Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/XLKhWdLL2p37BEBXUd31TxVNaqQ.roa
File: XLKhWdLL2p37BEBXUd31TxVNaqQ.roa (raw, json)
Hash identifier: YbFP2OPS4aDGEMFA9v2GoxwIuWa48YIaPYvbploWhls=
Subject key identifier: 5C:B2:A1:59:D2:CB:DA:9D:FB:04:40:57:51:DD:F5:4F:15:4D:6A:A4
Certificate issuer: /CN=ccd76159bfd9e337523ee930f3df111d6bae7306
Certificate serial: 05B34147
Authority key identifier: CC:D7:61:59:BF:D9:E3:37:52:3E:E9:30:F3:DF:11:1D:6B:AE:73:06
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zNdhWb_Z4zdSPukw898RHWuucwY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/XLKhWdLL2p37BEBXUd31TxVNaqQ.roa
Signing time: Sat 01 Jan 2022 07:57:16 +0000
ROA not before: Sat 01 Jan 2022 07:57:16 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 61317
IP address blocks: 77.83.192.0/24 maxlen: 24
77.83.195.0/24 maxlen: 24
77.83.194.0/24 maxlen: 24
213.139.202.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 95633735 (0x5b34147)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ccd76159bfd9e337523ee930f3df111d6bae7306
Validity
Not Before: Jan 1 07:57:16 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5cb2a159d2cbda9dfb04405751ddf54f154d6aa4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:34:28:39:53:87:27:06:95:c4:ab:6b:21:ba:
b8:2e:ec:4d:e8:3e:9a:a9:b5:1b:01:76:64:13:a2:
90:0b:6b:0f:d8:cc:a0:43:02:68:34:3d:6b:7d:44:
c1:9b:25:3a:8d:0b:43:14:66:ec:f5:3e:85:81:a6:
b5:9f:bd:3f:f4:dc:f5:46:03:40:c5:52:dd:f5:0b:
00:5a:6a:08:02:00:3b:3b:1c:c0:f7:3e:35:85:18:
89:ae:2f:44:d0:36:67:45:80:4b:c6:62:48:5d:4b:
cb:e0:33:7a:3d:4b:51:5c:64:ea:c8:b3:f9:1f:2e:
67:77:ec:f9:3f:e5:01:7a:10:21:b2:23:94:21:33:
37:bf:c3:67:cc:a0:3d:91:27:d0:d7:d0:e5:e9:99:
1b:8c:4a:43:f8:d0:91:17:d9:c3:52:8e:14:0d:d9:
9c:f8:ec:c1:c4:06:34:d2:f4:f7:81:64:da:fa:b5:
b5:60:3b:bc:bb:69:66:20:2b:18:db:d7:a1:be:52:
27:55:e0:15:24:ce:51:7a:f2:e5:d4:64:92:d9:79:
fa:f7:dd:7d:60:c6:0e:dc:95:96:3d:3e:5a:46:a2:
07:43:c1:33:8e:de:b1:7c:8e:4f:fc:db:7e:59:7e:
b4:d1:8e:84:55:84:b0:b3:f8:bf:e8:11:a1:39:3f:
e0:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:B2:A1:59:D2:CB:DA:9D:FB:04:40:57:51:DD:F5:4F:15:4D:6A:A4
X509v3 Authority Key Identifier:
keyid:CC:D7:61:59:BF:D9:E3:37:52:3E:E9:30:F3:DF:11:1D:6B:AE:73:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zNdhWb_Z4zdSPukw898RHWuucwY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/XLKhWdLL2p37BEBXUd31TxVNaqQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/zNdhWb_Z4zdSPukw898RHWuucwY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.83.192.0/24
77.83.194.0/23
213.139.202.0/24
Signature Algorithm: sha256WithRSAEncryption
92:76:e9:15:7d:b8:34:2f:b2:d7:ef:bb:8b:e2:8a:99:46:a4:
9e:96:9f:25:b6:98:33:c6:fe:82:65:58:fa:fa:3b:db:88:07:
a2:3d:12:e6:e1:15:d7:d1:83:9a:f5:0b:fb:17:aa:e6:99:b3:
96:98:e3:d1:90:58:67:6c:07:64:52:1f:30:00:01:05:c4:be:
df:32:4a:fe:17:0d:5f:df:4c:91:af:90:d2:03:a1:c8:c4:ed:
60:be:77:9e:ef:84:e7:e8:d9:49:09:b9:0d:a7:01:11:3a:ed:
2a:f6:f1:8c:89:90:f6:ed:44:4a:3d:ec:73:1d:97:20:68:ee:
fb:2f:e8:11:06:6e:cb:ee:60:43:f8:d1:b7:9f:5a:67:e9:38:
c7:89:58:fe:1e:fe:79:90:a0:10:cc:3a:30:63:0f:ca:cf:57:
b5:fd:d1:39:38:f1:6d:95:f4:55:6b:26:ee:c3:79:06:96:95:
17:3d:c8:29:55:b5:6f:ae:05:f3:16:7b:12:4d:9b:7b:31:8f:
e4:07:30:f4:40:27:0c:10:b8:3e:5f:73:0f:77:91:87:0f:85:
06:82:fa:57:16:7c:6e:b1:ce:2f:08:ad:1c:34:27:4d:bb:a9:
af:46:d1:88:b1:7b:ac:12:76:42:30:0e:c5:8d:e4:21:9c:e2:
b9:34:a5:24
-----BEGIN CERTIFICATE-----
MIIE+zCCA+OgAwIBAgIEBbNBRzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
Y2Q3NjE1OWJmZDllMzM3NTIzZWU5MzBmM2RmMTExZDZiYWU3MzA2MB4XDTIyMDEw
MTA3NTcxNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNWNiMmExNTlkMmNi
ZGE5ZGZiMDQ0MDU3NTFkZGY1NGYxNTRkNmFhNDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALA0KDlThycGlcSrayG6uC7sTeg+mqm1GwF2ZBOikAtrD9jM
oEMCaDQ9a31EwZslOo0LQxRm7PU+hYGmtZ+9P/Tc9UYDQMVS3fULAFpqCAIAOzsc
wPc+NYUYia4vRNA2Z0WAS8ZiSF1Ly+Azej1LUVxk6siz+R8uZ3fs+T/lAXoQIbIj
lCEzN7/DZ8ygPZEn0NfQ5emZG4xKQ/jQkRfZw1KOFA3ZnPjswcQGNNL094Fk2vq1
tWA7vLtpZiArGNvXob5SJ1XgFSTOUXry5dRkktl5+vfdfWDGDtyVlj0+WkaiB0PB
M47esXyOT/zbfll+tNGOhFWEsLP4v+gRoTk/4O8CAwEAAaOCAhUwggIRMB0GA1Ud
DgQWBBRcsqFZ0svanfsEQFdR3fVPFU1qpDAfBgNVHSMEGDAWgBTM12FZv9njN1I+
6TDz3xEda65zBjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3pOZGhXYl9aNHpkU1B1a3c4OThSSFd1dWN3WS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTAvZjZhZGExLTdlOGEtNGIzZS1iN2U4LWY4NTg5ZjY4MjY5MS8x
L1hMS2hXZExMMnAzN0JFQlhVZDMxVHhWTmFxUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTAv
ZjZhZGExLTdlOGEtNGIzZS1iN2U4LWY4NTg5ZjY4MjY5MS8xL3pOZGhXYl9aNHpk
U1B1a3c4OThSSFd1dWN3WS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAr
BggrBgEFBQcBBwEB/wQcMBowGAQCAAEwEgMEAE1TwAMEAU1TwgMEANWLyjANBgkq
hkiG9w0BAQsFAAOCAQEAknbpFX24NC+y1++7i+KKmUaknpafJbaYM8b+gmVY+vo7
24gHoj0S5uEV19GDmvUL+xeq5pmzlpjj0ZBYZ2wHZFIfMAABBcS+3zJK/hcNX99M
ka+Q0gOhyMTtYL53nu+E5+jZSQm5DacBETrtKvbxjImQ9u1ESj3scx2XIGju+y/o
EQZuy+5gQ/jRt59aZ+k4x4lY/h7+eZCgEMw6MGMPys9Xtf3ROTjxbZX0VWsm7sN5
BpaVFz3IKVW1b64F8xZ7Ek2bezGP5Acw9EAnDBC4Pl9zD3eRhw+FBoL6VxZ8brHO
LwitHDQnTbupr0bRiLF7rBJ2QjAOxY3kIZziuTSlJA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:17 2024 by rpki-client on console-fra.rpki-client.org