Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/278663-b135-4db1-a044-20624b3c157f/1/C6NPiH3IaQtK7fE1xahoKgtm3ek.roa
File: C6NPiH3IaQtK7fE1xahoKgtm3ek.roa (raw, json)
Hash identifier: TmP2vdQBTDt2qmobNqJjlfgpY9GxGXfaNXUrHsuDagQ=
Subject key identifier: 0B:A3:4F:88:7D:C8:69:0B:4A:ED:F1:35:C5:A8:68:2A:0B:66:DD:E9
Certificate issuer: /CN=fb32e9f4aa32aba7312fab054b174dce8c515ca3
Certificate serial: 127EBC42
Authority key identifier: FB:32:E9:F4:AA:32:AB:A7:31:2F:AB:05:4B:17:4D:CE:8C:51:5C:A3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-zLp9Koyq6cxL6sFSxdNzoxRXKM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/278663-b135-4db1-a044-20624b3c157f/1/C6NPiH3IaQtK7fE1xahoKgtm3ek.roa
Signing time: Sat 01 Jan 2022 15:05:38 +0000
ROA not before: Sat 01 Jan 2022 15:05:38 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 205983
IP address blocks: 77.91.97.0/24 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 310295618 (0x127ebc42)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fb32e9f4aa32aba7312fab054b174dce8c515ca3
Validity
Not Before: Jan 1 15:05:38 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0ba34f887dc8690b4aedf135c5a8682a0b66dde9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:35:3a:f4:43:cd:df:ac:e5:e7:87:52:1b:85:
75:24:31:f5:27:98:d5:92:c9:64:4d:7e:10:62:34:
b2:f9:e0:eb:4c:d0:c9:85:41:0d:f2:5a:7e:1b:b5:
05:be:ee:9d:f0:b8:ab:fd:a6:e1:4c:35:58:74:8a:
0f:6a:bd:53:93:81:1d:19:83:d6:c6:d1:c2:ef:91:
3d:0d:7a:cd:7d:4d:8a:19:11:57:30:ea:ea:6d:2f:
3d:7a:a6:e7:85:3a:2b:b3:7d:40:33:59:27:19:b5:
31:16:7b:3d:e3:94:86:7d:d2:dd:1c:ca:80:5b:1a:
ae:4e:ae:72:e9:bd:01:da:f1:d6:db:97:10:78:76:
27:85:8b:64:f6:03:42:4c:bf:c4:f8:c0:77:06:ce:
4a:ab:2e:95:72:24:ed:6e:44:37:f6:4f:28:2c:5b:
74:3c:d9:ec:c7:81:85:6b:50:0e:23:b1:3a:bd:82:
5b:aa:f7:f1:44:71:d5:7b:02:8b:22:09:17:3a:b7:
cb:a6:2c:4f:97:b7:6e:4d:ff:df:bd:78:e4:1a:6b:
7f:4c:c2:db:18:0e:7e:5b:56:9b:1f:8c:00:e0:35:
76:4e:c5:d8:b8:8a:06:a0:60:4a:cf:bb:10:59:6d:
2c:f8:03:fc:67:9f:15:bc:5f:61:35:d3:c4:6d:81:
e5:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:A3:4F:88:7D:C8:69:0B:4A:ED:F1:35:C5:A8:68:2A:0B:66:DD:E9
X509v3 Authority Key Identifier:
keyid:FB:32:E9:F4:AA:32:AB:A7:31:2F:AB:05:4B:17:4D:CE:8C:51:5C:A3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-zLp9Koyq6cxL6sFSxdNzoxRXKM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/278663-b135-4db1-a044-20624b3c157f/1/C6NPiH3IaQtK7fE1xahoKgtm3ek.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/278663-b135-4db1-a044-20624b3c157f/1/1-zLp9Koyq6cxL6sFSxdNzoxRXKM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.91.97.0/24
Signature Algorithm: sha256WithRSAEncryption
b4:9f:9f:47:20:d5:84:ad:0e:53:9d:26:e0:12:30:72:da:5c:
47:23:5a:6c:07:9a:c8:ef:16:09:aa:24:3c:bf:fd:b0:d3:0d:
65:a5:36:f9:d2:d0:37:fa:a9:65:7f:16:7f:54:c1:50:ec:6f:
9c:37:43:ed:da:4b:29:20:de:f1:64:c3:a4:50:15:4b:ab:b7:
3b:36:ba:f1:1c:30:b5:ff:14:75:4e:05:ca:bb:42:ba:23:bb:
5e:91:d7:2d:42:a0:64:50:54:8d:bb:bc:76:e2:ab:f7:a5:8b:
a4:aa:57:3a:de:f6:ec:4c:8d:44:ec:21:36:d8:8e:d4:ac:80:
7f:ec:c4:6e:f5:e7:e0:70:f0:4b:67:83:8c:fd:df:6d:1a:93:
66:6a:b3:4c:c9:98:72:d5:fc:df:cd:71:44:85:e9:33:db:31:
ff:ed:db:7a:9d:1e:42:96:ad:5e:65:34:57:06:e8:90:3f:d1:
6e:35:4b:4e:52:1e:84:8e:02:6c:22:b2:84:a9:b8:f1:d2:aa:
48:8e:ab:3c:00:00:f1:9e:22:d3:80:b4:5b:6c:1d:ac:8c:07:
20:e8:ae:5c:60:f0:65:f5:65:2f:d7:80:bf:66:69:1e:21:1e:
ee:a8:3a:6e:6b:fe:61:c7:64:83:e5:20:1c:f3:2f:b3:52:ed:
9c:12:91:76
-----BEGIN CERTIFICATE-----
MIIE8TCCA9mgAwIBAgIEEn68QjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
YjMyZTlmNGFhMzJhYmE3MzEyZmFiMDU0YjE3NGRjZThjNTE1Y2EzMB4XDTIyMDEw
MTE1MDUzOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMGJhMzRmODg3ZGM4
NjkwYjRhZWRmMTM1YzVhODY4MmEwYjY2ZGRlOTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKg1OvRDzd+s5eeHUhuFdSQx9SeY1ZLJZE1+EGI0svng60zQ
yYVBDfJafhu1Bb7unfC4q/2m4Uw1WHSKD2q9U5OBHRmD1sbRwu+RPQ16zX1NihkR
VzDq6m0vPXqm54U6K7N9QDNZJxm1MRZ7PeOUhn3S3RzKgFsark6ucum9Adrx1tuX
EHh2J4WLZPYDQky/xPjAdwbOSqsulXIk7W5EN/ZPKCxbdDzZ7MeBhWtQDiOxOr2C
W6r38URx1XsCiyIJFzq3y6YsT5e3bk3/37145Bprf0zC2xgOfltWmx+MAOA1dk7F
2LiKBqBgSs+7EFltLPgD/GefFbxfYTXTxG2B5SkCAwEAAaOCAgswggIHMB0GA1Ud
DgQWBBQLo0+IfchpC0rt8TXFqGgqC2bd6TAfBgNVHSMEGDAWgBT7Mun0qjKrpzEv
qwVLF03OjFFcozAOBgNVHQ8BAf8EBAMCB4AwZQYIKwYBBQUHAQEEWTBXMFUGCCsG
AQUFBzAChklyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzEtekxwOUtveXE2Y3hMNnNGU3hkTnpveFJYS00uY2VyMIGNBggrBgEFBQcBCwSB
gDB+MHwGCCsGAQUFBzALhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS9ERUZBVUxUL2UyLzI3ODY2My1iMTM1LTRkYjEtYTA0NC0yMDYyNGIzYzE1N2Yv
MS9DNk5QaUgzSWFRdEs3ZkUxeGFob0tndG0zZWsucm9hMIGCBgNVHR8EezB5MHeg
daBzhnFyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2Uy
LzI3ODY2My1iMTM1LTRkYjEtYTA0NC0yMDYyNGIzYzE1N2YvMS8xLXpMcDlLb3lx
NmN4TDZzRlN4ZE56b3hSWEtNLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4C
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQATVthMA0GCSqGSIb3DQEBCwUA
A4IBAQC0n59HINWErQ5TnSbgEjBy2lxHI1psB5rI7xYJqiQ8v/2w0w1lpTb50tA3
+qllfxZ/VMFQ7G+cN0Pt2kspIN7xZMOkUBVLq7c7NrrxHDC1/xR1TgXKu0K6I7te
kdctQqBkUFSNu7x24qv3pYukqlc63vbsTI1E7CE22I7UrIB/7MRu9efgcPBLZ4OM
/d9tGpNmarNMyZhy1fzfzXFEhekz2zH/7dt6nR5Clq1eZTRXBuiQP9FuNUtOUh6E
jgJsIrKEqbjx0qpIjqs8AADxniLTgLRbbB2sjAcg6K5cYPBl9WUv14C/ZmkeIR7u
qDpua/5hx2SD5SAc8y+zUu2cEpF2
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:05:16 2023 by rpki-client on console-fra.rpki-client.org