Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/xKhnkfCjiOLlRu3PW2UcDXcTi0k.roa
File: xKhnkfCjiOLlRu3PW2UcDXcTi0k.roa (raw, json)
Hash identifier: DmW/HCllinhInsp7FVC3eEK6cf4t58uwgqjhnB7TEfg=
Subject key identifier: C4:A8:67:91:F0:A3:88:E2:E5:46:ED:CF:5B:65:1C:0D:77:13:8B:49
Certificate issuer: /CN=f8e62634e1bd5133a9de4512ae98cad1b2219b59
Certificate serial: 432C655A
Authority key identifier: F8:E6:26:34:E1:BD:51:33:A9:DE:45:12:AE:98:CA:D1:B2:21:9B:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/xKhnkfCjiOLlRu3PW2UcDXcTi0k.roa
Signing time: Wed 25 May 2022 15:10:13 +0000
ROA not before: Wed 25 May 2022 15:10:13 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 56729
IP address blocks: 77.81.65.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1126983002 (0x432c655a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f8e62634e1bd5133a9de4512ae98cad1b2219b59
Validity
Not Before: May 25 15:10:13 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c4a86791f0a388e2e546edcf5b651c0d77138b49
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:33:ed:a8:99:2a:8d:9d:56:fa:3c:e0:8f:57:
13:f8:97:92:4c:9c:7f:5a:cc:e7:45:3f:4f:e0:c9:
61:09:85:ea:40:58:1d:a4:1c:00:40:ab:cf:40:62:
dc:e2:e9:03:d2:4e:31:7b:ee:a1:0d:51:0d:22:97:
81:eb:a8:33:c3:99:a5:b1:e4:de:d2:bf:81:8b:0a:
05:88:fa:98:92:c2:fb:3d:0d:c0:84:d2:d6:8e:7b:
05:4e:e7:f7:72:73:4c:0e:03:1d:59:e0:23:64:58:
2e:3e:cd:ba:12:55:5a:fd:a1:8f:bc:a0:4d:19:8c:
15:a3:5f:bc:cc:a8:60:c3:3e:e7:6b:80:d9:df:40:
9c:a6:dd:34:12:db:e1:64:8f:d2:d4:3d:0f:d1:a6:
e2:95:0f:4e:81:bb:29:17:6b:0f:ae:fe:6e:64:d9:
ab:27:e0:91:23:4a:3e:a9:0b:8c:75:81:4c:37:50:
7f:f1:8b:60:6b:cc:39:31:1f:25:07:ce:c1:63:f4:
61:1c:3f:7c:cd:b1:3a:81:00:70:87:b7:e4:0d:d0:
c7:ce:71:a2:83:7a:06:c4:cd:f0:e2:51:da:3d:85:
36:83:e9:31:49:2b:89:86:80:50:88:86:6d:dc:b3:
96:84:c8:72:28:84:d4:81:0b:b2:8f:0e:ae:db:b1:
2f:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:A8:67:91:F0:A3:88:E2:E5:46:ED:CF:5B:65:1C:0D:77:13:8B:49
X509v3 Authority Key Identifier:
keyid:F8:E6:26:34:E1:BD:51:33:A9:DE:45:12:AE:98:CA:D1:B2:21:9B:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/xKhnkfCjiOLlRu3PW2UcDXcTi0k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.81.65.0/24
Signature Algorithm: sha256WithRSAEncryption
57:61:8c:51:1f:0e:69:d5:8a:e1:af:96:92:45:61:04:f2:99:
0d:9b:d4:8d:e1:74:44:df:13:71:90:a6:27:ac:6b:ab:c5:5c:
da:9c:09:91:9c:f3:44:2e:26:be:56:5d:d7:b4:51:a4:8d:5a:
de:aa:53:2f:28:a3:75:30:56:fd:87:6c:ac:30:c1:11:9a:43:
e4:aa:dc:91:a6:ec:d0:92:ea:63:f0:f4:f6:8a:11:58:6e:87:
23:27:d6:2e:ca:4b:b0:6d:e4:f1:1a:f4:20:fa:df:55:a2:f1:
b1:aa:9b:4e:41:de:65:d7:d1:1c:c0:d9:0c:1e:80:c3:af:34:
44:38:69:24:5a:32:32:1f:b2:71:d1:f8:e8:5c:6b:52:13:f9:
55:27:13:ef:03:51:a3:27:f4:78:6e:39:d6:16:61:0c:87:f2:
30:9b:9c:84:43:60:82:ef:e4:6f:2b:d0:6b:07:5e:d6:da:88:
a5:b7:b8:4e:11:7b:9f:ab:35:dd:29:eb:36:b6:4a:c2:0b:da:
35:ab:12:fd:40:46:6e:a8:80:22:58:1a:fc:17:dd:cb:dc:cf:
a9:b6:ee:5d:67:f6:99:ea:c2:07:a2:6a:1d:21:36:de:8f:f0:
fb:e7:09:0e:37:d2:6e:e4:ba:3b:34:f3:28:7a:46:e0:f0:4f:
2e:e8:61:ad
-----BEGIN CERTIFICATE-----
MIIE8TCCA9mgAwIBAgIEQyxlWjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
OGU2MjYzNGUxYmQ1MTMzYTlkZTQ1MTJhZTk4Y2FkMWIyMjE5YjU5MB4XDTIyMDUy
NTE1MTAxM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYzRhODY3OTFmMGEz
ODhlMmU1NDZlZGNmNWI2NTFjMGQ3NzEzOGI0OTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALMz7aiZKo2dVvo84I9XE/iXkkycf1rM50U/T+DJYQmF6kBY
HaQcAECrz0Bi3OLpA9JOMXvuoQ1RDSKXgeuoM8OZpbHk3tK/gYsKBYj6mJLC+z0N
wITS1o57BU7n93JzTA4DHVngI2RYLj7NuhJVWv2hj7ygTRmMFaNfvMyoYMM+52uA
2d9AnKbdNBLb4WSP0tQ9D9Gm4pUPToG7KRdrD67+bmTZqyfgkSNKPqkLjHWBTDdQ
f/GLYGvMOTEfJQfOwWP0YRw/fM2xOoEAcIe35A3Qx85xooN6BsTN8OJR2j2FNoPp
MUkriYaAUIiGbdyzloTIciiE1IELso8OrtuxL8sCAwEAAaOCAgswggIHMB0GA1Ud
DgQWBBTEqGeR8KOI4uVG7c9bZRwNdxOLSTAfBgNVHSMEGDAWgBT45iY04b1RM6ne
RRKumMrRsiGbWTAOBgNVHQ8BAf8EBAMCB4AwZQYIKwYBBQUHAQEEWTBXMFUGCCsG
AQUFBzAChklyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzEtT1ltTk9HOVVUT3Aza1VTcnBqSzBiSWhtMWsuY2VyMIGNBggrBgEFBQcBCwSB
gDB+MHwGCCsGAQUFBzALhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS9ERUZBVUxULzc4L2RhMzM5OC02Njk4LTQ1ZjItYmFhZS05MmUyNWZlMTYzMzEv
MS94S2hua2ZDamlPTGxSdTNQVzJVY0RYY1RpMGsucm9hMIGCBgNVHR8EezB5MHeg
daBzhnFyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzc4
L2RhMzM5OC02Njk4LTQ1ZjItYmFhZS05MmUyNWZlMTYzMzEvMS8xLU9ZbU5PRzlV
VE9wM2tVU3JwakswYklobTFrLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4C
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQATVFBMA0GCSqGSIb3DQEBCwUA
A4IBAQBXYYxRHw5p1Yrhr5aSRWEE8pkNm9SN4XRE3xNxkKYnrGurxVzanAmRnPNE
Lia+Vl3XtFGkjVreqlMvKKN1MFb9h2ysMMERmkPkqtyRpuzQkupj8PT2ihFYbocj
J9YuykuwbeTxGvQg+t9VovGxqptOQd5l19EcwNkMHoDDrzREOGkkWjIyH7Jx0fjo
XGtSE/lVJxPvA1GjJ/R4bjnWFmEMh/Iwm5yEQ2CC7+RvK9BrB17W2oilt7hOEXuf
qzXdKes2tkrCC9o1qxL9QEZuqIAiWBr8F93L3M+ptu5dZ/aZ6sIHomodITbej/D7
5wkON9Ju5Lo7NPMoekbg8E8u6GGt
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:01:49 2023 by rpki-client on console-ams.rpki-client.org