Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/278663-b135-4db1-a044-20624b3c157f/1/H78-mj6dyEJeE-pg0yzZwD2a07Y.roa
File: H78-mj6dyEJeE-pg0yzZwD2a07Y.roa (raw, json)
Hash identifier: MJnkEXbW58DN7vJevl7Jb3VYESuzdtFs6OPB+PUAeWE=
Subject key identifier: 1F:BF:3E:9A:3E:9D:C8:42:5E:13:EA:60:D3:2C:D9:C0:3D:9A:D3:B6
Certificate issuer: /CN=fb32e9f4aa32aba7312fab054b174dce8c515ca3
Certificate serial: 13F04432
Authority key identifier: FB:32:E9:F4:AA:32:AB:A7:31:2F:AB:05:4B:17:4D:CE:8C:51:5C:A3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-zLp9Koyq6cxL6sFSxdNzoxRXKM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/278663-b135-4db1-a044-20624b3c157f/1/H78-mj6dyEJeE-pg0yzZwD2a07Y.roa
Signing time: Thu 02 Jun 2022 20:41:26 +0000
ROA not before: Thu 02 Jun 2022 20:41:26 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 62240
IP address blocks: 77.91.67.0/24 maxlen: 32
77.91.112.0/24 maxlen: 32
77.91.118.0/24 maxlen: 32
77.91.117.0/24 maxlen: 24
77.91.115.0/24 maxlen: 32
185.149.144.0/24 maxlen: 32
185.149.145.0/24 maxlen: 32
77.91.119.0/24 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 334513202 (0x13f04432)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fb32e9f4aa32aba7312fab054b174dce8c515ca3
Validity
Not Before: Jun 2 20:41:26 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=1fbf3e9a3e9dc8425e13ea60d32cd9c03d9ad3b6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:5f:42:19:87:df:f2:ee:48:43:5c:8a:2c:79:
8a:53:12:43:9f:ff:6d:36:5d:37:b9:31:b7:8c:47:
da:02:26:c3:34:d2:69:b7:9b:14:2a:88:0e:0a:03:
b3:cc:75:0e:b3:b8:00:ac:04:bd:ea:18:39:db:ab:
cb:d1:b6:06:88:b3:52:2f:05:b7:8c:ae:41:f9:4c:
29:1a:dc:5c:e7:13:c3:e4:10:a0:fa:8a:71:4c:7f:
3c:ae:df:c6:b9:7d:36:61:ae:2c:87:8f:04:16:2c:
96:a6:44:9c:8c:f3:56:6c:2b:86:d0:4a:50:06:c5:
b3:ea:bf:f3:37:1c:b8:59:5a:15:ef:8d:d3:34:46:
44:59:25:fd:1a:48:f6:10:6b:29:58:a8:44:a4:71:
d3:72:0b:7a:ee:e4:0c:27:d6:02:c3:9f:37:6c:ad:
40:3c:71:e8:95:8a:15:29:96:10:ab:c8:e9:e6:d9:
f6:f4:5d:bc:38:cd:9e:2a:31:8e:b9:d8:5f:9c:43:
2a:06:c9:03:e0:9d:38:38:68:c7:5d:0c:3b:af:ed:
99:a8:67:fe:f6:93:09:46:be:5b:d8:1f:a7:f5:a3:
59:43:86:17:0c:c8:8b:20:fc:ef:06:8d:42:dc:c2:
2c:1a:10:0f:9c:6d:e4:c4:b6:4b:6d:66:61:27:8c:
03:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:BF:3E:9A:3E:9D:C8:42:5E:13:EA:60:D3:2C:D9:C0:3D:9A:D3:B6
X509v3 Authority Key Identifier:
keyid:FB:32:E9:F4:AA:32:AB:A7:31:2F:AB:05:4B:17:4D:CE:8C:51:5C:A3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-zLp9Koyq6cxL6sFSxdNzoxRXKM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/278663-b135-4db1-a044-20624b3c157f/1/H78-mj6dyEJeE-pg0yzZwD2a07Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/278663-b135-4db1-a044-20624b3c157f/1/1-zLp9Koyq6cxL6sFSxdNzoxRXKM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.91.67.0/24
77.91.112.0/24
77.91.115.0/24
77.91.117.0-77.91.119.255
185.149.144.0/23
Signature Algorithm: sha256WithRSAEncryption
ae:da:8f:05:71:99:86:bf:bf:e7:35:a4:8b:b9:26:91:95:94:
4e:a6:d0:f2:06:21:b2:83:9a:86:f8:2c:d0:8c:c0:e7:4f:15:
96:d1:c8:12:aa:83:e1:54:0c:3f:67:1a:62:92:d4:32:73:23:
f5:35:43:d8:77:24:f3:9b:fc:f8:00:13:2d:e2:01:6d:78:30:
63:2b:ad:fd:37:a5:4c:40:75:2d:cd:6c:10:d4:7f:79:b0:15:
77:2d:6d:10:3f:56:ff:88:54:50:1b:fd:d3:61:b8:1a:49:d7:
e3:f9:12:8c:3c:e4:ac:d5:65:27:fc:ff:c2:7d:82:48:a6:70:
c4:b6:91:4c:23:ec:99:b8:6c:3f:5a:3d:13:9e:ac:fd:4c:0c:
86:3a:9f:f2:d1:f2:42:9d:6c:9e:32:ff:17:e7:b4:dc:78:f7:
77:e6:fa:88:c5:75:9f:cc:d6:b8:eb:2c:15:c8:0c:94:52:50:
8f:43:58:a6:c9:a2:2b:99:c1:5b:b2:bf:58:70:67:fb:c0:ef:
0e:63:e8:48:ce:73:dd:50:5c:54:ba:a1:75:a1:55:70:46:61:
3d:e1:ec:55:c7:53:01:95:ff:4f:94:0c:f3:58:7c:53:55:1c:
ef:6a:06:d2:81:a4:fb:e9:99:9f:26:ba:79:94:84:3d:68:19:
84:1f:ec:3a
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgIEE/BEMjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
YjMyZTlmNGFhMzJhYmE3MzEyZmFiMDU0YjE3NGRjZThjNTE1Y2EzMB4XDTIyMDYw
MjIwNDEyNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMWZiZjNlOWEzZTlk
Yzg0MjVlMTNlYTYwZDMyY2Q5YzAzZDlhZDNiNjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMJfQhmH3/LuSENciix5ilMSQ5//bTZdN7kxt4xH2gImwzTS
abebFCqIDgoDs8x1DrO4AKwEveoYOdury9G2BoizUi8Ft4yuQflMKRrcXOcTw+QQ
oPqKcUx/PK7fxrl9NmGuLIePBBYslqZEnIzzVmwrhtBKUAbFs+q/8zccuFlaFe+N
0zRGRFkl/RpI9hBrKVioRKRx03ILeu7kDCfWAsOfN2ytQDxx6JWKFSmWEKvI6ebZ
9vRdvDjNnioxjrnYX5xDKgbJA+CdODhox10MO6/tmahn/vaTCUa+W9gfp/WjWUOG
FwzIiyD87waNQtzCLBoQD5xt5MS2S21mYSeMA70CAwEAAaOCAiswggInMB0GA1Ud
DgQWBBQfvz6aPp3IQl4T6mDTLNnAPZrTtjAfBgNVHSMEGDAWgBT7Mun0qjKrpzEv
qwVLF03OjFFcozAOBgNVHQ8BAf8EBAMCB4AwZQYIKwYBBQUHAQEEWTBXMFUGCCsG
AQUFBzAChklyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzEtekxwOUtveXE2Y3hMNnNGU3hkTnpveFJYS00uY2VyMIGNBggrBgEFBQcBCwSB
gDB+MHwGCCsGAQUFBzALhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS9ERUZBVUxUL2UyLzI3ODY2My1iMTM1LTRkYjEtYTA0NC0yMDYyNGIzYzE1N2Yv
MS9INzgtbWo2ZHlFSmVFLXBnMHl6WndEMmEwN1kucm9hMIGCBgNVHR8EezB5MHeg
daBzhnFyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2Uy
LzI3ODY2My1iMTM1LTRkYjEtYTA0NC0yMDYyNGIzYzE1N2YvMS8xLXpMcDlLb3lx
NmN4TDZzRlN4ZE56b3hSWEtNLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4C
MD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmAwQATVtDAwQATVtwAwQATVtzMAwD
BABNW3UDBANNW3ADBAG5lZAwDQYJKoZIhvcNAQELBQADggEBAK7ajwVxmYa/v+c1
pIu5JpGVlE6m0PIGIbKDmob4LNCMwOdPFZbRyBKqg+FUDD9nGmKS1DJzI/U1Q9h3
JPOb/PgAEy3iAW14MGMrrf03pUxAdS3NbBDUf3mwFXctbRA/Vv+IVFAb/dNhuBpJ
1+P5Eow85KzVZSf8/8J9gkimcMS2kUwj7Jm4bD9aPROerP1MDIY6n/LR8kKdbJ4y
/xfntNx493fm+ojFdZ/M1rjrLBXIDJRSUI9DWKbJoiuZwVuyv1hwZ/vA7w5j6EjO
c91QXFS6oXWhVXBGYT3h7FXHUwGV/0+UDPNYfFNVHO9qBtKBpPvpmZ8munmUhD1o
GYQf7Do=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:57:04 2024 by rpki-client on console-fra.rpki-client.org