Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/97AX8kGC6fSblueuyGf38gDlo4E.roa
File: 97AX8kGC6fSblueuyGf38gDlo4E.roa (raw, json)
Hash identifier: kynKZiqQoCORgxwbJAGwKHin3RbSe7L9XJe/Eb0qzmg=
Subject key identifier: F7:B0:17:F2:41:82:E9:F4:9B:96:E7:AE:C8:67:F7:F2:00:E5:A3:81
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 01873DECFFA7A8C8C878E5541A196B259F43
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/97AX8kGC6fSblueuyGf38gDlo4E.roa
Signing time: Sat 01 Apr 2023 17:45:54 +0000
ROA not before: Sat 01 Apr 2023 17:45:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49703
IP address blocks: 77.75.60.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:3d:ec:ff:a7:a8:c8:c8:78:e5:54:1a:19:6b:25:9f:43
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Apr 1 17:45:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f7b017f24182e9f49b96e7aec867f7f200e5a381
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:ef:47:9b:0e:61:a0:d2:fc:b8:3a:53:af:06:
c0:b9:15:70:7b:57:cd:bb:19:4f:dd:3f:ff:a6:23:
6e:be:11:39:8b:d2:de:49:01:79:1f:ae:64:57:2b:
11:f2:ab:8a:25:52:a3:4b:47:8e:fa:2a:4b:43:52:
a7:1d:02:3f:2b:08:06:a6:80:19:24:33:31:11:2f:
1e:bc:d8:e9:46:18:ac:fd:ba:b1:4f:4c:4c:7e:12:
cf:33:e5:8a:d2:50:12:44:33:bf:d2:8f:f7:05:35:
eb:27:7e:69:24:5d:93:df:4d:f5:94:ce:72:52:06:
9a:07:c8:75:10:a4:83:3b:74:66:4a:79:ce:db:5d:
96:ef:3b:57:c8:ff:7b:15:71:f9:c1:8b:10:f5:71:
1e:d4:8f:75:69:75:57:1c:ae:4f:ca:4a:0f:bb:5c:
48:57:55:71:e9:f5:c8:04:92:bc:c3:22:27:ab:1a:
f3:05:6c:5d:3a:6e:93:f9:9b:35:a3:bf:f3:f6:f0:
bd:87:6b:f8:47:b2:ad:78:3c:b2:4b:3a:ae:f9:9d:
af:f3:6b:6d:e3:de:46:bf:e7:75:f1:18:ac:1f:ed:
aa:50:9b:09:2b:35:48:f7:11:25:65:7a:ce:ab:7f:
f7:36:52:d1:de:5a:b2:36:d4:af:4e:d1:c6:1b:74:
1b:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:B0:17:F2:41:82:E9:F4:9B:96:E7:AE:C8:67:F7:F2:00:E5:A3:81
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/97AX8kGC6fSblueuyGf38gDlo4E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.75.60.0/24
Signature Algorithm: sha256WithRSAEncryption
59:e8:33:07:57:1f:b6:a1:94:d7:e1:ec:9c:ad:8f:13:8f:d9:
df:38:67:27:bf:38:10:33:c5:e3:f8:9f:d8:8a:e4:5e:28:f4:
94:c2:84:49:5c:74:1d:4d:3e:07:25:21:88:c0:93:b5:0f:e4:
f8:a1:01:16:c4:b2:e3:bd:b6:fc:f6:c3:aa:f5:e6:e8:1b:cf:
e9:b0:4b:e8:71:8a:5c:9a:a8:2c:fd:56:f5:a7:2f:91:7c:47:
dc:62:cc:8e:b8:96:bf:de:42:b5:82:fb:1a:a3:bb:33:98:1a:
bb:4c:36:58:d0:38:74:09:91:c4:40:d6:00:3c:17:05:e8:f2:
25:d6:9f:28:ed:a7:85:92:49:3b:44:96:70:11:f0:78:d9:bf:
cd:87:ee:6c:ed:0c:20:92:50:ef:ab:0b:ec:77:17:58:56:54:
4b:84:f6:55:c3:37:b8:b4:e1:13:ed:9e:3f:c5:df:b2:b7:c2:
b6:02:1c:6d:73:5b:5e:25:e6:40:ff:c8:e5:8e:6a:71:97:d8:
b8:08:b4:f8:b8:40:18:32:31:00:7f:e3:4a:ef:3f:a6:fd:02:
df:77:18:97:c4:7d:4e:06:9d:0d:3b:48:38:c6:52:81:92:d0:
9f:0f:be:45:02:43:a9:4f:3e:71:f2:63:f3:12:30:43:c2:aa:
3d:16:07:bd
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYc97P+nqMjIeOVUGhlrJZ9DMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMwNDAxMTc0NTU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmN2IwMTdmMjQxODJlOWY0OWI5NmU3YWVjODY3ZjdmMjAwZTVhMzgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkO9Hmw5hoNL8uDpTrwbAuRVwe1fN
uxlP3T//piNuvhE5i9LeSQF5H65kVysR8quKJVKjS0eO+ipLQ1KnHQI/KwgGpoAZ
JDMxES8evNjpRhis/bqxT0xMfhLPM+WK0lASRDO/0o/3BTXrJ35pJF2T3031lM5y
UgaaB8h1EKSDO3RmSnnO212W7ztXyP97FXH5wYsQ9XEe1I91aXVXHK5PykoPu1xI
V1Vx6fXIBJK8wyInqxrzBWxdOm6T+Zs1o7/z9vC9h2v4R7KteDyySzqu+Z2v82tt
495Gv+d18RisH+2qUJsJKzVI9xElZXrOq3/3NlLR3lqyNtSvTtHGG3QbKwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPewF/JBgun0m5bnrshn9/IA5aOBMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvOTdBWDhrR0M2ZlNibHVldXlHZjM4Z0RsbzRFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQATUs8MA0G
CSqGSIb3DQEBCwUAA4IBAQBZ6DMHVx+2oZTX4eycrY8Tj9nfOGcnvzgQM8Xj+J/Y
iuReKPSUwoRJXHQdTT4HJSGIwJO1D+T4oQEWxLLjvbb89sOq9eboG8/psEvocYpc
mqgs/Vb1py+RfEfcYsyOuJa/3kK1gvsao7szmBq7TDZY0Dh0CZHEQNYAPBcF6PIl
1p8o7aeFkkk7RJZwEfB42b/Nh+5s7QwgklDvqwvsdxdYVlRLhPZVwze4tOET7Z4/
xd+yt8K2Ahxtc1teJeZA/8jljmpxl9i4CLT4uEAYMjEAf+NK7z+m/QLfdxiXxH1O
Bp0NO0g4xlKBktCfD75FAkOpTz5x8mPzEjBDwqo9Fge9
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:41:08 2024 by rpki-client on console-ams.rpki-client.org