Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/o4vutlaMjxyJp5JTjdxXS1C-UcA.roa
File: o4vutlaMjxyJp5JTjdxXS1C-UcA.roa (raw, json)
Hash identifier: 93LJxcJZs+xiE3Dev/96YFq8psnI+a/MpHMCc0+N54g=
Subject key identifier: A3:8B:EE:B6:56:8C:8F:1C:89:A7:92:53:8D:DC:57:4B:50:BE:51:C0
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 01873645C41B844B88D815B0A23B96A5EE42
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/o4vutlaMjxyJp5JTjdxXS1C-UcA.roa
Signing time: Fri 31 Mar 2023 06:05:54 +0000
ROA not before: Fri 31 Mar 2023 06:05:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 77.75.60.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:36:45:c4:1b:84:4b:88:d8:15:b0:a2:3b:96:a5:ee:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Mar 31 06:05:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a38beeb6568c8f1c89a792538ddc574b50be51c0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:b1:ac:7e:42:e7:fe:b3:bf:4a:ad:8d:95:5d:
a7:91:33:08:0d:a9:58:a6:84:dc:e3:94:b9:27:b0:
72:31:48:a9:1b:0e:c2:58:ef:3e:cf:66:c4:58:6b:
99:dc:32:74:61:84:3a:a8:6a:41:7b:85:63:4e:ca:
b3:01:c7:f4:c2:c2:f3:7e:8c:d3:66:5d:02:99:ad:
90:56:74:5e:cb:3a:90:f9:15:b2:00:f5:45:5d:3c:
4e:94:ff:d3:d5:00:76:bf:ef:66:f6:7a:d8:b1:d0:
50:7e:4c:b1:ae:c7:11:47:e2:3f:11:08:14:c4:d4:
80:7b:90:4c:7d:09:8a:d7:38:f9:1d:e3:4f:37:94:
32:47:a7:bc:b2:7e:1a:0c:c1:28:62:07:d9:b4:99:
af:0e:50:e3:91:8d:66:80:c5:1b:6e:ad:ce:53:51:
91:39:26:2a:17:8e:6b:a0:8e:e2:22:ca:67:cc:cb:
a4:0e:1b:62:37:a3:2d:99:ed:b4:85:96:87:cd:63:
09:d6:25:95:77:b2:05:92:d5:31:ce:ef:53:20:b3:
5f:8c:85:90:df:ca:aa:43:e5:77:0e:fc:b0:5c:b8:
f4:c4:82:9e:cb:12:19:79:5f:bd:56:89:3e:9d:cd:
ab:16:2e:f7:be:4c:de:b1:36:61:74:a9:4c:58:16:
14:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:8B:EE:B6:56:8C:8F:1C:89:A7:92:53:8D:DC:57:4B:50:BE:51:C0
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/o4vutlaMjxyJp5JTjdxXS1C-UcA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.75.60.0/24
Signature Algorithm: sha256WithRSAEncryption
57:12:b8:ff:00:0d:94:cd:c5:8f:84:7f:94:f6:3a:92:6d:50:
f0:32:46:01:ee:5a:69:da:28:84:0b:29:a4:1b:e1:0a:fb:9e:
7b:be:3c:2e:12:26:65:20:c8:07:77:be:b7:02:ab:9e:44:b9:
ec:32:55:53:58:62:45:a0:04:75:a2:1a:72:0f:21:5c:ce:75:
78:cf:43:07:b8:b1:7d:3d:c8:5e:b8:a1:53:86:20:c5:78:ac:
d0:f4:72:fe:7a:bb:bb:c4:bb:c2:a4:16:88:7e:87:9f:ac:96:
c3:a4:cf:68:60:b0:58:35:31:63:34:08:f7:3d:f9:58:1a:0d:
24:2f:ea:cc:be:45:35:23:59:be:2a:a1:14:3a:9b:f8:cd:f1:
86:90:c8:94:0d:e2:52:c7:64:f8:16:ba:2f:19:29:ff:8e:db:
1c:92:88:c0:42:ed:77:66:f7:85:45:70:59:0a:cc:de:86:00:
01:cf:4c:44:1c:51:76:64:af:8c:b8:f8:ad:65:da:e3:73:99:
db:24:88:28:d8:1e:b7:b2:fe:05:94:96:02:53:1d:44:76:bb:
c7:6d:2c:12:62:6d:e3:cd:57:ed:79:be:b6:11:fa:a4:68:11:
51:70:5c:23:01:b4:3b:d7:18:59:6a:c9:7f:0d:10:ae:67:56:
28:f6:62:93
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYc2RcQbhEuI2BWwojuWpe5CMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMwMzMxMDYwNTU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMzhiZWViNjU2OGM4ZjFjODlhNzkyNTM4ZGRjNTc0YjUwYmU1MWMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsLGsfkLn/rO/Sq2NlV2nkTMIDalY
poTc45S5J7ByMUipGw7CWO8+z2bEWGuZ3DJ0YYQ6qGpBe4VjTsqzAcf0wsLzfozT
Zl0Cma2QVnReyzqQ+RWyAPVFXTxOlP/T1QB2v+9m9nrYsdBQfkyxrscRR+I/EQgU
xNSAe5BMfQmK1zj5HeNPN5QyR6e8sn4aDMEoYgfZtJmvDlDjkY1mgMUbbq3OU1GR
OSYqF45roI7iIspnzMukDhtiN6Mtme20hZaHzWMJ1iWVd7IFktUxzu9TILNfjIWQ
38qqQ+V3DvywXLj0xIKeyxIZeV+9Vok+nc2rFi73vkzesTZhdKlMWBYUqQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKOL7rZWjI8ciaeSU43cV0tQvlHAMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvbzR2dXRsYU1qeHlKcDVKVGpkeFhTMUMtVWNBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQATUs8MA0G
CSqGSIb3DQEBCwUAA4IBAQBXErj/AA2UzcWPhH+U9jqSbVDwMkYB7lpp2iiECymk
G+EK+557vjwuEiZlIMgHd763AqueRLnsMlVTWGJFoAR1ohpyDyFcznV4z0MHuLF9
PcheuKFThiDFeKzQ9HL+eru7xLvCpBaIfoefrJbDpM9oYLBYNTFjNAj3PflYGg0k
L+rMvkU1I1m+KqEUOpv4zfGGkMiUDeJSx2T4FrovGSn/jtsckojAQu13ZveFRXBZ
CszehgABz0xEHFF2ZK+MuPitZdrjc5nbJIgo2B63sv4FlJYCUx1EdrvHbSwSYm3j
zVfteb62EfqkaBFRcFwjAbQ71xhZasl/DRCuZ1Yo9mKT
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:48 2024 by rpki-client on console-fra.rpki-client.org