSYATm4hTywYNmAetIi9ekKZq2U8x2E/vzQwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFCveXWZDAtZHnUCXALr9m7jd5ug7MB8GA1UdIwQY
MBaAFMzXYVm/2eM3Uj7pMPPfER1rrnMGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvek5kaFdiX1o0emRTUHVrdzg5OFJIV3V1Y3dZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MC9mNmFkYTEtN2U4YS00YjNlLWI3ZTgt
Zjg1ODlmNjgyNjkxLzEvSzk1ZFprTUMxa2VkUUpjQXV2MmJ1TjNtNkRzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MC9mNmFkYTEtN2U4YS00YjNlLWI3ZTgtZjg1ODlmNjgyNjkx
LzEvek5kaFdiX1o0emRTUHVrdzg5OFJIV3V1Y3dZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQATVPAAwQB
TVPCMA0GCSqGSIb3DQEBCwUAA4IBAQCmMoDA8/qv7dAA/OG/OMsJg7S0R2VH9hfp
PKDoa6+zO6uWu+oGjG0nhHd8RHM0uNy5wWMPoxdAJJqcDNh61m3dVb0m7e501xo/
AzIkEvgHTPtSfvTTK7xNx3gGaUTULuF7WB3QLQoPrP9fCfuriUknA3lzzKfnOQl8
2Ql3M57Egvsw8a73ez06u3zFkX2km7ionYyftPoYWHTEs7+m/lyMT3YeEB2+YQpq
iSxaXbDJpsTAObkTixm7bfaHIx+fjGvsS9z97rSODK1BuDCwW6DFSwrf5yIJhhnk
QTTBvWr7xs0iBb8FvFSStN+RoklGl0wtLtaubCRDpHGEvWmko3ZH
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:08:46 2024 by rpki-client on console-ams.rpki-client.org