Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/95/c969de-e693-457c-90c3-0cc58ba311ba/1/DQc1sBQkSeaxC8V6-OeGqEWK4Q4.roa
File: DQc1sBQkSeaxC8V6-OeGqEWK4Q4.roa (raw, json)
Hash identifier: +W2vSMxcmK1zw+XuuADztdQ+2niz9OpMumKPnKJkvqs=
Subject key identifier: 0D:07:35:B0:14:24:49:E6:B1:0B:C5:7A:F8:E7:86:A8:45:8A:E1:0E
Certificate issuer: /CN=0e6b8ee976c918364f5184ff31cea4525a79d353
Certificate serial: 0181EC5949A127CF538981628FE6544111DB
Authority key identifier: 0E:6B:8E:E9:76:C9:18:36:4F:51:84:FF:31:CE:A4:52:5A:79:D3:53
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DmuO6XbJGDZPUYT_Mc6kUlp501M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/95/c969de-e693-457c-90c3-0cc58ba311ba/1/DQc1sBQkSeaxC8V6-OeGqEWK4Q4.roa
Signing time: Mon 11 Jul 2022 08:21:23 +0000
ROA not before: Mon 11 Jul 2022 08:21:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 398343
IP address blocks: 77.220.200.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:81:ec:59:49:a1:27:cf:53:89:81:62:8f:e6:54:41:11:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0e6b8ee976c918364f5184ff31cea4525a79d353
Validity
Not Before: Jul 11 08:21:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0d0735b0142449e6b10bc57af8e786a8458ae10e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:72:d3:0b:b0:03:1b:d9:95:10:9b:e4:cd:56:
b4:d0:5b:f6:2c:96:37:3b:ba:55:47:9c:65:b5:bb:
1e:58:b9:4e:ee:e0:f1:54:59:b0:8a:c9:62:42:ca:
d3:09:ed:c0:29:d7:99:82:ee:69:43:11:0b:6f:a8:
47:43:a0:10:a5:f7:94:93:a5:9e:f7:4b:96:63:ff:
fe:f2:7c:02:f3:dd:ba:89:16:42:68:1d:65:b5:9e:
9e:7f:eb:ce:65:96:60:7f:36:8d:e3:0d:b1:ad:2f:
77:b4:04:a6:bf:4f:30:e7:c8:a6:a6:d6:0d:08:86:
59:a9:18:1e:86:6f:d5:93:b6:46:31:fa:7f:78:76:
bf:d2:7f:7b:13:c1:9c:0f:8a:49:68:5f:fc:19:93:
84:1c:3f:8b:50:60:08:2a:03:95:93:0e:ba:6f:fd:
f6:66:5a:57:4f:c0:7b:59:f2:42:4b:98:c6:92:19:
5c:67:62:d7:c7:e3:0b:8b:30:31:9e:b8:08:09:c5:
c3:cf:0f:68:fd:43:fd:cf:5e:e6:17:ce:3f:bf:cb:
01:aa:18:5a:ee:07:3a:1b:b1:f4:f5:9e:a2:7a:b1:
d6:8b:a0:29:ca:8f:b8:78:9b:7b:13:39:fb:d4:e9:
d6:d2:8d:0b:a5:0e:95:bc:1e:bd:89:44:aa:2f:25:
75:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:07:35:B0:14:24:49:E6:B1:0B:C5:7A:F8:E7:86:A8:45:8A:E1:0E
X509v3 Authority Key Identifier:
keyid:0E:6B:8E:E9:76:C9:18:36:4F:51:84:FF:31:CE:A4:52:5A:79:D3:53
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DmuO6XbJGDZPUYT_Mc6kUlp501M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/95/c969de-e693-457c-90c3-0cc58ba311ba/1/DQc1sBQkSeaxC8V6-OeGqEWK4Q4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/95/c969de-e693-457c-90c3-0cc58ba311ba/1/DmuO6XbJGDZPUYT_Mc6kUlp501M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.220.200.0/24
Signature Algorithm: sha256WithRSAEncryption
32:4d:ab:a0:00:81:f7:4c:62:84:87:fd:4e:95:54:9c:24:36:
21:1a:81:e7:db:8b:96:8f:1a:88:68:2d:64:c3:8a:3d:b3:f2:
3c:b8:fe:f7:3b:fe:80:0e:bf:e3:b8:7c:7e:57:5e:4b:89:58:
99:2d:ec:21:ff:47:8d:0d:8c:0f:4f:02:e9:ae:fd:5f:20:5d:
e4:d3:d9:d7:72:4b:f6:99:69:b7:d1:86:d4:fb:bb:49:dc:22:
22:be:69:c9:27:71:aa:21:97:1e:78:13:32:c6:92:2c:16:e7:
aa:fb:2a:c4:e2:77:30:51:ef:de:3c:36:54:db:50:2b:30:73:
bc:f2:a5:99:cc:c0:c9:8e:7d:f5:40:84:b2:82:dd:d6:03:27:
c7:b4:0f:8d:82:db:e6:0e:49:95:05:12:87:68:a9:22:21:ab:
e9:16:4d:9c:86:07:38:32:d7:cd:38:ab:d8:13:b4:02:20:3b:
6b:a4:8a:f7:46:49:38:c8:c8:94:55:c7:fd:4a:85:00:ec:dd:
cc:53:7c:c3:77:6b:cf:7c:94:9f:38:4c:ca:61:36:9b:4c:04:
84:1a:f6:9f:09:82:07:e4:2f:83:a7:c0:84:6e:67:9a:bb:62:
3a:cf:69:fb:76:d1:ff:eb:db:6e:24:0a:e9:34:08:c6:a3:ce:
7d:68:e6:db
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYHsWUmhJ89TiYFij+ZUQRHbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBlNmI4ZWU5NzZjOTE4MzY0ZjUxODRmZjMxY2VhNDUyNWE3
OWQzNTMwHhcNMjIwNzExMDgyMTIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZDA3MzViMDE0MjQ0OWU2YjEwYmM1N2FmOGU3ODZhODQ1OGFlMTBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlHLTC7ADG9mVEJvkzVa00Fv2LJY3
O7pVR5xltbseWLlO7uDxVFmwisliQsrTCe3AKdeZgu5pQxELb6hHQ6AQpfeUk6We
90uWY//+8nwC8926iRZCaB1ltZ6ef+vOZZZgfzaN4w2xrS93tASmv08w58imptYN
CIZZqRgehm/Vk7ZGMfp/eHa/0n97E8GcD4pJaF/8GZOEHD+LUGAIKgOVkw66b/32
ZlpXT8B7WfJCS5jGkhlcZ2LXx+MLizAxnrgICcXDzw9o/UP9z17mF84/v8sBqhha
7gc6G7H09Z6ierHWi6Apyo+4eJt7Ezn71OnW0o0LpQ6VvB69iUSqLyV1WQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFA0HNbAUJEnmsQvFevjnhqhFiuEOMB8GA1UdIwQY
MBaAFA5rjul2yRg2T1GE/zHOpFJaedNTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRG11TzZYYkpHRFpQVVlUX01jNmtVbHA1MDFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NS9jOTY5ZGUtZTY5My00NTdjLTkwYzMt
MGNjNThiYTMxMWJhLzEvRFFjMXNCUWtTZWF4QzhWNi1PZUdxRVdLNFE0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85NS9jOTY5ZGUtZTY5My00NTdjLTkwYzMtMGNjNThiYTMxMWJh
LzEvRG11TzZYYkpHRFpQVVlUX01jNmtVbHA1MDFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQATdzIMA0G
CSqGSIb3DQEBCwUAA4IBAQAyTaugAIH3TGKEh/1OlVScJDYhGoHn24uWjxqIaC1k
w4o9s/I8uP73O/6ADr/juHx+V15LiViZLewh/0eNDYwPTwLprv1fIF3k09nXckv2
mWm30YbU+7tJ3CIivmnJJ3GqIZceeBMyxpIsFueq+yrE4ncwUe/ePDZU21ArMHO8
8qWZzMDJjn31QISygt3WAyfHtA+NgtvmDkmVBRKHaKkiIavpFk2chgc4MtfNOKvY
E7QCIDtrpIr3Rkk4yMiUVcf9SoUA7N3MU3zDd2vPfJSfOEzKYTabTASEGvafCYIH
5C+Dp8CEbmeau2I6z2n7dtH/69tuJArpNAjGo859aObb
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:59:40 2023 by rpki-client on console-fra.rpki-client.org