Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/byFnBvgzIMJq9u1ud6u9ans8KbM.roa
File: byFnBvgzIMJq9u1ud6u9ans8KbM.roa (raw, json)
Hash identifier: 9LQmV5k82rGbq2PVDXuh+9GWwMoXRAEYvVPnG9onrQk=
Subject key identifier: 6F:21:67:06:F8:33:20:C2:6A:F6:ED:6E:77:AB:BD:6A:7B:3C:29:B3
Certificate issuer: /CN=ccd76159bfd9e337523ee930f3df111d6bae7306
Certificate serial: 06E3FEA7
Authority key identifier: CC:D7:61:59:BF:D9:E3:37:52:3E:E9:30:F3:DF:11:1D:6B:AE:73:06
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zNdhWb_Z4zdSPukw898RHWuucwY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/byFnBvgzIMJq9u1ud6u9ans8KbM.roa
Signing time: Thu 05 May 2022 13:27:42 +0000
ROA not before: Thu 05 May 2022 13:27:42 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 58061
IP address blocks: 77.83.193.0/24 maxlen: 24
194.147.88.0/24 maxlen: 24
213.139.203.0/24 maxlen: 24
194.169.86.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 115605159 (0x6e3fea7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ccd76159bfd9e337523ee930f3df111d6bae7306
Validity
Not Before: May 5 13:27:42 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6f216706f83320c26af6ed6e77abbd6a7b3c29b3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f2:83:6f:5e:62:ac:ea:93:ce:99:48:a3:f5:80:
5b:8f:64:19:7e:20:ad:5a:46:81:64:dd:30:68:b1:
99:e3:b6:08:f6:b7:8f:3a:09:fd:f8:da:d5:a5:93:
45:9a:10:cc:f0:00:6b:21:0e:e5:90:8c:4c:e3:a6:
51:52:65:8c:a2:49:95:fd:81:fe:cd:25:1d:e0:d2:
cc:9d:5a:28:33:4e:25:7f:5f:6b:80:4d:a2:90:53:
1a:3e:ac:ea:d7:88:97:d4:26:df:d0:77:ab:a6:b4:
b2:d7:13:05:27:9c:df:cb:72:a1:b6:70:89:db:e9:
7d:c3:37:a0:40:86:ea:08:10:b5:e2:81:7b:b1:5d:
cc:b3:92:27:3d:1d:db:85:28:94:5f:10:1a:ef:c1:
dc:d1:b0:52:91:1d:0e:8a:3b:1b:53:43:d0:c6:9e:
67:69:5f:58:48:fc:f6:a2:bc:b4:1e:fe:0e:43:d2:
11:d3:46:39:30:b0:04:b7:77:d4:3d:57:f0:e4:cf:
3a:fb:0d:32:a5:d1:af:f9:7a:42:be:cf:ac:c5:af:
ee:e2:ad:d1:de:0e:31:11:6d:4d:32:83:76:f7:78:
67:23:13:13:a0:b7:2a:ed:d7:5c:bd:f7:25:2b:b7:
f4:4b:8b:50:f8:97:91:ff:31:3a:5f:b5:67:17:8f:
41:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:21:67:06:F8:33:20:C2:6A:F6:ED:6E:77:AB:BD:6A:7B:3C:29:B3
X509v3 Authority Key Identifier:
keyid:CC:D7:61:59:BF:D9:E3:37:52:3E:E9:30:F3:DF:11:1D:6B:AE:73:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zNdhWb_Z4zdSPukw898RHWuucwY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/byFnBvgzIMJq9u1ud6u9ans8KbM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/zNdhWb_Z4zdSPukw898RHWuucwY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.83.193.0/24
194.147.88.0/24
194.169.86.0/24
213.139.203.0/24
Signature Algorithm: sha256WithRSAEncryption
a4:d9:94:f4:f5:bb:0f:c0:7e:00:66:4d:c3:e0:95:1a:2b:b1:
c5:aa:68:c4:5f:74:69:81:b7:04:5f:30:ac:6e:31:2d:e6:15:
90:b4:78:92:b0:9c:d1:16:1a:87:54:10:96:c5:d0:e6:da:a6:
f3:14:99:f8:36:42:26:5d:7b:d5:64:96:6d:f1:6e:44:04:80:
5d:4a:8a:7f:76:8c:eb:d9:3c:6f:18:ce:b6:b3:03:bc:a8:1d:
f2:3e:d2:20:02:8f:4b:ad:c2:68:48:65:23:1c:8c:47:4d:92:
ea:81:01:7d:26:95:a2:20:94:88:1c:89:d1:62:2d:d2:55:0a:
03:a3:27:11:bc:a6:f6:11:1e:10:4b:b0:24:3b:ce:81:ea:9f:
5f:e5:7e:89:47:8d:50:11:c6:0f:8d:3e:7b:92:16:a0:74:75:
7f:fc:59:8f:93:79:43:3f:f9:a2:e6:1b:3d:c2:5c:0c:8d:05:
8e:61:3e:ee:5d:5a:c0:10:1f:5f:2c:9c:72:70:49:c9:a7:73:
2b:a5:48:83:d8:61:46:e6:66:73:f0:55:bb:bf:fa:ab:be:67:
a2:5c:26:07:5a:4c:a8:f4:52:56:06:fe:5b:c1:57:0e:7b:ca:
cf:b7:35:24:f3:a3:88:07:ed:33:33:57:a5:78:ab:b4:7e:a1:
10:3e:8a:27
-----BEGIN CERTIFICATE-----
MIIFATCCA+mgAwIBAgIEBuP+pzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
Y2Q3NjE1OWJmZDllMzM3NTIzZWU5MzBmM2RmMTExZDZiYWU3MzA2MB4XDTIyMDUw
NTEzMjc0MloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNmYyMTY3MDZmODMz
MjBjMjZhZjZlZDZlNzdhYmJkNmE3YjNjMjliMzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAPKDb15irOqTzplIo/WAW49kGX4grVpGgWTdMGixmeO2CPa3
jzoJ/fja1aWTRZoQzPAAayEO5ZCMTOOmUVJljKJJlf2B/s0lHeDSzJ1aKDNOJX9f
a4BNopBTGj6s6teIl9Qm39B3q6a0stcTBSec38tyobZwidvpfcM3oECG6ggQteKB
e7FdzLOSJz0d24UolF8QGu/B3NGwUpEdDoo7G1ND0MaeZ2lfWEj89qK8tB7+DkPS
EdNGOTCwBLd31D1X8OTPOvsNMqXRr/l6Qr7PrMWv7uKt0d4OMRFtTTKDdvd4ZyMT
E6C3Ku3XXL33JSu39EuLUPiXkf8xOl+1ZxePQWkCAwEAAaOCAhswggIXMB0GA1Ud
DgQWBBRvIWcG+DMgwmr27W53q71qezwpszAfBgNVHSMEGDAWgBTM12FZv9njN1I+
6TDz3xEda65zBjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3pOZGhXYl9aNHpkU1B1a3c4OThSSFd1dWN3WS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTAvZjZhZGExLTdlOGEtNGIzZS1iN2U4LWY4NTg5ZjY4MjY5MS8x
L2J5Rm5Cdmd6SU1KcTl1MXVkNnU5YW5zOEtiTS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTAv
ZjZhZGExLTdlOGEtNGIzZS1iN2U4LWY4NTg5ZjY4MjY5MS8xL3pOZGhXYl9aNHpk
U1B1a3c4OThSSFd1dWN3WS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAx
BggrBgEFBQcBBwEB/wQiMCAwHgQCAAEwGAMEAE1TwQMEAMKTWAMEAMKpVgMEANWL
yzANBgkqhkiG9w0BAQsFAAOCAQEApNmU9PW7D8B+AGZNw+CVGiuxxapoxF90aYG3
BF8wrG4xLeYVkLR4krCc0RYah1QQlsXQ5tqm8xSZ+DZCJl171WSWbfFuRASAXUqK
f3aM69k8bxjOtrMDvKgd8j7SIAKPS63CaEhlIxyMR02S6oEBfSaVoiCUiByJ0WIt
0lUKA6MnEbym9hEeEEuwJDvOgeqfX+V+iUeNUBHGD40+e5IWoHR1f/xZj5N5Qz/5
ouYbPcJcDI0FjmE+7l1awBAfXyyccnBJyadzK6VIg9hhRuZmc/BVu7/6q75nolwm
B1pMqPRSVgb+W8FXDnvKz7c1JPOjiAftMzNXpXirtH6hED6KJw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:08:46 2024 by rpki-client on console-ams.rpki-client.org