Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/278663-b135-4db1-a044-20624b3c157f/1/GpLLxK8ov0FDbzIinL7_xj_9bV8.roa
File: GpLLxK8ov0FDbzIinL7_xj_9bV8.roa (raw, json)
Hash identifier: CuBuDbWmOE9va5AIU57AHdJAJmjS0zl/FjtgQMK7LZk=
Subject key identifier: 1A:92:CB:C4:AF:28:BF:41:43:6F:32:22:9C:BE:FF:C6:3F:FD:6D:5F
Certificate issuer: /CN=fb32e9f4aa32aba7312fab054b174dce8c515ca3
Certificate serial: 13EDBF70
Authority key identifier: FB:32:E9:F4:AA:32:AB:A7:31:2F:AB:05:4B:17:4D:CE:8C:51:5C:A3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-zLp9Koyq6cxL6sFSxdNzoxRXKM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/278663-b135-4db1-a044-20624b3c157f/1/GpLLxK8ov0FDbzIinL7_xj_9bV8.roa
Signing time: Thu 02 Jun 2022 18:14:20 +0000
ROA not before: Thu 02 Jun 2022 18:14:20 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 42861
IP address blocks: 77.91.64.0/24 maxlen: 24
77.91.65.0/24 maxlen: 24
77.91.117.0/24 maxlen: 24
2a00:1e68:112::/48 maxlen: 128
2a00:1e68:100::/48 maxlen: 128
2a00:1e68:100::/47 maxlen: 128
2a00:1e68:101::/48 maxlen: 128
2a00:1e68::/29 maxlen: 128
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 334348144 (0x13edbf70)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fb32e9f4aa32aba7312fab054b174dce8c515ca3
Validity
Not Before: Jun 2 18:14:20 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=1a92cbc4af28bf41436f32229cbeffc63ffd6d5f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:8e:8b:9f:28:b6:ba:0b:3a:a4:5d:75:de:40:
88:e5:7b:79:41:de:16:f2:cf:4a:e0:8b:cd:1b:91:
f1:df:01:70:bd:eb:12:ae:c5:11:86:98:13:27:99:
30:6c:b3:96:88:66:90:92:d6:98:5a:61:3f:bd:ff:
20:a9:5f:2c:b1:44:6b:24:d2:67:75:a1:22:4c:17:
c0:3f:ed:02:78:1c:41:e4:15:37:30:c2:d9:bf:ae:
a4:be:d9:ab:d1:05:ea:cd:bb:b1:8f:41:95:55:06:
d8:c6:52:98:47:d6:de:22:64:a7:cb:a3:15:25:88:
34:f7:77:7e:3e:99:b2:84:41:f7:cc:30:6c:a9:07:
46:47:a4:31:73:ea:ed:2c:91:38:88:66:5c:aa:ad:
7e:e4:5c:ae:24:73:43:52:21:3d:67:d9:b7:15:78:
0e:5b:66:36:11:a4:72:65:21:54:37:1e:b6:d5:76:
3a:1a:6d:25:ae:f8:54:0f:e1:c3:c4:b6:2d:16:d1:
65:cd:6a:31:ea:0f:78:c0:46:4b:63:12:d3:92:ee:
cd:23:3e:20:29:5e:e7:47:51:d8:48:c3:67:85:d5:
91:ea:9e:c4:28:0e:5d:98:7a:35:a7:56:a2:45:f6:
86:b2:6e:c3:5e:8d:af:28:49:b7:b6:46:9d:a1:04:
0e:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:92:CB:C4:AF:28:BF:41:43:6F:32:22:9C:BE:FF:C6:3F:FD:6D:5F
X509v3 Authority Key Identifier:
keyid:FB:32:E9:F4:AA:32:AB:A7:31:2F:AB:05:4B:17:4D:CE:8C:51:5C:A3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-zLp9Koyq6cxL6sFSxdNzoxRXKM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/278663-b135-4db1-a044-20624b3c157f/1/GpLLxK8ov0FDbzIinL7_xj_9bV8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/278663-b135-4db1-a044-20624b3c157f/1/1-zLp9Koyq6cxL6sFSxdNzoxRXKM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.91.64.0/23
77.91.117.0/24
IPv6:
2a00:1e68::/29
Signature Algorithm: sha256WithRSAEncryption
3d:00:61:9c:b8:a1:0b:ca:98:f0:f6:10:89:c4:e4:b1:7c:60:
a3:6a:3c:ff:13:37:ff:9d:2f:c6:26:e8:1a:57:de:a1:f1:e4:
b3:3c:70:be:48:24:9c:90:43:e5:63:0a:2b:ed:83:6f:d2:eb:
60:11:12:af:ac:c7:d6:9d:6f:38:50:7d:c8:4e:1d:88:6f:35:
e0:71:af:39:5c:c8:12:2a:da:39:d2:9b:42:39:36:70:b7:29:
4c:e6:2f:2d:77:e3:f8:32:dd:c9:1f:2e:42:0b:7b:7d:b9:5e:
cd:8b:70:9e:a5:f6:c2:f0:62:ac:6f:90:d1:8c:8b:40:8c:3b:
a8:e7:0f:87:3d:0d:dc:0f:dc:c8:48:51:69:a3:4e:60:7b:a8:
2c:ac:97:5f:6e:54:20:18:5a:01:99:71:37:f5:c2:50:81:64:
35:7f:8a:20:84:e2:6a:ef:da:69:e6:e1:ca:52:4a:69:0d:77:
02:e4:99:59:77:9e:39:02:bb:b9:42:dd:0e:76:f2:9c:c1:64:
51:9d:fc:b4:2c:84:da:b5:2a:4b:eb:7c:c7:0b:0f:1d:01:b9:
f6:96:70:ab:b4:07:3c:63:a8:2c:d6:ad:96:8b:64:57:2d:e0:
62:37:51:e8:dd:96:50:a9:fe:3e:65:f6:0e:b3:70:f5:d0:82:
9f:e3:a5:bc
-----BEGIN CERTIFICATE-----
MIIFBjCCA+6gAwIBAgIEE+2/cDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
YjMyZTlmNGFhMzJhYmE3MzEyZmFiMDU0YjE3NGRjZThjNTE1Y2EzMB4XDTIyMDYw
MjE4MTQyMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMWE5MmNiYzRhZjI4
YmY0MTQzNmYzMjIyOWNiZWZmYzYzZmZkNmQ1ZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALKOi58otroLOqRddd5AiOV7eUHeFvLPSuCLzRuR8d8BcL3r
Eq7FEYaYEyeZMGyzlohmkJLWmFphP73/IKlfLLFEayTSZ3WhIkwXwD/tAngcQeQV
NzDC2b+upL7Zq9EF6s27sY9BlVUG2MZSmEfW3iJkp8ujFSWINPd3fj6ZsoRB98ww
bKkHRkekMXPq7SyROIhmXKqtfuRcriRzQ1IhPWfZtxV4DltmNhGkcmUhVDcettV2
OhptJa74VA/hw8S2LRbRZc1qMeoPeMBGS2MS05LuzSM+ICle50dR2EjDZ4XVkeqe
xCgOXZh6NadWokX2hrJuw16NryhJt7ZGnaEEDv8CAwEAAaOCAiAwggIcMB0GA1Ud
DgQWBBQaksvEryi/QUNvMiKcvv/GP/1tXzAfBgNVHSMEGDAWgBT7Mun0qjKrpzEv
qwVLF03OjFFcozAOBgNVHQ8BAf8EBAMCB4AwZQYIKwYBBQUHAQEEWTBXMFUGCCsG
AQUFBzAChklyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzEtekxwOUtveXE2Y3hMNnNGU3hkTnpveFJYS00uY2VyMIGNBggrBgEFBQcBCwSB
gDB+MHwGCCsGAQUFBzALhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS9ERUZBVUxUL2UyLzI3ODY2My1iMTM1LTRkYjEtYTA0NC0yMDYyNGIzYzE1N2Yv
MS9HcExMeEs4b3YwRkRieklpbkw3X3hqXzliVjgucm9hMIGCBgNVHR8EezB5MHeg
daBzhnFyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2Uy
LzI3ODY2My1iMTM1LTRkYjEtYTA0NC0yMDYyNGIzYzE1N2YvMS8xLXpMcDlLb3lx
NmN4TDZzRlN4ZE56b3hSWEtNLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4C
MDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQBTVtAAwQATVt1MA0EAgACMAcD
BQMqAB5oMA0GCSqGSIb3DQEBCwUAA4IBAQA9AGGcuKELypjw9hCJxOSxfGCjajz/
Ezf/nS/GJugaV96h8eSzPHC+SCSckEPlYwor7YNv0utgERKvrMfWnW84UH3ITh2I
bzXgca85XMgSKto50ptCOTZwtylM5i8td+P4Mt3JHy5CC3t9uV7Ni3CepfbC8GKs
b5DRjItAjDuo5w+HPQ3cD9zISFFpo05ge6gsrJdfblQgGFoBmXE39cJQgWQ1f4og
hOJq79pp5uHKUkppDXcC5JlZd545Aru5Qt0OdvKcwWRRnfy0LITatSpL63zHCw8d
Abn2lnCrtAc8Y6gs1q2Wi2RXLeBiN1Ho3ZZQqf4+ZfYOs3D10IKf46W8
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:05:16 2023 by rpki-client on console-fra.rpki-client.org