Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/278663-b135-4db1-a044-20624b3c157f/1/9HO_Ynz1eTAci2IoNDcPr8oUqLw.roa
File: 9HO_Ynz1eTAci2IoNDcPr8oUqLw.roa (raw, json)
Hash identifier: AvGbhkw+NT+uyQk47FxYCezZVhAQ585s5vcJGy0Y77Y=
Subject key identifier: F4:73:BF:62:7C:F5:79:30:1C:8B:62:28:34:37:0F:AF:CA:14:A8:BC
Certificate issuer: /CN=fb32e9f4aa32aba7312fab054b174dce8c515ca3
Certificate serial: 01857030632C208AA9E4EF757B9BFFBFCCCC
Authority key identifier: FB:32:E9:F4:AA:32:AB:A7:31:2F:AB:05:4B:17:4D:CE:8C:51:5C:A3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-zLp9Koyq6cxL6sFSxdNzoxRXKM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/278663-b135-4db1-a044-20624b3c157f/1/9HO_Ynz1eTAci2IoNDcPr8oUqLw.roa
Signing time: Mon 02 Jan 2023 01:54:57 +0000
ROA not before: Mon 02 Jan 2023 01:54:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207168
IP address blocks: 77.91.98.0/23 maxlen: 32
77.91.125.0/24 maxlen: 32
2a00:1e68:125::/48 maxlen: 128
2a00:1e68:98::/47 maxlen: 128
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:30:63:2c:20:8a:a9:e4:ef:75:7b:9b:ff:bf:cc:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fb32e9f4aa32aba7312fab054b174dce8c515ca3
Validity
Not Before: Jan 2 01:54:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f473bf627cf579301c8b622834370fafca14a8bc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:28:0e:4c:8e:4b:f0:45:86:e7:19:b7:d6:57:
45:a5:28:82:f3:79:3f:4e:f9:34:b5:26:eb:7f:06:
3f:c5:a4:24:5b:f8:30:64:9f:b9:0f:17:7d:a1:99:
36:e9:61:c0:f4:13:3c:10:46:45:54:62:46:6d:fd:
4b:83:52:76:9c:d7:bc:97:18:fb:9b:82:ee:16:35:
bd:04:68:67:42:d0:13:f9:29:b5:72:e4:28:5a:9d:
65:b5:49:60:f6:7c:58:b7:0b:aa:5c:e3:48:16:57:
de:96:a7:f3:0b:d5:1c:42:dd:d1:3c:fc:d3:ab:4f:
49:0e:61:6d:5a:1a:b0:17:e5:49:81:22:dc:6e:f5:
18:8d:4e:b3:32:6b:79:c3:78:cd:b6:25:76:69:6e:
90:f9:03:da:b9:11:ac:e5:90:f9:8d:7b:a6:45:3d:
06:7c:66:2b:ed:f7:bc:b2:08:f6:a9:3d:0f:82:3a:
c3:db:57:61:ee:0c:3d:bc:c4:a3:d8:e0:46:0c:e2:
1a:4e:ab:05:44:95:e2:3a:fc:34:ac:96:e4:b6:23:
b4:93:a5:12:af:60:a8:72:39:f9:dd:12:3c:9d:3a:
09:46:22:c0:99:4e:80:c9:6a:56:ee:29:5d:7d:a5:
66:de:16:fd:6c:68:cb:2e:34:7a:11:fc:88:92:38:
3a:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:73:BF:62:7C:F5:79:30:1C:8B:62:28:34:37:0F:AF:CA:14:A8:BC
X509v3 Authority Key Identifier:
keyid:FB:32:E9:F4:AA:32:AB:A7:31:2F:AB:05:4B:17:4D:CE:8C:51:5C:A3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-zLp9Koyq6cxL6sFSxdNzoxRXKM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/278663-b135-4db1-a044-20624b3c157f/1/9HO_Ynz1eTAci2IoNDcPr8oUqLw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/278663-b135-4db1-a044-20624b3c157f/1/1-zLp9Koyq6cxL6sFSxdNzoxRXKM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.91.98.0/23
77.91.125.0/24
IPv6:
2a00:1e68:98::/47
2a00:1e68:125::/48
Signature Algorithm: sha256WithRSAEncryption
ba:16:f0:c5:fa:09:dc:67:5e:79:a8:2c:eb:a4:0e:62:bf:89:
b2:70:42:d3:3f:cb:dd:c9:d1:57:22:a1:ee:60:8a:b9:0d:10:
1d:bb:bc:0e:1e:ee:5b:06:03:77:eb:26:36:5b:8f:9c:a3:30:
dc:1a:fb:a0:1f:10:75:de:e9:60:a4:c2:76:79:d2:e7:24:98:
4d:95:94:0d:e1:41:00:73:d9:8e:90:f2:b6:71:52:8c:7a:d6:
f7:76:37:ec:79:21:4f:ed:71:9f:0e:e0:be:a1:7c:20:76:b8:
ce:29:a5:82:a9:d0:e2:e8:af:c1:99:df:45:04:c9:0c:e9:25:
40:b8:f5:94:4f:cf:ed:d7:d8:61:43:6a:84:64:28:68:85:98:
d9:1c:11:79:ab:25:5e:bf:3e:f6:a5:cf:4f:28:ca:31:90:31:
4e:5b:09:b1:a7:29:b2:c8:12:d6:95:36:65:12:45:52:60:be:
f5:a3:73:3f:69:6f:c9:d3:64:63:69:8e:df:49:fa:32:51:f1:
f8:54:d5:27:57:c1:d8:96:e1:37:1d:34:2c:17:32:a6:d7:af:
5e:68:73:31:07:8c:51:9b:ab:dd:73:49:f5:06:57:9f:2d:a4:
37:49:58:23:3a:d5:ac:9f:2e:5e:c3:18:90:12:04:77:69:f5:
27:d1:68:29
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAYVwMGMsIIqp5O91e5v/v8zMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZiMzJlOWY0YWEzMmFiYTczMTJmYWIwNTRiMTc0ZGNlOGM1
MTVjYTMwHhcNMjMwMTAyMDE1NDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNDczYmY2MjdjZjU3OTMwMWM4YjYyMjgzNDM3MGZhZmNhMTRhOGJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjygOTI5L8EWG5xm31ldFpSiC83k/
Tvk0tSbrfwY/xaQkW/gwZJ+5Dxd9oZk26WHA9BM8EEZFVGJGbf1Lg1J2nNe8lxj7
m4LuFjW9BGhnQtAT+Sm1cuQoWp1ltUlg9nxYtwuqXONIFlfelqfzC9UcQt3RPPzT
q09JDmFtWhqwF+VJgSLcbvUYjU6zMmt5w3jNtiV2aW6Q+QPauRGs5ZD5jXumRT0G
fGYr7fe8sgj2qT0PgjrD21dh7gw9vMSj2OBGDOIaTqsFRJXiOvw0rJbktiO0k6US
r2Cocjn53RI8nToJRiLAmU6AyWpW7ildfaVm3hb9bGjLLjR6EfyIkjg6ewIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFPRzv2J89XkwHItiKDQ3D6/KFKi8MB8GA1UdIwQY
MBaAFPsy6fSqMqunMS+rBUsXTc6MUVyjMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS16THA5S295cTZjeEw2c0ZTeGROem94UlhLTS5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZTIvMjc4NjYzLWIxMzUtNGRiMS1hMDQ0
LTIwNjI0YjNjMTU3Zi8xLzlIT19ZbnoxZVRBY2kySW9ORGNQcjhvVXFMdy5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvZTIvMjc4NjYzLWIxMzUtNGRiMS1hMDQ0LTIwNjI0YjNjMTU3
Zi8xLzEtekxwOUtveXE2Y3hMNnNGU3hkTnpveFJYS00uY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwPwYIKwYBBQUHAQcBAf8EMDAuMBIEAgABMAwDBAFNW2ID
BABNW30wGAQCAAIwEgMHASoAHmgAmAMHACoAHmgBJTANBgkqhkiG9w0BAQsFAAOC
AQEAuhbwxfoJ3Gdeeags66QOYr+JsnBC0z/L3cnRVyKh7mCKuQ0QHbu8Dh7uWwYD
d+smNluPnKMw3Br7oB8Qdd7pYKTCdnnS5ySYTZWUDeFBAHPZjpDytnFSjHrW93Y3
7HkhT+1xnw7gvqF8IHa4zimlgqnQ4uivwZnfRQTJDOklQLj1lE/P7dfYYUNqhGQo
aIWY2RwReaslXr8+9qXPTyjKMZAxTlsJsacpssgS1pU2ZRJFUmC+9aNzP2lvydNk
Y2mO30n6MlHx+FTVJ1fB2JbhNx00LBcyptevXmhzMQeMUZur3XNJ9QZXny2kN0lY
IzrVrJ8uXsMYkBIEd2n1J9FoKQ==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:05:16 2023 by rpki-client on console-fra.rpki-client.org