Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6a/c493ee-f66e-4208-a31d-726f83d23892/1/4-x6Dc5h3AjGlVVeZK4EAc63Geg.roa
File: 4-x6Dc5h3AjGlVVeZK4EAc63Geg.roa (raw, json)
Hash identifier: hcz4tnhr0XLVoG2tXcv35b+Xutxu4EFScYl8fdaII1Q=
Subject key identifier: E3:EC:7A:0D:CE:61:DC:08:C6:95:55:5E:64:AE:04:01:CE:B7:19:E8
Certificate issuer: /CN=4d88eb730ab1a501ea36ea3482d764544e141111
Certificate serial: 09C1290C
Authority key identifier: 4D:88:EB:73:0A:B1:A5:01:EA:36:EA:34:82:D7:64:54:4E:14:11:11
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TYjrcwqxpQHqNuo0gtdkVE4UERE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6a/c493ee-f66e-4208-a31d-726f83d23892/1/4-x6Dc5h3AjGlVVeZK4EAc63Geg.roa
Signing time: Sat 01 Jan 2022 14:57:53 +0000
ROA not before: Sat 01 Jan 2022 14:57:53 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 59851
IP address blocks: 77.104.187.0/24 maxlen: 32
77.104.128.0/18 maxlen: 24
2a04:f280::/40 maxlen: 128
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 163653900 (0x9c1290c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4d88eb730ab1a501ea36ea3482d764544e141111
Validity
Not Before: Jan 1 14:57:53 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e3ec7a0dce61dc08c695555e64ae0401ceb719e8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:ff:5b:4a:1e:3a:87:6a:37:97:e9:07:c4:60:
05:6d:ad:33:e1:20:f7:d3:82:fc:06:fa:37:5e:30:
9f:68:30:06:0d:ba:43:3b:de:3b:49:c0:09:3f:6d:
14:2d:c9:c7:47:b1:dc:bd:ed:d7:00:a1:2f:86:b6:
76:36:7e:3d:52:24:52:21:17:64:02:b7:1a:bd:40:
d6:21:25:a7:d9:a9:1c:66:8e:3a:01:2d:7c:a9:ba:
b6:1c:ad:36:94:dd:44:b3:80:fa:34:43:a0:50:15:
c4:46:f6:0c:04:77:95:30:9d:02:d6:e9:ec:2c:d4:
c5:e9:59:1d:ab:22:ce:ec:7c:0e:0d:e0:29:fb:a2:
6e:27:e7:6c:e9:4d:e0:6a:9a:b6:cf:3f:15:86:9c:
6c:26:6e:bd:81:38:e5:7a:3b:6f:e3:d0:ec:83:00:
9d:29:41:32:c2:d2:7e:94:7b:2a:d1:1a:8c:7a:41:
22:3d:42:a4:ae:ad:12:fd:7d:13:9e:b8:b7:05:8d:
44:47:f8:c7:b1:ac:4e:ea:29:46:45:36:27:8a:fc:
32:e0:70:be:0e:e5:35:38:c3:4c:b3:2b:36:31:dc:
07:39:d9:0e:d4:7c:bf:bb:11:60:e5:47:b6:94:d9:
b2:03:e3:b4:e0:68:84:f1:ae:bb:ab:5c:ee:4e:7a:
0a:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:EC:7A:0D:CE:61:DC:08:C6:95:55:5E:64:AE:04:01:CE:B7:19:E8
X509v3 Authority Key Identifier:
keyid:4D:88:EB:73:0A:B1:A5:01:EA:36:EA:34:82:D7:64:54:4E:14:11:11
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TYjrcwqxpQHqNuo0gtdkVE4UERE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/c493ee-f66e-4208-a31d-726f83d23892/1/4-x6Dc5h3AjGlVVeZK4EAc63Geg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/c493ee-f66e-4208-a31d-726f83d23892/1/TYjrcwqxpQHqNuo0gtdkVE4UERE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.104.128.0/18
IPv6:
2a04:f280::/40
Signature Algorithm: sha256WithRSAEncryption
b7:e0:fd:ae:f6:ce:e4:5d:71:f0:2f:a6:dc:c8:aa:fd:0e:93:
64:be:f6:22:7a:45:db:f9:11:ac:b3:06:26:81:b0:86:1c:d9:
af:23:50:19:06:e4:05:58:08:ff:88:e5:fe:f1:5d:f9:93:df:
2a:72:24:b1:66:8a:6b:01:c7:9f:92:b3:a8:66:de:a1:58:bb:
39:5f:b8:47:e7:57:86:6e:95:4f:f1:99:88:54:e1:66:da:ff:
5e:1c:7b:55:87:fb:93:5c:64:c6:b9:a7:17:63:6e:eb:2c:2c:
17:59:0c:c5:76:3c:df:e7:77:ef:74:61:a8:c7:ed:8a:a5:9e:
0f:e4:84:89:c7:48:94:0f:b2:27:64:19:da:74:24:92:fe:9e:
e4:2a:52:87:f6:7e:bd:01:0f:b8:a2:0d:a2:38:ce:17:82:a2:
8e:f3:18:5d:05:f9:01:64:d6:05:c9:f1:04:33:29:51:bf:c7:
f6:bc:39:45:67:40:d8:a0:d7:72:61:de:07:31:47:b2:c9:0d:
15:b9:5d:24:82:ce:a2:ae:f7:f8:73:a0:76:f8:47:82:98:97:
97:09:4b:9b:ea:1f:10:9a:fe:4b:cb:8d:11:ed:9a:1f:ea:6d:
ea:87:99:22:e7:5f:cf:e5:eb:ea:c4:a8:72:1a:78:1f:dc:f5:
9d:53:17:5e
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgIECcEpDDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
ZDg4ZWI3MzBhYjFhNTAxZWEzNmVhMzQ4MmQ3NjQ1NDRlMTQxMTExMB4XDTIyMDEw
MTE0NTc1M1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZTNlYzdhMGRjZTYx
ZGMwOGM2OTU1NTVlNjRhZTA0MDFjZWI3MTllODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANL/W0oeOodqN5fpB8RgBW2tM+Eg99OC/Ab6N14wn2gwBg26
QzveO0nACT9tFC3Jx0ex3L3t1wChL4a2djZ+PVIkUiEXZAK3Gr1A1iElp9mpHGaO
OgEtfKm6thytNpTdRLOA+jRDoFAVxEb2DAR3lTCdAtbp7CzUxelZHasizux8Dg3g
KfuibifnbOlN4Gqats8/FYacbCZuvYE45Xo7b+PQ7IMAnSlBMsLSfpR7KtEajHpB
Ij1CpK6tEv19E564twWNREf4x7GsTuopRkU2J4r8MuBwvg7lNTjDTLMrNjHcBznZ
DtR8v7sRYOVHtpTZsgPjtOBohPGuu6tc7k56Cs0CAwEAAaOCAhkwggIVMB0GA1Ud
DgQWBBTj7HoNzmHcCMaVVV5krgQBzrcZ6DAfBgNVHSMEGDAWgBRNiOtzCrGlAeo2
6jSC12RUThQRETAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1RZanJjd3F4cFFIcU51bzBndGRrVkU0VUVSRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNmEvYzQ5M2VlLWY2NmUtNDIwOC1hMzFkLTcyNmY4M2QyMzg5Mi8x
LzQteDZEYzVoM0FqR2xWVmVaSzRFQWM2M0dlZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNmEv
YzQ5M2VlLWY2NmUtNDIwOC1hMzFkLTcyNmY4M2QyMzg5Mi8xL1RZanJjd3F4cFFI
cU51bzBndGRrVkU0VUVSRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAv
BggrBgEFBQcBBwEB/wQgMB4wDAQCAAEwBgMEBk1ogDAOBAIAAjAIAwYAKgTygAAw
DQYJKoZIhvcNAQELBQADggEBALfg/a72zuRdcfAvptzIqv0Ok2S+9iJ6Rdv5Eayz
BiaBsIYc2a8jUBkG5AVYCP+I5f7xXfmT3ypyJLFmimsBx5+Ss6hm3qFYuzlfuEfn
V4ZulU/xmYhU4Wba/14ce1WH+5NcZMa5pxdjbussLBdZDMV2PN/nd+90YajH7Yql
ng/khInHSJQPsidkGdp0JJL+nuQqUof2fr0BD7iiDaI4zheCoo7zGF0F+QFk1gXJ
8QQzKVG/x/a8OUVnQNig13Jh3gcxR7LJDRW5XSSCzqKu9/hzoHb4R4KYl5cJS5vq
HxCa/kvLjRHtmh/qbeqHmSLnX8/l6+rEqHIaeB/c9Z1TF14=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:16:14 2024 by rpki-client on console-ams.rpki-client.org