Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/278663-b135-4db1-a044-20624b3c157f/1/1-k8PE1zMLi3HVitd_vJotie03pw.roa
File: 1-k8PE1zMLi3HVitd_vJotie03pw.roa (raw, json)
Hash identifier: SHTX6Oz+aOxdO+GGxZZIMAQE2a3MhkNiaTbe9ksnvDU=
Subject key identifier: FA:4F:0F:13:5C:CC:2E:2D:C7:56:2B:5D:FE:F2:68:B6:27:B4:DE:9C
Certificate issuer: /CN=fb32e9f4aa32aba7312fab054b174dce8c515ca3
Certificate serial: 018570305C861DB3FF6F2FA6E952B3C92AF4
Authority key identifier: FB:32:E9:F4:AA:32:AB:A7:31:2F:AB:05:4B:17:4D:CE:8C:51:5C:A3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-zLp9Koyq6cxL6sFSxdNzoxRXKM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/278663-b135-4db1-a044-20624b3c157f/1/1-k8PE1zMLi3HVitd_vJotie03pw.roa
Signing time: Mon 02 Jan 2023 01:54:55 +0000
ROA not before: Mon 02 Jan 2023 01:54:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 50260
IP address blocks: 77.91.80.0/22 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:30:5c:86:1d:b3:ff:6f:2f:a6:e9:52:b3:c9:2a:f4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fb32e9f4aa32aba7312fab054b174dce8c515ca3
Validity
Not Before: Jan 2 01:54:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fa4f0f135ccc2e2dc7562b5dfef268b627b4de9c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:19:5d:bc:1b:52:dc:e0:7c:a9:64:34:bb:85:
b8:77:70:6e:79:6e:3e:3a:79:59:96:1c:96:33:63:
1a:3a:12:b5:22:6d:ab:5d:81:1d:35:8e:c9:16:c8:
f7:3a:96:1c:9a:27:3c:d6:8a:97:ba:00:84:5b:6a:
84:52:12:c8:65:68:ac:83:d9:dd:15:2d:cc:ce:17:
51:5b:cf:db:05:f0:26:8d:67:d9:c5:c0:80:62:33:
27:7f:3a:f6:0f:67:54:45:d5:5b:5a:53:a0:8f:30:
b6:79:a1:ff:cc:5b:b7:fa:20:23:2d:c2:76:a7:07:
cf:86:90:df:a2:5c:76:f5:4c:de:1c:f4:e0:2a:3f:
2e:03:df:f9:39:a6:db:06:cb:ce:b0:7c:ea:68:e7:
ba:17:12:7c:f1:26:81:4c:f4:38:3e:41:74:84:f4:
44:6c:6d:a9:c5:5a:45:9f:93:f3:71:a0:da:54:6e:
41:c6:2d:3e:28:b4:9c:f8:74:31:c4:76:1e:c3:d3:
e9:1f:6e:98:4f:c2:46:e1:9d:e7:a2:9c:5d:72:8a:
a3:dd:54:14:8c:a5:e8:88:79:82:f5:08:dd:a1:86:
e9:a8:bb:34:34:36:5f:bb:7e:9d:0b:b5:00:ff:53:
74:87:f6:31:d0:03:46:2c:28:a8:58:36:fc:33:2d:
78:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:4F:0F:13:5C:CC:2E:2D:C7:56:2B:5D:FE:F2:68:B6:27:B4:DE:9C
X509v3 Authority Key Identifier:
keyid:FB:32:E9:F4:AA:32:AB:A7:31:2F:AB:05:4B:17:4D:CE:8C:51:5C:A3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-zLp9Koyq6cxL6sFSxdNzoxRXKM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/278663-b135-4db1-a044-20624b3c157f/1/1-k8PE1zMLi3HVitd_vJotie03pw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/278663-b135-4db1-a044-20624b3c157f/1/1-zLp9Koyq6cxL6sFSxdNzoxRXKM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.91.80.0/22
Signature Algorithm: sha256WithRSAEncryption
5c:19:ea:c7:69:91:1c:a5:f5:2d:30:a7:9d:01:3f:fc:f5:6f:
3a:ba:3a:7d:44:41:1f:54:a8:0b:ab:86:98:ad:bd:74:01:72:
46:29:f8:c8:7a:34:50:36:6d:b2:60:6e:d3:0f:5c:8b:ba:8a:
4d:5d:53:91:0e:08:84:6f:fe:1a:90:b3:56:f9:16:33:37:12:
c9:ee:68:f1:5c:31:01:a5:7f:05:4d:ab:74:88:1f:9f:4c:97:
7c:de:de:2d:0c:be:f3:5c:bb:ea:de:bd:19:59:2c:8a:bb:b0:
2c:fd:86:bf:2e:15:a2:c3:73:66:17:ba:07:5b:dc:5b:23:ef:
df:74:63:53:ac:13:97:59:ee:7a:7b:f3:32:bf:fe:ce:23:52:
eb:f3:2e:d8:42:6c:4e:52:25:f7:a8:39:d6:58:11:58:ce:4d:
2e:42:18:3a:b7:88:3c:94:e5:e6:2f:7f:be:8a:c4:3a:a8:fd:
e1:b7:04:50:fe:43:34:d3:90:4c:cb:cb:ff:23:f4:16:6b:5b:
9e:c2:a0:fd:83:50:87:2d:da:04:95:c0:84:83:34:1d:67:74:
e8:2b:46:66:db:88:a9:9b:ee:44:31:fe:4f:4e:5a:d7:4f:37:
14:ea:cb:21:d7:80:08:ca:aa:dd:cf:cd:9f:a8:c6:ee:d4:3d:
5e:db:57:42
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVwMFyGHbP/by+m6VKzySr0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZiMzJlOWY0YWEzMmFiYTczMTJmYWIwNTRiMTc0ZGNlOGM1
MTVjYTMwHhcNMjMwMTAyMDE1NDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYTRmMGYxMzVjY2MyZTJkYzc1NjJiNWRmZWYyNjhiNjI3YjRkZTljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwxldvBtS3OB8qWQ0u4W4d3BueW4+
OnlZlhyWM2MaOhK1Im2rXYEdNY7JFsj3OpYcmic81oqXugCEW2qEUhLIZWisg9nd
FS3MzhdRW8/bBfAmjWfZxcCAYjMnfzr2D2dURdVbWlOgjzC2eaH/zFu3+iAjLcJ2
pwfPhpDfolx29UzeHPTgKj8uA9/5OabbBsvOsHzqaOe6FxJ88SaBTPQ4PkF0hPRE
bG2pxVpFn5PzcaDaVG5Bxi0+KLSc+HQxxHYew9PpH26YT8JG4Z3nopxdcoqj3VQU
jKXoiHmC9QjdoYbpqLs0NDZfu36dC7UA/1N0h/Yx0ANGLCioWDb8My14gwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFPpPDxNczC4tx1YrXf7yaLYntN6cMB8GA1UdIwQY
MBaAFPsy6fSqMqunMS+rBUsXTc6MUVyjMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS16THA5S295cTZjeEw2c0ZTeGROem94UlhLTS5jZXIw
gY4GCCsGAQUFBwELBIGBMH8wfQYIKwYBBQUHMAuGcXJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZTIvMjc4NjYzLWIxMzUtNGRiMS1hMDQ0
LTIwNjI0YjNjMTU3Zi8xLzEtazhQRTF6TUxpM0hWaXRkX3ZKb3RpZTAzcHcucm9h
MIGCBgNVHR8EezB5MHegdaBzhnFyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3Np
dG9yeS9ERUZBVUxUL2UyLzI3ODY2My1iMTM1LTRkYjEtYTA0NC0yMDYyNGIzYzE1
N2YvMS8xLXpMcDlLb3lxNmN4TDZzRlN4ZE56b3hSWEtNLmNybDAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCTVtQ
MA0GCSqGSIb3DQEBCwUAA4IBAQBcGerHaZEcpfUtMKedAT/89W86ujp9REEfVKgL
q4aYrb10AXJGKfjIejRQNm2yYG7TD1yLuopNXVORDgiEb/4akLNW+RYzNxLJ7mjx
XDEBpX8FTat0iB+fTJd83t4tDL7zXLvq3r0ZWSyKu7As/Ya/LhWiw3NmF7oHW9xb
I+/fdGNTrBOXWe56e/Myv/7OI1Lr8y7YQmxOUiX3qDnWWBFYzk0uQhg6t4g8lOXm
L3++isQ6qP3htwRQ/kM005BMy8v/I/QWa1uewqD9g1CHLdoElcCEgzQdZ3ToK0Zm
24ipm+5EMf5PTlrXTzcU6ssh14AIyqrdz82fqMbu1D1e21dC
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:05:16 2023 by rpki-client on console-fra.rpki-client.org