Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/278663-b135-4db1-a044-20624b3c157f/1/J0VB9JxaC1jmOKqBJMrqIW56oMY.roa
File: J0VB9JxaC1jmOKqBJMrqIW56oMY.roa (raw, json)
Hash identifier: LAzrQPQAV7L5f/nK1fdkWTtPC9ljfzQwLygu7NC7hXE=
Subject key identifier: 27:45:41:F4:9C:5A:0B:58:E6:38:AA:81:24:CA:EA:21:6E:7A:A0:C6
Certificate issuer: /CN=fb32e9f4aa32aba7312fab054b174dce8c515ca3
Certificate serial: 01872736B1C6F7995FA7381E7981CB883FD8
Authority key identifier: FB:32:E9:F4:AA:32:AB:A7:31:2F:AB:05:4B:17:4D:CE:8C:51:5C:A3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-zLp9Koyq6cxL6sFSxdNzoxRXKM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/278663-b135-4db1-a044-20624b3c157f/1/J0VB9JxaC1jmOKqBJMrqIW56oMY.roa
Signing time: Tue 28 Mar 2023 07:55:08 +0000
ROA not before: Tue 28 Mar 2023 07:55:08 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 199417
IP address blocks: 77.91.70.0/24 maxlen: 24
77.91.77.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:27:36:b1:c6:f7:99:5f:a7:38:1e:79:81:cb:88:3f:d8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fb32e9f4aa32aba7312fab054b174dce8c515ca3
Validity
Not Before: Mar 28 07:55:08 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=274541f49c5a0b58e638aa8124caea216e7aa0c6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:57:5f:dc:73:19:08:cf:b3:c5:8d:ee:ed:6d:
3f:22:72:68:96:c9:5d:58:76:74:31:f5:7e:7f:d6:
f1:c2:17:19:b6:96:98:ff:83:46:ed:a9:77:3c:37:
d9:ba:99:87:eb:a7:50:58:80:e1:5f:6d:9b:e8:3c:
d1:8f:eb:a4:0c:0e:59:6d:f3:2b:5e:d9:81:98:19:
0d:9d:7e:77:43:57:42:25:98:4b:6d:fc:cf:cd:f2:
0f:46:b1:58:89:ac:e1:de:96:2d:24:87:43:9f:23:
45:e5:c0:cc:ba:f3:cd:b9:cd:0d:3a:15:b2:76:0f:
d5:21:0a:7e:cd:e9:8b:fb:ef:fb:7f:2d:06:b3:2b:
12:97:51:48:b6:8c:7a:35:54:25:3f:0e:c2:70:59:
01:a4:da:42:f0:50:9c:de:58:9a:8c:fd:e8:56:6c:
24:32:52:40:04:ba:d2:42:ab:76:e7:bb:eb:0a:0b:
33:62:70:5b:78:c3:ac:aa:06:a7:41:45:ae:c1:58:
54:36:d8:af:e6:5f:64:43:ff:05:e8:c2:12:40:43:
1e:9b:dc:7c:9b:0b:80:ff:3b:88:b4:c2:fe:41:cc:
23:ad:38:7d:f3:ab:00:25:d0:56:af:cd:d3:49:8b:
1c:fa:d7:2b:8c:ad:e5:15:58:f7:fd:5f:69:c8:84:
99:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
27:45:41:F4:9C:5A:0B:58:E6:38:AA:81:24:CA:EA:21:6E:7A:A0:C6
X509v3 Authority Key Identifier:
keyid:FB:32:E9:F4:AA:32:AB:A7:31:2F:AB:05:4B:17:4D:CE:8C:51:5C:A3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-zLp9Koyq6cxL6sFSxdNzoxRXKM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/278663-b135-4db1-a044-20624b3c157f/1/J0VB9JxaC1jmOKqBJMrqIW56oMY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/278663-b135-4db1-a044-20624b3c157f/1/1-zLp9Koyq6cxL6sFSxdNzoxRXKM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.91.70.0/24
77.91.77.0/24
Signature Algorithm: sha256WithRSAEncryption
73:cb:0a:37:cc:51:ae:b4:30:fc:29:30:4f:f0:a6:18:7e:8d:
44:94:e9:ef:eb:ca:26:78:e4:03:72:9d:62:38:64:18:91:2c:
f8:04:b7:1e:e5:d6:21:a9:62:84:43:81:88:94:51:82:f7:83:
86:24:3c:4e:13:2b:0e:9c:6d:ad:c1:61:86:a2:19:c8:54:d4:
66:7a:b1:8b:5c:c0:f3:aa:52:fb:b5:2d:0d:cb:65:d7:56:43:
29:a9:6f:03:48:98:cc:2c:f5:76:23:8d:d5:79:fa:dd:6b:86:
5f:27:d8:27:30:df:e2:9e:ff:51:c1:c8:50:15:cf:a3:ae:28:
a2:8f:b0:21:93:7b:af:93:a2:86:e6:09:e9:df:ed:3a:f4:4a:
c3:c3:61:f7:6a:37:12:01:1e:9f:8f:c7:d7:48:60:f8:36:a0:
8a:9e:3c:49:01:5f:61:cd:80:41:eb:0e:77:93:15:1d:0f:d2:
56:bf:a7:a5:be:a6:63:89:af:b8:fe:33:22:05:12:ed:24:41:
1d:12:20:7a:36:d1:98:f8:e0:90:27:f4:b7:d9:04:c1:ec:a3:
04:64:94:a6:20:44:2a:1b:a1:2a:42:05:95:3b:5f:a8:c5:ba:
20:fb:97:56:1c:d1:de:f7:be:9d:73:e0:73:a3:05:22:4d:a3:
a5:45:84:e8
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYcnNrHG95lfpzgeeYHLiD/YMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZiMzJlOWY0YWEzMmFiYTczMTJmYWIwNTRiMTc0ZGNlOGM1
MTVjYTMwHhcNMjMwMzI4MDc1NTA4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNzQ1NDFmNDljNWEwYjU4ZTYzOGFhODEyNGNhZWEyMTZlN2FhMGM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApFdf3HMZCM+zxY3u7W0/InJolsld
WHZ0MfV+f9bxwhcZtpaY/4NG7al3PDfZupmH66dQWIDhX22b6DzRj+ukDA5ZbfMr
XtmBmBkNnX53Q1dCJZhLbfzPzfIPRrFYiazh3pYtJIdDnyNF5cDMuvPNuc0NOhWy
dg/VIQp+zemL++/7fy0GsysSl1FItox6NVQlPw7CcFkBpNpC8FCc3liajP3oVmwk
MlJABLrSQqt257vrCgszYnBbeMOsqganQUWuwVhUNtiv5l9kQ/8F6MISQEMem9x8
mwuA/zuItML+QcwjrTh986sAJdBWr83TSYsc+tcrjK3lFVj3/V9pyISZiwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFCdFQfScWgtY5jiqgSTK6iFueqDGMB8GA1UdIwQY
MBaAFPsy6fSqMqunMS+rBUsXTc6MUVyjMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS16THA5S295cTZjeEw2c0ZTeGROem94UlhLTS5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZTIvMjc4NjYzLWIxMzUtNGRiMS1hMDQ0
LTIwNjI0YjNjMTU3Zi8xL0owVkI5SnhhQzFqbU9LcUJKTXJxSVc1Nm9NWS5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvZTIvMjc4NjYzLWIxMzUtNGRiMS1hMDQ0LTIwNjI0YjNjMTU3
Zi8xLzEtekxwOUtveXE2Y3hMNnNGU3hkTnpveFJYS00uY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwJQYIKwYBBQUHAQcBAf8EFjAUMBIEAgABMAwDBABNW0YD
BABNW00wDQYJKoZIhvcNAQELBQADggEBAHPLCjfMUa60MPwpME/wphh+jUSU6e/r
yiZ45ANynWI4ZBiRLPgEtx7l1iGpYoRDgYiUUYL3g4YkPE4TKw6cba3BYYaiGchU
1GZ6sYtcwPOqUvu1LQ3LZddWQympbwNImMws9XYjjdV5+t1rhl8n2Ccw3+Ke/1HB
yFAVz6OuKKKPsCGTe6+ToobmCenf7Tr0SsPDYfdqNxIBHp+Px9dIYPg2oIqePEkB
X2HNgEHrDneTFR0P0la/p6W+pmOJr7j+MyIFEu0kQR0SIHo20Zj44JAn9LfZBMHs
owRklKYgRCoboSpCBZU7X6jFuiD7l1Yc0d73vp1z4HOjBSJNo6VFhOg=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:48:57 2024 by rpki-client on console-ams.rpki-client.org