Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/278663-b135-4db1-a044-20624b3c157f/1/681JB38_pZIlCH0pgXqCqpBbO5g.roa
File: 681JB38_pZIlCH0pgXqCqpBbO5g.roa (raw, json)
Hash identifier: ZPcrMlStdN/NPKpiMfVA8DyHcImuWvpp9PdzfOBQ85c=
Subject key identifier: EB:CD:49:07:7F:3F:A5:92:25:08:7D:29:81:7A:82:AA:90:5B:3B:98
Certificate issuer: /CN=fb32e9f4aa32aba7312fab054b174dce8c515ca3
Certificate serial: 13478E3D
Authority key identifier: FB:32:E9:F4:AA:32:AB:A7:31:2F:AB:05:4B:17:4D:CE:8C:51:5C:A3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-zLp9Koyq6cxL6sFSxdNzoxRXKM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/278663-b135-4db1-a044-20624b3c157f/1/681JB38_pZIlCH0pgXqCqpBbO5g.roa
Signing time: Wed 30 Mar 2022 12:00:46 +0000
ROA not before: Wed 30 Mar 2022 12:00:46 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 42861
IP address blocks: 77.91.64.0/18 maxlen: 32
77.91.112.0/24 maxlen: 32
185.149.144.0/22 maxlen: 32
2a00:1e68:112::/48 maxlen: 128
2a00:1e68:100::/48 maxlen: 128
2a00:1e68:100::/47 maxlen: 128
2a00:1e68:101::/48 maxlen: 128
2a00:1e68::/29 maxlen: 128
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 323456573 (0x13478e3d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fb32e9f4aa32aba7312fab054b174dce8c515ca3
Validity
Not Before: Mar 30 12:00:46 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ebcd49077f3fa59225087d29817a82aa905b3b98
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:69:ea:ed:8c:4e:c5:dd:4c:c6:32:53:29:0b:
27:67:79:58:57:a9:9b:4b:48:2b:b5:43:cc:aa:ac:
a8:5b:d1:cd:a3:e3:9a:b0:cc:9c:05:c5:90:f9:a0:
b3:ba:cd:e6:ae:f5:d8:f7:9e:b2:26:b3:a2:b4:15:
e0:6c:8b:aa:aa:5f:3a:ea:21:b0:39:86:d0:e9:d5:
4f:7c:76:69:cd:25:55:6e:7c:fe:46:37:76:e2:16:
23:5d:e1:5f:3b:e6:af:b5:b5:11:f4:3e:d7:79:09:
29:70:52:79:d5:75:fc:47:fc:6d:ab:b3:88:38:9c:
15:62:48:40:4e:31:c0:28:1d:af:5e:0c:e1:48:15:
da:ad:3e:97:5c:cb:16:60:92:f0:73:dd:06:f7:9a:
a7:0c:82:fc:3b:0d:b1:2b:f6:b4:d0:2c:66:22:0f:
59:f3:3c:e4:68:c5:17:ea:ab:28:e7:58:5e:83:b9:
8b:1f:d7:c2:c0:6d:67:ab:3b:33:65:71:ce:9c:b3:
31:48:ea:c8:70:ab:30:41:40:fe:73:83:90:52:f8:
e9:03:8d:c1:f9:34:0d:95:f2:14:68:06:c6:22:2f:
c7:ab:7c:4f:62:93:58:67:17:1b:fc:08:fa:10:d4:
fe:51:d4:09:1f:a7:0f:ee:5e:e7:13:2a:e6:cb:dc:
f3:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:CD:49:07:7F:3F:A5:92:25:08:7D:29:81:7A:82:AA:90:5B:3B:98
X509v3 Authority Key Identifier:
keyid:FB:32:E9:F4:AA:32:AB:A7:31:2F:AB:05:4B:17:4D:CE:8C:51:5C:A3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-zLp9Koyq6cxL6sFSxdNzoxRXKM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/278663-b135-4db1-a044-20624b3c157f/1/681JB38_pZIlCH0pgXqCqpBbO5g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/278663-b135-4db1-a044-20624b3c157f/1/1-zLp9Koyq6cxL6sFSxdNzoxRXKM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.91.64.0/18
185.149.144.0/22
IPv6:
2a00:1e68::/29
Signature Algorithm: sha256WithRSAEncryption
b2:a7:e9:27:8e:6b:9b:dd:92:bc:a3:7f:fd:2f:d7:a8:46:7b:
84:ca:ae:a8:1a:11:ae:e2:7e:ce:13:9d:c2:11:35:9c:51:92:
a9:68:94:7a:d4:75:5b:c9:88:dd:27:bb:3f:ee:a7:38:f3:8a:
81:08:f1:22:5b:22:39:73:89:4f:7b:c4:1f:bc:4d:2d:66:cd:
04:90:cc:84:03:b6:cf:a3:5a:31:ed:e7:e7:e8:14:0d:6e:d5:
e8:98:7d:d7:ce:dd:11:f7:1b:85:d0:11:76:71:33:d4:72:98:
c1:f1:ca:1e:ea:af:e5:63:a6:fc:ad:c9:c5:bd:5f:68:c5:32:
08:bf:9f:4a:72:22:b5:10:9f:57:7d:09:d0:64:08:e2:e4:3c:
c3:38:b2:52:11:4c:e6:7a:1a:86:58:a5:8e:71:b9:b5:70:f5:
f3:a1:ec:b5:da:8a:b0:f7:9c:68:7e:cb:a6:23:4f:b0:06:41:
4f:6e:8d:9e:8a:f5:71:78:ff:29:fd:b2:5c:76:84:84:08:60:
30:43:01:f1:ca:58:64:68:31:21:75:3c:f3:60:f5:aa:e6:04:
9e:98:f6:31:86:2e:a4:2b:ae:a4:a9:74:da:11:21:09:0e:b6:
fa:1f:2b:af:99:24:f2:01:e3:8a:a0:ba:4c:cf:20:ac:76:ef:
99:67:fd:14
-----BEGIN CERTIFICATE-----
MIIFBjCCA+6gAwIBAgIEE0eOPTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
YjMyZTlmNGFhMzJhYmE3MzEyZmFiMDU0YjE3NGRjZThjNTE1Y2EzMB4XDTIyMDMz
MDEyMDA0NloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZWJjZDQ5MDc3ZjNm
YTU5MjI1MDg3ZDI5ODE3YTgyYWE5MDViM2I5ODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOJp6u2MTsXdTMYyUykLJ2d5WFepm0tIK7VDzKqsqFvRzaPj
mrDMnAXFkPmgs7rN5q712PeesiazorQV4GyLqqpfOuohsDmG0OnVT3x2ac0lVW58
/kY3duIWI13hXzvmr7W1EfQ+13kJKXBSedV1/Ef8bauziDicFWJIQE4xwCgdr14M
4UgV2q0+l1zLFmCS8HPdBveapwyC/DsNsSv2tNAsZiIPWfM85GjFF+qrKOdYXoO5
ix/XwsBtZ6s7M2VxzpyzMUjqyHCrMEFA/nODkFL46QONwfk0DZXyFGgGxiIvx6t8
T2KTWGcXG/wI+hDU/lHUCR+nD+5e5xMq5svc82ECAwEAAaOCAiAwggIcMB0GA1Ud
DgQWBBTrzUkHfz+lkiUIfSmBeoKqkFs7mDAfBgNVHSMEGDAWgBT7Mun0qjKrpzEv
qwVLF03OjFFcozAOBgNVHQ8BAf8EBAMCB4AwZQYIKwYBBQUHAQEEWTBXMFUGCCsG
AQUFBzAChklyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzEtekxwOUtveXE2Y3hMNnNGU3hkTnpveFJYS00uY2VyMIGNBggrBgEFBQcBCwSB
gDB+MHwGCCsGAQUFBzALhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS9ERUZBVUxUL2UyLzI3ODY2My1iMTM1LTRkYjEtYTA0NC0yMDYyNGIzYzE1N2Yv
MS82ODFKQjM4X3BaSWxDSDBwZ1hxQ3FwQmJPNWcucm9hMIGCBgNVHR8EezB5MHeg
daBzhnFyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2Uy
LzI3ODY2My1iMTM1LTRkYjEtYTA0NC0yMDYyNGIzYzE1N2YvMS8xLXpMcDlLb3lx
NmN4TDZzRlN4ZE56b3hSWEtNLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4C
MDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQGTVtAAwQCuZWQMA0EAgACMAcD
BQMqAB5oMA0GCSqGSIb3DQEBCwUAA4IBAQCyp+knjmub3ZK8o3/9L9eoRnuEyq6o
GhGu4n7OE53CETWcUZKpaJR61HVbyYjdJ7s/7qc484qBCPEiWyI5c4lPe8QfvE0t
Zs0EkMyEA7bPo1ox7efn6BQNbtXomH3Xzt0R9xuF0BF2cTPUcpjB8coe6q/lY6b8
rcnFvV9oxTIIv59KciK1EJ9XfQnQZAji5DzDOLJSEUzmehqGWKWOcbm1cPXzoey1
2oqw95xofsumI0+wBkFPbo2eivVxeP8p/bJcdoSECGAwQwHxylhkaDEhdTzzYPWq
5gSemPYxhi6kK66kqXTaESEJDrb6HyuvmSTyAeOKoLpMzyCsdu+ZZ/0U
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:09:06 2023 by rpki-client on console-ams.rpki-client.org