Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/ad3Voj5deCXaR9Z25_wExUK74dc.roa
File: ad3Voj5deCXaR9Z25_wExUK74dc.roa (raw, json)
Hash identifier: FQNZYEeVhw09HVRr/ypJOHtK/Mr9bMuQNwFU605yKcc=
Subject key identifier: 69:DD:D5:A2:3E:5D:78:25:DA:47:D6:76:E7:FC:04:C5:42:BB:E1:D7
Certificate issuer: /CN=ccd76159bfd9e337523ee930f3df111d6bae7306
Certificate serial: 01878F322335C2E3D11C09F5C092F369DDD7
Authority key identifier: CC:D7:61:59:BF:D9:E3:37:52:3E:E9:30:F3:DF:11:1D:6B:AE:73:06
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zNdhWb_Z4zdSPukw898RHWuucwY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/ad3Voj5deCXaR9Z25_wExUK74dc.roa
Signing time: Mon 17 Apr 2023 12:30:40 +0000
ROA not before: Mon 17 Apr 2023 12:30:40 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61317
IP address blocks: 77.83.192.0/24 maxlen: 24
77.83.195.0/24 maxlen: 24
77.83.194.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:8f:32:23:35:c2:e3:d1:1c:09:f5:c0:92:f3:69:dd:d7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ccd76159bfd9e337523ee930f3df111d6bae7306
Validity
Not Before: Apr 17 12:30:40 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=69ddd5a23e5d7825da47d676e7fc04c542bbe1d7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:6d:da:65:3c:8a:62:de:79:58:af:6f:e8:5b:
2b:71:5d:7a:fc:2b:45:b9:6b:cb:a6:60:dd:32:98:
8f:57:cd:28:9f:8a:e0:b6:2d:1e:a3:14:b1:71:5b:
67:37:01:ce:db:ed:ed:4e:9f:26:a3:55:f0:59:bb:
8d:18:d3:45:2d:36:07:f9:68:b4:1a:0e:0d:b4:05:
7f:ff:75:bb:31:58:c0:8a:b1:14:8d:b1:28:57:e0:
e1:b0:5c:a8:94:1d:75:60:7d:05:5d:37:97:b2:09:
06:2c:d8:21:46:4b:31:61:81:42:2f:19:64:70:0c:
37:7f:67:8b:1b:32:d9:a9:97:05:d6:d1:a3:e8:1d:
3b:92:44:af:09:e7:75:68:34:7d:aa:cb:1e:24:89:
ce:25:5b:8d:49:68:7a:61:02:e3:18:ec:65:2a:6d:
5f:4e:db:a8:82:e8:53:fb:c3:c4:9e:f3:31:76:ad:
77:72:16:93:da:ad:ec:3f:4a:43:9c:39:0e:6c:f4:
1f:09:a0:71:01:01:19:54:be:01:c0:89:fd:ce:5e:
f4:47:0f:42:c0:56:02:3e:9b:46:fd:7c:a1:13:08:
61:eb:7c:d1:a5:f3:8c:95:0d:24:25:bb:69:b5:38:
f1:f1:ff:de:49:94:e7:a0:bc:1d:8a:1f:a0:e7:dd:
8a:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:DD:D5:A2:3E:5D:78:25:DA:47:D6:76:E7:FC:04:C5:42:BB:E1:D7
X509v3 Authority Key Identifier:
keyid:CC:D7:61:59:BF:D9:E3:37:52:3E:E9:30:F3:DF:11:1D:6B:AE:73:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zNdhWb_Z4zdSPukw898RHWuucwY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/ad3Voj5deCXaR9Z25_wExUK74dc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/zNdhWb_Z4zdSPukw898RHWuucwY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.83.192.0/24
77.83.194.0/23
Signature Algorithm: sha256WithRSAEncryption
ca:c1:23:70:f5:7a:80:34:95:d2:ab:8e:ba:fc:d3:da:f3:45:
35:0d:40:5f:8e:ee:eb:e6:48:0f:66:56:10:28:c1:92:ef:fb:
ed:4b:23:b6:0e:83:4c:82:9e:2f:d8:15:b6:7f:92:15:03:24:
72:62:64:25:f7:a3:6c:70:06:dc:57:b6:b5:3e:dc:5c:89:d3:
32:f6:23:ba:cc:0b:74:03:ae:e9:e4:67:24:b7:eb:10:21:e4:
af:f7:b4:b3:46:54:ed:16:00:90:99:36:45:b8:17:48:6c:3a:
2e:3c:b8:d8:66:6c:6a:d7:24:53:96:e3:a8:a8:cd:0e:a6:3d:
0d:66:d8:94:1d:9f:0b:83:10:35:83:fb:49:56:fc:30:a0:e8:
4b:3f:9f:fa:c0:f1:c4:14:01:fb:89:e6:3b:e6:10:ef:99:8c:
c5:0f:b1:17:11:60:4a:78:ff:ee:ec:39:78:de:38:2b:d0:89:
5a:21:00:70:47:a7:a0:ac:a1:32:f2:b8:ce:9a:18:8a:33:e6:
64:f6:66:64:1f:dd:5c:fa:ba:0c:ed:c0:94:12:1a:e4:cd:b9:
05:06:12:4b:fc:d7:c4:4e:ee:36:4b:b5:b1:e1:f3:3f:c4:66:
cc:ba:20:06:e1:ab:a3:3b:c1:40:34:14:94:ee:61:8b:ae:d5:
be:01:23:cf
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYePMiM1wuPRHAn1wJLzad3XMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNjZDc2MTU5YmZkOWUzMzc1MjNlZTkzMGYzZGYxMTFkNmJh
ZTczMDYwHhcNMjMwNDE3MTIzMDQwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OWRkZDVhMjNlNWQ3ODI1ZGE0N2Q2NzZlN2ZjMDRjNTQyYmJlMWQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvm3aZTyKYt55WK9v6FsrcV16/CtF
uWvLpmDdMpiPV80on4rgti0eoxSxcVtnNwHO2+3tTp8mo1XwWbuNGNNFLTYH+Wi0
Gg4NtAV//3W7MVjAirEUjbEoV+DhsFyolB11YH0FXTeXsgkGLNghRksxYYFCLxlk
cAw3f2eLGzLZqZcF1tGj6B07kkSvCed1aDR9qsseJInOJVuNSWh6YQLjGOxlKm1f
TtuoguhT+8PEnvMxdq13chaT2q3sP0pDnDkObPQfCaBxAQEZVL4BwIn9zl70Rw9C
wFYCPptG/XyhEwhh63zRpfOMlQ0kJbtptTjx8f/eSZTnoLwdih+g592KawIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFGnd1aI+XXgl2kfWduf8BMVCu+HXMB8GA1UdIwQY
MBaAFMzXYVm/2eM3Uj7pMPPfER1rrnMGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvek5kaFdiX1o0emRTUHVrdzg5OFJIV3V1Y3dZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MC9mNmFkYTEtN2U4YS00YjNlLWI3ZTgt
Zjg1ODlmNjgyNjkxLzEvYWQzVm9qNWRlQ1hhUjlaMjVfd0V4VUs3NGRjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MC9mNmFkYTEtN2U4YS00YjNlLWI3ZTgtZjg1ODlmNjgyNjkx
LzEvek5kaFdiX1o0emRTUHVrdzg5OFJIV3V1Y3dZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQATVPAAwQB
TVPCMA0GCSqGSIb3DQEBCwUAA4IBAQDKwSNw9XqANJXSq466/NPa80U1DUBfju7r
5kgPZlYQKMGS7/vtSyO2DoNMgp4v2BW2f5IVAyRyYmQl96NscAbcV7a1PtxcidMy
9iO6zAt0A67p5Gckt+sQIeSv97SzRlTtFgCQmTZFuBdIbDouPLjYZmxq1yRTluOo
qM0Opj0NZtiUHZ8LgxA1g/tJVvwwoOhLP5/6wPHEFAH7ieY75hDvmYzFD7EXEWBK
eP/u7Dl43jgr0IlaIQBwR6egrKEy8rjOmhiKM+Zk9mZkH91c+roM7cCUEhrkzbkF
BhJL/NfETu42S7Wx4fM/xGbMuiAG4aujO8FANBSU7mGLrtW+ASPP
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:08:46 2024 by rpki-client on console-ams.rpki-client.org