Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/85UmnwQZt5QYlpTnVzExBg15znQ.roa
File: 85UmnwQZt5QYlpTnVzExBg15znQ.roa (raw, json)
Hash identifier: nAjnIvzGnvADAqaV5ihIyQoyiJbDFMvEfoCi/rOzmRo=
Subject key identifier: F3:95:26:9F:04:19:B7:94:18:96:94:E7:57:31:31:06:0D:79:CE:74
Certificate issuer: /CN=5da3941c27cfe5c234c4bf221ecb2a579b2deaab
Certificate serial: 01856F1DC5B5964B8631553974FBA00212E0
Authority key identifier: 5D:A3:94:1C:27:CF:E5:C2:34:C4:BF:22:1E:CB:2A:57:9B:2D:EA:AB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XaOUHCfP5cI0xL8iHssqV5st6qs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/85UmnwQZt5QYlpTnVzExBg15znQ.roa
Signing time: Sun 01 Jan 2023 20:54:59 +0000
ROA not before: Sun 01 Jan 2023 20:54:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 52086
IP address blocks: 77.83.93.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:1d:c5:b5:96:4b:86:31:55:39:74:fb:a0:02:12:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5da3941c27cfe5c234c4bf221ecb2a579b2deaab
Validity
Not Before: Jan 1 20:54:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f395269f0419b794189694e7573131060d79ce74
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:9c:6c:ba:ec:a8:cd:8c:ce:de:4b:65:2b:1d:
0f:49:5c:f2:70:b2:e4:8e:fb:f9:eb:c3:ff:37:12:
67:98:44:c2:10:94:92:f7:c0:b6:55:9a:7b:80:63:
fa:d6:e3:5c:f7:ef:d1:b2:70:b3:7e:38:76:0f:3c:
98:b2:d9:74:48:a3:29:d1:aa:99:a7:9d:64:4f:a1:
1e:26:23:7e:f9:70:83:23:44:0f:bb:f0:1a:4b:3e:
b1:66:32:f1:74:7f:8a:b4:57:ff:c3:c6:a2:7b:87:
3b:43:11:80:31:8a:df:eb:34:c3:90:c2:89:ef:16:
d1:37:39:fb:28:76:74:57:49:ef:f1:95:f2:8c:61:
8e:c9:22:60:f8:69:74:01:f1:0d:f8:0e:b3:7b:20:
58:c5:2d:aa:f3:ee:00:38:68:91:f3:2d:76:52:9e:
c0:a2:4b:a7:9b:37:df:5c:0d:08:aa:a0:30:f7:51:
04:89:c7:72:77:60:33:77:84:0c:ef:5c:55:84:5f:
a7:1c:03:12:c6:23:5a:d5:91:ec:46:6a:c8:7a:8a:
10:0b:c7:63:44:e8:53:99:01:3b:31:73:2c:31:ed:
65:34:31:14:3e:41:77:52:d0:36:d2:ea:7e:32:24:
9e:88:45:57:a8:f5:16:21:45:b7:05:42:80:24:a7:
2e:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:95:26:9F:04:19:B7:94:18:96:94:E7:57:31:31:06:0D:79:CE:74
X509v3 Authority Key Identifier:
keyid:5D:A3:94:1C:27:CF:E5:C2:34:C4:BF:22:1E:CB:2A:57:9B:2D:EA:AB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XaOUHCfP5cI0xL8iHssqV5st6qs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/85UmnwQZt5QYlpTnVzExBg15znQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/XaOUHCfP5cI0xL8iHssqV5st6qs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.83.93.0/24
Signature Algorithm: sha256WithRSAEncryption
70:68:38:0d:7c:9d:fb:38:35:24:0c:54:0c:fc:10:eb:16:5f:
66:a8:a9:6c:ae:f3:97:c4:c6:f9:39:e3:2f:36:d1:f2:64:9b:
b2:fb:ca:a7:0c:ad:71:59:e3:f3:26:12:cf:12:c4:6f:6e:a4:
fe:fa:fe:d8:31:9f:2a:14:4f:8a:80:a9:e8:c9:99:49:69:80:
35:43:5b:93:ae:7c:6f:85:2d:da:59:ca:03:d0:5e:2f:f3:48:
a5:e7:7c:4f:81:74:7c:b3:5b:48:af:ab:15:7e:20:7b:ff:d6:
45:f8:f1:a2:9e:6b:dc:04:46:7f:b9:52:8c:b0:e8:8c:27:e6:
32:86:f0:c9:79:f6:5f:b0:9a:5e:4f:39:ab:b7:71:a0:64:6c:
7f:83:a4:2e:55:42:37:f6:4c:6f:b1:c6:6c:d9:20:06:95:30:
f6:4a:8f:11:62:e2:af:56:33:b2:90:1c:ea:8d:e5:d0:ca:26:
b0:73:e3:23:c2:73:84:2c:e0:da:30:ac:bc:44:e7:76:e4:de:
ee:23:6e:f2:95:71:73:cb:ff:81:7b:13:91:2d:c1:95:b7:f0:
d5:5d:18:b4:92:f8:fb:d9:fc:d6:38:05:c0:12:5b:a2:f6:c8:
c0:60:60:f0:fb:3d:bb:7b:82:06:3e:20:33:70:44:34:81:41:
d5:d0:d1:84
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvHcW1lkuGMVU5dPugAhLgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkYTM5NDFjMjdjZmU1YzIzNGM0YmYyMjFlY2IyYTU3OWIy
ZGVhYWIwHhcNMjMwMTAxMjA1NDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMzk1MjY5ZjA0MTliNzk0MTg5Njk0ZTc1NzMxMzEwNjBkNzljZTc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgZxsuuyozYzO3ktlKx0PSVzycLLk
jvv568P/NxJnmETCEJSS98C2VZp7gGP61uNc9+/RsnCzfjh2DzyYstl0SKMp0aqZ
p51kT6EeJiN++XCDI0QPu/AaSz6xZjLxdH+KtFf/w8aie4c7QxGAMYrf6zTDkMKJ
7xbRNzn7KHZ0V0nv8ZXyjGGOySJg+Gl0AfEN+A6zeyBYxS2q8+4AOGiR8y12Up7A
okunmzffXA0IqqAw91EEicdyd2Azd4QM71xVhF+nHAMSxiNa1ZHsRmrIeooQC8dj
ROhTmQE7MXMsMe1lNDEUPkF3UtA20up+MiSeiEVXqPUWIUW3BUKAJKcuMQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPOVJp8EGbeUGJaU51cxMQYNec50MB8GA1UdIwQY
MBaAFF2jlBwnz+XCNMS/Ih7LKlebLeqrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGFPVUhDZlA1Y0kweEw4aUhzc3FWNXN0NnFzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC8zMGVkM2UtYzRjNC00ZGU4LWI0ZjEt
ZjExYTM5ZjI2YzNiLzEvODVVbW53UVp0NVFZbHBUblZ6RXhCZzE1em5RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC8zMGVkM2UtYzRjNC00ZGU4LWI0ZjEtZjExYTM5ZjI2YzNi
LzEvWGFPVUhDZlA1Y0kweEw4aUhzc3FWNXN0NnFzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQATVNdMA0G
CSqGSIb3DQEBCwUAA4IBAQBwaDgNfJ37ODUkDFQM/BDrFl9mqKlsrvOXxMb5OeMv
NtHyZJuy+8qnDK1xWePzJhLPEsRvbqT++v7YMZ8qFE+KgKnoyZlJaYA1Q1uTrnxv
hS3aWcoD0F4v80il53xPgXR8s1tIr6sVfiB7/9ZF+PGinmvcBEZ/uVKMsOiMJ+Yy
hvDJefZfsJpeTzmrt3GgZGx/g6QuVUI39kxvscZs2SAGlTD2So8RYuKvVjOykBzq
jeXQyiawc+MjwnOELODaMKy8ROd25N7uI27ylXFzy/+BexORLcGVt/DVXRi0kvj7
2fzWOAXAElui9sjAYGDw+z27e4IGPiAzcEQ0gUHV0NGE
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:36:47 2024 by rpki-client on console-fra.rpki-client.org