Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/278663-b135-4db1-a044-20624b3c157f/1/1-vcWWARavz2SAFO3S-Inr-uHrOQ.roa
File: 1-vcWWARavz2SAFO3S-Inr-uHrOQ.roa (raw, json)
Hash identifier: gfLwSbA4zDvhAXrvrmOFpJ5WCE3QA6tA49Xq8vyPrVc=
Subject key identifier: FA:F7:16:58:04:5A:BF:3D:92:00:53:B7:4B:E2:27:AF:EB:87:AC:E4
Certificate issuer: /CN=fb32e9f4aa32aba7312fab054b174dce8c515ca3
Certificate serial: 018570305EDDE290EB357AD76C3BA311C436
Authority key identifier: FB:32:E9:F4:AA:32:AB:A7:31:2F:AB:05:4B:17:4D:CE:8C:51:5C:A3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-zLp9Koyq6cxL6sFSxdNzoxRXKM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/278663-b135-4db1-a044-20624b3c157f/1/1-vcWWARavz2SAFO3S-Inr-uHrOQ.roa
Signing time: Mon 02 Jan 2023 01:54:56 +0000
ROA not before: Mon 02 Jan 2023 01:54:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 56975
IP address blocks: 77.91.84.0/22 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:30:5e:dd:e2:90:eb:35:7a:d7:6c:3b:a3:11:c4:36
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fb32e9f4aa32aba7312fab054b174dce8c515ca3
Validity
Not Before: Jan 2 01:54:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=faf71658045abf3d920053b74be227afeb87ace4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:2c:66:11:d4:09:35:8c:e4:f0:f9:a9:42:5f:
8a:9c:31:bd:51:96:f3:24:9f:e3:d8:9a:46:cc:de:
a5:fc:d4:09:4f:21:33:41:c2:34:05:46:8f:c3:ea:
1c:6f:0d:da:6d:e7:5f:00:99:bb:43:c9:44:25:b2:
04:db:48:69:61:f3:55:9d:d3:3d:a3:bd:89:de:95:
ff:4d:b5:9b:2e:04:3b:c5:be:1b:6e:e0:27:75:55:
17:50:78:07:84:a6:6e:30:57:5f:9f:ef:39:e3:65:
ac:90:6f:f0:b6:57:32:c6:57:7b:ed:fc:26:fa:67:
65:a0:e2:ae:a0:52:85:6f:a6:3e:84:88:d2:ef:ab:
0e:8b:1a:99:a8:44:84:6a:fd:a9:e6:83:5d:31:48:
df:b8:bf:4e:31:67:46:a2:ff:16:ac:0c:35:a7:a5:
bb:4d:8c:93:6d:2e:1d:34:c3:ec:00:a8:0c:42:47:
a1:24:2c:29:61:53:c5:6b:5e:ee:b4:e2:77:88:9d:
29:7b:6d:b1:17:b0:f3:8e:d1:2f:ae:20:eb:d2:ec:
15:5d:9f:e0:1e:0a:f1:25:51:4c:0d:fb:1b:de:5d:
bc:6a:a0:c0:48:ca:99:19:7e:bc:b2:97:3a:89:3c:
2f:48:5a:c1:e1:9c:a8:ff:ec:04:11:12:65:1a:23:
92:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:F7:16:58:04:5A:BF:3D:92:00:53:B7:4B:E2:27:AF:EB:87:AC:E4
X509v3 Authority Key Identifier:
keyid:FB:32:E9:F4:AA:32:AB:A7:31:2F:AB:05:4B:17:4D:CE:8C:51:5C:A3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-zLp9Koyq6cxL6sFSxdNzoxRXKM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/278663-b135-4db1-a044-20624b3c157f/1/1-vcWWARavz2SAFO3S-Inr-uHrOQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/278663-b135-4db1-a044-20624b3c157f/1/1-zLp9Koyq6cxL6sFSxdNzoxRXKM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.91.84.0/22
Signature Algorithm: sha256WithRSAEncryption
95:e3:59:6e:a8:1a:90:6b:f5:24:f3:c3:af:08:51:e2:f8:f1:
2f:4b:c5:b6:c7:d7:b5:db:b9:c6:f1:b9:c8:3e:1b:d6:de:f6:
71:5c:5a:f4:ab:f2:a7:18:6e:67:20:36:bd:af:47:55:5e:7c:
e0:ce:6f:ea:bc:53:f1:b6:0f:7a:88:42:3d:5f:5c:82:91:9c:
9e:6f:fe:a9:3f:4d:27:b8:39:bb:59:37:ca:60:80:77:94:bd:
2e:65:37:d2:2d:68:46:87:d5:ff:0e:84:91:cf:91:b5:fe:f2:
4b:58:6b:41:31:59:ef:a1:86:cb:aa:8d:8b:96:02:a7:00:e0:
1e:5a:2e:0d:b1:7c:bd:e1:7e:2f:7e:68:82:cf:09:5d:75:9e:
9c:fe:aa:d9:94:6a:0b:ca:7f:8b:69:e8:86:4d:ea:54:04:c3:
35:68:90:6a:21:ea:79:16:08:25:87:1c:32:38:32:53:97:c4:
4e:aa:6b:22:fb:c3:80:be:a3:99:7f:f2:ba:72:f0:8d:94:a8:
d4:9f:d6:ca:fe:35:ac:a6:a7:28:33:1c:a7:a6:89:62:9f:59:
e9:2d:7a:5d:3f:67:eb:07:06:65:cd:24:df:8f:8f:57:e6:fe:
2e:4b:62:9f:b7:40:0b:36:d9:84:a9:81:80:ba:7d:3c:0e:1b:
1e:5b:1d:10
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVwMF7d4pDrNXrXbDujEcQ2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZiMzJlOWY0YWEzMmFiYTczMTJmYWIwNTRiMTc0ZGNlOGM1
MTVjYTMwHhcNMjMwMTAyMDE1NDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYWY3MTY1ODA0NWFiZjNkOTIwMDUzYjc0YmUyMjdhZmViODdhY2U0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkixmEdQJNYzk8PmpQl+KnDG9UZbz
JJ/j2JpGzN6l/NQJTyEzQcI0BUaPw+ocbw3abedfAJm7Q8lEJbIE20hpYfNVndM9
o72J3pX/TbWbLgQ7xb4bbuAndVUXUHgHhKZuMFdfn+8542WskG/wtlcyxld77fwm
+mdloOKuoFKFb6Y+hIjS76sOixqZqESEav2p5oNdMUjfuL9OMWdGov8WrAw1p6W7
TYyTbS4dNMPsAKgMQkehJCwpYVPFa17utOJ3iJ0pe22xF7DzjtEvriDr0uwVXZ/g
HgrxJVFMDfsb3l28aqDASMqZGX68spc6iTwvSFrB4Zyo/+wEERJlGiOS0wIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFPr3FlgEWr89kgBTt0viJ6/rh6zkMB8GA1UdIwQY
MBaAFPsy6fSqMqunMS+rBUsXTc6MUVyjMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS16THA5S295cTZjeEw2c0ZTeGROem94UlhLTS5jZXIw
gY4GCCsGAQUFBwELBIGBMH8wfQYIKwYBBQUHMAuGcXJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZTIvMjc4NjYzLWIxMzUtNGRiMS1hMDQ0
LTIwNjI0YjNjMTU3Zi8xLzEtdmNXV0FSYXZ6MlNBRk8zUy1JbnItdUhyT1Eucm9h
MIGCBgNVHR8EezB5MHegdaBzhnFyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3Np
dG9yeS9ERUZBVUxUL2UyLzI3ODY2My1iMTM1LTRkYjEtYTA0NC0yMDYyNGIzYzE1
N2YvMS8xLXpMcDlLb3lxNmN4TDZzRlN4ZE56b3hSWEtNLmNybDAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCTVtU
MA0GCSqGSIb3DQEBCwUAA4IBAQCV41luqBqQa/Uk88OvCFHi+PEvS8W2x9e127nG
8bnIPhvW3vZxXFr0q/KnGG5nIDa9r0dVXnzgzm/qvFPxtg96iEI9X1yCkZyeb/6p
P00nuDm7WTfKYIB3lL0uZTfSLWhGh9X/DoSRz5G1/vJLWGtBMVnvoYbLqo2LlgKn
AOAeWi4NsXy94X4vfmiCzwlddZ6c/qrZlGoLyn+LaeiGTepUBMM1aJBqIep5Fggl
hxwyODJTl8ROqmsi+8OAvqOZf/K6cvCNlKjUn9bK/jWspqcoMxynpolin1npLXpd
P2frBwZlzSTfj49X5v4uS2Kft0ALNtmEqYGAun08DhseWx0Q
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:09:06 2023 by rpki-client on console-ams.rpki-client.org