Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/278663-b135-4db1-a044-20624b3c157f/1/4KH92rOnf6gchwxWjJf5mK9EaZw.roa
File: 4KH92rOnf6gchwxWjJf5mK9EaZw.roa (raw, json)
Hash identifier: oTg+2SjYrybyFylnBNkzMZtIiRh6P5VyW9DEp1npt2g=
Subject key identifier: E0:A1:FD:DA:B3:A7:7F:A8:1C:87:0C:56:8C:97:F9:98:AF:44:69:9C
Certificate issuer: /CN=fb32e9f4aa32aba7312fab054b174dce8c515ca3
Certificate serial: 018693E5D0798B030E9BEEAFB910DE95EB71
Authority key identifier: FB:32:E9:F4:AA:32:AB:A7:31:2F:AB:05:4B:17:4D:CE:8C:51:5C:A3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-zLp9Koyq6cxL6sFSxdNzoxRXKM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/278663-b135-4db1-a044-20624b3c157f/1/4KH92rOnf6gchwxWjJf5mK9EaZw.roa
Signing time: Mon 27 Feb 2023 17:22:37 +0000
ROA not before: Mon 27 Feb 2023 17:22:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 44477
IP address blocks: 77.91.75.0/24 maxlen: 24
77.91.72.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:93:e5:d0:79:8b:03:0e:9b:ee:af:b9:10:de:95:eb:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fb32e9f4aa32aba7312fab054b174dce8c515ca3
Validity
Not Before: Feb 27 17:22:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e0a1fddab3a77fa81c870c568c97f998af44699c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:b8:00:f2:a4:08:30:b7:d7:c6:ac:63:e9:82:
e3:32:ff:33:69:aa:1b:d7:b7:32:1d:b2:37:13:f0:
bf:07:1b:88:8a:e3:86:39:fd:a4:3f:ad:72:98:fc:
bf:e1:a8:b3:fc:94:21:d8:ee:54:5b:fb:a3:37:49:
37:34:69:25:6e:a4:b6:9e:6f:3e:3b:e9:8c:c4:d4:
58:3c:8a:dc:8f:72:04:9b:11:59:67:95:04:00:59:
99:43:8a:f1:80:c7:28:01:3a:2b:45:f6:b6:ef:f5:
31:7e:14:67:ef:0c:dd:ca:06:93:d9:36:99:d3:35:
00:3a:fd:13:2d:0d:ac:e2:94:02:5d:19:5b:8d:e1:
18:92:58:c8:75:2d:51:f3:b7:7d:d0:8f:5d:6e:b8:
0d:9a:6e:a5:ad:60:2f:23:1e:df:01:c2:39:fc:ac:
98:0a:74:11:fe:4b:0d:88:27:fb:7d:75:12:00:ef:
60:f1:b2:10:b9:b3:39:a6:bb:b9:e5:04:28:26:48:
c4:bc:2c:68:c0:a2:3c:2f:9b:fd:12:a4:5b:13:22:
5b:4d:c0:48:c2:f8:c3:0f:ef:21:1f:32:88:32:81:
a0:f5:2e:76:63:bd:2f:16:3b:b9:af:1f:12:6e:93:
54:36:f5:3c:6c:55:ec:02:cc:9d:25:6d:7e:8e:23:
0f:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:A1:FD:DA:B3:A7:7F:A8:1C:87:0C:56:8C:97:F9:98:AF:44:69:9C
X509v3 Authority Key Identifier:
keyid:FB:32:E9:F4:AA:32:AB:A7:31:2F:AB:05:4B:17:4D:CE:8C:51:5C:A3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-zLp9Koyq6cxL6sFSxdNzoxRXKM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/278663-b135-4db1-a044-20624b3c157f/1/4KH92rOnf6gchwxWjJf5mK9EaZw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/278663-b135-4db1-a044-20624b3c157f/1/1-zLp9Koyq6cxL6sFSxdNzoxRXKM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.91.72.0/24
77.91.75.0/24
Signature Algorithm: sha256WithRSAEncryption
b9:d0:b0:4c:67:4a:c1:07:ec:41:65:35:a5:c4:7a:68:d1:06:
dc:5f:83:2b:f6:80:2b:01:03:81:55:c8:16:b4:09:48:22:33:
ef:bd:eb:47:bc:fc:11:74:dd:fc:a8:b8:a2:30:8e:67:43:c6:
d3:51:b6:71:58:31:95:9c:c0:b4:e8:28:0f:c0:a4:b6:58:f4:
33:55:0b:62:15:0a:d0:c6:1c:b7:1b:cf:24:2a:78:a6:77:fa:
a7:d4:90:29:8f:79:dd:cc:3d:7f:c6:2f:11:16:85:8a:79:28:
99:0c:bc:3d:e8:a5:f7:4c:fc:23:95:04:bf:7f:15:a0:9f:37:
f3:6a:2d:b9:24:f6:03:61:a8:84:cb:84:bf:1c:a5:4a:40:eb:
bd:13:6b:3d:ef:6f:95:9c:8a:c9:77:d0:99:9c:4c:1e:31:7c:
79:83:b2:76:a9:1a:4c:6e:60:d7:bc:a9:a4:a8:7a:db:c7:ae:
b8:ae:1d:4c:9d:6f:db:d8:d0:8c:9c:ce:ed:42:b7:23:42:17:
6f:a7:67:d8:15:d6:ec:67:be:a0:b2:ca:d5:ed:85:33:80:3f:
55:05:ef:b3:64:a0:aa:6a:50:47:c7:3d:06:02:ad:9c:92:23:
4b:1d:35:97:da:7d:98:2e:e7:a1:20:9b:87:7e:17:c9:f3:87:
2c:de:48:93
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYaT5dB5iwMOm+6vuRDeletxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZiMzJlOWY0YWEzMmFiYTczMTJmYWIwNTRiMTc0ZGNlOGM1
MTVjYTMwHhcNMjMwMjI3MTcyMjM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMGExZmRkYWIzYTc3ZmE4MWM4NzBjNTY4Yzk3Zjk5OGFmNDQ2OTljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArbgA8qQIMLfXxqxj6YLjMv8zaaob
17cyHbI3E/C/BxuIiuOGOf2kP61ymPy/4aiz/JQh2O5UW/ujN0k3NGklbqS2nm8+
O+mMxNRYPIrcj3IEmxFZZ5UEAFmZQ4rxgMcoATorRfa27/UxfhRn7wzdygaT2TaZ
0zUAOv0TLQ2s4pQCXRlbjeEYkljIdS1R87d90I9dbrgNmm6lrWAvIx7fAcI5/KyY
CnQR/ksNiCf7fXUSAO9g8bIQubM5pru55QQoJkjEvCxowKI8L5v9EqRbEyJbTcBI
wvjDD+8hHzKIMoGg9S52Y70vFju5rx8SbpNUNvU8bFXsAsydJW1+jiMP4QIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFOCh/dqzp3+oHIcMVoyX+ZivRGmcMB8GA1UdIwQY
MBaAFPsy6fSqMqunMS+rBUsXTc6MUVyjMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS16THA5S295cTZjeEw2c0ZTeGROem94UlhLTS5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZTIvMjc4NjYzLWIxMzUtNGRiMS1hMDQ0
LTIwNjI0YjNjMTU3Zi8xLzRLSDkyck9uZjZnY2h3eFdqSmY1bUs5RWFady5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvZTIvMjc4NjYzLWIxMzUtNGRiMS1hMDQ0LTIwNjI0YjNjMTU3
Zi8xLzEtekxwOUtveXE2Y3hMNnNGU3hkTnpveFJYS00uY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwJQYIKwYBBQUHAQcBAf8EFjAUMBIEAgABMAwDBABNW0gD
BABNW0swDQYJKoZIhvcNAQELBQADggEBALnQsExnSsEH7EFlNaXEemjRBtxfgyv2
gCsBA4FVyBa0CUgiM++960e8/BF03fyouKIwjmdDxtNRtnFYMZWcwLToKA/ApLZY
9DNVC2IVCtDGHLcbzyQqeKZ3+qfUkCmPed3MPX/GLxEWhYp5KJkMvD3opfdM/COV
BL9/FaCfN/NqLbkk9gNhqITLhL8cpUpA670Taz3vb5Wcisl30JmcTB4xfHmDsnap
GkxuYNe8qaSoetvHrriuHUydb9vY0Iyczu1CtyNCF2+nZ9gV1uxnvqCyytXthTOA
P1UF77NkoKpqUEfHPQYCrZySI0sdNZfafZgu56Egm4d+F8nzhyzeSJM=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:48:57 2024 by rpki-client on console-ams.rpki-client.org