Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/699e85-1027-4c7e-8ae7-df4a2e760ccb/1/4y3mp1uQN9gAacMmx1MQ1LJ2hVo.roa
File: 4y3mp1uQN9gAacMmx1MQ1LJ2hVo.roa (raw, json)
Hash identifier: z4Rx3+82koNrHBZ0GXo3JvvwVBVSafhlTT1przlQN0s=
Subject key identifier: E3:2D:E6:A7:5B:90:37:D8:00:69:C3:26:C7:53:10:D4:B2:76:85:5A
Certificate issuer: /CN=e4a2b8e90d157ea022f8e700024a93dc356a514d
Certificate serial: 018A2C628ADE371416C1BE068246C2A48F96
Authority key identifier: E4:A2:B8:E9:0D:15:7E:A0:22:F8:E7:00:02:4A:93:DC:35:6A:51:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5KK46Q0VfqAi-OcAAkqT3DVqUU0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/97/699e85-1027-4c7e-8ae7-df4a2e760ccb/1/4y3mp1uQN9gAacMmx1MQ1LJ2hVo.roa
Signing time: Fri 25 Aug 2023 11:09:30 +0000
ROA not before: Fri 25 Aug 2023 11:09:30 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42216
IP address blocks: 77.92.145.0/24 maxlen: 24
77.92.142.0/24 maxlen: 24
212.68.48.0/24 maxlen: 24
188.132.184.0/24 maxlen: 24
188.132.210.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:2c:62:8a:de:37:14:16:c1:be:06:82:46:c2:a4:8f:96
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e4a2b8e90d157ea022f8e700024a93dc356a514d
Validity
Not Before: Aug 25 11:09:30 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e32de6a75b9037d80069c326c75310d4b276855a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:b3:67:11:71:ca:51:e2:16:6d:07:32:65:06:
13:54:73:e2:5d:50:53:41:4b:59:4b:94:de:57:8f:
2f:67:4c:08:f4:c6:ad:69:9c:e5:bb:db:f1:d9:39:
c6:53:ed:6c:e7:d6:de:44:71:63:d9:e9:2f:79:fa:
74:d8:25:11:df:f6:e4:a8:45:3f:33:6d:17:32:59:
c2:c9:5a:f3:7b:86:98:eb:e3:fe:0b:4a:27:ad:2f:
dc:d1:d6:4a:89:a8:a8:4b:de:86:e2:eb:16:be:9f:
f9:8a:c2:ba:64:f1:57:43:86:9c:fd:eb:64:b6:8a:
d1:bb:bb:d4:ca:ca:d4:c2:5a:37:35:41:18:a7:c2:
67:99:a2:16:7f:11:29:1e:e0:c6:27:bd:1f:a7:bd:
aa:6f:63:2a:3d:a7:64:65:08:19:f6:5e:38:c3:ce:
e4:a7:e7:65:39:75:4b:d6:48:63:06:fb:65:48:10:
db:2b:47:e7:b5:ae:7c:1e:43:fb:67:17:d9:d7:68:
08:1f:28:b4:bc:c7:72:ea:d1:c0:23:5a:55:e8:48:
7b:03:5a:81:46:87:d7:75:41:8c:25:19:97:09:99:
c0:dc:8c:fc:65:96:b7:98:d3:b5:f8:07:8b:80:dc:
70:d8:01:d3:ad:73:86:d5:0d:41:42:28:6c:1a:dd:
9d:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:2D:E6:A7:5B:90:37:D8:00:69:C3:26:C7:53:10:D4:B2:76:85:5A
X509v3 Authority Key Identifier:
keyid:E4:A2:B8:E9:0D:15:7E:A0:22:F8:E7:00:02:4A:93:DC:35:6A:51:4D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5KK46Q0VfqAi-OcAAkqT3DVqUU0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/699e85-1027-4c7e-8ae7-df4a2e760ccb/1/4y3mp1uQN9gAacMmx1MQ1LJ2hVo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/97/699e85-1027-4c7e-8ae7-df4a2e760ccb/1/5KK46Q0VfqAi-OcAAkqT3DVqUU0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.92.142.0/24
77.92.145.0/24
188.132.184.0/24
188.132.210.0/24
212.68.48.0/24
Signature Algorithm: sha256WithRSAEncryption
27:78:24:2c:73:8a:a7:98:fb:de:6d:f9:c5:2e:43:01:f2:ca:
8f:b5:cc:4f:71:36:3a:e9:87:e9:ff:3b:a9:86:29:ac:41:15:
93:c4:b2:b8:56:22:38:c6:9a:04:aa:e3:ec:1a:73:49:79:47:
dc:f6:63:85:0e:2e:87:1d:f2:e6:a3:28:b8:eb:a0:dd:78:f2:
7a:37:ea:74:fd:53:ba:aa:6a:5b:f1:11:99:25:07:a9:5b:67:
59:1a:3a:59:04:77:ab:19:f9:5b:fe:e6:54:3d:ae:18:33:42:
31:07:d9:6c:22:20:9b:43:7b:41:4b:5f:26:fd:a0:2c:c7:f3:
41:8b:26:3c:1c:89:3e:a5:d4:80:1f:89:4a:d2:27:c0:31:09:
49:54:57:ee:4e:f4:26:49:67:c3:25:aa:9c:5e:8b:df:75:7c:
11:a1:73:a6:02:17:25:89:52:c3:ed:de:df:09:32:2b:e5:2f:
09:88:47:d1:b2:fa:9e:0a:4d:e1:ae:1f:59:ba:92:e3:4b:11:
94:07:5d:21:cd:e6:2c:ed:bb:36:f6:3a:0e:6b:77:13:e9:37:
01:99:b2:9a:a2:1c:74:b6:f1:5f:10:62:26:c9:90:f8:3e:47:
14:29:35:82:9a:35:c4:d7:2c:33:c8:5d:e9:07:d8:b5:ac:23:
fe:9a:91:b4
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYosYoreNxQWwb4GgkbCpI+WMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU0YTJiOGU5MGQxNTdlYTAyMmY4ZTcwMDAyNGE5M2RjMzU2
YTUxNGQwHhcNMjMwODI1MTEwOTMwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMzJkZTZhNzViOTAzN2Q4MDA2OWMzMjZjNzUzMTBkNGIyNzY4NTVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlbNnEXHKUeIWbQcyZQYTVHPiXVBT
QUtZS5TeV48vZ0wI9MataZzlu9vx2TnGU+1s59beRHFj2ekvefp02CUR3/bkqEU/
M20XMlnCyVrze4aY6+P+C0onrS/c0dZKiaioS96G4usWvp/5isK6ZPFXQ4ac/etk
torRu7vUysrUwlo3NUEYp8JnmaIWfxEpHuDGJ70fp72qb2MqPadkZQgZ9l44w87k
p+dlOXVL1khjBvtlSBDbK0fnta58HkP7ZxfZ12gIHyi0vMdy6tHAI1pV6Eh7A1qB
RofXdUGMJRmXCZnA3Iz8ZZa3mNO1+AeLgNxw2AHTrXOG1Q1BQihsGt2dLwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFOMt5qdbkDfYAGnDJsdTENSydoVaMB8GA1UdIwQY
MBaAFOSiuOkNFX6gIvjnAAJKk9w1alFNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNUtLNDZRMFZmcUFpLU9jQUFrcVQzRFZxVVUwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny82OTllODUtMTAyNy00YzdlLThhZTct
ZGY0YTJlNzYwY2NiLzEvNHkzbXAxdVFOOWdBYWNNbXgxTVExTEoyaFZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ny82OTllODUtMTAyNy00YzdlLThhZTctZGY0YTJlNzYwY2Ni
LzEvNUtLNDZRMFZmcUFpLU9jQUFrcVQzRFZxVVUwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQATVyOAwQA
TVyRAwQAvIS4AwQAvITSAwQA1EQwMA0GCSqGSIb3DQEBCwUAA4IBAQAneCQsc4qn
mPvebfnFLkMB8sqPtcxPcTY66Yfp/zuphimsQRWTxLK4ViI4xpoEquPsGnNJeUfc
9mOFDi6HHfLmoyi466DdePJ6N+p0/VO6qmpb8RGZJQepW2dZGjpZBHerGflb/uZU
Pa4YM0IxB9lsIiCbQ3tBS18m/aAsx/NBiyY8HIk+pdSAH4lK0ifAMQlJVFfuTvQm
SWfDJaqcXovfdXwRoXOmAhcliVLD7d7fCTIr5S8JiEfRsvqeCk3hrh9ZupLjSxGU
B10hzeYs7bs29joOa3cT6TcBmbKaohx0tvFfEGImyZD4PkcUKTWCmjXE1ywzyF3p
B9i1rCP+mpG0
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:24:53 2024 by rpki-client on console-ams.rpki-client.org