Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/QeCSJrA0trnCw5_nWSCa1ArRSY8.roa
File: QeCSJrA0trnCw5_nWSCa1ArRSY8.roa (raw, json)
Hash identifier: 83rr0jKmKHuIiBOObtoxpuLsNOBl5Y8kbY5iHt/l0bw=
Subject key identifier: 41:E0:92:26:B0:34:B6:B9:C2:C3:9F:E7:59:20:9A:D4:0A:D1:49:8F
Certificate issuer: /CN=ccd76159bfd9e337523ee930f3df111d6bae7306
Certificate serial: 018570D55B22E613D34B3C14296DE742C0E0
Authority key identifier: CC:D7:61:59:BF:D9:E3:37:52:3E:E9:30:F3:DF:11:1D:6B:AE:73:06
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zNdhWb_Z4zdSPukw898RHWuucwY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/QeCSJrA0trnCw5_nWSCa1ArRSY8.roa
Signing time: Mon 02 Jan 2023 04:55:08 +0000
ROA not before: Mon 02 Jan 2023 04:55:08 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 50024
IP address blocks: 77.83.82.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:d5:5b:22:e6:13:d3:4b:3c:14:29:6d:e7:42:c0:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ccd76159bfd9e337523ee930f3df111d6bae7306
Validity
Not Before: Jan 2 04:55:08 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=41e09226b034b6b9c2c39fe759209ad40ad1498f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:a0:a9:e0:ce:68:5e:c1:db:96:46:26:65:07:
c3:06:e2:c7:8c:81:ee:bc:3a:8b:d1:0f:53:ad:7f:
c4:a8:11:b3:81:63:1f:ec:11:01:6b:8d:f3:f6:da:
1b:3d:05:e3:b5:4e:20:ef:51:e4:00:dd:08:ee:5e:
6a:ae:14:6a:af:15:71:e3:9b:f0:5e:93:0d:3a:d8:
df:f7:7a:37:bc:af:70:8b:32:0d:bb:cc:5f:0d:ba:
16:dc:71:66:c9:2d:7f:74:03:8d:c0:d6:c0:6c:4d:
98:49:55:20:44:39:b2:7e:d2:7b:9f:5a:08:d6:cd:
ae:8f:8a:41:99:a9:e1:6b:00:c2:9d:ca:ab:8f:15:
bf:47:d6:47:dd:e1:17:17:11:04:35:3c:0a:f8:e9:
87:58:ae:12:1b:a2:87:fd:7f:81:04:ee:3a:ae:7e:
75:13:66:9c:61:dc:61:a6:f1:08:63:16:25:9e:7f:
5c:85:cf:11:52:fd:36:16:3e:1f:77:82:0b:78:16:
d2:01:ad:4e:1a:57:7f:f5:5f:d2:b8:25:de:ea:6a:
f6:e1:17:71:60:53:69:41:99:03:bd:c1:41:03:29:
d2:59:51:71:bd:04:b1:8b:cf:5c:93:0d:da:91:d2:
0e:8b:d2:71:d0:f1:c0:54:a7:ee:6e:c0:ed:af:b1:
6b:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:E0:92:26:B0:34:B6:B9:C2:C3:9F:E7:59:20:9A:D4:0A:D1:49:8F
X509v3 Authority Key Identifier:
keyid:CC:D7:61:59:BF:D9:E3:37:52:3E:E9:30:F3:DF:11:1D:6B:AE:73:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zNdhWb_Z4zdSPukw898RHWuucwY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/QeCSJrA0trnCw5_nWSCa1ArRSY8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/zNdhWb_Z4zdSPukw898RHWuucwY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.83.82.0/24
Signature Algorithm: sha256WithRSAEncryption
5a:23:fe:2b:0e:25:06:12:0c:f8:5c:e3:a1:41:ee:cc:46:a1:
75:62:05:4d:e3:e0:7b:1a:af:96:fe:f2:44:69:3c:e0:31:ec:
f5:69:41:fe:ad:fc:8c:13:5d:00:f1:78:4d:57:a9:07:7d:94:
a3:51:19:43:9a:f6:f5:ad:99:31:98:1e:62:67:1d:40:f8:9c:
66:f9:22:47:32:fd:6a:93:bc:f3:41:5a:d7:9f:12:36:04:5b:
96:33:f8:a2:90:66:c4:f9:3c:38:09:e8:43:83:f3:51:c5:4f:
c2:68:a1:8f:7a:a9:1f:01:38:ac:aa:20:15:15:12:62:9d:7c:
43:52:8d:97:ba:0f:9d:f8:c5:33:9b:e0:7c:da:4d:9b:f5:67:
a9:5d:fb:0c:ef:03:e4:c7:20:37:f8:84:28:37:ea:4e:f6:2a:
f8:d2:11:0e:a1:27:1d:7a:75:32:3f:fb:63:57:8e:a3:ac:b3:
ea:a2:4f:67:64:46:32:3f:d4:e2:dc:cd:eb:d1:39:98:c4:24:
c9:66:a4:2c:2e:bc:13:8c:e0:24:95:d5:8c:d6:81:4a:9b:9e:
d9:ad:7c:a6:47:b7:44:03:d5:33:54:b6:fd:9d:27:8a:8d:f9:
c1:56:06:c4:28:dd:7b:74:e3:41:5d:a2:d0:04:08:cd:11:df:
48:9c:e3:45
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVw1Vsi5hPTSzwUKW3nQsDgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNjZDc2MTU5YmZkOWUzMzc1MjNlZTkzMGYzZGYxMTFkNmJh
ZTczMDYwHhcNMjMwMTAyMDQ1NTA4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MWUwOTIyNmIwMzRiNmI5YzJjMzlmZTc1OTIwOWFkNDBhZDE0OThmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjqCp4M5oXsHblkYmZQfDBuLHjIHu
vDqL0Q9TrX/EqBGzgWMf7BEBa43z9tobPQXjtU4g71HkAN0I7l5qrhRqrxVx45vw
XpMNOtjf93o3vK9wizINu8xfDboW3HFmyS1/dAONwNbAbE2YSVUgRDmyftJ7n1oI
1s2uj4pBmanhawDCncqrjxW/R9ZH3eEXFxEENTwK+OmHWK4SG6KH/X+BBO46rn51
E2acYdxhpvEIYxYlnn9chc8RUv02Fj4fd4ILeBbSAa1OGld/9V/SuCXe6mr24Rdx
YFNpQZkDvcFBAynSWVFxvQSxi89ckw3akdIOi9Jx0PHAVKfubsDtr7FrcQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEHgkiawNLa5wsOf51kgmtQK0UmPMB8GA1UdIwQY
MBaAFMzXYVm/2eM3Uj7pMPPfER1rrnMGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvek5kaFdiX1o0emRTUHVrdzg5OFJIV3V1Y3dZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MC9mNmFkYTEtN2U4YS00YjNlLWI3ZTgt
Zjg1ODlmNjgyNjkxLzEvUWVDU0pyQTB0cm5DdzVfbldTQ2ExQXJSU1k4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MC9mNmFkYTEtN2U4YS00YjNlLWI3ZTgtZjg1ODlmNjgyNjkx
LzEvek5kaFdiX1o0emRTUHVrdzg5OFJIV3V1Y3dZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQATVNSMA0G
CSqGSIb3DQEBCwUAA4IBAQBaI/4rDiUGEgz4XOOhQe7MRqF1YgVN4+B7Gq+W/vJE
aTzgMez1aUH+rfyME10A8XhNV6kHfZSjURlDmvb1rZkxmB5iZx1A+Jxm+SJHMv1q
k7zzQVrXnxI2BFuWM/iikGbE+Tw4CehDg/NRxU/CaKGPeqkfATisqiAVFRJinXxD
Uo2Xug+d+MUzm+B82k2b9WepXfsM7wPkxyA3+IQoN+pO9ir40hEOoScdenUyP/tj
V46jrLPqok9nZEYyP9Ti3M3r0TmYxCTJZqQsLrwTjOAkldWM1oFKm57ZrXymR7dE
A9UzVLb9nSeKjfnBVgbEKN17dONBXaLQBAjNEd9InONF
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:17 2024 by rpki-client on console-fra.rpki-client.org