Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/gA-O8PIkAcb-VhOO_9ieCdl2bAw.roa
File: gA-O8PIkAcb-VhOO_9ieCdl2bAw.roa (raw, json)
Hash identifier: RaTg/t5ETei69l4jVzWOgQfdrqtuMOxFDanE0bverm0=
Subject key identifier: 80:0F:8E:F0:F2:24:01:C6:FE:56:13:8E:FF:D8:9E:09:D9:76:6C:0C
Certificate issuer: /CN=ccd76159bfd9e337523ee930f3df111d6bae7306
Certificate serial: 01860333BDCEF047D57E1D777D95DBFC14CD
Authority key identifier: CC:D7:61:59:BF:D9:E3:37:52:3E:E9:30:F3:DF:11:1D:6B:AE:73:06
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zNdhWb_Z4zdSPukw898RHWuucwY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/gA-O8PIkAcb-VhOO_9ieCdl2bAw.roa
Signing time: Mon 30 Jan 2023 15:02:47 +0000
ROA not before: Mon 30 Jan 2023 15:02:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208485
IP address blocks: 77.83.83.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:03:33:bd:ce:f0:47:d5:7e:1d:77:7d:95:db:fc:14:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ccd76159bfd9e337523ee930f3df111d6bae7306
Validity
Not Before: Jan 30 15:02:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=800f8ef0f22401c6fe56138effd89e09d9766c0c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:26:d3:92:ee:db:1b:1f:7b:44:ed:f6:5e:12:
e7:bc:c3:fc:a3:95:e5:4f:67:43:01:6e:7b:ae:4f:
65:e4:27:6b:75:38:5c:9e:74:1d:55:dd:0a:39:30:
f9:27:20:84:4b:fe:02:f6:a7:9c:78:b2:13:b0:1e:
cf:3a:88:11:ce:39:43:41:9c:30:52:d8:7a:1a:88:
2f:12:74:76:89:19:15:d3:69:ae:4a:cf:26:f3:3b:
46:35:92:d1:7d:f3:2a:f8:86:de:f9:4e:26:1e:38:
73:a3:05:9c:a3:31:27:ef:9b:fb:7a:32:d8:0f:0c:
cc:0f:0f:f3:58:c9:80:87:2e:2f:68:bf:d3:32:95:
b4:97:ca:59:bd:a2:b6:39:27:9e:9e:38:d1:86:02:
5e:22:65:7a:bb:a1:93:e1:a9:0e:34:b4:8f:2d:b1:
2e:81:9e:4b:9d:e2:fe:e1:a1:a1:bb:3c:e6:fd:c3:
e9:f5:df:1f:0c:3e:56:eb:c0:8f:3b:1c:df:b3:ac:
ee:57:0f:57:19:06:04:58:ab:ab:a7:6d:c0:a9:a6:
71:fc:b8:9c:6b:0f:b8:b3:c3:f7:80:72:41:60:5d:
71:12:7e:bf:80:e6:07:d7:48:1c:30:43:5a:46:dd:
37:18:93:cb:dc:64:4e:d3:fd:b1:3a:33:96:12:31:
3b:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:0F:8E:F0:F2:24:01:C6:FE:56:13:8E:FF:D8:9E:09:D9:76:6C:0C
X509v3 Authority Key Identifier:
keyid:CC:D7:61:59:BF:D9:E3:37:52:3E:E9:30:F3:DF:11:1D:6B:AE:73:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zNdhWb_Z4zdSPukw898RHWuucwY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/gA-O8PIkAcb-VhOO_9ieCdl2bAw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/zNdhWb_Z4zdSPukw898RHWuucwY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.83.83.0/24
Signature Algorithm: sha256WithRSAEncryption
a4:4c:29:01:36:8d:f9:b3:08:b8:87:d0:96:be:20:d1:be:93:
03:5a:ef:ff:09:46:9d:27:e7:c1:79:88:1d:59:8c:8a:05:ca:
97:44:ea:43:1e:a7:12:81:53:ca:24:99:53:92:b1:1f:14:6c:
00:fc:f6:33:9c:dd:c8:8a:c9:7c:41:38:65:a8:70:0b:22:79:
fd:f5:ac:af:d3:11:41:dc:76:e1:fb:a8:07:37:b6:f9:14:ba:
da:fa:2b:b9:8a:e1:55:9f:72:36:12:1a:93:f3:cb:f4:58:f1:
1d:eb:7d:b9:dd:47:90:76:3f:7a:a5:d7:a6:53:2e:48:95:0a:
d1:86:96:18:36:2e:2b:6b:18:ef:f3:5e:80:37:86:5b:01:bc:
ba:01:9a:9a:8d:73:e9:0f:84:e0:5a:2e:91:67:fc:76:76:77:
7a:0f:12:84:32:56:1a:bd:1e:db:5b:5a:74:41:76:94:f8:9b:
6b:12:f9:9c:ad:90:eb:c6:f5:1b:1e:48:8e:43:04:43:97:c6:
d6:c0:57:46:eb:0b:e8:28:52:ea:5f:24:76:07:d5:cd:8a:42:
42:75:0d:58:6e:9c:d4:66:61:8c:b5:75:43:8a:71:f0:10:f9:
d4:65:65:9e:28:17:90:f7:57:11:b7:f4:98:c2:2a:ab:27:86:
34:81:92:c9
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYYDM73O8EfVfh13fZXb/BTNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNjZDc2MTU5YmZkOWUzMzc1MjNlZTkzMGYzZGYxMTFkNmJh
ZTczMDYwHhcNMjMwMTMwMTUwMjQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MDBmOGVmMGYyMjQwMWM2ZmU1NjEzOGVmZmQ4OWUwOWQ5NzY2YzBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgSbTku7bGx97RO32XhLnvMP8o5Xl
T2dDAW57rk9l5CdrdThcnnQdVd0KOTD5JyCES/4C9qeceLITsB7POogRzjlDQZww
Uth6GogvEnR2iRkV02muSs8m8ztGNZLRffMq+Ibe+U4mHjhzowWcozEn75v7ejLY
DwzMDw/zWMmAhy4vaL/TMpW0l8pZvaK2OSeenjjRhgJeImV6u6GT4akONLSPLbEu
gZ5LneL+4aGhuzzm/cPp9d8fDD5W68CPOxzfs6zuVw9XGQYEWKurp23AqaZx/Lic
aw+4s8P3gHJBYF1xEn6/gOYH10gcMENaRt03GJPL3GRO0/2xOjOWEjE7CQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIAPjvDyJAHG/lYTjv/YngnZdmwMMB8GA1UdIwQY
MBaAFMzXYVm/2eM3Uj7pMPPfER1rrnMGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvek5kaFdiX1o0emRTUHVrdzg5OFJIV3V1Y3dZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MC9mNmFkYTEtN2U4YS00YjNlLWI3ZTgt
Zjg1ODlmNjgyNjkxLzEvZ0EtTzhQSWtBY2ItVmhPT185aWVDZGwyYkF3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MC9mNmFkYTEtN2U4YS00YjNlLWI3ZTgtZjg1ODlmNjgyNjkx
LzEvek5kaFdiX1o0emRTUHVrdzg5OFJIV3V1Y3dZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQATVNTMA0G
CSqGSIb3DQEBCwUAA4IBAQCkTCkBNo35swi4h9CWviDRvpMDWu//CUadJ+fBeYgd
WYyKBcqXROpDHqcSgVPKJJlTkrEfFGwA/PYznN3Iisl8QThlqHALInn99ayv0xFB
3Hbh+6gHN7b5FLra+iu5iuFVn3I2EhqT88v0WPEd63253UeQdj96pdemUy5IlQrR
hpYYNi4raxjv816AN4ZbAby6AZqajXPpD4TgWi6RZ/x2dnd6DxKEMlYavR7bW1p0
QXaU+JtrEvmcrZDrxvUbHkiOQwRDl8bWwFdG6wvoKFLqXyR2B9XNikJCdQ1YbpzU
ZmGMtXVDinHwEPnUZWWeKBeQ91cRt/SYwiqrJ4Y0gZLJ
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:08:46 2024 by rpki-client on console-ams.rpki-client.org