Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/278663-b135-4db1-a044-20624b3c157f/1/IeB2MJVZUEErE2vpIBymy6AdIjI.roa
File: IeB2MJVZUEErE2vpIBymy6AdIjI.roa (raw, json)
Hash identifier: Phg3YUBewoPjuq76nipg5D/Y4DcDjQn04cxuZZWOXHQ=
Subject key identifier: 21:E0:76:30:95:59:50:41:2B:13:6B:E9:20:1C:A6:CB:A0:1D:22:32
Certificate issuer: /CN=fb32e9f4aa32aba7312fab054b174dce8c515ca3
Certificate serial: 0185703061CDB634EAE449A932E680DA5C5B
Authority key identifier: FB:32:E9:F4:AA:32:AB:A7:31:2F:AB:05:4B:17:4D:CE:8C:51:5C:A3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-zLp9Koyq6cxL6sFSxdNzoxRXKM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/278663-b135-4db1-a044-20624b3c157f/1/IeB2MJVZUEErE2vpIBymy6AdIjI.roa
Signing time: Mon 02 Jan 2023 01:54:57 +0000
ROA not before: Mon 02 Jan 2023 01:54:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 206446
IP address blocks: 77.91.69.0/24 maxlen: 24
77.91.74.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:30:61:cd:b6:34:ea:e4:49:a9:32:e6:80:da:5c:5b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fb32e9f4aa32aba7312fab054b174dce8c515ca3
Validity
Not Before: Jan 2 01:54:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=21e07630955950412b136be9201ca6cba01d2232
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:77:6b:64:de:76:c6:42:d0:70:64:6b:fb:c2:
69:15:fd:69:c5:cf:95:8f:57:7e:e1:16:8a:a3:04:
93:5b:4a:26:a5:d2:35:30:1d:07:7f:7d:c9:00:19:
fe:61:75:d6:3a:8a:f1:a6:9d:09:af:18:d0:b1:bc:
c2:4f:dc:cf:01:0a:a3:1b:f6:e7:72:6f:ad:d9:bf:
88:c4:26:e3:9d:c4:7a:47:0a:99:75:3f:40:09:5b:
d6:9b:0d:bb:ec:7d:5c:16:8f:37:cb:dd:2c:a5:af:
b8:bf:76:5a:39:5a:7f:5c:6b:e4:cd:94:fb:b9:1e:
13:11:9d:f6:41:d1:ee:a1:39:1b:6e:60:71:2e:57:
5a:df:d4:95:4e:30:67:e0:79:93:37:2a:56:0f:bc:
7f:6c:4b:94:f1:99:5f:58:2e:79:47:eb:ef:6c:e0:
52:c2:0d:98:7f:56:82:26:ae:f6:e9:cb:9a:cc:4f:
82:8a:4a:51:4d:89:9f:9b:62:38:a2:09:b0:fc:8a:
11:87:27:88:b1:f5:70:14:ab:bb:af:7b:b5:c9:da:
40:6f:5e:71:b8:e3:51:c6:85:7c:52:d1:5d:0c:38:
c7:ba:49:ff:c8:87:5f:bc:3b:db:84:91:a7:2b:08:
df:16:d6:c2:66:92:7d:8b:82:ba:23:52:3b:a8:50:
01:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:E0:76:30:95:59:50:41:2B:13:6B:E9:20:1C:A6:CB:A0:1D:22:32
X509v3 Authority Key Identifier:
keyid:FB:32:E9:F4:AA:32:AB:A7:31:2F:AB:05:4B:17:4D:CE:8C:51:5C:A3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-zLp9Koyq6cxL6sFSxdNzoxRXKM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/278663-b135-4db1-a044-20624b3c157f/1/IeB2MJVZUEErE2vpIBymy6AdIjI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/278663-b135-4db1-a044-20624b3c157f/1/1-zLp9Koyq6cxL6sFSxdNzoxRXKM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.91.69.0/24
77.91.74.0/24
Signature Algorithm: sha256WithRSAEncryption
7b:3c:6e:d4:07:18:22:d6:d0:cc:1b:1b:66:f5:47:e0:b4:81:
45:18:ab:2f:ac:c3:24:64:d8:e7:f0:84:6b:99:1c:11:5e:9f:
30:fb:99:26:32:d2:6a:73:64:63:82:f7:a3:c4:8b:d0:fc:4c:
48:da:35:60:b0:d5:0d:25:27:19:1e:51:c0:04:ff:30:5e:20:
32:fc:11:b7:eb:d2:4b:ef:32:4d:56:48:8b:c3:c5:ea:aa:59:
6b:15:77:96:35:c6:93:cc:47:4f:63:90:da:4a:d8:3e:96:d9:
79:9a:1c:a0:08:8f:f3:2b:55:50:45:90:07:fe:79:99:40:3f:
09:63:2a:4b:9b:38:8b:1a:1f:71:b0:a8:6d:2c:3a:4c:0b:c2:
41:b4:93:ed:fe:20:dd:d7:4c:2c:94:d1:63:f4:48:f7:34:c0:
7f:a4:e7:bf:fc:84:e8:e3:11:b0:82:89:dd:88:fe:12:c4:8a:
39:34:f3:6c:2f:1e:6d:09:a2:d0:63:a9:85:cf:06:3a:20:77:
e5:e7:5b:1c:30:24:cc:be:9d:40:53:65:ad:01:0d:0f:76:b7:
df:58:f9:ec:27:1d:b9:ca:39:db:ac:5b:cf:23:25:87:40:6c:
88:95:29:ab:6e:b9:96:f1:31:f5:f8:f7:7c:5c:de:e9:3f:e5:
1c:38:66:3f
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYVwMGHNtjTq5EmpMuaA2lxbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZiMzJlOWY0YWEzMmFiYTczMTJmYWIwNTRiMTc0ZGNlOGM1
MTVjYTMwHhcNMjMwMTAyMDE1NDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMWUwNzYzMDk1NTk1MDQxMmIxMzZiZTkyMDFjYTZjYmEwMWQyMjMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgHdrZN52xkLQcGRr+8JpFf1pxc+V
j1d+4RaKowSTW0ompdI1MB0Hf33JABn+YXXWOorxpp0JrxjQsbzCT9zPAQqjG/bn
cm+t2b+IxCbjncR6RwqZdT9ACVvWmw277H1cFo83y90spa+4v3ZaOVp/XGvkzZT7
uR4TEZ32QdHuoTkbbmBxLlda39SVTjBn4HmTNypWD7x/bEuU8ZlfWC55R+vvbOBS
wg2Yf1aCJq726cuazE+CikpRTYmfm2I4ogmw/IoRhyeIsfVwFKu7r3u1ydpAb15x
uONRxoV8UtFdDDjHukn/yIdfvDvbhJGnKwjfFtbCZpJ9i4K6I1I7qFAB8wIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFCHgdjCVWVBBKxNr6SAcpsugHSIyMB8GA1UdIwQY
MBaAFPsy6fSqMqunMS+rBUsXTc6MUVyjMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS16THA5S295cTZjeEw2c0ZTeGROem94UlhLTS5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZTIvMjc4NjYzLWIxMzUtNGRiMS1hMDQ0
LTIwNjI0YjNjMTU3Zi8xL0llQjJNSlZaVUVFckUydnBJQnlteTZBZElqSS5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvZTIvMjc4NjYzLWIxMzUtNGRiMS1hMDQ0LTIwNjI0YjNjMTU3
Zi8xLzEtekxwOUtveXE2Y3hMNnNGU3hkTnpveFJYS00uY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwJQYIKwYBBQUHAQcBAf8EFjAUMBIEAgABMAwDBABNW0UD
BABNW0owDQYJKoZIhvcNAQELBQADggEBAHs8btQHGCLW0MwbG2b1R+C0gUUYqy+s
wyRk2OfwhGuZHBFenzD7mSYy0mpzZGOC96PEi9D8TEjaNWCw1Q0lJxkeUcAE/zBe
IDL8Ebfr0kvvMk1WSIvDxeqqWWsVd5Y1xpPMR09jkNpK2D6W2XmaHKAIj/MrVVBF
kAf+eZlAPwljKkubOIsaH3GwqG0sOkwLwkG0k+3+IN3XTCyU0WP0SPc0wH+k57/8
hOjjEbCCid2I/hLEijk082wvHm0JotBjqYXPBjogd+XnWxwwJMy+nUBTZa0BDQ92
t99Y+ewnHbnKOdusW88jJYdAbIiVKatuuZbxMfX493xc3uk/5Rw4Zj8=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:05:16 2023 by rpki-client on console-fra.rpki-client.org