Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/jJxUrz8n_xBCCzLRghyxxxFSYoc.roa
File: jJxUrz8n_xBCCzLRghyxxxFSYoc.roa (raw, json)
Hash identifier: w5PFBYOdLmf/6RTlNSwiLn3EeRniZ/NOdWXYQ4PyFkw=
Subject key identifier: 8C:9C:54:AF:3F:27:FF:10:42:0B:32:D1:82:1C:B1:C7:11:52:62:87
Certificate issuer: /CN=ccd76159bfd9e337523ee930f3df111d6bae7306
Certificate serial: 018CC8DE335A70C4B0BF05060C59631B0D88
Authority key identifier: CC:D7:61:59:BF:D9:E3:37:52:3E:E9:30:F3:DF:11:1D:6B:AE:73:06
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zNdhWb_Z4zdSPukw898RHWuucwY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/jJxUrz8n_xBCCzLRghyxxxFSYoc.roa
Signing time: Tue 02 Jan 2024 06:30:54 +0000
ROA not before: Tue 02 Jan 2024 06:30:54 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 50308
IP address blocks: 77.83.150.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:de:33:5a:70:c4:b0:bf:05:06:0c:59:63:1b:0d:88
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ccd76159bfd9e337523ee930f3df111d6bae7306
Validity
Not Before: Jan 2 06:30:54 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8c9c54af3f27ff10420b32d1821cb1c711526287
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:ff:7c:9d:66:79:3d:89:b0:82:a8:10:45:35:
ed:f2:0c:7f:63:e6:09:9c:8b:7a:f7:41:77:98:fe:
d6:e9:45:48:24:35:f3:e8:95:be:82:e1:49:64:95:
f4:75:9a:de:d2:2c:e1:99:09:1b:5a:34:aa:ba:bf:
72:e7:5e:22:01:73:11:4f:b3:d6:35:93:91:35:9f:
3d:04:9e:2a:d9:73:d0:51:3c:30:71:e5:85:bf:5f:
49:9a:42:56:cb:c2:d2:f6:50:d5:47:36:b0:c4:80:
40:a7:f1:6f:2f:49:5c:7b:fc:11:ca:0d:9c:d4:96:
5c:35:6b:fb:c3:54:6d:86:91:e5:e4:f7:be:b3:c6:
65:71:ff:3a:bf:db:78:67:a2:69:9b:3d:f3:a5:87:
3f:8a:05:3d:3f:b4:d5:84:9b:32:83:73:8c:ee:8c:
8b:7c:54:84:98:07:0d:90:87:1d:93:b6:89:55:1b:
9a:9d:b8:44:35:90:3b:79:43:8b:3d:54:b6:f2:b9:
6c:3b:a4:81:0c:15:c1:e8:77:01:42:06:be:97:6b:
7a:0b:18:6d:f4:12:b6:87:f8:01:25:d9:34:b9:14:
ea:1d:33:3c:60:ab:fd:c6:94:e2:90:d4:2e:91:db:
a5:42:1e:5a:61:a1:25:4d:e1:ef:33:f9:9c:e3:fb:
2e:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:9C:54:AF:3F:27:FF:10:42:0B:32:D1:82:1C:B1:C7:11:52:62:87
X509v3 Authority Key Identifier:
keyid:CC:D7:61:59:BF:D9:E3:37:52:3E:E9:30:F3:DF:11:1D:6B:AE:73:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zNdhWb_Z4zdSPukw898RHWuucwY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/jJxUrz8n_xBCCzLRghyxxxFSYoc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/zNdhWb_Z4zdSPukw898RHWuucwY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.83.150.0/24
Signature Algorithm: sha256WithRSAEncryption
81:84:b3:06:45:7e:42:cb:74:d8:60:cc:57:01:c0:3e:aa:c6:
76:f9:2f:86:26:59:1d:ef:09:ca:6f:38:d1:71:e0:79:c0:3c:
c9:51:cf:91:e2:2d:c4:2b:e1:06:ea:1d:cf:fc:88:8c:a8:e8:
c2:ee:62:d9:03:30:bd:ba:4e:6d:f4:b7:4e:49:ef:35:7e:fc:
23:0e:51:35:f6:fc:8e:88:dd:22:71:af:ae:32:9d:fd:9f:80:
83:cd:67:ce:65:89:40:51:9e:bf:59:05:c3:a2:8f:5a:1a:e3:
3c:31:70:bf:08:75:33:57:b7:e7:60:e4:bd:cb:3a:fe:86:15:
03:2d:4c:80:b8:08:f8:d1:45:6f:55:b3:1b:74:d5:e2:cb:16:
29:53:38:c6:48:4e:fe:4c:4b:7c:de:66:42:57:ad:67:fc:88:
7d:3d:20:c1:1b:7b:02:3d:ef:42:b2:34:30:51:d0:09:d4:90:
79:de:29:de:05:f6:0e:e7:d6:5c:58:0f:4f:4c:87:87:c6:16:
6a:45:bf:19:31:d0:7f:4f:62:e7:46:ee:ef:a5:4b:fd:d6:a5:
c4:44:5e:db:7f:81:33:84:63:ae:da:23:be:f5:d5:49:b6:69:
8f:43:57:ad:ea:9c:88:d8:3f:4f:7a:ee:b0:d4:41:fa:3b:2c:
12:1c:9d:53
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzI3jNacMSwvwUGDFljGw2IMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNjZDc2MTU5YmZkOWUzMzc1MjNlZTkzMGYzZGYxMTFkNmJh
ZTczMDYwHhcNMjQwMTAyMDYzMDU0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YzljNTRhZjNmMjdmZjEwNDIwYjMyZDE4MjFjYjFjNzExNTI2Mjg3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApP98nWZ5PYmwgqgQRTXt8gx/Y+YJ
nIt690F3mP7W6UVIJDXz6JW+guFJZJX0dZre0izhmQkbWjSqur9y514iAXMRT7PW
NZORNZ89BJ4q2XPQUTwwceWFv19JmkJWy8LS9lDVRzawxIBAp/FvL0lce/wRyg2c
1JZcNWv7w1RthpHl5Pe+s8Zlcf86v9t4Z6Jpmz3zpYc/igU9P7TVhJsyg3OM7oyL
fFSEmAcNkIcdk7aJVRuanbhENZA7eUOLPVS28rlsO6SBDBXB6HcBQga+l2t6Cxht
9BK2h/gBJdk0uRTqHTM8YKv9xpTikNQukdulQh5aYaElTeHvM/mc4/sutQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIycVK8/J/8QQgsy0YIcsccRUmKHMB8GA1UdIwQY
MBaAFMzXYVm/2eM3Uj7pMPPfER1rrnMGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvek5kaFdiX1o0emRTUHVrdzg5OFJIV3V1Y3dZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MC9mNmFkYTEtN2U4YS00YjNlLWI3ZTgt
Zjg1ODlmNjgyNjkxLzEvakp4VXJ6OG5feEJDQ3pMUmdoeXh4eEZTWW9jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MC9mNmFkYTEtN2U4YS00YjNlLWI3ZTgtZjg1ODlmNjgyNjkx
LzEvek5kaFdiX1o0emRTUHVrdzg5OFJIV3V1Y3dZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQATVOWMA0G
CSqGSIb3DQEBCwUAA4IBAQCBhLMGRX5Cy3TYYMxXAcA+qsZ2+S+GJlkd7wnKbzjR
ceB5wDzJUc+R4i3EK+EG6h3P/IiMqOjC7mLZAzC9uk5t9LdOSe81fvwjDlE19vyO
iN0ica+uMp39n4CDzWfOZYlAUZ6/WQXDoo9aGuM8MXC/CHUzV7fnYOS9yzr+hhUD
LUyAuAj40UVvVbMbdNXiyxYpUzjGSE7+TEt83mZCV61n/Ih9PSDBG3sCPe9CsjQw
UdAJ1JB53ineBfYO59ZcWA9PTIeHxhZqRb8ZMdB/T2LnRu7vpUv91qXERF7bf4Ez
hGOu2iO+9dVJtmmPQ1et6pyI2D9Peu6w1EH6OywSHJ1T
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:08:46 2024 by rpki-client on console-ams.rpki-client.org