Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/278663-b135-4db1-a044-20624b3c157f/1/Ejph4pwzQfe_D1HzZsv-H13wNgk.roa
File: Ejph4pwzQfe_D1HzZsv-H13wNgk.roa (raw, json)
Hash identifier: uT7JDVCsy61nNZAKvXQw1Q1DDu0xe77zEXOBW+tUce4=
Subject key identifier: 12:3A:61:E2:9C:33:41:F7:BF:0F:51:F3:66:CB:FE:1F:5D:F0:36:09
Certificate issuer: /CN=fb32e9f4aa32aba7312fab054b174dce8c515ca3
Certificate serial: 1280BC1D
Authority key identifier: FB:32:E9:F4:AA:32:AB:A7:31:2F:AB:05:4B:17:4D:CE:8C:51:5C:A3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-zLp9Koyq6cxL6sFSxdNzoxRXKM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/278663-b135-4db1-a044-20624b3c157f/1/Ejph4pwzQfe_D1HzZsv-H13wNgk.roa
Signing time: Sat 01 Jan 2022 15:05:39 +0000
ROA not before: Sat 01 Jan 2022 15:05:39 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 207168
IP address blocks: 77.91.98.0/23 maxlen: 32
77.91.125.0/24 maxlen: 32
2a00:1e68:125::/48 maxlen: 128
2a00:1e68:98::/47 maxlen: 128
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 310426653 (0x1280bc1d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fb32e9f4aa32aba7312fab054b174dce8c515ca3
Validity
Not Before: Jan 1 15:05:39 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=123a61e29c3341f7bf0f51f366cbfe1f5df03609
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:45:c5:0a:c8:70:46:f5:4a:1c:c4:fc:42:b9:
6e:84:3a:27:d8:2a:56:38:13:83:c9:07:76:a0:74:
31:0c:ef:4b:2c:74:f4:97:c5:e1:df:ad:c4:21:5b:
eb:65:66:9f:47:2f:21:0e:01:8e:f2:93:c9:e1:6a:
1b:7a:40:f1:c9:89:d2:71:49:a1:4f:68:79:77:96:
2b:3c:37:f3:70:87:4d:8b:5d:cd:56:ce:b0:38:06:
f0:f5:47:d3:bf:ca:34:5b:a2:87:d1:6c:39:fb:ee:
0f:4c:33:dd:14:cb:bf:f3:ab:18:0c:f5:b5:85:1d:
dd:82:68:57:75:5d:ac:04:73:a3:43:4b:fe:27:df:
c2:6b:8b:5a:a4:3c:58:22:9f:7e:9e:30:92:d6:d9:
50:f9:6d:7b:46:3e:17:30:98:b7:0a:fd:17:ea:bd:
d6:44:bb:9f:31:d0:8d:5a:a6:4c:6d:81:ad:9b:62:
83:bf:31:b9:70:0b:8e:3d:fa:2a:dc:61:03:9a:3f:
f2:60:72:89:94:14:1a:07:b6:65:f1:b0:fd:8d:b1:
6c:73:e3:4d:5e:bb:d1:74:87:a4:44:2b:98:c5:48:
d7:0d:67:7a:ba:74:5e:8a:cc:53:7a:70:31:93:cb:
e2:71:5e:30:02:b2:8f:07:81:c1:f0:bf:9b:44:fc:
c3:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
12:3A:61:E2:9C:33:41:F7:BF:0F:51:F3:66:CB:FE:1F:5D:F0:36:09
X509v3 Authority Key Identifier:
keyid:FB:32:E9:F4:AA:32:AB:A7:31:2F:AB:05:4B:17:4D:CE:8C:51:5C:A3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-zLp9Koyq6cxL6sFSxdNzoxRXKM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/278663-b135-4db1-a044-20624b3c157f/1/Ejph4pwzQfe_D1HzZsv-H13wNgk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/278663-b135-4db1-a044-20624b3c157f/1/1-zLp9Koyq6cxL6sFSxdNzoxRXKM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.91.98.0/23
77.91.125.0/24
IPv6:
2a00:1e68:98::/47
2a00:1e68:125::/48
Signature Algorithm: sha256WithRSAEncryption
a1:06:b6:5d:56:96:0f:18:d0:47:39:8c:10:7a:c4:23:40:f7:
12:41:f5:57:62:aa:3f:1e:60:26:c3:2f:8f:24:77:0a:3e:a2:
56:38:94:ee:cc:66:2a:9b:9a:89:53:b7:bf:65:f2:06:a1:cc:
6d:2d:43:d2:b8:9f:ac:61:13:d0:bf:66:9a:f9:c8:33:81:63:
f4:e7:51:7a:45:92:74:ae:f9:81:16:88:d1:c8:94:1b:03:95:
a6:65:98:6c:07:61:84:a7:56:4f:6b:ae:dd:c2:af:91:35:2e:
cf:51:67:08:ea:76:a9:9a:36:84:67:2a:c3:b5:bc:db:32:15:
20:d4:31:0f:e1:02:58:a7:7a:c4:64:09:2e:7b:8f:bb:ec:5a:
0c:fc:f6:7e:f5:94:16:2c:30:5f:f4:54:2e:4a:36:ea:b1:65:
f5:25:ea:aa:79:03:53:03:b0:16:9f:53:9b:08:b6:cd:28:0e:
74:63:6c:6b:a4:bd:87:a2:7c:5e:e8:a8:f5:19:62:fd:4b:c8:
ef:ce:5e:2f:88:40:2b:a4:72:0e:16:45:6e:ac:a7:42:f9:08:
80:d7:54:2a:22:22:d8:c4:77:3a:df:de:33:be:3d:8b:0f:be:
a3:dc:78:4a:ae:e1:17:02:9f:df:c5:40:b3:85:72:1d:46:50:
00:70:69:b0
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgIEEoC8HTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
YjMyZTlmNGFhMzJhYmE3MzEyZmFiMDU0YjE3NGRjZThjNTE1Y2EzMB4XDTIyMDEw
MTE1MDUzOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMTIzYTYxZTI5YzMz
NDFmN2JmMGY1MWYzNjZjYmZlMWY1ZGYwMzYwOTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALVFxQrIcEb1ShzE/EK5boQ6J9gqVjgTg8kHdqB0MQzvSyx0
9JfF4d+txCFb62Vmn0cvIQ4BjvKTyeFqG3pA8cmJ0nFJoU9oeXeWKzw383CHTYtd
zVbOsDgG8PVH07/KNFuih9FsOfvuD0wz3RTLv/OrGAz1tYUd3YJoV3VdrARzo0NL
/iffwmuLWqQ8WCKffp4wktbZUPlte0Y+FzCYtwr9F+q91kS7nzHQjVqmTG2BrZti
g78xuXALjj36KtxhA5o/8mByiZQUGge2ZfGw/Y2xbHPjTV670XSHpEQrmMVI1w1n
erp0XorMU3pwMZPL4nFeMAKyjweBwfC/m0T8w8MCAwEAAaOCAiswggInMB0GA1Ud
DgQWBBQSOmHinDNB978PUfNmy/4fXfA2CTAfBgNVHSMEGDAWgBT7Mun0qjKrpzEv
qwVLF03OjFFcozAOBgNVHQ8BAf8EBAMCB4AwZQYIKwYBBQUHAQEEWTBXMFUGCCsG
AQUFBzAChklyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzEtekxwOUtveXE2Y3hMNnNGU3hkTnpveFJYS00uY2VyMIGNBggrBgEFBQcBCwSB
gDB+MHwGCCsGAQUFBzALhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS9ERUZBVUxUL2UyLzI3ODY2My1iMTM1LTRkYjEtYTA0NC0yMDYyNGIzYzE1N2Yv
MS9FanBoNHB3elFmZV9EMUh6WnN2LUgxM3dOZ2sucm9hMIGCBgNVHR8EezB5MHeg
daBzhnFyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2Uy
LzI3ODY2My1iMTM1LTRkYjEtYTA0NC0yMDYyNGIzYzE1N2YvMS8xLXpMcDlLb3lx
NmN4TDZzRlN4ZE56b3hSWEtNLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4C
MD8GCCsGAQUFBwEHAQH/BDAwLjASBAIAATAMAwQBTVtiAwQATVt9MBgEAgACMBID
BwEqAB5oAJgDBwAqAB5oASUwDQYJKoZIhvcNAQELBQADggEBAKEGtl1Wlg8Y0Ec5
jBB6xCNA9xJB9Vdiqj8eYCbDL48kdwo+olY4lO7MZiqbmolTt79l8gahzG0tQ9K4
n6xhE9C/Zpr5yDOBY/TnUXpFknSu+YEWiNHIlBsDlaZlmGwHYYSnVk9rrt3Cr5E1
Ls9RZwjqdqmaNoRnKsO1vNsyFSDUMQ/hAlinesRkCS57j7vsWgz89n71lBYsMF/0
VC5KNuqxZfUl6qp5A1MDsBafU5sIts0oDnRjbGukvYeifF7oqPUZYv1LyO/OXi+I
QCukcg4WRW6sp0L5CIDXVCoiItjEdzrf3jO+PYsPvqPceEqu4RcCn9/FQLOFch1G
UABwabA=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:05:16 2023 by rpki-client on console-fra.rpki-client.org