Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/278663-b135-4db1-a044-20624b3c157f/1/AGQCm5jlD4-cmruiyuQ0jKAFIVg.roa
File: AGQCm5jlD4-cmruiyuQ0jKAFIVg.roa (raw, json)
Hash identifier: zAVHNkQ1bzunwQ2UT/O2Ux580Ze0U4R6ft+ucylXqEQ=
Subject key identifier: 00:64:02:9B:98:E5:0F:8F:9C:9A:BB:A2:CA:E4:34:8C:A0:05:21:58
Certificate issuer: /CN=fb32e9f4aa32aba7312fab054b174dce8c515ca3
Certificate serial: 018708CF75F675CAE0E666FBF1AD6F99BF50
Authority key identifier: FB:32:E9:F4:AA:32:AB:A7:31:2F:AB:05:4B:17:4D:CE:8C:51:5C:A3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-zLp9Koyq6cxL6sFSxdNzoxRXKM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/278663-b135-4db1-a044-20624b3c157f/1/AGQCm5jlD4-cmruiyuQ0jKAFIVg.roa
Signing time: Wed 22 Mar 2023 10:13:46 +0000
ROA not before: Wed 22 Mar 2023 10:13:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 199417
IP address blocks: 77.91.70.0/24 maxlen: 24
77.91.77.0/24 maxlen: 24
185.149.146.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:08:cf:75:f6:75:ca:e0:e6:66:fb:f1:ad:6f:99:bf:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fb32e9f4aa32aba7312fab054b174dce8c515ca3
Validity
Not Before: Mar 22 10:13:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0064029b98e50f8f9c9abba2cae4348ca0052158
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:58:5f:25:76:b5:e7:af:10:1c:19:ac:1f:09:
6c:d7:a2:0d:a2:61:de:62:a1:e3:ad:70:a8:fa:04:
df:71:e5:2c:57:77:61:e4:f2:53:0a:02:d6:96:95:
0a:0c:9a:59:04:46:c3:58:d2:c9:e9:c3:d1:5e:55:
b4:02:2c:e7:1a:fb:d3:17:65:ab:c2:3c:1e:7c:68:
4e:db:47:7c:7a:4f:d4:2a:cf:ab:c8:65:4d:ae:06:
0e:3a:93:77:3b:0b:78:fe:26:63:f3:a0:f3:94:69:
82:11:a4:0d:6a:7c:86:ce:fd:e0:6d:6f:f4:fc:cb:
1b:03:6d:7f:2c:f3:a1:94:bb:d6:6d:e6:c8:d2:2f:
c4:b2:86:b9:12:d2:07:e2:3a:ee:af:2e:68:ae:47:
05:e9:b2:f4:a0:77:8c:0a:02:9a:d5:e3:50:03:02:
1f:95:d5:ca:b6:57:ef:96:cb:ac:06:d8:11:e6:6d:
38:27:d8:39:11:67:62:b8:7c:bc:a8:62:d9:06:fe:
02:f5:e9:2a:ef:26:20:08:eb:14:6e:fe:0d:51:7b:
50:b6:47:55:11:a7:1b:03:65:60:8d:fe:be:53:cc:
c7:10:1f:83:67:23:8f:29:7b:60:4b:26:84:a9:fd:
fd:f6:20:89:83:27:0e:67:18:b0:f9:82:b0:4d:91:
28:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:64:02:9B:98:E5:0F:8F:9C:9A:BB:A2:CA:E4:34:8C:A0:05:21:58
X509v3 Authority Key Identifier:
keyid:FB:32:E9:F4:AA:32:AB:A7:31:2F:AB:05:4B:17:4D:CE:8C:51:5C:A3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-zLp9Koyq6cxL6sFSxdNzoxRXKM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/278663-b135-4db1-a044-20624b3c157f/1/AGQCm5jlD4-cmruiyuQ0jKAFIVg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/278663-b135-4db1-a044-20624b3c157f/1/1-zLp9Koyq6cxL6sFSxdNzoxRXKM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.91.70.0/24
77.91.77.0/24
185.149.146.0/24
Signature Algorithm: sha256WithRSAEncryption
35:0d:aa:5d:d1:9a:9c:03:c7:2a:a1:1a:8a:31:f4:6e:5d:44:
3c:7d:14:8c:cf:bf:7e:18:6d:c6:da:19:c0:ad:5c:82:80:07:
3f:88:8f:53:86:5d:29:d8:a9:0c:1f:c9:03:28:b4:94:ba:ff:
95:c6:b4:ac:5c:f0:69:47:2e:ef:20:e1:c7:1e:cc:e0:45:78:
42:bb:e0:ae:5e:a2:ab:e3:fe:77:42:e6:0b:25:33:24:ca:bd:
a1:0c:d4:55:b2:b8:e8:97:77:1a:b9:1d:bc:45:16:37:82:72:
12:9d:3c:9e:66:e4:d2:98:84:70:bd:0b:2a:02:8a:db:f7:01:
87:41:75:ca:5a:70:c6:f8:69:5b:aa:6b:6b:1a:f3:f4:b5:4d:
83:1f:f9:52:7e:45:15:ea:e6:dc:50:d4:b7:0b:b7:3b:25:85:
64:11:60:c3:44:0a:74:5c:57:61:10:5f:04:bb:00:3f:99:99:
61:36:4b:34:5c:17:93:14:e4:56:67:85:45:51:c2:ae:c5:da:
c9:db:e2:2a:74:52:ec:52:a2:80:6b:88:79:0c:58:42:0a:5b:
a6:7d:10:cc:18:23:ce:33:d4:29:13:e1:f9:74:6c:06:01:20:
71:3d:e4:98:8f:9d:cf:ab:19:ef:8f:42:3a:93:a4:15:0d:04:
cd:63:9a:f1
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYcIz3X2dcrg5mb78a1vmb9QMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZiMzJlOWY0YWEzMmFiYTczMTJmYWIwNTRiMTc0ZGNlOGM1
MTVjYTMwHhcNMjMwMzIyMTAxMzQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMDY0MDI5Yjk4ZTUwZjhmOWM5YWJiYTJjYWU0MzQ4Y2EwMDUyMTU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlVhfJXa1568QHBmsHwls16INomHe
YqHjrXCo+gTfceUsV3dh5PJTCgLWlpUKDJpZBEbDWNLJ6cPRXlW0AiznGvvTF2Wr
wjwefGhO20d8ek/UKs+ryGVNrgYOOpN3Owt4/iZj86DzlGmCEaQNanyGzv3gbW/0
/MsbA21/LPOhlLvWbebI0i/Esoa5EtIH4jrury5orkcF6bL0oHeMCgKa1eNQAwIf
ldXKtlfvlsusBtgR5m04J9g5EWdiuHy8qGLZBv4C9ekq7yYgCOsUbv4NUXtQtkdV
EacbA2Vgjf6+U8zHEB+DZyOPKXtgSyaEqf399iCJgycOZxiw+YKwTZEoRQIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFABkApuY5Q+PnJq7osrkNIygBSFYMB8GA1UdIwQY
MBaAFPsy6fSqMqunMS+rBUsXTc6MUVyjMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS16THA5S295cTZjeEw2c0ZTeGROem94UlhLTS5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZTIvMjc4NjYzLWIxMzUtNGRiMS1hMDQ0
LTIwNjI0YjNjMTU3Zi8xL0FHUUNtNWpsRDQtY21ydWl5dVEwaktBRklWZy5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvZTIvMjc4NjYzLWIxMzUtNGRiMS1hMDQ0LTIwNjI0YjNjMTU3
Zi8xLzEtekxwOUtveXE2Y3hMNnNGU3hkTnpveFJYS00uY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBIDBABNW0YD
BABNW00DBAC5lZIwDQYJKoZIhvcNAQELBQADggEBADUNql3RmpwDxyqhGoox9G5d
RDx9FIzPv34YbcbaGcCtXIKABz+Ij1OGXSnYqQwfyQMotJS6/5XGtKxc8GlHLu8g
4ccezOBFeEK74K5eoqvj/ndC5gslMyTKvaEM1FWyuOiXdxq5HbxFFjeCchKdPJ5m
5NKYhHC9CyoCitv3AYdBdcpacMb4aVuqa2sa8/S1TYMf+VJ+RRXq5txQ1LcLtzsl
hWQRYMNECnRcV2EQXwS7AD+ZmWE2SzRcF5MU5FZnhUVRwq7F2snb4ip0UuxSooBr
iHkMWEIKW6Z9EMwYI84z1CkT4fl0bAYBIHE95JiPnc+rGe+PQjqTpBUNBM1jmvE=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:48:57 2024 by rpki-client on console-ams.rpki-client.org