Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/reeXhp2Q2r51NloVo6yAPs2k_fc.roa
File: reeXhp2Q2r51NloVo6yAPs2k_fc.roa (raw, json)
Hash identifier: y52gRos/H/zWaf+NNverYuN9Pr8FG75CkQDrbA8OyiM=
Subject key identifier: AD:E7:97:86:9D:90:DA:BE:75:36:5A:15:A3:AC:80:3E:CD:A4:FD:F7
Certificate issuer: /CN=f8e62634e1bd5133a9de4512ae98cad1b2219b59
Certificate serial: 01856FD51EB5DBD2BFA7D31CA0B09BB54D34
Authority key identifier: F8:E6:26:34:E1:BD:51:33:A9:DE:45:12:AE:98:CA:D1:B2:21:9B:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/reeXhp2Q2r51NloVo6yAPs2k_fc.roa
Signing time: Mon 02 Jan 2023 00:15:15 +0000
ROA not before: Mon 02 Jan 2023 00:15:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 41950
IP address blocks: 77.81.48.0/23 maxlen: 23
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:d5:1e:b5:db:d2:bf:a7:d3:1c:a0:b0:9b:b5:4d:34
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f8e62634e1bd5133a9de4512ae98cad1b2219b59
Validity
Not Before: Jan 2 00:15:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ade797869d90dabe75365a15a3ac803ecda4fdf7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:a7:b2:0b:47:f0:3a:23:eb:5a:ce:d4:0e:51:
c8:9a:79:cc:b1:51:ee:44:5d:d9:af:49:4b:1f:92:
ca:72:fe:dd:7f:01:3d:47:4c:6c:5e:f9:86:b6:1c:
50:50:88:8e:10:a4:0c:fc:ed:a5:60:54:36:fe:7e:
2c:bb:c3:89:b2:ab:3a:49:bc:b3:6d:e6:c3:bd:ec:
1d:d2:af:7f:94:31:17:b1:7a:e2:6e:dc:74:b6:07:
d5:db:e1:3e:45:93:44:49:93:55:06:e3:88:93:75:
d0:bc:0f:1e:5a:ac:2f:8a:65:f9:37:dc:e5:c3:c3:
71:7a:05:38:9c:d7:50:7d:31:0a:70:eb:33:4c:24:
b3:8e:7b:50:7f:75:b2:bd:da:97:c1:5c:84:ce:3d:
35:0f:9d:86:bf:aa:6c:f2:1e:c1:58:d9:36:10:ae:
cc:3e:de:38:9d:bb:69:c5:94:08:75:15:3e:da:ff:
5b:e5:41:d6:23:85:a3:58:74:80:67:04:30:b1:a2:
91:eb:0d:e4:8c:6c:82:f1:11:53:7e:37:f1:47:61:
57:ef:0b:14:16:d8:23:d8:42:73:2e:c4:63:25:20:
eb:92:b3:5e:d6:e7:65:4c:ec:4d:c1:19:43:7a:ab:
20:bf:a7:cc:ff:78:06:81:8d:da:02:eb:d7:46:fc:
51:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:E7:97:86:9D:90:DA:BE:75:36:5A:15:A3:AC:80:3E:CD:A4:FD:F7
X509v3 Authority Key Identifier:
keyid:F8:E6:26:34:E1:BD:51:33:A9:DE:45:12:AE:98:CA:D1:B2:21:9B:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/reeXhp2Q2r51NloVo6yAPs2k_fc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.81.48.0/23
Signature Algorithm: sha256WithRSAEncryption
4b:70:9b:ae:5c:36:69:02:0a:93:1c:96:37:ec:71:eb:b3:3d:
21:1e:82:c5:73:c2:71:6a:43:46:7f:72:94:02:41:78:35:26:
f5:5d:2d:7d:01:ca:c1:e2:66:5f:75:98:38:aa:4a:f5:35:39:
32:92:ab:ea:bd:74:3c:b4:25:ae:b1:bd:e1:cc:7b:88:e2:43:
bc:0e:57:f1:60:73:ed:6f:42:52:63:75:0f:02:e6:0b:bb:db:
93:16:11:ed:06:f9:78:ec:d6:b5:26:49:35:16:9b:82:44:d1:
c1:15:51:a9:0f:d5:9f:04:a6:0e:60:11:1c:9b:19:2e:1e:d0:
27:32:04:4d:2f:05:ae:57:cc:1b:83:da:1f:60:2e:f5:c8:12:
62:36:59:95:b9:73:6b:49:b7:be:70:46:f6:c0:d5:27:19:d9:
94:ff:f8:1e:9f:51:0d:73:90:6f:24:a2:06:c7:ad:b1:cd:b5:
e7:7c:9c:77:9f:3d:d2:1c:0e:29:86:f7:05:97:2c:b8:ae:f9:
13:4c:0c:7b:c7:f4:3e:95:24:96:17:76:bd:25:37:65:bc:c6:
64:f0:05:af:79:7d:9f:ef:0f:e3:8f:3f:28:5f:20:50:3a:c1:
fa:c9:22:90:02:1f:12:58:35:c9:a0:92:10:e7:7d:d1:fb:59:
36:ec:3f:da
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYVv1R6129K/p9McoLCbtU00MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY4ZTYyNjM0ZTFiZDUxMzNhOWRlNDUxMmFlOThjYWQxYjIy
MTliNTkwHhcNMjMwMTAyMDAxNTE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZGU3OTc4NjlkOTBkYWJlNzUzNjVhMTVhM2FjODAzZWNkYTRmZGY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5aeyC0fwOiPrWs7UDlHImnnMsVHu
RF3Zr0lLH5LKcv7dfwE9R0xsXvmGthxQUIiOEKQM/O2lYFQ2/n4su8OJsqs6Sbyz
bebDvewd0q9/lDEXsXribtx0tgfV2+E+RZNESZNVBuOIk3XQvA8eWqwvimX5N9zl
w8NxegU4nNdQfTEKcOszTCSzjntQf3WyvdqXwVyEzj01D52Gv6ps8h7BWNk2EK7M
Pt44nbtpxZQIdRU+2v9b5UHWI4WjWHSAZwQwsaKR6w3kjGyC8RFTfjfxR2FX7wsU
Ftgj2EJzLsRjJSDrkrNe1udlTOxNwRlDeqsgv6fM/3gGgY3aAuvXRvxRGwIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFK3nl4adkNq+dTZaFaOsgD7NpP33MB8GA1UdIwQY
MBaAFPjmJjThvVEzqd5FEq6YytGyIZtZMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1PWW1OT0c5VVRPcDNrVVNycGpLMGJJaG0xay5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzgvZGEzMzk4LTY2OTgtNDVmMi1iYWFl
LTkyZTI1ZmUxNjMzMS8xL3JlZVhocDJRMnI1MU5sb1ZvNnlBUHMya19mYy5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNzgvZGEzMzk4LTY2OTgtNDVmMi1iYWFlLTkyZTI1ZmUxNjMz
MS8xLzEtT1ltTk9HOVVUT3Aza1VTcnBqSzBiSWhtMWsuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAFNUTAw
DQYJKoZIhvcNAQELBQADggEBAEtwm65cNmkCCpMcljfsceuzPSEegsVzwnFqQ0Z/
cpQCQXg1JvVdLX0BysHiZl91mDiqSvU1OTKSq+q9dDy0Ja6xveHMe4jiQ7wOV/Fg
c+1vQlJjdQ8C5gu725MWEe0G+Xjs1rUmSTUWm4JE0cEVUakP1Z8Epg5gERybGS4e
0CcyBE0vBa5XzBuD2h9gLvXIEmI2WZW5c2tJt75wRvbA1ScZ2ZT/+B6fUQ1zkG8k
ogbHrbHNted8nHefPdIcDimG9wWXLLiu+RNMDHvH9D6VJJYXdr0lN2W8xmTwBa95
fZ/vD+OPPyhfIFA6wfrJIpACHxJYNcmgkhDnfdH7WTbsP9o=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:30:49 2025 by rpki-client