Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/qPrgprJJ_RFfYOMBabpzcTzNm3g.roa
File: qPrgprJJ_RFfYOMBabpzcTzNm3g.roa (raw, json)
Hash identifier: D+Lk4hvlDqcKfTRbUW92G1Y7tQ07aReGnBl9FOSNm9I=
Subject key identifier: A8:FA:E0:A6:B2:49:FD:11:5F:60:E3:01:69:BA:73:71:3C:CD:9B:78
Certificate issuer: /CN=ccd76159bfd9e337523ee930f3df111d6bae7306
Certificate serial: 018CC8DE33E020FC5458AE02674D80AACB81
Authority key identifier: CC:D7:61:59:BF:D9:E3:37:52:3E:E9:30:F3:DF:11:1D:6B:AE:73:06
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zNdhWb_Z4zdSPukw898RHWuucwY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/qPrgprJJ_RFfYOMBabpzcTzNm3g.roa
Signing time: Tue 02 Jan 2024 06:30:54 +0000
ROA not before: Tue 02 Jan 2024 06:30:54 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 58061
IP address blocks: 91.243.189.0/24 maxlen: 24
77.83.193.0/24 maxlen: 24
212.107.26.0/24 maxlen: 24
78.142.238.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:de:33:e0:20:fc:54:58:ae:02:67:4d:80:aa:cb:81
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ccd76159bfd9e337523ee930f3df111d6bae7306
Validity
Not Before: Jan 2 06:30:54 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a8fae0a6b249fd115f60e30169ba73713ccd9b78
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:37:e9:f2:f0:9e:d6:e3:68:ff:b2:e5:c5:cf:
92:77:ac:be:2f:bf:08:05:70:f1:2e:87:bd:59:56:
b1:2b:46:7e:79:c4:5b:f4:b8:00:3b:24:f1:65:6b:
f2:bd:b7:eb:1f:90:3f:d7:f6:4d:70:94:31:3d:95:
4b:25:53:08:04:86:ba:23:a2:87:2b:92:e7:59:5e:
20:24:d0:8b:63:8b:5d:17:5b:db:de:bd:2f:1b:28:
a5:30:6c:a8:85:c9:06:b4:b5:11:16:a5:7e:3d:5c:
16:40:b8:b8:ef:2a:1d:a4:4e:23:a1:df:4f:68:e0:
a3:40:0c:5d:2d:2c:87:20:71:34:73:6f:44:66:e8:
8f:9d:53:f1:06:81:95:38:fb:14:bf:dd:1b:cf:7a:
43:0b:9f:8f:0a:87:66:fe:13:c0:2e:05:72:a8:49:
b1:fd:c0:d9:4e:c3:6d:60:66:98:d5:9e:e3:d0:41:
a7:98:03:d0:17:dd:da:09:cd:6b:11:77:3f:26:41:
30:14:01:87:52:33:b6:90:d2:b4:aa:1e:9c:7b:1f:
37:fe:e1:90:5b:c4:96:f9:7d:3d:8f:8f:b8:40:cd:
46:28:21:ef:7e:02:3f:6e:f6:ca:bf:f4:62:4a:80:
f0:27:b9:aa:f6:8f:39:c8:28:6f:4f:40:12:c2:d9:
b3:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:FA:E0:A6:B2:49:FD:11:5F:60:E3:01:69:BA:73:71:3C:CD:9B:78
X509v3 Authority Key Identifier:
keyid:CC:D7:61:59:BF:D9:E3:37:52:3E:E9:30:F3:DF:11:1D:6B:AE:73:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zNdhWb_Z4zdSPukw898RHWuucwY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/qPrgprJJ_RFfYOMBabpzcTzNm3g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/zNdhWb_Z4zdSPukw898RHWuucwY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.83.193.0/24
78.142.238.0/24
91.243.189.0/24
212.107.26.0/24
Signature Algorithm: sha256WithRSAEncryption
74:b5:f1:ee:5d:76:99:1b:ce:7b:41:de:06:8e:92:5c:37:a5:
a9:1e:ea:94:26:71:08:42:f9:07:9a:c5:e7:a4:97:f3:e0:ea:
aa:a4:3a:f8:f9:bf:25:69:bd:9d:a4:0d:13:0e:c6:51:95:e7:
98:9b:7d:87:41:f7:fa:b5:25:93:12:f3:eb:e4:23:22:0e:a8:
0b:1f:54:6f:77:dd:80:90:a5:81:a9:f1:e6:b3:56:b9:31:f9:
38:dc:e2:48:e4:01:c6:ab:48:63:55:e2:d4:51:38:cf:f3:c6:
8f:7f:ef:d4:7f:0c:71:66:2f:b4:b1:af:b9:d4:16:ce:62:81:
04:d6:7d:dc:94:28:fe:6f:03:08:f0:47:1e:c7:4d:2e:63:52:
62:37:4e:c8:00:4e:58:d1:1a:35:23:dc:b4:77:af:f7:ce:8d:
df:c7:68:88:2f:00:33:07:fe:e3:5b:62:89:1d:cb:df:aa:88:
84:68:13:e4:86:4c:60:a0:f1:23:54:ea:88:24:02:5f:43:35:
6c:7f:97:bd:ea:a0:ac:18:07:a4:ee:ee:b5:47:99:23:1f:d0:
b5:6e:aa:da:df:c8:19:1c:b3:61:37:cd:ab:c0:0e:65:d2:44:
ef:9e:7e:89:38:f7:a5:01:18:e4:29:56:d1:8a:a5:03:8c:b3:
93:96:13:cd
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYzI3jPgIPxUWK4CZ02AqsuBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNjZDc2MTU5YmZkOWUzMzc1MjNlZTkzMGYzZGYxMTFkNmJh
ZTczMDYwHhcNMjQwMTAyMDYzMDU0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOGZhZTBhNmIyNDlmZDExNWY2MGUzMDE2OWJhNzM3MTNjY2Q5Yjc4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkzfp8vCe1uNo/7Llxc+Sd6y+L78I
BXDxLoe9WVaxK0Z+ecRb9LgAOyTxZWvyvbfrH5A/1/ZNcJQxPZVLJVMIBIa6I6KH
K5LnWV4gJNCLY4tdF1vb3r0vGyilMGyohckGtLURFqV+PVwWQLi47yodpE4jod9P
aOCjQAxdLSyHIHE0c29EZuiPnVPxBoGVOPsUv90bz3pDC5+PCodm/hPALgVyqEmx
/cDZTsNtYGaY1Z7j0EGnmAPQF93aCc1rEXc/JkEwFAGHUjO2kNK0qh6cex83/uGQ
W8SW+X09j4+4QM1GKCHvfgI/bvbKv/RiSoDwJ7mq9o85yChvT0ASwtmzQQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFKj64KaySf0RX2DjAWm6c3E8zZt4MB8GA1UdIwQY
MBaAFMzXYVm/2eM3Uj7pMPPfER1rrnMGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvek5kaFdiX1o0emRTUHVrdzg5OFJIV3V1Y3dZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MC9mNmFkYTEtN2U4YS00YjNlLWI3ZTgt
Zjg1ODlmNjgyNjkxLzEvcVByZ3BySkpfUkZmWU9NQmFicHpjVHpObTNnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MC9mNmFkYTEtN2U4YS00YjNlLWI3ZTgtZjg1ODlmNjgyNjkx
LzEvek5kaFdiX1o0emRTUHVrdzg5OFJIV3V1Y3dZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQATVPBAwQA
To7uAwQAW/O9AwQA1GsaMA0GCSqGSIb3DQEBCwUAA4IBAQB0tfHuXXaZG857Qd4G
jpJcN6WpHuqUJnEIQvkHmsXnpJfz4OqqpDr4+b8lab2dpA0TDsZRleeYm32HQff6
tSWTEvPr5CMiDqgLH1Rvd92AkKWBqfHms1a5Mfk43OJI5AHGq0hjVeLUUTjP88aP
f+/UfwxxZi+0sa+51BbOYoEE1n3clCj+bwMI8Ecex00uY1JiN07IAE5Y0Ro1I9y0
d6/3zo3fx2iILwAzB/7jW2KJHcvfqoiEaBPkhkxgoPEjVOqIJAJfQzVsf5e96qCs
GAek7u61R5kjH9C1bqra38gZHLNhN82rwA5l0kTvnn6JOPelARjkKVbRiqUDjLOT
lhPN
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:17 2024 by rpki-client on console-fra.rpki-client.org