Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/fLClTid5-Nrn6aj_Nbti8VCF4bI.roa
File: fLClTid5-Nrn6aj_Nbti8VCF4bI.roa (raw, json)
Hash identifier: jEWqBYk6JpCUXAi/Xaw2TJcf8bS8MRYeZ976W/8+UHo=
Subject key identifier: 7C:B0:A5:4E:27:79:F8:DA:E7:E9:A8:FF:35:BB:62:F1:50:85:E1:B2
Certificate issuer: /CN=05b1d13c2e26e12786246a5ec4c5bea69864b20f
Certificate serial: 018972C0399483A249A523583BD7EBC92454
Authority key identifier: 05:B1:D1:3C:2E:26:E1:27:86:24:6A:5E:C4:C5:BE:A6:98:64:B2:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BbHRPC4m4SeGJGpexMW-pphksg8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/fLClTid5-Nrn6aj_Nbti8VCF4bI.roa
Signing time: Thu 20 Jul 2023 10:02:27 +0000
ROA not before: Thu 20 Jul 2023 10:02:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 57494
IP address blocks: 77.83.118.0/24 maxlen: 24
77.83.119.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:72:c0:39:94:83:a2:49:a5:23:58:3b:d7:eb:c9:24:54
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=05b1d13c2e26e12786246a5ec4c5bea69864b20f
Validity
Not Before: Jul 20 10:02:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7cb0a54e2779f8dae7e9a8ff35bb62f15085e1b2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:6c:ab:3a:40:61:dd:08:2d:70:ec:23:d6:87:
e6:ea:ed:cc:37:ae:ba:3c:3d:1e:5c:db:84:bf:ac:
d2:eb:a2:ad:37:f6:92:49:63:6e:c2:d8:c4:d3:b8:
ed:b0:02:b6:3a:c0:34:54:1c:cd:88:32:2a:e0:4b:
46:ae:fd:b6:e0:ab:73:49:79:30:8e:97:bb:0b:5d:
2d:8c:fa:62:af:dc:4a:7e:38:76:93:34:6b:ef:bf:
a0:14:b3:75:8b:1d:87:62:d4:1d:fb:a3:0b:03:df:
d1:e6:d4:a5:0a:03:f0:7e:52:6c:64:a6:0a:1e:0a:
dd:fa:7a:09:af:c1:f3:47:72:c5:ef:e0:28:b8:75:
58:95:ac:22:79:4f:d6:60:c6:cf:01:8c:15:de:00:
00:b7:ef:95:b2:32:7a:70:f1:77:2d:a6:a3:d3:0e:
18:95:87:92:bb:d4:82:59:92:ce:17:86:22:bf:44:
8b:b1:d5:ee:ce:10:ba:09:af:39:cb:a5:a8:7c:0d:
80:35:ad:fb:3c:93:39:12:8e:d8:26:0f:ee:6f:1d:
5e:25:14:27:c2:3d:84:32:d7:d8:83:5a:a2:67:c2:
6b:44:fc:e6:c3:e9:59:14:42:6a:9f:a2:a5:8f:90:
34:0e:af:bd:c4:e6:cc:43:cc:7c:9d:af:f0:f1:85:
df:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:B0:A5:4E:27:79:F8:DA:E7:E9:A8:FF:35:BB:62:F1:50:85:E1:B2
X509v3 Authority Key Identifier:
keyid:05:B1:D1:3C:2E:26:E1:27:86:24:6A:5E:C4:C5:BE:A6:98:64:B2:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BbHRPC4m4SeGJGpexMW-pphksg8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/fLClTid5-Nrn6aj_Nbti8VCF4bI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/BbHRPC4m4SeGJGpexMW-pphksg8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.83.118.0/23
Signature Algorithm: sha256WithRSAEncryption
24:f5:9c:e6:0e:65:39:fc:5b:47:8e:0a:a3:63:5f:e7:bf:7a:
f6:d1:9e:82:08:e0:a4:65:46:71:36:4f:11:23:70:bb:31:b8:
af:c7:c6:7f:24:56:d0:1b:23:a3:34:c8:1b:41:17:11:7e:88:
90:27:5b:37:b9:93:98:3b:e8:08:12:69:51:33:fd:76:29:8c:
cc:48:79:39:6b:5a:23:47:fb:98:0c:1f:ab:71:5c:f0:e5:56:
27:86:a0:36:49:86:89:06:87:2f:0a:21:2e:fe:97:d8:f8:43:
03:7b:fc:00:f2:da:17:78:7d:f9:d3:cf:9b:b4:6c:3d:2c:97:
30:97:de:7e:43:77:28:b0:cf:00:ed:f7:6c:e0:87:5c:a5:8b:
bb:d1:f0:f3:21:51:24:68:67:a2:13:05:4c:2b:dd:18:23:82:
dd:b7:0b:03:b0:dc:c4:7d:4b:d6:22:98:2f:97:76:e1:b2:d6:
d1:4e:a8:64:0c:c4:21:37:29:55:d0:35:53:e0:6e:29:23:6a:
dc:3a:2c:1b:9c:ca:d7:e0:c6:de:3e:fa:36:ab:f4:e2:3c:b8:
96:af:bb:ce:ee:f9:27:71:08:68:03:29:6a:d9:75:08:10:9d:
b6:3c:8d:a2:5c:1b:d0:9a:4d:66:3f:ab:e6:76:6a:fc:89:c1:
7b:ff:65:00
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYlywDmUg6JJpSNYO9frySRUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1YjFkMTNjMmUyNmUxMjc4NjI0NmE1ZWM0YzViZWE2OTg2
NGIyMGYwHhcNMjMwNzIwMTAwMjI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3Y2IwYTU0ZTI3NzlmOGRhZTdlOWE4ZmYzNWJiNjJmMTUwODVlMWIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoWyrOkBh3QgtcOwj1ofm6u3MN666
PD0eXNuEv6zS66KtN/aSSWNuwtjE07jtsAK2OsA0VBzNiDIq4EtGrv224KtzSXkw
jpe7C10tjPpir9xKfjh2kzRr77+gFLN1ix2HYtQd+6MLA9/R5tSlCgPwflJsZKYK
Hgrd+noJr8HzR3LF7+AouHVYlawieU/WYMbPAYwV3gAAt++VsjJ6cPF3Laaj0w4Y
lYeSu9SCWZLOF4Yiv0SLsdXuzhC6Ca85y6WofA2ANa37PJM5Eo7YJg/ubx1eJRQn
wj2EMtfYg1qiZ8JrRPzmw+lZFEJqn6Klj5A0Dq+9xObMQ8x8na/w8YXf4QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHywpU4nefja5+mo/zW7YvFQheGyMB8GA1UdIwQY
MBaAFAWx0TwuJuEnhiRqXsTFvqaYZLIPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQmJIUlBDNG00U2VHSkdwZXhNVy1wcGhrc2c4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC9jNjEwOTItNzM0YS00ZWVmLTlkNjct
NDkwNTI0M2JjODI4LzEvZkxDbFRpZDUtTnJuNmFqX05idGk4VkNGNGJJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOC9jNjEwOTItNzM0YS00ZWVmLTlkNjctNDkwNTI0M2JjODI4
LzEvQmJIUlBDNG00U2VHSkdwZXhNVy1wcGhrc2c4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBTVN2MA0G
CSqGSIb3DQEBCwUAA4IBAQAk9ZzmDmU5/FtHjgqjY1/nv3r20Z6CCOCkZUZxNk8R
I3C7Mbivx8Z/JFbQGyOjNMgbQRcRfoiQJ1s3uZOYO+gIEmlRM/12KYzMSHk5a1oj
R/uYDB+rcVzw5VYnhqA2SYaJBocvCiEu/pfY+EMDe/wA8toXeH3508+btGw9LJcw
l95+Q3cosM8A7fds4IdcpYu70fDzIVEkaGeiEwVMK90YI4LdtwsDsNzEfUvWIpgv
l3bhstbRTqhkDMQhNylV0DVT4G4pI2rcOiwbnMrX4MbePvo2q/TiPLiWr7vO7vkn
cQhoAylq2XUIEJ22PI2iXBvQmk1mP6vmdmr8icF7/2UA
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:48:55 2024 by rpki-client on console-fra.rpki-client.org