Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/278663-b135-4db1-a044-20624b3c157f/1/6lfxEOsto5MgT_0EYcwzYPfpoDU.roa
File: 6lfxEOsto5MgT_0EYcwzYPfpoDU.roa (raw, json)
Hash identifier: 4QaC2ekXHC1MdpXi1jLRy2gfSLjoRt9v1i8yZvpvJTs=
Subject key identifier: EA:57:F1:10:EB:2D:A3:93:20:4F:FD:04:61:CC:33:60:F7:E9:A0:35
Certificate issuer: /CN=fb32e9f4aa32aba7312fab054b174dce8c515ca3
Certificate serial: 01866F98869250D1EBF7E484BAE295A2866D
Authority key identifier: FB:32:E9:F4:AA:32:AB:A7:31:2F:AB:05:4B:17:4D:CE:8C:51:5C:A3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-zLp9Koyq6cxL6sFSxdNzoxRXKM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/278663-b135-4db1-a044-20624b3c157f/1/6lfxEOsto5MgT_0EYcwzYPfpoDU.roa
Signing time: Mon 20 Feb 2023 16:11:52 +0000
ROA not before: Mon 20 Feb 2023 16:11:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43624
IP address blocks: 77.91.75.0/24 maxlen: 24
77.91.74.0/24 maxlen: 24
77.91.73.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:6f:98:86:92:50:d1:eb:f7:e4:84:ba:e2:95:a2:86:6d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fb32e9f4aa32aba7312fab054b174dce8c515ca3
Validity
Not Before: Feb 20 16:11:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ea57f110eb2da393204ffd0461cc3360f7e9a035
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:13:4c:85:ff:0f:d3:07:0c:07:a3:40:18:0b:
58:6c:2e:3b:65:88:93:f9:90:27:81:63:ea:b3:26:
c0:dc:a6:a2:10:56:20:21:39:79:e0:b5:17:72:f9:
29:62:16:a5:cf:5a:a3:8a:fb:27:b3:f2:14:f3:cc:
73:ca:5a:76:fe:bd:58:ba:e7:76:04:8f:04:e7:10:
fb:80:5d:ea:fb:fa:c7:30:8d:94:82:f0:55:32:cc:
20:c8:31:19:ef:53:e3:8f:f6:24:35:35:77:56:cf:
bb:27:6f:8e:b1:e3:31:79:68:62:64:5a:57:82:d6:
a9:53:d0:8d:22:39:06:20:4d:c5:78:e5:4b:f9:1c:
0d:cb:8f:41:0f:77:b7:e2:c3:df:f5:71:be:78:67:
f0:c8:af:cb:d2:93:46:38:f8:05:3a:46:2a:43:11:
ac:53:3c:35:b7:25:e0:01:39:bc:1d:11:52:be:da:
73:53:db:4d:c4:f6:98:4b:22:b9:2f:2c:ec:7c:9c:
ac:63:a8:bb:39:29:ac:bc:3f:dc:1d:07:b3:33:06:
d4:77:14:eb:74:8b:75:46:93:ff:c3:6a:c6:04:37:
53:31:0f:8e:a6:82:19:5f:86:86:9a:81:d2:d8:83:
80:d4:a1:d5:26:c5:af:15:8a:7e:25:4d:1a:a1:eb:
12:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EA:57:F1:10:EB:2D:A3:93:20:4F:FD:04:61:CC:33:60:F7:E9:A0:35
X509v3 Authority Key Identifier:
keyid:FB:32:E9:F4:AA:32:AB:A7:31:2F:AB:05:4B:17:4D:CE:8C:51:5C:A3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-zLp9Koyq6cxL6sFSxdNzoxRXKM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/278663-b135-4db1-a044-20624b3c157f/1/6lfxEOsto5MgT_0EYcwzYPfpoDU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/278663-b135-4db1-a044-20624b3c157f/1/1-zLp9Koyq6cxL6sFSxdNzoxRXKM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.91.73.0-77.91.75.255
Signature Algorithm: sha256WithRSAEncryption
86:03:4b:2f:b7:ba:d9:5d:34:97:6b:13:25:4b:7a:73:05:bd:
3a:a5:5a:4b:df:a0:85:bd:df:bd:31:2a:4f:fb:42:0e:45:7c:
66:58:4c:f0:20:53:f0:d2:86:fb:89:5a:81:7e:ea:51:4b:75:
23:1d:8c:8c:c0:b6:50:c1:94:ce:00:32:eb:ce:cd:ac:eb:1b:
d8:de:38:29:c8:da:53:28:2c:83:c9:35:6a:a4:d1:4a:5e:a4:
bb:ef:d2:eb:30:d4:1d:a6:fb:66:10:0d:7c:12:df:1c:1a:7f:
17:a3:b0:30:64:23:b2:d7:31:38:8a:cd:97:5b:53:d5:01:22:
33:5e:19:d3:bf:8b:4c:a2:7d:4c:10:ea:08:e8:b2:5c:b0:53:
92:a1:1f:47:43:7f:58:a9:67:72:08:85:19:ba:ae:05:da:ac:
30:8d:0d:35:94:54:e6:4d:16:28:6d:97:c5:44:92:6d:1b:e4:
ef:51:2d:71:1f:29:93:98:1a:68:64:95:ac:36:6d:b8:a7:d8:
02:c1:90:b2:2a:a4:85:46:6a:60:21:fa:09:20:ca:a4:c1:66:
bd:42:d9:32:a8:ba:b5:f2:6f:39:fa:63:50:49:46:47:3c:af:
5f:47:2c:96:cc:2a:31:05:37:fc:03:b3:10:96:cd:59:02:94:
f5:b2:f5:e5
-----BEGIN CERTIFICATE-----
MIIFBzCCA++gAwIBAgISAYZvmIaSUNHr9+SEuuKVooZtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZiMzJlOWY0YWEzMmFiYTczMTJmYWIwNTRiMTc0ZGNlOGM1
MTVjYTMwHhcNMjMwMjIwMTYxMTUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYTU3ZjExMGViMmRhMzkzMjA0ZmZkMDQ2MWNjMzM2MGY3ZTlhMDM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgBNMhf8P0wcMB6NAGAtYbC47ZYiT
+ZAngWPqsybA3KaiEFYgITl54LUXcvkpYhalz1qjivsns/IU88xzylp2/r1Yuud2
BI8E5xD7gF3q+/rHMI2UgvBVMswgyDEZ71Pjj/YkNTV3Vs+7J2+OseMxeWhiZFpX
gtapU9CNIjkGIE3FeOVL+RwNy49BD3e34sPf9XG+eGfwyK/L0pNGOPgFOkYqQxGs
Uzw1tyXgATm8HRFSvtpzU9tNxPaYSyK5LyzsfJysY6i7OSmsvD/cHQezMwbUdxTr
dIt1RpP/w2rGBDdTMQ+OpoIZX4aGmoHS2IOA1KHVJsWvFYp+JU0aoesSuwIDAQAB
o4ICEzCCAg8wHQYDVR0OBBYEFOpX8RDrLaOTIE/9BGHMM2D36aA1MB8GA1UdIwQY
MBaAFPsy6fSqMqunMS+rBUsXTc6MUVyjMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS16THA5S295cTZjeEw2c0ZTeGROem94UlhLTS5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZTIvMjc4NjYzLWIxMzUtNGRiMS1hMDQ0
LTIwNjI0YjNjMTU3Zi8xLzZsZnhFT3N0bzVNZ1RfMEVZY3d6WVBmcG9EVS5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvZTIvMjc4NjYzLWIxMzUtNGRiMS1hMDQ0LTIwNjI0YjNjMTU3
Zi8xLzEtekxwOUtveXE2Y3hMNnNGU3hkTnpveFJYS00uY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwJwYIKwYBBQUHAQcBAf8EGDAWMBQEAgABMA4wDAMEAE1b
SQMEAk1bSDANBgkqhkiG9w0BAQsFAAOCAQEAhgNLL7e62V00l2sTJUt6cwW9OqVa
S9+ghb3fvTEqT/tCDkV8ZlhM8CBT8NKG+4lagX7qUUt1Ix2MjMC2UMGUzgAy687N
rOsb2N44KcjaUygsg8k1aqTRSl6ku+/S6zDUHab7ZhANfBLfHBp/F6OwMGQjstcx
OIrNl1tT1QEiM14Z07+LTKJ9TBDqCOiyXLBTkqEfR0N/WKlncgiFGbquBdqsMI0N
NZRU5k0WKG2XxUSSbRvk71EtcR8pk5gaaGSVrDZtuKfYAsGQsiqkhUZqYCH6CSDK
pMFmvULZMqi6tfJvOfpjUElGRzyvX0cslswqMQU3/AOzEJbNWQKU9bL15Q==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:09:06 2023 by rpki-client on console-ams.rpki-client.org