Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/699e85-1027-4c7e-8ae7-df4a2e760ccb/1/3pBpAXm3m3YpQqeoZJAJPQZC3f8.roa
File: 3pBpAXm3m3YpQqeoZJAJPQZC3f8.roa (raw, json)
Hash identifier: Nn1tAxm3Tnn5PMNH7xAI9QQqUEBgytV3kNmsfYNiopc=
Subject key identifier: DE:90:69:01:79:B7:9B:76:29:42:A7:A8:64:90:09:3D:06:42:DD:FF
Certificate issuer: /CN=e4a2b8e90d157ea022f8e700024a93dc356a514d
Certificate serial: 018AF2729BF1E6189B4DDECA9457B2891FFB
Authority key identifier: E4:A2:B8:E9:0D:15:7E:A0:22:F8:E7:00:02:4A:93:DC:35:6A:51:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5KK46Q0VfqAi-OcAAkqT3DVqUU0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/97/699e85-1027-4c7e-8ae7-df4a2e760ccb/1/3pBpAXm3m3YpQqeoZJAJPQZC3f8.roa
Signing time: Mon 02 Oct 2023 22:11:51 +0000
ROA not before: Mon 02 Oct 2023 22:11:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42216
IP address blocks: 77.92.142.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:f2:72:9b:f1:e6:18:9b:4d:de:ca:94:57:b2:89:1f:fb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e4a2b8e90d157ea022f8e700024a93dc356a514d
Validity
Not Before: Oct 2 22:11:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=de90690179b79b762942a7a86490093d0642ddff
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:cf:7c:0d:7a:44:fb:0f:8f:9e:1d:c1:fd:03:
bd:f9:e3:5c:d3:29:6a:67:ec:e9:9b:93:38:6c:5a:
8f:00:07:db:53:bf:aa:9b:3c:0c:a3:37:b6:a6:14:
75:f6:c4:58:23:41:50:7b:36:fa:27:b5:a7:ae:ba:
64:0a:4b:9d:bb:df:2e:f6:bd:18:5f:51:8a:f6:60:
0b:cf:75:f6:56:c7:fc:77:0b:22:a5:47:ec:1c:01:
07:e3:b2:db:f1:40:5a:65:3c:82:20:10:a1:f7:bd:
7b:21:c0:17:a0:5a:2d:29:c4:0a:7c:2f:bd:ae:be:
d6:b4:89:1d:ee:53:9a:13:3c:ac:58:3d:40:43:5d:
27:3a:2c:02:5f:56:87:57:c1:73:8c:b3:33:67:d7:
1b:28:b6:9f:b4:52:ac:2e:5b:80:ea:10:48:3e:99:
29:19:5a:e8:78:75:78:da:52:8e:2a:1f:f9:ca:92:
b6:6c:2a:1c:63:b4:45:67:b1:7f:87:0e:cf:cd:86:
fd:fd:6e:13:31:41:cb:2d:b3:d3:2a:9d:7c:6a:5c:
c0:fe:e5:59:a8:bf:1c:4f:55:dd:fc:e8:21:f2:99:
f9:8d:92:dd:c9:99:ff:cf:fc:3e:91:cd:dd:d1:24:
cb:70:7e:cd:37:96:64:82:58:39:03:4d:56:91:d1:
42:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:90:69:01:79:B7:9B:76:29:42:A7:A8:64:90:09:3D:06:42:DD:FF
X509v3 Authority Key Identifier:
keyid:E4:A2:B8:E9:0D:15:7E:A0:22:F8:E7:00:02:4A:93:DC:35:6A:51:4D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5KK46Q0VfqAi-OcAAkqT3DVqUU0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/699e85-1027-4c7e-8ae7-df4a2e760ccb/1/3pBpAXm3m3YpQqeoZJAJPQZC3f8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/97/699e85-1027-4c7e-8ae7-df4a2e760ccb/1/5KK46Q0VfqAi-OcAAkqT3DVqUU0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.92.142.0/24
Signature Algorithm: sha256WithRSAEncryption
6a:b0:78:60:ea:b2:44:17:3d:34:b7:98:43:2a:54:bd:51:10:
d2:16:89:90:3a:5f:5b:d6:d3:f5:f5:6d:71:49:2e:e3:ff:3f:
ad:1d:e7:59:db:ce:1c:56:7a:bd:6a:9c:68:fd:09:e5:fb:20:
02:51:6e:12:d2:a8:03:56:79:d9:8b:29:6f:59:14:78:9e:4d:
9a:5c:6b:f4:ec:e7:fa:2e:0a:4c:55:11:65:72:a0:71:8c:b4:
a0:0e:9a:d7:c9:00:d2:52:c0:76:be:a5:df:bf:ba:3a:28:a8:
f8:59:27:d6:bc:d0:e0:40:62:b3:4c:9c:21:59:d3:9f:2a:48:
69:b9:f8:f2:8a:53:9f:c8:1c:35:ee:39:6b:47:2a:d1:b3:c2:
60:c6:f5:5b:60:5f:2f:8d:b1:29:63:e6:66:89:a5:50:72:dc:
fd:a4:c0:cc:be:3c:dd:29:06:92:04:51:b3:cc:d4:4c:9d:4d:
2a:41:aa:da:08:7e:09:7b:67:f8:91:7b:81:56:34:88:7f:0e:
0d:b8:00:01:b3:18:db:0b:ce:1c:4d:79:0b:d1:d0:d6:c8:f3:
03:f3:ab:b8:80:62:40:5b:83:4f:e3:e6:c8:3d:c5:9f:a3:43:
cb:33:a6:29:46:a7:2c:c6:3e:60:ae:0f:71:b8:1b:0c:d2:78:
ba:6b:a3:a8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYrycpvx5hibTd7KlFeyiR/7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU0YTJiOGU5MGQxNTdlYTAyMmY4ZTcwMDAyNGE5M2RjMzU2
YTUxNGQwHhcNMjMxMDAyMjIxMTUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZTkwNjkwMTc5Yjc5Yjc2Mjk0MmE3YTg2NDkwMDkzZDA2NDJkZGZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl898DXpE+w+Pnh3B/QO9+eNc0ylq
Z+zpm5M4bFqPAAfbU7+qmzwMoze2phR19sRYI0FQezb6J7WnrrpkCkudu98u9r0Y
X1GK9mALz3X2Vsf8dwsipUfsHAEH47Lb8UBaZTyCIBCh9717IcAXoFotKcQKfC+9
rr7WtIkd7lOaEzysWD1AQ10nOiwCX1aHV8FzjLMzZ9cbKLaftFKsLluA6hBIPpkp
GVroeHV42lKOKh/5ypK2bCocY7RFZ7F/hw7PzYb9/W4TMUHLLbPTKp18alzA/uVZ
qL8cT1Xd/Ogh8pn5jZLdyZn/z/w+kc3d0STLcH7NN5Zkglg5A01WkdFCiwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFN6QaQF5t5t2KUKnqGSQCT0GQt3/MB8GA1UdIwQY
MBaAFOSiuOkNFX6gIvjnAAJKk9w1alFNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNUtLNDZRMFZmcUFpLU9jQUFrcVQzRFZxVVUwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny82OTllODUtMTAyNy00YzdlLThhZTct
ZGY0YTJlNzYwY2NiLzEvM3BCcEFYbTNtM1lwUXFlb1pKQUpQUVpDM2Y4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ny82OTllODUtMTAyNy00YzdlLThhZTctZGY0YTJlNzYwY2Ni
LzEvNUtLNDZRMFZmcUFpLU9jQUFrcVQzRFZxVVUwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQATVyOMA0G
CSqGSIb3DQEBCwUAA4IBAQBqsHhg6rJEFz00t5hDKlS9URDSFomQOl9b1tP19W1x
SS7j/z+tHedZ284cVnq9apxo/Qnl+yACUW4S0qgDVnnZiylvWRR4nk2aXGv07Of6
LgpMVRFlcqBxjLSgDprXyQDSUsB2vqXfv7o6KKj4WSfWvNDgQGKzTJwhWdOfKkhp
ufjyilOfyBw17jlrRyrRs8JgxvVbYF8vjbEpY+ZmiaVQctz9pMDMvjzdKQaSBFGz
zNRMnU0qQaraCH4Je2f4kXuBVjSIfw4NuAABsxjbC84cTXkL0dDWyPMD86u4gGJA
W4NP4+bIPcWfo0PLM6YpRqcsxj5grg9xuBsM0ni6a6Oo
-----END CERTIFICATE-----
Generated at Wed Oct 25 11:20:31 2023 by rpki-client on console-ams.rpki-client.org