Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/699e85-1027-4c7e-8ae7-df4a2e760ccb/1/KXX7CbexhX3NdULAtv5tGDUEuDo.roa
File: KXX7CbexhX3NdULAtv5tGDUEuDo.roa (raw, json)
Hash identifier: 5NF+LpUyp3kYJ9Z7G0oRSV7nHWfYHGWvAC8fLT7wK+s=
Subject key identifier: 29:75:FB:09:B7:B1:85:7D:CD:75:42:C0:B6:FE:6D:18:35:04:B8:3A
Certificate issuer: /CN=e4a2b8e90d157ea022f8e700024a93dc356a514d
Certificate serial: 018B485F9696E217CE7FBE60B866F4687376
Authority key identifier: E4:A2:B8:E9:0D:15:7E:A0:22:F8:E7:00:02:4A:93:DC:35:6A:51:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5KK46Q0VfqAi-OcAAkqT3DVqUU0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/97/699e85-1027-4c7e-8ae7-df4a2e760ccb/1/KXX7CbexhX3NdULAtv5tGDUEuDo.roa
Signing time: Thu 19 Oct 2023 14:38:25 +0000
ROA not before: Thu 19 Oct 2023 14:38:25 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211804
IP address blocks: 77.92.145.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:48:5f:96:96:e2:17:ce:7f:be:60:b8:66:f4:68:73:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e4a2b8e90d157ea022f8e700024a93dc356a514d
Validity
Not Before: Oct 19 14:38:25 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2975fb09b7b1857dcd7542c0b6fe6d183504b83a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:1d:c4:4c:07:ee:58:e2:bb:40:b5:c5:3c:ff:
85:4d:0c:28:ab:a9:b1:8c:bc:82:8f:2b:4c:19:89:
5d:f2:cd:99:b6:af:e4:51:54:4e:2d:7b:b5:d7:41:
55:7c:bf:e3:4b:3a:56:10:e8:7a:90:7e:49:c7:8c:
3d:d2:76:3c:6d:64:72:2f:52:53:ba:78:63:9c:c8:
82:ee:01:f0:83:65:bc:ff:a7:eb:1a:d0:38:22:26:
4e:0f:95:4d:a5:7c:d4:7a:2e:59:be:0d:a5:72:0c:
21:0f:cf:0c:29:c2:94:82:f8:76:06:69:e9:18:b9:
dd:0b:69:5d:b6:78:e9:68:5e:a2:4c:5a:5f:78:d7:
44:2f:4a:3c:cf:01:f3:00:80:c0:da:33:20:22:08:
b9:98:52:d3:7b:27:7f:cd:19:ff:b2:59:a8:1e:67:
e5:92:3c:07:72:a6:1f:ae:12:11:c7:09:ba:9e:14:
1d:93:e1:f0:42:33:37:2e:4c:b5:fe:e8:b4:9e:34:
0d:42:a6:33:ad:5e:71:f6:e5:12:aa:61:99:75:bb:
81:5b:87:79:2e:e8:d8:f4:5c:a8:2b:84:fa:5a:61:
73:b6:b3:82:f9:ab:2a:ab:ea:ac:e0:d1:94:a6:82:
bb:7b:2d:d8:de:37:74:d2:eb:59:ce:01:24:93:97:
26:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:75:FB:09:B7:B1:85:7D:CD:75:42:C0:B6:FE:6D:18:35:04:B8:3A
X509v3 Authority Key Identifier:
keyid:E4:A2:B8:E9:0D:15:7E:A0:22:F8:E7:00:02:4A:93:DC:35:6A:51:4D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5KK46Q0VfqAi-OcAAkqT3DVqUU0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/699e85-1027-4c7e-8ae7-df4a2e760ccb/1/KXX7CbexhX3NdULAtv5tGDUEuDo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/97/699e85-1027-4c7e-8ae7-df4a2e760ccb/1/5KK46Q0VfqAi-OcAAkqT3DVqUU0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.92.145.0/24
Signature Algorithm: sha256WithRSAEncryption
ac:7b:12:e3:ec:78:8d:7f:2f:03:7c:a1:4a:4d:93:4d:80:5e:
9b:9e:cd:35:17:b2:83:8b:c5:0f:a7:48:03:eb:34:13:4e:77:
79:79:1a:36:a7:9a:27:72:ec:57:48:13:01:04:b3:88:ea:a8:
10:9d:db:ec:53:fd:a4:a3:e9:87:1a:b0:41:47:18:08:79:8f:
95:50:92:c4:f9:8e:94:a9:58:7a:eb:4b:f1:84:e7:f3:45:df:
fb:f3:e2:6f:42:3b:b0:bc:15:44:79:e9:c8:d2:25:86:f5:ec:
04:a1:d4:d6:e9:75:a5:be:af:d9:87:a6:19:96:ab:72:32:3b:
bc:b3:b9:93:bf:4e:f1:38:3a:9a:2c:2d:e5:99:75:00:3c:90:
9d:93:85:75:fd:dd:12:2a:78:88:2a:fb:98:e6:24:5f:4f:d2:
ea:c3:d0:11:18:e7:82:4c:26:c1:28:f6:6f:5c:2e:23:17:58:
40:3d:86:16:8f:50:cb:d0:41:58:c6:86:1f:ce:06:7a:c4:41:
48:27:a3:7f:a2:bf:a7:7f:83:b9:dd:40:d1:00:bd:01:17:e8:
bf:75:ab:ce:7b:e0:dc:b0:33:49:0d:36:16:c4:e2:99:a9:af:
bc:2c:c4:55:ba:13:d9:9c:5c:c7:fc:26:b8:e1:57:fb:68:93:
2e:ba:9c:8a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYtIX5aW4hfOf75guGb0aHN2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU0YTJiOGU5MGQxNTdlYTAyMmY4ZTcwMDAyNGE5M2RjMzU2
YTUxNGQwHhcNMjMxMDE5MTQzODI1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOTc1ZmIwOWI3YjE4NTdkY2Q3NTQyYzBiNmZlNmQxODM1MDRiODNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAix3ETAfuWOK7QLXFPP+FTQwoq6mx
jLyCjytMGYld8s2Ztq/kUVROLXu110FVfL/jSzpWEOh6kH5Jx4w90nY8bWRyL1JT
unhjnMiC7gHwg2W8/6frGtA4IiZOD5VNpXzUei5Zvg2lcgwhD88MKcKUgvh2Bmnp
GLndC2ldtnjpaF6iTFpfeNdEL0o8zwHzAIDA2jMgIgi5mFLTeyd/zRn/slmoHmfl
kjwHcqYfrhIRxwm6nhQdk+HwQjM3Lky1/ui0njQNQqYzrV5x9uUSqmGZdbuBW4d5
LujY9FyoK4T6WmFztrOC+asqq+qs4NGUpoK7ey3Y3jd00utZzgEkk5cm8wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCl1+wm3sYV9zXVCwLb+bRg1BLg6MB8GA1UdIwQY
MBaAFOSiuOkNFX6gIvjnAAJKk9w1alFNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNUtLNDZRMFZmcUFpLU9jQUFrcVQzRFZxVVUwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny82OTllODUtMTAyNy00YzdlLThhZTct
ZGY0YTJlNzYwY2NiLzEvS1hYN0NiZXhoWDNOZFVMQXR2NXRHRFVFdURvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ny82OTllODUtMTAyNy00YzdlLThhZTctZGY0YTJlNzYwY2Ni
LzEvNUtLNDZRMFZmcUFpLU9jQUFrcVQzRFZxVVUwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQATVyRMA0G
CSqGSIb3DQEBCwUAA4IBAQCsexLj7HiNfy8DfKFKTZNNgF6bns01F7KDi8UPp0gD
6zQTTnd5eRo2p5oncuxXSBMBBLOI6qgQndvsU/2ko+mHGrBBRxgIeY+VUJLE+Y6U
qVh660vxhOfzRd/78+JvQjuwvBVEeenI0iWG9ewEodTW6XWlvq/Zh6YZlqtyMju8
s7mTv07xODqaLC3lmXUAPJCdk4V1/d0SKniIKvuY5iRfT9Lqw9ARGOeCTCbBKPZv
XC4jF1hAPYYWj1DL0EFYxoYfzgZ6xEFIJ6N/or+nf4O53UDRAL0BF+i/davOe+Dc
sDNJDTYWxOKZqa+8LMRVuhPZnFzH/Ca44Vf7aJMuupyK
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:40:01 2024 by rpki-client on console-fra.rpki-client.org