Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/gGblVbmkxiJ_EqBRXMLpi7TabPo.roa
File: gGblVbmkxiJ_EqBRXMLpi7TabPo.roa (raw, json)
Hash identifier: mNly95UfWyeldgCbsXQEo3gwYHkpOvSEJy/7cQCj6C4=
Subject key identifier: 80:66:E5:55:B9:A4:C6:22:7F:12:A0:51:5C:C2:E9:8B:B4:DA:6C:FA
Certificate issuer: /CN=f8e62634e1bd5133a9de4512ae98cad1b2219b59
Certificate serial: 4297DC5D
Authority key identifier: F8:E6:26:34:E1:BD:51:33:A9:DE:45:12:AE:98:CA:D1:B2:21:9B:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/gGblVbmkxiJ_EqBRXMLpi7TabPo.roa
Signing time: Fri 22 Apr 2022 07:30:15 +0000
ROA not before: Fri 22 Apr 2022 07:30:15 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 56840
IP address blocks: 77.81.0.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1117248605 (0x4297dc5d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f8e62634e1bd5133a9de4512ae98cad1b2219b59
Validity
Not Before: Apr 22 07:30:15 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=8066e555b9a4c6227f12a0515cc2e98bb4da6cfa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:ca:55:f4:59:ac:3c:c9:44:83:7e:66:5a:f2:
8a:57:30:90:9f:5f:6c:7a:94:8a:4b:05:11:9a:96:
2a:99:f2:fa:14:a7:09:57:6e:0b:12:07:07:f6:9f:
75:12:94:63:08:a8:19:f5:89:b4:ad:60:9b:4f:f4:
ab:4a:bd:69:34:44:2d:93:85:dc:5c:02:1e:c7:c8:
9a:75:bc:18:3f:70:f0:80:ad:c5:34:4d:99:21:4e:
21:aa:9b:04:11:e2:19:bd:fe:21:a0:5a:25:05:bc:
11:79:a6:e9:a4:7e:9d:84:3e:90:b9:6c:6e:78:67:
11:af:78:9c:99:cd:f5:c3:d0:09:03:35:a4:d5:40:
0b:9a:44:d5:14:d1:99:43:8e:46:a8:bd:13:53:0a:
d6:9f:3c:56:99:9c:b0:2e:e6:05:7a:df:e2:6d:04:
cd:42:43:35:a8:bf:91:29:d3:b8:d2:32:8c:ab:a3:
9d:57:34:bc:d5:b2:91:fe:b1:cb:cb:29:e7:8c:86:
ee:c5:93:dc:7b:1a:9f:e8:a1:49:a2:d2:0a:d0:37:
47:84:7d:8f:f8:41:72:f1:42:0f:83:56:fe:22:03:
d2:9a:0b:85:34:3f:a8:c5:31:f5:5e:b8:11:b6:e3:
d9:87:fe:ce:f4:d2:bf:2a:10:52:86:48:95:69:34:
29:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:66:E5:55:B9:A4:C6:22:7F:12:A0:51:5C:C2:E9:8B:B4:DA:6C:FA
X509v3 Authority Key Identifier:
keyid:F8:E6:26:34:E1:BD:51:33:A9:DE:45:12:AE:98:CA:D1:B2:21:9B:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/gGblVbmkxiJ_EqBRXMLpi7TabPo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.81.0.0/24
Signature Algorithm: sha256WithRSAEncryption
3d:0c:97:65:30:c9:30:e0:4b:62:13:27:81:07:b3:c5:4d:77:
d5:8e:27:06:59:71:cb:ca:75:3c:e4:ca:54:e1:ad:b6:99:2a:
d4:6e:c5:aa:b5:3d:eb:c1:6b:16:f9:a5:ae:60:5b:37:4d:76:
a2:50:40:11:8b:6d:5c:39:a4:3c:ad:00:2e:37:49:2f:f8:db:
11:64:0b:19:11:c4:5d:ba:35:73:ef:a2:bd:93:75:c3:61:93:
1f:65:6a:ae:7a:a5:c1:b2:ba:20:ee:43:87:53:1a:5d:f1:6e:
d8:72:87:12:e2:48:54:56:5a:5f:ff:dc:bb:51:c5:ee:0b:13:
9c:4e:60:f3:73:b8:c0:5d:ea:a6:46:f9:63:86:d8:b8:c6:98:
be:05:84:0e:99:36:a0:2d:ae:9e:f3:0e:58:82:67:9b:e9:25:
22:14:f0:0f:d2:af:fb:3a:3d:15:26:7a:b6:94:98:97:c8:09:
be:c2:fa:ac:d7:ce:d7:34:fb:78:f7:0e:90:48:09:aa:60:e5:
3d:a6:e0:0a:05:35:0e:11:45:3a:c6:8e:75:40:fc:ba:aa:1b:
99:b7:cb:d3:62:cc:3f:c1:78:96:fd:1c:53:92:a8:98:be:39:
c2:96:04:32:69:26:ca:85:28:ff:23:40:04:c0:86:d2:84:a4:
8f:ce:40:8c
-----BEGIN CERTIFICATE-----
MIIE8TCCA9mgAwIBAgIEQpfcXTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
OGU2MjYzNGUxYmQ1MTMzYTlkZTQ1MTJhZTk4Y2FkMWIyMjE5YjU5MB4XDTIyMDQy
MjA3MzAxNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoODA2NmU1NTViOWE0
YzYyMjdmMTJhMDUxNWNjMmU5OGJiNGRhNmNmYTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALHKVfRZrDzJRIN+ZlryilcwkJ9fbHqUiksFEZqWKpny+hSn
CVduCxIHB/afdRKUYwioGfWJtK1gm0/0q0q9aTRELZOF3FwCHsfImnW8GD9w8ICt
xTRNmSFOIaqbBBHiGb3+IaBaJQW8EXmm6aR+nYQ+kLlsbnhnEa94nJnN9cPQCQM1
pNVAC5pE1RTRmUOORqi9E1MK1p88VpmcsC7mBXrf4m0EzUJDNai/kSnTuNIyjKuj
nVc0vNWykf6xy8sp54yG7sWT3Hsan+ihSaLSCtA3R4R9j/hBcvFCD4NW/iID0poL
hTQ/qMUx9V64Ebbj2Yf+zvTSvyoQUoZIlWk0KUUCAwEAAaOCAgswggIHMB0GA1Ud
DgQWBBSAZuVVuaTGIn8SoFFcwumLtNps+jAfBgNVHSMEGDAWgBT45iY04b1RM6ne
RRKumMrRsiGbWTAOBgNVHQ8BAf8EBAMCB4AwZQYIKwYBBQUHAQEEWTBXMFUGCCsG
AQUFBzAChklyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzEtT1ltTk9HOVVUT3Aza1VTcnBqSzBiSWhtMWsuY2VyMIGNBggrBgEFBQcBCwSB
gDB+MHwGCCsGAQUFBzALhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS9ERUZBVUxULzc4L2RhMzM5OC02Njk4LTQ1ZjItYmFhZS05MmUyNWZlMTYzMzEv
MS9nR2JsVmJta3hpSl9FcUJSWE1McGk3VGFiUG8ucm9hMIGCBgNVHR8EezB5MHeg
daBzhnFyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzc4
L2RhMzM5OC02Njk4LTQ1ZjItYmFhZS05MmUyNWZlMTYzMzEvMS8xLU9ZbU5PRzlV
VE9wM2tVU3JwakswYklobTFrLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4C
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQATVEAMA0GCSqGSIb3DQEBCwUA
A4IBAQA9DJdlMMkw4EtiEyeBB7PFTXfVjicGWXHLynU85MpU4a22mSrUbsWqtT3r
wWsW+aWuYFs3TXaiUEARi21cOaQ8rQAuN0kv+NsRZAsZEcRdujVz76K9k3XDYZMf
ZWqueqXBsrog7kOHUxpd8W7YcocS4khUVlpf/9y7UcXuCxOcTmDzc7jAXeqmRvlj
hti4xpi+BYQOmTagLa6e8w5Ygmeb6SUiFPAP0q/7Oj0VJnq2lJiXyAm+wvqs187X
NPt49w6QSAmqYOU9puAKBTUOEUU6xo51QPy6qhuZt8vTYsw/wXiW/RxTkqiYvjnC
lgQyaSbKhSj/I0AEwIbShKSPzkCM
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:37:42 2025 by rpki-client