Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/699e85-1027-4c7e-8ae7-df4a2e760ccb/1/XDjiG9CD4ZDuxoWbo4-9zz2CQao.roa
File: XDjiG9CD4ZDuxoWbo4-9zz2CQao.roa (raw, json)
Hash identifier: DMcNn6AXO/gMKBdx4D88vmHcIcwVzpfXjW/YJCgv5Bo=
Subject key identifier: 5C:38:E2:1B:D0:83:E1:90:EE:C6:85:9B:A3:8F:BD:CF:3D:82:41:AA
Certificate issuer: /CN=e4a2b8e90d157ea022f8e700024a93dc356a514d
Certificate serial: 0189DCB8660364F7888C80C69886158F05AF
Authority key identifier: E4:A2:B8:E9:0D:15:7E:A0:22:F8:E7:00:02:4A:93:DC:35:6A:51:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5KK46Q0VfqAi-OcAAkqT3DVqUU0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/97/699e85-1027-4c7e-8ae7-df4a2e760ccb/1/XDjiG9CD4ZDuxoWbo4-9zz2CQao.roa
Signing time: Wed 09 Aug 2023 23:53:39 +0000
ROA not before: Wed 09 Aug 2023 23:53:39 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42216
IP address blocks: 77.92.145.0/24 maxlen: 24
77.92.142.0/24 maxlen: 24
212.68.48.0/24 maxlen: 24
188.132.184.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:dc:b8:66:03:64:f7:88:8c:80:c6:98:86:15:8f:05:af
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e4a2b8e90d157ea022f8e700024a93dc356a514d
Validity
Not Before: Aug 9 23:53:39 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5c38e21bd083e190eec6859ba38fbdcf3d8241aa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:22:62:5c:d9:a9:b7:e3:58:81:94:03:2b:00:
dc:96:8c:fa:66:46:90:83:8e:55:5f:31:20:35:b7:
26:32:85:c8:c1:fb:bb:a0:39:41:0c:d3:7f:da:7a:
02:de:fd:9e:92:1e:3c:94:44:06:c7:ed:2f:d0:e9:
5f:4a:dd:6b:6b:fe:16:e6:1d:6f:da:be:2e:88:c1:
81:03:cf:ce:12:7e:d3:8e:4f:db:d8:02:1e:10:8b:
0f:a1:b9:f6:b4:fa:45:a8:10:fe:88:59:f6:ba:91:
00:e8:ae:c2:20:0c:78:d3:6f:d5:13:48:47:b8:ca:
35:db:ba:13:54:0a:77:1d:34:97:d1:51:5e:0a:00:
7b:10:62:12:53:ec:16:69:cf:71:59:53:ab:92:ad:
8e:c8:4c:e5:16:0b:34:e3:23:65:d0:52:be:2c:0d:
0f:6e:9e:27:5f:6b:1a:4c:41:de:36:0e:59:78:13:
46:69:ec:4f:d2:93:cd:24:00:71:83:1d:da:2f:8f:
27:6f:45:17:7a:27:15:9b:fb:a5:40:4c:66:57:89:
c8:81:62:d3:c9:24:f4:6e:01:16:6a:68:99:bd:11:
97:57:b8:82:ab:8f:0f:2c:a5:75:3a:08:da:73:12:
ae:a5:ee:77:c5:df:51:5b:0e:91:81:b0:c1:e1:08:
26:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:38:E2:1B:D0:83:E1:90:EE:C6:85:9B:A3:8F:BD:CF:3D:82:41:AA
X509v3 Authority Key Identifier:
keyid:E4:A2:B8:E9:0D:15:7E:A0:22:F8:E7:00:02:4A:93:DC:35:6A:51:4D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5KK46Q0VfqAi-OcAAkqT3DVqUU0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/699e85-1027-4c7e-8ae7-df4a2e760ccb/1/XDjiG9CD4ZDuxoWbo4-9zz2CQao.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/97/699e85-1027-4c7e-8ae7-df4a2e760ccb/1/5KK46Q0VfqAi-OcAAkqT3DVqUU0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.92.142.0/24
77.92.145.0/24
188.132.184.0/24
212.68.48.0/24
Signature Algorithm: sha256WithRSAEncryption
88:ef:29:74:12:f7:ab:7c:44:7c:e4:8b:03:30:95:46:f2:12:
08:15:90:e5:ea:cc:ca:a9:39:1f:5a:0e:f2:ff:ec:d4:56:89:
20:87:6b:7f:1e:be:be:00:7c:12:3b:36:0a:07:fc:93:01:20:
c7:97:75:39:a3:23:76:80:ba:d3:5c:eb:14:ce:fd:08:21:48:
a5:7a:a1:25:79:76:a6:bb:f7:a5:2d:1b:ba:f1:ff:20:44:a1:
44:da:cf:4b:ec:08:64:99:aa:ca:e1:14:8d:c3:22:e4:b6:80:
47:0f:20:01:87:de:20:cf:c2:be:4d:28:a0:f3:e2:5b:7f:73:
26:69:b2:6d:53:ec:d2:0b:c6:55:11:0c:12:9a:0d:b5:75:b2:
72:48:9e:1c:b0:36:09:3d:05:3b:cd:24:ee:77:1e:24:80:d8:
69:3e:28:c3:c1:e1:93:72:60:9c:a7:b8:5f:54:8a:0d:ed:7d:
ae:54:66:44:08:d7:33:7f:fe:8f:6a:9c:a3:dc:cd:9f:c1:fa:
24:bf:45:65:2d:50:f3:d6:4b:4d:ef:99:92:3d:97:ca:01:cf:
3e:35:99:02:39:09:8a:c6:e6:73:34:8b:c3:c3:7e:24:06:43:
98:11:2b:cf:36:0e:f9:58:f0:53:63:57:f0:41:b7:32:f2:84:
fe:f3:b4:2b
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYncuGYDZPeIjIDGmIYVjwWvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU0YTJiOGU5MGQxNTdlYTAyMmY4ZTcwMDAyNGE5M2RjMzU2
YTUxNGQwHhcNMjMwODA5MjM1MzM5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YzM4ZTIxYmQwODNlMTkwZWVjNjg1OWJhMzhmYmRjZjNkODI0MWFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlSJiXNmpt+NYgZQDKwDcloz6ZkaQ
g45VXzEgNbcmMoXIwfu7oDlBDNN/2noC3v2ekh48lEQGx+0v0OlfSt1ra/4W5h1v
2r4uiMGBA8/OEn7Tjk/b2AIeEIsPobn2tPpFqBD+iFn2upEA6K7CIAx402/VE0hH
uMo127oTVAp3HTSX0VFeCgB7EGISU+wWac9xWVOrkq2OyEzlFgs04yNl0FK+LA0P
bp4nX2saTEHeNg5ZeBNGaexP0pPNJABxgx3aL48nb0UXeicVm/ulQExmV4nIgWLT
yST0bgEWamiZvRGXV7iCq48PLKV1OgjacxKupe53xd9RWw6RgbDB4QgmvwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFFw44hvQg+GQ7saFm6OPvc89gkGqMB8GA1UdIwQY
MBaAFOSiuOkNFX6gIvjnAAJKk9w1alFNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNUtLNDZRMFZmcUFpLU9jQUFrcVQzRFZxVVUwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny82OTllODUtMTAyNy00YzdlLThhZTct
ZGY0YTJlNzYwY2NiLzEvWERqaUc5Q0Q0WkR1eG9XYm80LTl6ejJDUWFvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ny82OTllODUtMTAyNy00YzdlLThhZTctZGY0YTJlNzYwY2Ni
LzEvNUtLNDZRMFZmcUFpLU9jQUFrcVQzRFZxVVUwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQATVyOAwQA
TVyRAwQAvIS4AwQA1EQwMA0GCSqGSIb3DQEBCwUAA4IBAQCI7yl0EverfER85IsD
MJVG8hIIFZDl6szKqTkfWg7y/+zUVokgh2t/Hr6+AHwSOzYKB/yTASDHl3U5oyN2
gLrTXOsUzv0IIUileqEleXamu/elLRu68f8gRKFE2s9L7AhkmarK4RSNwyLktoBH
DyABh94gz8K+TSig8+Jbf3MmabJtU+zSC8ZVEQwSmg21dbJySJ4csDYJPQU7zSTu
dx4kgNhpPijDweGTcmCcp7hfVIoN7X2uVGZECNczf/6Papyj3M2fwfokv0VlLVDz
1ktN75mSPZfKAc8+NZkCOQmKxuZzNIvDw34kBkOYESvPNg75WPBTY1fwQbcy8oT+
87Qr
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:24:53 2024 by rpki-client on console-ams.rpki-client.org